Re: JSTL / MYSQL JDBC / TOMCAT 5
On Mon, Aug 23, 2004 at 09:09:45AM -0400, Williams, Mark L CIV NSWC-PC wrote: : That said, are there any observations about the feasibility of using : Swing for building GUIs to be used via browser? Using the web as a conduit for applets (Swing apps) defeats the purpose of the web's thin-client design. ;) If you want a web-based app, aim for thin technologies -- that is, server-side computations and resources -- and you can save yourself some headaches. : I find too many : unexpected browser peculiarities when trying to do anything too : complicated (probably just me, but...) and would like to use something : more definitively controlled (or more predictable in operation). All my : users will be using MS Internet Explorer, typically v5.5. If you have control over the deployment environment then you can go whole-hog with browser-specific markup and javascript. Many companies do this internally and it simplifies testing, deployment, etc. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RV: JNDIRealm and Windows 2000 Active Directory
I'm trying configure one JNDIRealm asking to one Windows 2000 Active Directory. In the examples in the web of jakarta I have seen examples over openLdap. Can you help me in the configuration over Windows2000 AD. Has somebody a production system or wep application using JNDIRealm vs Active Directory ? . Can you help me in order to configure it? .Thanks for all.
JVM heap memory
Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
If you are using Tomcat as a service option then check in registry and assign the new values in registry. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24.08.2004 22:18 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
Also if not running as a service then create a new variable in OS named as JAVA_OPTS with new values then it will pick correct values. Remember if you are running tomact from Start Menu then it will never pick JAVA_OPTS, unless you edit shortcut link, if u need further assistance ask me. S H A K E E L A H M A D (EE, SCJP, SCWCD SCBCD) Northstar Technologies, Inc. -Original Message- From: Pradeep Chauhan [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 12:23 PM To: Tomcat Users List; [EMAIL PROTECTED] Subject: RE: JVM heap memory If you are using Tomcat as a service option then check in registry and assign the new values in registry. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24.08.2004 22:18 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
You should only have to make the change in catalina.sh on linux. If the variable is set and exported you shouldnt have any problems. Also check that it is not reset further in the script than you have set it. On windows you will have to edit catalina.bat if you start from the command line. Or edit the registry if you run as a service. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 17:48 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Any opinions expressed in this E-mail may be those of the individual and not necessarily the company. This E-mail and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this E-mail in error and that any use or copying is strictly prohibited. If you have received this E-mail in error please notify the beCogent postmaster at [EMAIL PROTECTED] Unless expressly stated, opinions in this email are those of the individual sender and not beCogent Ltd. You must take full responsibility for virus checking this email and any attachments. Please note that the content of this email or any of its attachments may contain data that falls within the scope of the Data Protection Acts and that you must ensure that any handling or processing of such data by you is fully compliant with the terms and provisions of the Data Protection Act 1984 and 1998. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Vedr.: Tomcat 5 JK2 IIS 5
Hi William, I am certain we are several who is running latest TC on IIS 5 with JK2. If you could give us our config files chances are we quite fast could help you. Also try google as there are alternative setup guides. Meanwhile you can glance at my jk2 and workers2 files - these are pretty out of the box. jk2.properties (we use windows integrated security having thus disabled TC authentication): ## THIS FILE MAY BE OVERRIDEN AT RUNTIME. MAKE SURE TOMCAT IS STOPED ## WHEN YOU EDIT THE FILE. ## COMMENTS WILL BE _LOST_ ## DOCUMENTATION OF THE FORMAT IN JkMain javadoc. # Set the desired handler list # handler.list=apr,request,channelJni # # Override the default port for the socketChannel # channelSocket.port=8019 # Default: # channelUnix.file=${jkHome}/work/jk2.socket # Just to check if the the config is working # shm.file=${jkHome}/work/jk2.shm # In order to enable jni use any channelJni directive # channelJni.disabled = 0 # And one of the following directives: # apr.jniModeSo=/opt/apache2/modules/mod_jk2.so # If set to inprocess the mod_jk2 will Register natives itself # This will enable the starting of the Tomcat from mod_jk2 # apr.jniModeSo=inprocess request.tomcatAuthentication=false request.registerRequests=false # # Socket configuration # handler.list=request,container,channelSocket channelSocket.port=8009 channelSocket.address=127.0.0.1 channelSocket.maxport=port+10 workers2.properties (removed my own contexts): [shm] file=D:/DAT/logfiles/java/shm.log size=1048576 [logger.file:0] file=D:/DAT/logfiles/connections/jk2.log [workerEnv:] info=Global server options timing=1 debug=0 logger=logger.file:0 [channel.socket:localhost:8009] port=8009 host=127.0.0.1 [ajp13:localhost:8009] channel=channel.socket:localhost:8009 [uri:/jsp-examples/*] [uri:/examples/*] [status:] [uri:/jkstatus/*] group=status: /Thomas William L. Thomson Jr. [EMAIL PROTECTED] 24-08-2004 00:56 Besvar venligst til Tomcat Users List Til:tomcat-user [EMAIL PROTECTED] cc: Vedr.: Tomcat 5 JK2 IIS 5 Anyone here get Tomcat 5 to work with IIS 5? I spent more than 7 hours today mainly because of the damn jk2 connector. After all sorts of misleading docs of different working configs that did not work for me. I have everything up an running. However I can't get the syntax right in workers2.properties file. IIS receives the request logs the redirect via the dll and then that's it. No error logged in the jk log. Finally I came across a posting that allowed me to enable logging via one of Windows system logs. Available in the system manager. Seems that the host is null and there are context issues. I can post what ever you want to see, but I am almost 100% positive my problem lies in the workers2.properties file. Now Tomcat alone works perfectly. I have run Tomcat on Linux with Apache for 3+ years now. Never had issues like this. Absolutely ridiculous. What really bothers me is I run the latest version of both Tomcat and JK2. Why my workers2.properties file will work fine on Linux and not on Windows. There is nothing in it to make it OS specific except for file paths to the shm and log file. Otherwise the files should be the same. Yet I have to modify them to get any sort of response. Otherwise it's like jk is not there. Either I get an error 500 from IIS or I get the page showing all java content that is not supposed to be visible. All documentation on Tomcat's site is wrong. It's all for JK not JK2. Huge differences. FYI, I have confirmed my registry settings are correct, the ISAPI dll shows up with a green arrow. I am doing all this for a client and do not have access to the files at this moment. However I can get at them tomorrow and post them if needed. In a nutshell what exactly needs to go in jk2.properties and workers2.properties on IIS. Since it's obviously different for IIS? That or I really screwed up with configure Tomcat. Despite everything working perfectly at port 8080. Really at a loss and want to hate IIS but my problem is more with JK2 for IIS than IIS. Client really thinks highly of Tomcat at this point. -- Sincerely, William L. Thomson Jr. Support Group Obsidian-Studios, Inc. http://www.obsidian-studios.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] FONT SIZE=1 FACE=Arial___ Vi goer opmaerksom paa, at denne e-mail kan indeholde fortrolig information. Hvis du ved en fejltagelse modtager e-mailen, beder vi dig venligst informere afsender om fejlen ved at bruge svar-funktionen. Samtidig beder vi dig slette e-mailen i dit system uden at videresende eller kopiere den. Selv om e-mailen og ethvert vedhaeftet bilag efter vores overbevisning er fri for virus og andre fejl, som kan paavirke computeren eller it-systemet, hvori den modtages og laeses, aabnes den paa modtagerens eget ansvar. Vi paatager os ikke noget
AW: Tomcat 5 JK2 IIS 5
Yes the Tomcat JK2 docu is suboptimal. You can try an installer from this site http://www.shiftomat.com/opensource/. It worked for me. If you don't trust the EXE, the Nullsoft installer script is available and you can build the script yourself. Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
GenericPrincipal classcast BUG
Developers - I have read the WIKI about problems with classcast of a java.lang.Security object. Here it is http://wiki.apache.org/jakarta-tomcat/Tomcat/Howto Even though i have System.out.println statements in my implementation of the Principal class - and i know that my principal is being authenticated i keep getting back an object which is of type org.apache GenericPrincipal when in fact it should be my own Principal object - Can someone let me know what i have done wrong? I have run out of ideas. //override superclass implementation - protected String getRelativePath(HttpServletRequest request) { ExtendedPrincipal principal = (ExtendedPrincipal) request.getUserPrincipal(); } throws Class Cast Exceptrion public interface ExtendedPrincipal extends java.security.Principal{ public String getEmailAddress(); } __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Custom authorization
Hi, I need to implement a custom authorization for a web application, where the access to the different resources is defined inside a database table with some sort of rules, also using regular expressions. I would like to know if the only method to do this is programmatically, implementing - for example - a SecurityFilter, which catch every requests or extending the service() method the default Servlet of the application with the necessary code or if there is another more standard way to do it (perhaps using a Tomcat Valve or something similar). Thanks a lot for your precious help. Best regards Patrick Patrick Herber Zürich (Switzerland) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Work around found....
Hello, I have now found a work around for this problem: Because the keytool -genkey was not working I tried installing java again, didn't work. Thought about using a different (read older) jdk or maybe a jdk for a different platform than FreeBSD. However, I found a thread on the sun site with a possible work around and it is now working fine. The $JAVA_HOME/jre/lib/security/java.security file has a reference to the file /dev/random. If you point securerandom.source to an inexistent file, or to /dev/urandom, you will bypass the /dev/random and circumnavigate your problem. Now the keytool -genkey does not hang and the Tomcat standalone SSL runs perfectly. Regards, Lloyd Hopper The work around is that you have to circumnavigate the /dev/random . In the Date: Thu, 12 Aug 2004 14:02:59 +0200 To: [EMAIL PROTECTED] From: Lloyd Hopper [EMAIL PROTECTED] Subject: Tomcat + ssl problems Hello, I am sure somebody has come across something similar before but I have been unable to find a resolution as yet. The problem is this; I am trying to enable SSL in Tomcat 4.1.29 and several things happen that are not correct, even though this should be a rather simple goal to achieve. Firstly, the keytool will not work properly when generating a new key. You get asked all the questions and when you have finished and you confirm the information entered with a 'yes' it just hangs. Importing with keytool and checking the keystore both work fine (the -list and -import flags) but generating doesn't (-genkey). I cannot seem to find any error messages either and in top the process appears intermittently. Secondly, after importing the certificate (made with openssl) I then change the server.xml config and ensure that the JSSE_HOME is correct in catalina.sh and restart Tomcat using catalina.sh. This is what I get: - begin excerpt catalina log -- Exception during startup processing java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203) Caused by: java.lang.NoClassDefFoundError: javax/net/ServerSocketFactory at java.lang.ClassLoader.findBootstrapClass(Native Method) at java.lang.ClassLoader.findBootstrapClass0(ClassLoader.java:709) at java.lang.ClassLoader.loadClass(ClassLoader.java:284) at java.lang.ClassLoader.loadClass(ClassLoader.java:282) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:274) at java.lang.ClassLoader.loadClass(ClassLoader.java:235) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:941) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:857) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:941) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.java:857) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302) at org.apache.tomcat.util.net.jsse.JSSE14Factory.getSocketFactory(JSSE14Factory.java:80) at org.apache.tomcat.util.net.jsse.JSSEImplementation.getServerSocketFactory(JSSEImplementation.java:113) at org.apache.coyote.http11.Http11Protocol.checkSocketFactory(Http11Protocol.java:615) at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:166) at org.apache.coyote.tomcat4.CoyoteConnector.initialize(CoyoteConnector.java:1173) at org.apache.catalina.core.StandardService.initialize(StandardService.java:579) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:2246) at org.apache.catalina.startup.Catalina.start(Catalina.java:511) at org.apache.catalina.startup.Catalina.execute(Catalina.java:400) at org.apache.catalina.startup.Catalina.process(Catalina.java:180) ... 5 more end excerpt catalina log - Tomcat runs perfectly if I comment the SSL out. --- begin server.xml excerpt --- !-- Define a non-SSL Coyote HTTP/1.1 Connector -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8180 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / !-- Note : To disable connection timeouts, set connectionTimeout value to -1 -- !-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8443 minProcessors=5 maxProcessors=75
customized error pages in certificate-client authentication
Hi! I'm developing a java webapp overTomcat 4.2, with client certificate authentication. Is there any way to configure a customize error page? When I enter in the webapp with an appropiate certificate, HTTPS runs fine. And when I enter without it, ssl handshake detects an error, an redirects it to an HTTP page not found error. However,this is a non-pretty process looking in a final-user pespective. Any idea?? Regards, Luis Urueña Frías - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Class Load Order
Hi, Varley, Roger! The Tomcat documentation describes the class load order very clearly, just browse http://jakarta.apache.org/tomcat/tomcat-5.0-doc/class-loader-howto.html regards! Lotus X [EMAIL PROTECTED] 2004-08-24 In what order does Tomcat search ./common/classes, ./shared/classes and ./webapp/classes for .class files? I have a number of web-apps that use class files located in ./shared/classes to connect to a backend ERP system. There has always been an implicit assumption that there would only ever be one backend system hence locating the class files in ./shared/classes - that assumption was blown apart this morning. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat5 and Apache2 load balance step by step document
Hello, Anyone have or know a step by step document on how to configure tomcat5 with apache2 to load balance a web site on WinXP environment, I have searched all the net, n this user list, with no luck. I also tried to follow what it posted here and there, with no success. I know how to configure apache2 on top of tomcat using mod_jk2, but I need a full document that start from configuring tomcat with apache2 to load balancing apache2 on multi tomcat5 instances. I wish somebody have the answer and share this, so no other one have to spend 3 days (as I did) to end up posting here. :) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SV: Custom authorization
Hi. The more standard way might be to implement the Tomcat Realm interface. See http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html You will still have to program it yourself (unless you can use the JDBCRealm), and it is still Tomcat specific - but it will let you place the database and Tomcat specific code outside your web application. Best Regards Claus Nielsen -Oprindelig meddelelse- Fra: Patrick Herber [mailto:[EMAIL PROTECTED] Sendt: 24. august 2004 11:48 Til: [EMAIL PROTECTED] Emne: Custom authorization Hi, I need to implement a custom authorization for a web application, where the access to the different resources is defined inside a database table with some sort of rules, also using regular expressions. I would like to know if the only method to do this is programmatically, implementing - for example - a SecurityFilter, which catch every requests or extending the service() method the default Servlet of the application with the necessary code or if there is another more standard way to do it (perhaps using a Tomcat Valve or something similar). Thanks a lot for your precious help. Best regards Patrick Patrick Herber Zürich (Switzerland) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ### This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange. For more information, connect to http://www.F-Secure.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
We are not using tomcat as a service. We tried both set JAVA_OPTS for windows and export JAVA_OPTS for linux. But in linux it won't allow me to set properly. And on both OS it is not working. -Jignesh On Tue, 2004-08-24 at 04:07, Dale, Matt wrote: You should only have to make the change in catalina.sh on linux. If the variable is set and exported you shouldnt have any problems. Also check that it is not reset further in the script than you have set it. On windows you will have to edit catalina.bat if you start from the command line. Or edit the registry if you run as a service. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 17:48 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JSTL / MYSQL JDBC / TOMCAT 5
Again, I appreciate the feedback. We are working in a rather controlled environment these days and it turns out that the Java plug-in won't go, so the whole applet idea looks to be a non-starter anyway. Live and learn. (or not, I guess...) VR/ Mark -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:08 To: Tomcat Users List Subject: Re: JSTL / MYSQL JDBC / TOMCAT 5 On Mon, Aug 23, 2004 at 09:09:45AM -0400, Williams, Mark L CIV NSWC-PC wrote: : That said, are there any observations about the feasibility of using : Swing for building GUIs to be used via browser? Using the web as a conduit for applets (Swing apps) defeats the purpose of the web's thin-client design. ;) If you want a web-based app, aim for thin technologies -- that is, server-side computations and resources -- and you can save yourself some headaches. : I find too many : unexpected browser peculiarities when trying to do anything too : complicated (probably just me, but...) and would like to use something : more definitively controlled (or more predictable in operation). All my : users will be using MS Internet Explorer, typically v5.5. If you have control over the deployment environment then you can go whole-hog with browser-specific markup and javascript. Many companies do this internally and it simplifies testing, deployment, etc. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
RE: How to allow access just from one remote host?
Hi, Yes, you can do this with Tomcat by itself. RTFM on the Remote Host Filter Valve at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/valve.html. Yoav Shapira Millennium Research Informatics -Original Message- From: Eugene [mailto:[EMAIL PROTECTED] Sent: Monday, August 23, 2004 11:28 PM To: Tomcat Users List Subject: How to allow access just from one remote host? Hi! I have Apache2.0.50+mod_jk2+Tomcat5.0.27 running together on Windows 2003. Access to the applications directories mounted in Virtual Host of Apache. I'm trying to deny access to root of every site and the applications directory with Directory C:/server/apache/htdocs Order Deny,Allow Deny from all Allow from www.mysite.com /Directory But its didnt work. I can deny access to the htdocs/, but the application directory, for example htdocs/myapp/ still accesible to all. I've tryed to do that with LocationMatch / and Location /, then Tomcat cannot load applet, because it tells that applet innaccesible. I've tryed to resolve it like this: Directory C:/server/apache/htdocs/myapp-folder Order Deny,Allow Deny from all Allow from www.mysite.com /Directory Directory C:/server/apache/htdocs Order Deny,Allow Deny from all Allow from www.mysite.com /Directory But its working just for root (htdocs). I can close htdocs from Apache, but give some tips please how to close access to apps directories and allow it just from one host. Maybe any ideas how to do that with just Tomcat configuration? Thank you very much for any help. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Custom authorization
Thanks a lot Claus, (I thought that you could use Realms only to perform authentication and not also authorization!) Have a nice day. Best regards, Patrick -Original Message- From: Claus Nielsen (BM Data) [mailto:[EMAIL PROTECTED] Sent: Dienstag, 24. August 2004 14:31 To: Tomcat Users List Subject: SV: Custom authorization Hi. The more standard way might be to implement the Tomcat Realm interface. See http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html You will still have to program it yourself (unless you can use the JDBCRealm), and it is still Tomcat specific - but it will let you place the database and Tomcat specific code outside your web application. Best Regards Claus Nielsen -Oprindelig meddelelse- Fra: Patrick Herber [mailto:[EMAIL PROTECTED] Sendt: 24. august 2004 11:48 Til: [EMAIL PROTECTED] Emne: Custom authorization Hi, I need to implement a custom authorization for a web application, where the access to the different resources is defined inside a database table with some sort of rules, also using regular expressions. I would like to know if the only method to do this is programmatically, implementing - for example - a SecurityFilter, which catch every requests or extending the service() method the default Servlet of the application with the necessary code or if there is another more standard way to do it (perhaps using a Tomcat Valve or something similar). Thanks a lot for your precious help. Best regards Patrick Patrick Herber Zürich (Switzerland) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ### This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange. For more information, connect to http://www.F-Secure.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 5 JK2 IIS 5
Hi, We are always gladly accepting documentation patches ;). In addition we maintain references to external documentation on these issues at http://wiki.apache.org/jakarta-tomcat/Tomcat/Links. Yoav Shapira Millennium Research Informatics -Original Message- From: Michael Südkamp [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 5:29 AM To: [EMAIL PROTECTED]; 'tomcat-user' Subject: AW: Tomcat 5 JK2 IIS 5 Yes the Tomcat JK2 docu is suboptimal. You can try an installer from this site http://www.shiftomat.com/opensource/. It worked for me. If you don't trust the EXE, the Nullsoft installer script is available and you can build the script yourself. Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Howto IIS6/JK2/TC5 (german)
Hi, I see you added it to the Wiki page. Good, thanks for contributing ;) Yoav Shapira Millennium Research Informatics -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 23, 2004 9:13 AM To: [EMAIL PROTECTED] Subject: Howto IIS6/JK2/TC5 (german) Hi, i implemented a proof-of-concept for my company, resulting in a howto that covers Tomcat5 with jk2 and iis6 (in full iis6-mode), jmx configuring of tomcat and jk2 on webserver-side and some other side-knowledge. There are lots of guides out there, but most win32-guides work with jk1 or iis6 in iis5-compatibility-mode. It had to be done in german though. http://www.syltonline.de/arbeit/pociis6tc5jk2/index.html If anyone of you think it's good enough to spend some time on a translation, please contact me here or on http://www.syltonline.de/arbeit/pociis6tc5jk2/kontakt.php Or just do it ;) -- Björn Andersen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
Can you copy and paste the part of catalina.sh that set the variable because there is no reason why it wouldnt work. What do you mean by it won't allow me to set properly? -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 23:04 To: Tomcat Users List Subject: RE: JVM heap memory We are not using tomcat as a service. We tried both set JAVA_OPTS for windows and export JAVA_OPTS for linux. But in linux it won't allow me to set properly. And on both OS it is not working. -Jignesh On Tue, 2004-08-24 at 04:07, Dale, Matt wrote: You should only have to make the change in catalina.sh on linux. If the variable is set and exported you shouldnt have any problems. Also check that it is not reset further in the script than you have set it. On windows you will have to edit catalina.bat if you start from the command line. Or edit the registry if you run as a service. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 17:48 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Any opinions expressed in this E-mail may be those of the individual and not necessarily the company. This E-mail and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this E-mail in error and that any use or copying is strictly prohibited. If you have received this E-mail in error please notify the beCogent postmaster at [EMAIL PROTECTED] Unless expressly stated, opinions in this email are those of the individual sender and not beCogent Ltd. You must take full responsibility for virus checking this email and any attachments. Please note that the content of this email or any of its attachments may contain data that falls within the scope of the Data Protection Acts and that you must ensure that any handling or processing of such data by you is fully compliant with the terms and provisions of the Data Protection Act 1984 and 1998. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Processing of ROOT in Tomcat 5 Autogeneration
Hi: I may be missing something but I believe that the autogeneration listener (org.apache.jk.config.ApacheConfig) in Tomcat 5.0 does not recognize the ROOT folder as did the listener for Tomcat 4.1. Is that so? Is this a bug or an omission? If so has anyone got an idea about how to handle the http:/server/ URL? Thanks, Bob N- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Applet CLASSID ?
What is the importance of CLASSID , in autodownloading JRE of my own choice, I mean if I only change http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab#V ersion=1,4,2,0 and do not change classid in my JSP file then will it work properly. Can I ignore CLASSID value completely. S H A K E E L A H M A D (EE, SCJP, SCWCD SCBCD) Northstar Technologies, Inc. -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 11:08 AM To: Tomcat Users List Subject: Re: JSTL / MYSQL JDBC / TOMCAT 5 On Mon, Aug 23, 2004 at 09:09:45AM -0400, Williams, Mark L CIV NSWC-PC wrote: : That said, are there any observations about the feasibility of using : Swing for building GUIs to be used via browser? Using the web as a conduit for applets (Swing apps) defeats the purpose of the web's thin-client design. ;) If you want a web-based app, aim for thin technologies -- that is, server-side computations and resources -- and you can save yourself some headaches. : I find too many : unexpected browser peculiarities when trying to do anything too : complicated (probably just me, but...) and would like to use something : more definitively controlled (or more predictable in operation). All my : users will be using MS Internet Explorer, typically v5.5. If you have control over the deployment environment then you can go whole-hog with browser-specific markup and javascript. Many companies do this internally and it simplifies testing, deployment, etc. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Custom authorization
I'm using a filter for the same thing, and i can tell you something it is blazingly fast, flexible, standard and, in most cases, portable (Filters are part of the Servlet spec.). So, your best option for your custom authorization/authentication would be the filters. besides my authentication filter that uses database tables to grant some functionality to the users on my system works like a charm with 55 lines of code (lots of boilerplate) with the Modifying servlet approach i'm really stressing on this list how cumbersome, unportable and generally unaceptable is modifying tomcat without a good reason, because there are so many options out there, and believe me, we aren't reinventing the wheel... In case you're lazy, i'm posting my filter class it isn't great but does the work (Everything in spanish :-D) / Code Begins Here / /* * Creado el 20-may-2004 * * (c) 2004, Computadores Flor Hard Soft 2058 C.A. * Caracas, Venezuela */ package com.florhard.motrum.filtros; import java.io.*; import javax.servlet.*; import javax.servlet.http.*; /** * @author John Villar * Filtro para no permitir que el usuario realice acciones en el sistema sin haber hecho login */ public class FiltroLogin implements Filter { public void init(FilterConfig arg0) throws ServletException { // nada } public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpr = ((HttpServletRequest) request); String sURI = httpr.getServletPath(); com.florhard.motrum.beans.Sesion sesion = (com.florhard.motrum.beans.Sesion) httpr.getSession().getAttribute( objeto_sesion); boolean condicionIndex = sURI.indexOf(/index.jsp)==0; boolean condicionVerifica = sURI.indexOf(/verificarClave.jsp)==0; boolean condicionRoot = sURI.equals(/); boolean condicionSesion = (sesion != null) (sesion.isLogeado()); if (condicionIndex || condicionVerifica || condicionRoot || condicionSesion) { chain.doFilter(request, response); } else { ((HttpServletResponse) response).sendRedirect( httpr.getContextPath()+/errorInicioSesion.html); return; } } public void destroy() { // nada } } / Code Ends Here /// If anyone does find a vulnerability here, i would be glad to receive your observations on john.villar (at) florhard.com Patrick Herber escribió: Hi, I need to implement a custom authorization for a web application, where the access to the different resources is defined inside a database table with some sort of rules, also using regular expressions. I would like to know if the only method to do this is programmatically, implementing - for example - a SecurityFilter, which catch every requests or extending the service() method the default Servlet of the application with the necessary code or if there is another more standard way to do it (perhaps using a Tomcat Valve or something similar). Thanks a lot for your precious help. Best regards Patrick Patrick Herber Zürich (Switzerland) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: customized error pages in certificate-client authentication
RTFM. web.xml has ways to do this based on the HTTP error code yours would be the 404 HTTP error code Luis Urueña Frías escribió: Hi! I'm developing a java webapp over Tomcat 4.2, with client certificate authentication. Is there any way to configure a customize error page? When I enter in the webapp with an appropiate certificate, HTTPS runs fine. And when I enter without it, ssl handshake detects an error, an redirects it to an HTTP page not found error. However, this is a non-pretty process looking in a final-user pespective. Any idea?? Regards, Luis Urueña Frías - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Applet CLASSID ?
Hola, This is not a Tomcat question, it's more general. You might want to ask on the Java forums or elsewhere. Here's a good background document: http://java.sun.com/j2se/1.4.2/docs/guide/plugin/developer_guide/using_t ags.html. Yoav Shapira Millennium Research Informatics -Original Message- From: Shakeel [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 9:03 AM To: Tomcat Users List Subject: Applet CLASSID ? What is the importance of CLASSID , in autodownloading JRE of my own choice, I mean if I only change http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows- i586.cab#V ersion=1,4,2,0 and do not change classid in my JSP file then will it work properly. Can I ignore CLASSID value completely. S H A K E E L A H M A D (EE, SCJP, SCWCD SCBCD) Northstar Technologies, Inc. -Original Message- From: QM [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 11:08 AM To: Tomcat Users List Subject: Re: JSTL / MYSQL JDBC / TOMCAT 5 On Mon, Aug 23, 2004 at 09:09:45AM -0400, Williams, Mark L CIV NSWC-PC wrote: : That said, are there any observations about the feasibility of using : Swing for building GUIs to be used via browser? Using the web as a conduit for applets (Swing apps) defeats the purpose of the web's thin-client design. ;) If you want a web-based app, aim for thin technologies -- that is, server-side computations and resources -- and you can save yourself some headaches. : I find too many : unexpected browser peculiarities when trying to do anything too : complicated (probably just me, but...) and would like to use something : more definitively controlled (or more predictable in operation). All my : users will be using MS Internet Explorer, typically v5.5. If you have control over the deployment environment then you can go whole-hog with browser-specific markup and javascript. Many companies do this internally and it simplifies testing, deployment, etc. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
Hi Dale, Instead of setting in catalina.sh I am setting in console as follows export JAVA_OPTS='-Xms512m -Xmx512m' -Jignesh On Tue, 2004-08-24 at 08:43, Dale, Matt wrote: Can you copy and paste the part of catalina.sh that set the variable because there is no reason why it wouldnt work. What do you mean by it won't allow me to set properly? -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 23:04 To: Tomcat Users List Subject: RE: JVM heap memory We are not using tomcat as a service. We tried both set JAVA_OPTS for windows and export JAVA_OPTS for linux. But in linux it won't allow me to set properly. And on both OS it is not working. -Jignesh On Tue, 2004-08-24 at 04:07, Dale, Matt wrote: You should only have to make the change in catalina.sh on linux. If the variable is set and exported you shouldnt have any problems. Also check that it is not reset further in the script than you have set it. On windows you will have to edit catalina.bat if you start from the command line. Or edit the registry if you run as a service. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 17:48 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Best practice for generating URL's
Hi all, What is the best practice for generating URL's in JSP/struts-config when the application is behind a web server and both are run in different machines. Some pages uses SSL. In one application I saw them using a properties file and using a static method to get the proptocol,server and context portion. Is that really necessary ?. Or leaving links without protocol,servername and context name. My new scenario is this. Apache on one machine with a domain name. Tomcat in another machine(I think it needs to be because of expected heavy traffic) It have some pages which must use SSL. It is using Struts and how to manage links in struts-config.xml. There will be lot of people who worked on this kind of scenario and I expect them to help me. rgds Antony Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JVM heap memory
This should work but try firstly using double quotes, and secondly put a space on either end in case anything else in manipulating the JAVA_OPTS variable. Like so, export JAVA_OPTS= -Xms512m -Xmx512m It is good practice to set it in catalina.sh as it guarantees that the options are always adhered to even during a restart. Ta Matt -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 25 August 2004 00:17 To: Tomcat Users List Subject: RE: JVM heap memory Hi Dale, Instead of setting in catalina.sh I am setting in console as follows export JAVA_OPTS='-Xms512m -Xmx512m' -Jignesh On Tue, 2004-08-24 at 08:43, Dale, Matt wrote: Can you copy and paste the part of catalina.sh that set the variable because there is no reason why it wouldnt work. What do you mean by it won't allow me to set properly? -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 23:04 To: Tomcat Users List Subject: RE: JVM heap memory We are not using tomcat as a service. We tried both set JAVA_OPTS for windows and export JAVA_OPTS for linux. But in linux it won't allow me to set properly. And on both OS it is not working. -Jignesh On Tue, 2004-08-24 at 04:07, Dale, Matt wrote: You should only have to make the change in catalina.sh on linux. If the variable is set and exported you shouldnt have any problems. Also check that it is not reset further in the script than you have set it. On windows you will have to edit catalina.bat if you start from the command line. Or edit the registry if you run as a service. -Original Message- From: Jignesh Patel [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 17:48 To: [EMAIL PROTECTED] Subject: JVM heap memory Hi All, We have set/export JAVA_OPTS option in catalina.sh and strtup.sh to increase JVM heap memory, but it is not reflecting on windows and linux system. What needs to be done to make it effective. -Jignesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Any opinions expressed in this E-mail may be those of the individual and not necessarily the company. This E-mail and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this E-mail in error and that any use or copying is strictly prohibited. If you have received this E-mail in error please notify the beCogent postmaster at [EMAIL PROTECTED] Unless expressly stated, opinions in this email are those of the individual sender and not beCogent Ltd. You must take full responsibility for virus checking this email and any attachments. Please note that the content of this email or any of its attachments may contain data that falls within the scope of the Data Protection Acts and that you must ensure that any handling or processing of such data by you is fully compliant with the terms and provisions of the Data Protection Act 1984 and 1998. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Best practice for generating URL's
On Tue, Aug 24, 2004 at 02:19:24PM +0530, Antony Paul wrote: : What is the best practice for generating URL's in JSP/struts-config when : the application is behind a web server and both are run in different : machines. Some pages uses SSL. You'll have to re-explain this. I don't understand what you're trying to do. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Custom authorization
On Tue, Aug 24, 2004 at 11:47:45AM +0200, Patrick Herber wrote: : I need to implement a custom authorization for a web application, where the : access to the different resources is defined inside a database table with : some sort of rules, also using regular expressions. : : I would like to know if the only method to do this is programmatically, : implementing - for example - a SecurityFilter Just a chance: did you Google the term SecurityFilter? I ask because there's a product of that same name that, IIRC, does what you need. I see it mentioned a lot on the Struts list. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Processing of ROOT in Tomcat 5 Autogeneration
On Tue, Aug 24, 2004 at 08:55:10AM -0400, Robert Nicholls wrote: : I may be missing something but I believe that the autogeneration listener : (org.apache.jk.config.ApacheConfig) in Tomcat 5.0 does not recognize the : ROOT folder as did the listener for Tomcat 4.1. Is that so? Is this a bug : or an omission? If so has anyone got an idea about how to handle the : http:/server/ URL? By handle, you mean, establish a context to handle requests for that? Check the Tomcat docs re: context, there's a note there for that. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Accessing LDAP after authentication
I've gotten a JndiRealm working with Tomcat to authenticate users from our LDAP directory and allow them access to various parts of our web application based on groups and roles. That works slick as snot. Now I'd like to pluck a few more tidbits from our LDAP database -- email address, first name, last name. Things like that. Is it possible to transparently access the JndiRealm from a JSP or servlet, or do I need to make an explicit connection using the InitialContext? It seems like Tomcat's already made and is managing a connection to the LDAP server, so my app running inside of it shouldn't have to. Can I do that? Dave
Re: Accessing LDAP after authentication
You'll need to connect to LDAP via JNDI to get the other user attributes. JNDIRealm only knows how to authenticate and authorize, not user information retrieval. To get the user name - request.getRemoteUser() or request.getUserPrincipal() should give you enough information to perform your ldap lookups. -Tim Dave Bender wrote: I've gotten a JndiRealm working with Tomcat to authenticate users from our LDAP directory and allow them access to various parts of our web application based on groups and roles. That works slick as snot. Now I'd like to pluck a few more tidbits from our LDAP database -- email address, first name, last name. Things like that. Is it possible to transparently access the JndiRealm from a JSP or servlet, or do I need to make an explicit connection using the InitialContext? It seems like Tomcat's already made and is managing a connection to the LDAP server, so my app running inside of it shouldn't have to. Can I do that? Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
User switching
Hi! I'm trying to find the best way to implement passwordless user switching. In our application, a privileged user can substitute another one by selecting him from a list. The switch must be performed transparently without the substituted user's password and without asking the user to log in again. It's not a mere permission issue, he needs to become the substituted user. We've been thinking about several ways to achieve this. The first idea was to change the Principal object stored in the request, but the CoyoteRequestFacade wrapper that Tomcat uses doesn't have a setUserPrincipal method. We are using Tomcat 5 and an own realm class that extends JDBCRealm to authenticate, and we've thought about a method to manage the user's substitution by changing some values into the db, but A) we will be very grateful to anyone who came up with a better solution and B) we don't know how to avoid the log in form to make the switch transparent to the user. We think that maybe a cookie is needed for this, but we would prefer to do without it. Thanks in advance. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
TC5 special chars handling with Sun / IBM JVM
Hi, we running our application in a TC 3.2.4 with apache 1.3.27 and IBM JVM 1.3.1 on red hat. Everything is working fine in this environment. Since we have the need to migrate our app to a 1.4 environment we are also considering to migrate our Tomcat as this is a quite ancient one. The problem that we are facing now is that all the german special characters are displayed as question mark (?) when we are running the tomcat with Suns JVM (1.4.2_05). If we're using IBMs JVM, everything is working fine. Our Apache so far has stayed them same. When we switch to a 4.x tomcat, it is also working. I have tried to change the character encoding in the server.xml, but this didn't work. Does anyone of you have any idea why there is a difference in the behavior of the character encoding? Please, let me know. Thanks, Carsten - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
ot: dallas help wanted
Please e-mail me if you know someone available. .V - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: dallas help wanted
What help do you need..i am in dallas -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Vic Sent: Tuesday, August 24, 2004 10:34 AM To: [EMAIL PROTECTED] Subject: ot: dallas help wanted Please e-mail me if you know someone available. .V - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Accessing LDAP after authentication
OK, thanks. I was reaching that conclusion. Thanks for the confirmation. Dave -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 10:05 AM To: Tomcat Users List Subject: Re: Accessing LDAP after authentication You'll need to connect to LDAP via JNDI to get the other user attributes. JNDIRealm only knows how to authenticate and authorize, not user information retrieval. To get the user name - request.getRemoteUser() or request.getUserPrincipal() should give you enough information to perform your ldap lookups. -Tim Dave Bender wrote: I've gotten a JndiRealm working with Tomcat to authenticate users from our LDAP directory and allow them access to various parts of our web application based on groups and roles. That works slick as snot. Now I'd like to pluck a few more tidbits from our LDAP database -- email address, first name, last name. Things like that. Is it possible to transparently access the JndiRealm from a JSP or servlet, or do I need to make an explicit connection using the InitialContext? It seems like Tomcat's already made and is managing a connection to the LDAP server, so my app running inside of it shouldn't have to. Can I do that? Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: dallas help wanted
so am I :) Filip - Original Message - From: Wilson, Allen [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 10:40 AM Subject: RE: dallas help wanted What help do you need..i am in dallas -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Vic Sent: Tuesday, August 24, 2004 10:34 AM To: [EMAIL PROTECTED] Subject: ot: dallas help wanted Please e-mail me if you know someone available. .V - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
ssl certs
I have come to discover that there is a small problem with a web site I have recently gone to work for. Now let me disclaimer this thing. They dont take credit card but they do handle names and addresses and account login. So while its not horrible to me it is still unexceptable. The site is all Java, tomcat is the app and web server, I have never dealt with Tomcat as a web server so is it easy to setup tomcat to handle ssl certs and https requests. Any thing I have to watch out for? thanks _ Take advantage of powerful junk e-mail filters built on patented Microsoft® SmartScreen Technology. http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat5 and Apache2 load balance step by step document
Sorry for cross posting, but I have unsubscribed with my old email Hello, Anyone have or know a step by step document on how to configure tomcat5 with apache2 to load balance a web site on WinXP environment, I have searched all the net, n this user list, with no luck. I also tried to follow what it posted here and there, with no success. I know how to configure apache2 on top of tomcat using mod_jk2, but I need a full document that start from configuring tomcat with apache2 to load balancing apache2 on multi tomcat5 instances. I wish somebody have the answer and share this, so no other one have to spend 3 days (as I did) to end up posting here. J - Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers!
tomcat5: Error java.security.AccessControlException: Access denied (mx4j.server.MBeanTrustPermission register): MBean class org.apache.commons.modeler.BaseModelMBean is not trusted for registration
I get a really strange error when tomcat5 is loading our webapps. I have no clue where does it comes from. Please help Aug 24, 2004 5:57:00 PM org.apache.commons.modeler.Registry registerComponent SEVERE: Error registering Catalina:j2eeType=WebModule,name=//localhost/xclin,J2EEApplication=none, J2EEServer=none java.security.AccessControlException: Access denied (mx4j.server.MBeanTrustPermission register): MBean class org.apache.commons.modeler.BaseModelMBean is not trusted for registration at mx4j.server.interceptor.SecurityMBeanServerInterceptor.checkTrustRegistr ation(SecurityMBeanServerInterceptor.java:156) at mx4j.server.interceptor.SecurityMBeanServerInterceptor.registration(Secu rityMBeanServerInterceptor.java:116) at mx4j.server.interceptor.DefaultMBeanServerInterceptor.registration(Defau ltMBeanServerInterceptor.java:113) at mx4j.server.interceptor.DefaultMBeanServerInterceptor.registration(Defau ltMBeanServerInterceptor.java:113) at mx4j.server.interceptor.ContextClassLoaderMBeanServerInterceptor.registr ation(ContextClassLoaderMBeanServerInterceptor.java:108) at mx4j.server.MBeanServerImpl.registerImpl(MBeanServerImpl.java:1051) at mx4j.server.MBeanServerImpl.registerMBeanImpl(MBeanServerImpl.java:1002) at mx4j.server.MBeanServerImpl.registerMBean(MBeanServerImpl.java:978) at org.apache.commons.modeler.Registry.registerComponent(Registry.java:871) at org.apache.catalina.core.StandardContext.registerJMX(StandardContext.jav a:5361) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4379 ) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083) at org.apache.catalina.core.StandardHost.start(StandardHost.java:789) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478) at org.apache.catalina.core.StandardService.start(StandardService.java:480) at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313) at org.apache.catalina.startup.Catalina.start(Catalina.java:556) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav a:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor Impl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:284) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:422) Aug 24, 2004 5:57:00 PM org.apache.catalina.core.StandardContext registerJMX Benoit Marchal Director NovaXon BV Tel: +31 43 356 14 60 Fax: +31 43 356 14 61
Re: ssl certs
While Tomcat can be used as a web server, it is more commonly used as a servlet container behind a more robust web server like Apache. I use the Apache + Tomcat combination for my site development. My SSL is configured on Apace. Consequently, I never installed SSL on Tomcat. However, the server.xml setup doesn't look too complicated. It certainly should not be an obsticle to a reputable company that wants to do business on the web. In a climate of rampant internet fraud, I think the lack of such a facility on a so-called reputable site would send up red flags to most of your customers. You will certainly lose business because of this. - Original Message - From: Didier McGillis Sent: Tuesday, August 24, 2004 11:14 AM To: [EMAIL PROTECTED] Subject: ssl certs I have come to discover that there is a small problem with a web site I have recently gone to work for. Now let me disclaimer this thing. They dont take credit card but they do handle names and addresses and account login So while its not horrible to me it is still unexceptable. The site is all Java, tomcat is the app and web server, I have never dealt with Tomcat as a web server so is it easy to setup tomcat to handle ssl certs and https requests. Any thing I have to watch out for? thanks _ Take advantage of powerful junk e-mail filters built on patented Microsoft® SmartScreen Technology. http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] more from the Web. FREE MSN Explorer download : http://explorer.msn.com
Re: ssl certs
Believe me I was shocked! I was testing for other issues when I started noticing some odd behavior and had to dig deeper and pay attention to where the URL was going, thats when I noticed that it never went to https, and there were no certs on the server. I tons of iPlanet, IIS and Apache experience, never really seen Tomcat used as a webserver in a production environment. From: Charles Daniel [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Subject: Re: ssl certs Date: Tue, 24 Aug 2004 12:04:42 -0500 While Tomcat can be used as a web server, it is more commonly used as a servlet container behind a more robust web server like Apache. I use the Apache + Tomcat combination for my site development. My SSL is configured on Apace. Consequently, I never installed SSL on Tomcat. However, the server.xml setup doesn't look too complicated. It certainly should not be an obsticle to a reputable company that wants to do business on the web. In a climate of rampant internet fraud, I think the lack of such a facility on a so-called reputable site would send up red flags to most of your customers. You will certainly lose business because of this. - Original Message - From: Didier McGillis Sent: Tuesday, August 24, 2004 11:14 AM To: [EMAIL PROTECTED] Subject: ssl certs I have come to discover that there is a small problem with a web site I have recently gone to work for. Now let me disclaimer this thing. They dont take credit card but they do handle names and addresses and account login So while its not horrible to me it is still unexceptable. The site is all Java, tomcat is the app and web server, I have never dealt with Tomcat as a web server so is it easy to setup tomcat to handle ssl certs and https requests. Any thing I have to watch out for? thanks _ Take advantage of powerful junk e-mail filters built on patented Microsoft® SmartScreen Technology. http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] more from the Web. FREE MSN Explorer download : http://explorer.msn.com _ Designer Mail isn't just fun to send, it's fun to receive. Use special stationery, fonts and colors. http://join.msn.com/?pgmarket=en-capage=byoa/premxAPID=1994DI=1034SU=http://hotmail.com/encaHL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
performance metrics of servlets in Tomcat 4.1.30.
I want to monitor the performance metrics of servlets, WebApps, Connectors on Tomcat 4.1.30. I am able to get the same metrics through JMX interface in Tomcat 5.0 but in Tomcat 4.1.30 there are no MBeans for monitoring the above metrics. Does Tomcat 4.1.30 provide any MBeans for monitoring the above metrics? If so what configuration changes needs to be done? Is there any way to get the performance metrics from Tomcat 4.1.30 other than JMX interface? Where can I find a document that specifies the MBeans supported in Tomcat 4.1.30 and Tomcat 5.0 versions? Thanks prasheel ___ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: performance metrics of servlets in Tomcat 4.1.30.
Hi, Does Tomcat 4.1.30 provide any MBeans for monitoring the above metrics? No. Is there any way to get the performance metrics from Tomcat 4.1.30 other than JMX interface? You'd have to write some code and rebuild Tomcat with your code for tracking. Where can I find a document that specifies the MBeans supported in Tomcat 4.1.30 and Tomcat 5.0 versions? See the mbeans-descriptors.xml file (org.apache.catalina.mbeans package). There's a brief document at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/mbeans-descriptor-howto. html. But there's no one comprehensive document listing all the MBeans, operations, and attributes supported the different Tomcat version. Such a document would be nice: do you feel like writing and contributing it? ;) Consider this another reason to upgrade to Tomcat 5.x. Yoav This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
CGI-BIN - TOMCAT 4.1.29
Hi, I would be grateful for some assistance I have spent literrally 2 days trying to just a get a PERL or even a shell script to run from tomcat !! I have religously followed the steps to modify the web.xml file, rename the servlet-cgi.jar file and restart tomcat . When running the cgi script from my browser I get the following errors in the logfile: 2004-08-23 12:55:12 cgi: findCGI calc: name=hello.pl, path=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl, scriptname=/cgi-bin/hello.pl, cginame=/hello.pl 2004-08-23 12:55:12 cgi: runCGI(envp=[{HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), HTTP_ACCEPT_ENCODING=gzip, deflate, REQUEST_METHOD=GET, AUTH_TYPE=, HTTP_ACCEPT_LANGUAGE=en-us, SERVER_NAME=holy.atl.arrisi.com, SERVER_SOFTWARE=TOMCAT, HTTP_HOST=holy.atl.arrisi.com, GATEWAY_INTERFACE=CGI/1.1, X_TOMCAT_SCRIPT_PATH=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl, REMOTE_ADDR=10.5.30.212, SERVER_PROTOCOL=HTTP/1.1, PATH_INFO=, REMOTE_HOST=lptp-mgimza.client.arrisi.com, QUERY_STRING=, HTTP_CONNECTION=Keep-Alive, SERVER_PORT=9090, HTTP_COOKIE=JSESSIONID=83357C8CE0FF70F6677A619137FBA3A7, CONTENT_TYPE=, CONTENT_LENGTH=, SCRIPT_NAME=/cgi-bin/hello.pl, HTTP_ACCEPT=*/*, REMOTE_USER=, REMOTE_IDENT=}], command=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl) 2004-08-23 12:55:12 cgi: runCGI (stderr):Can't open perl script /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl: No such file or directory 2004-08-23 12:55:12 cgi: runCGI: 1 lines received on stderr 2004-08-23 13:02:45 cgi: findCGI: path=/test.sh, /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi 2004-08-23 13:02:45 cgi: findCGI: currentLoc=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi 2004-08-23 13:02:45 cgi: findCGI: currentLoc=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi 2004-08-23 13:02:45 cgi: findCGI: FOUND cgi at /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh 2004-08-23 13:02:45 cgi: findCGI calc: name=test.sh, path=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh, scriptname=/cgi-bin/test.sh, cginame=/test.sh 2004-08-23 13:02:45 cgi: runCGI(envp=[{HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), HTTP_ACCEPT_ENCODING=gzip, deflate, REQUEST_METHOD=GET, AUTH_TYPE=, HTTP_ACCEPT_LANGUAGE=en-us, SERVER_NAME=holy.atl.arrisi.com, SERVER_SOFTWARE=TOMCAT, HTTP_HOST=holy.atl.arrisi.com, GATEWAY_INTERFACE=CGI/1.1, X_TOMCAT_SCRIPT_PATH=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh, REMOTE_ADDR=10.5.30.212, SERVER_PROTOCOL=HTTP/1.1, PATH_INFO=, REMOTE_HOST=lptp-mgimza.client.arrisi.com, QUERY_STRING=, HTTP_CONNECTION=Keep-Alive, SERVER_PORT=9090, HTTP_COOKIE=JSESSIONID=83357C8CE0FF70F6677A619137FBA3A7, CONTENT_TYPE=, CONTENT_LENGTH=, SCRIPT_NAME=/cgi-bin/test.sh, HTTP_ACCEPT=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*, REMOTE_USER=, REMOTE_IDENT=}], command=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh) 2004-08-23 13:02:45 cgi: runCGI (stderr):Can't open perl script /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh: No such file or directory 2004-08-23 13:02:45 cgi: runCGI: 1 lines received on stderr I am sure that I have ommitted something ... cd /usr/www/tomcat/bin startup.sh -debug start Using CATALINA_BASE: /usr/www/tomcat Using CATALINA_HOME: /usr/www/tomcat Using CATALINA_TMPDIR: /usr/www/tomcat/temp Using JAVA_HOME: /usr/j2se Somehow tomcat cannot find the path to the cgi script !! Kind Regards, Marek Gimza
Re: performance metrics of servlets in Tomcat 4.1.30.
you're option is to back port the status servlet to tomcat4. if you manage to do that, it should work I would think :) If you do, I will gladly use Jmeter's tomcat5 monitor to test it. peter On Tue, 24 Aug 2004 10:22:57 -0700 (PDT), Prasheel Vemulapalli [EMAIL PROTECTED] wrote: I want to monitor the performance metrics of servlets, WebApps, Connectors on Tomcat 4.1.30. I am able to get the same metrics through JMX interface in Tomcat 5.0 but in Tomcat 4.1.30 there are no MBeans for monitoring the above metrics. Does Tomcat 4.1.30 provide any MBeans for monitoring the above metrics? If so what configuration changes needs to be done? Is there any way to get the performance metrics from Tomcat 4.1.30 other than JMX interface? Where can I find a document that specifies the MBeans supported in Tomcat 4.1.30 and Tomcat 5.0 versions? Thanks prasheel ___ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Custom authorization
Thank you QM! I was about to write a similar thing myself. On 8/24/2004 7:50 AM, QM wrote: On Tue, Aug 24, 2004 at 11:47:45AM +0200, Patrick Herber wrote: : I need to implement a custom authorization for a web application, where the : access to the different resources is defined inside a database table with : some sort of rules, also using regular expressions. : : I would like to know if the only method to do this is programmatically, : implementing - for example - a SecurityFilter Just a chance: did you Google the term SecurityFilter? I ask because there's a product of that same name that, IIRC, does what you need. I see it mentioned a lot on the Struts list. -QM -- Dennis Dai [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 4.1.30 ThreadPool.adjustLimits
Yoav, Thanks for the + feedback. Apologies for response delay - I'm digest only and also had wicked work backlog past couple weeks. Will submit a Bugzillia item as requested. Additional questions seem relevant prior to that (in the be careful what you ask for... department ;-). With the outlined patch (MAX_THREAD_MIN=2) in place... (1) I config minProcessors=1, maxProcessors=2 and I appear to get servicing of a single request. Increment maxProcessers and I get concurrent servicing of 2 requests, and so on. What exactly is the additional thread used for (shutdown listener? thread pool manager? something else?). From an audit trail perspective, this would seem to be valuable information to retain in the context of any change. (2) When I stack up requests to a given server - throw a lot of concurrent requests at it - I see one of the following entries in the (catalina.out) log file: [ERROR] ThreadPool - -All threads (2) are currently busy, waiting. Increase maxThreads (2) or check the servlet status SEVERE: All threads (2) are currently busy, waiting. Increase maxThreads (2) or check the servlet status The above generated (indirectly) out of ThreadPool.runIt() when it has to block on a run thread request. This anything to worry about? I do have acceptCount=6 set for what that's worth... Regards, -Jim Layer- -Original Message- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 04, 2004 8:52 AM To: Tomcat Users List Subject: RE: Tomcat 4.1.30 ThreadPool.adjustLimits Hi, That was an excellent message. Your approach is flawless. You can keep using your hack, which isn't that crude at all. You can keep using the 5.x Connector code by and large with 4.1.30 (though not earlier versions of Tomcat 4.1), it should be just fine. And I tend to agree than 10 as MAX_THREADS_MIN is too high: something like 2 or 3 seems reasonable to me. Please open a Bugzilla item asking for this to be modified, and I will address it. Thanks, Yoav Shapira - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
problem with security manager.
I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat 4.1.30 ThreadPool.adjustLimits
Hi, (1) I config minProcessors=1, maxProcessors=2 and I appear to get servicing of a single request. Increment maxProcessers and I get concurrent servicing of 2 requests, and so on. What exactly is the additional thread used for (shutdown listener? thread pool manager? something else?). From an audit trail perspective, this would seem to be valuable information to retain in the context of any change. Shutdown listener probably, but I don't know for sure. (2) When I stack up requests to a given server - throw a lot of concurrent requests at it - I see one of the following entries in the (catalina.out) log file: [ERROR] ThreadPool - -All threads (2) are currently busy, waiting. Increase maxThreads (2) or check the servlet status SEVERE: All threads (2) are currently busy, waiting. Increase maxThreads (2) or check the servlet status The above generated (indirectly) out of ThreadPool.runIt() when it has to block on a run thread request. This anything to worry about? I do have acceptCount=6 set for what that's worth... Depends what you mean by worry about ;) They're not serious from the server perspective. They end up as pages not served on the client side though, probably a 500-series HTTP error. So if you have 2 available proc threads and acceptCount set to 6, you can handle 8 concurrent requests before these errors start coming up. Yoav This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: CGI-BIN - TOMCAT 4.1.29
What is the content of the perl script? Mark -Original Message- From: Marek Gimza [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 6:43 PM To: Tomcat Users List Subject: CGI-BIN - TOMCAT 4.1.29 Hi, I would be grateful for some assistance I have spent literrally 2 days trying to just a get a PERL or even a shell script to run from tomcat !! I have religously followed the steps to modify the web.xml file, rename the servlet-cgi.jar file and restart tomcat . When running the cgi script from my browser I get the following errors in the logfile: 2004-08-23 12:55:12 cgi: findCGI calc: name=hello.pl, path=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl, scriptname=/cgi-bin/hello.pl, cginame=/hello.pl 2004-08-23 12:55:12 cgi: runCGI(envp=[{HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), HTTP_ACCEPT_ENCODING=gzip, deflate, REQUEST_METHOD=GET, AUTH_TYPE=, HTTP_ACCEPT_LANGUAGE=en-us, SERVER_NAME=holy.atl.arrisi.com, SERVER_SOFTWARE=TOMCAT, HTTP_HOST=holy.atl.arrisi.com, GATEWAY_INTERFACE=CGI/1.1, X_TOMCAT_SCRIPT_PATH=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/ hello.pl, REMOTE_ADDR=10.5.30.212, SERVER_PROTOCOL=HTTP/1.1, PATH_INFO=, REMOTE_HOST=lptp-mgimza.client.arrisi.com, QUERY_STRING=, HTTP_CONNECTION=Keep-Alive, SERVER_PORT=9090, HTTP_COOKIE=JSESSIONID=83357C8CE0FF70F6677A619137FBA3A7, CONTENT_TYPE=, CONTENT_LENGTH=, SCRIPT_NAME=/cgi-bin/hello.pl, HTTP_ACCEPT=*/*, REMOTE_USER=, REMOTE_IDENT=}], command=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl) 2004-08-23 12:55:12 cgi: runCGI (stderr):Can't open perl script /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/hello.pl: No such file or directory 2004-08-23 12:55:12 cgi: runCGI: 1 lines received on stderr 2004-08-23 13:02:45 cgi: findCGI: path=/test.sh, /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi 2004-08-23 13:02:45 cgi: findCGI: currentLoc=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi 2004-08-23 13:02:45 cgi: findCGI: currentLoc=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi 2004-08-23 13:02:45 cgi: findCGI: FOUND cgi at /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh 2004-08-23 13:02:45 cgi: findCGI calc: name=test.sh, path=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh, scriptname=/cgi-bin/test.sh, cginame=/test.sh 2004-08-23 13:02:45 cgi: runCGI(envp=[{HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), HTTP_ACCEPT_ENCODING=gzip, deflate, REQUEST_METHOD=GET, AUTH_TYPE=, HTTP_ACCEPT_LANGUAGE=en-us, SERVER_NAME=holy.atl.arrisi.com, SERVER_SOFTWARE=TOMCAT, HTTP_HOST=holy.atl.arrisi.com, GATEWAY_INTERFACE=CGI/1.1, X_TOMCAT_SCRIPT_PATH=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/ test.sh, REMOTE_ADDR=10.5.30.212, SERVER_PROTOCOL=HTTP/1.1, PATH_INFO=, REMOTE_HOST=lptp-mgimza.client.arrisi.com, QUERY_STRING=, HTTP_CONNECTION=Keep-Alive, SERVER_PORT=9090, HTTP_COOKIE=JSESSIONID=83357C8CE0FF70F6677A619137FBA3A7, CONTENT_TYPE=, CONTENT_LENGTH=, SCRIPT_NAME=/cgi-bin/test.sh, HTTP_ACCEPT=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*, REMOTE_USER=, REMOTE_IDENT=}], command=/usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh) 2004-08-23 13:02:45 cgi: runCGI (stderr):Can't open perl script /usr/www/tomcat/webapps/ROOT/WEB-INF/cgi/test.sh: No such file or directory 2004-08-23 13:02:45 cgi: runCGI: 1 lines received on stderr I am sure that I have ommitted something ... cd /usr/www/tomcat/bin startup.sh -debug start Using CATALINA_BASE: /usr/www/tomcat Using CATALINA_HOME: /usr/www/tomcat Using CATALINA_TMPDIR: /usr/www/tomcat/temp Using JAVA_HOME: /usr/j2se Somehow tomcat cannot find the path to the cgi script !! Kind Regards, Marek Gimza - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
java.security.AccessControlException: access denied
I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SocketException: Connection reset - Tomcat 5.0.27
When using Tomcat 5.0.27 the following error shows up in the catalina.log file; SEVERE: Remote Host 12.159.66.150 SocketException: Connection reset org.apache.tomcat.util.net.TcpWorkerThread runIt The ip address 12.159.66.150 is a load balancer that front-ends Tomcat and checks periodically to make sure tomcat is running. It logs this error every time it checks. When I switch to Tomcat 5.0.16 under the same exact conditions this error does not show up in the log file. Questions; Is there a way to prevent this from being logged? Why does this occur under Tomcat 5.0.27 and not Tomcat 5.0.16? If Tomcat cant be set up to not log this error, is there a way to log in as INFO instead? alan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
jsp:include does nothing
Hi folks, I am trying to get a jsp:include tag to include the contents of a CGI which is deployed in the same webapp using the CGI servlet. My JSP page is mapped (webapp relative) to -- /smd/html/index.jsp and my CGI mapping is to the path -- /smd/html/cgi-bin/* In my JSP page, the following -- jsp:forward page=cgi-bin/search/test.pl/ works as exected, returning the complete results of invoking the CGI. (Thus, it seems to me, the general ability to invoke CGIs from my JSPs is proven.) However, the following -- jsp:include page=cgi-bin/search/test.pl/ is a no-op: nothing gets included in the output. Now, doing -- jsp:include page=test.jsp/ where test.jsp is a simple JSP page, works just fine. What could be the problem? Am I ignorant of a configuration parameter somewhere? Any and all help appreciated. Regards and peace, Ihab -- Ihab A.B. Awad [EMAIL PROTECTED] Snr Scientific Programmer, Dept of Genetics - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5 JK2 IIS 5
Ok to begin with here is my problem this is a log file generated by jk2 when IIS is trying to work with Tomcat 38222,0.7035417,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.7035417,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.703518518518519,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.703518518518519,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.703518518518519,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.703518518518519,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.703449074074074,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.703449074074074,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.7034375,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.7034375,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (429)]: HttpFilterProc check if [/my/my.jpg] is pointing to the web-inf directory 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (420)]: HttpFilterProc [/my/my.jpg] is not a servlet url 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (429)]: HttpFilterProc check if [/my/] is pointing to the web-inf directory 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (420)]: HttpFilterProc [/my/] is not a servlet url 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.703414351851852,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (429)]: HttpFilterProc check if [/my/] is pointing to the web-inf directory 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (420)]: HttpFilterProc [/my/] is not a servlet url 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (429)]: HttpFilterProc check if [/my] is pointing to the web-inf directory 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (420)]: HttpFilterProc [/my] is not a servlet url 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (308)]: In HttpFilterProc Virtual Host redirection of host.domain.com : 80 38222,0.7034028,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (252)]: HttpFilterProc started 38222,0.70295138889,Apache Jakarta Connector2,None,None,4,N/A,SERVER,Debug: [jk_isapi_plugin.c (429)]: HttpFilterProc check if [/webads2004/2004AAP/image003.jpg] is pointing to the web-inf directory 38222,0.70295138889,Apache Jakarta
RE: java.security.AccessControlException: access denied
I added the below line in the general grant{} block. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; I tried placing the certs file in other directory too where there is no whitespace issue. But i still have the problem. can you think of anything else? -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:32 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jsp:include does nothing [ config info ]
Some configuration info -- sorry for not including in previous post. I am running Tomcat 5.0.27. Here are the related log entries from localhost_log.*.txt -- 2004-08-24 12:58:41 StandardContext[/smdj]cgi: findCGI: path=/smd/html/index.jsp, /home/ihab/swdev/smdj/webapp/smd/cgi-bin 2004-08-24 12:58:41 StandardContext[/smdj]cgi: findCGI: currentLoc=/home/ihab/swdev/smdj/webapp/smd/cgi-bin 2004-08-24 12:58:41 StandardContext[/smdj]cgi: findCGI: currentLoc=/home/ihab/swdev/smdj/webapp/smd/cgi-bin 2004-08-24 12:58:41 StandardContext[/smdj]cgi: findCGI: currentLoc=/home/ihab/swdev/smdj/webapp/smd/cgi-bin/smd 2004-08-24 12:58:41 StandardContext[/smdj]cgi: findCGI: currentLoc=/home/ihab/swdev/smdj/webapp/smd/cgi-bin/smd/html Thanks a lot peace, Ihab -- Ihab A.B. Awad [EMAIL PROTECTED] Snr Scientific Programmer, Dept of Genetics - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
If certs is a file and not a directory, take off the \\- at the end of the permission url. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 2:50 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied I added the below line in the general grant{} block. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; I tried placing the certs file in other directory too where there is no whitespace issue. But i still have the problem. can you think of anything else? -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:32 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ssl certs
On Tue, Aug 24, 2004 at 04:14:19PM +, Didier McGillis wrote: The site is all Java, tomcat is the app and web server, I have never dealt with Tomcat as a web server so is it easy to setup tomcat to handle ssl certs and https requests. Any thing I have to watch out for? One thing you want to watch out for is how you generate the certificate. If you use the standard JKS format keystore then it is extremely difficult to get the private key into or out of the keystore. Therefore you need to make sure to generate the certificate using keytool, instead of (e.g.) openssl. There are ways to get around this. For instance, you can configure tomcat to use a different keystore type by setting the keystoreType attribute on the Connector element in server.xml. The existing docs are not very helpful with this. I wrote up a page (mostly for my own use) at: http://www.swapsimple.com/tomcat_java_certificates.html It might be a little more helpful. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
No certs is a directory. shall i add it in other place other than the general grant block. -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:09 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied If certs is a file and not a directory, take off the \\- at the end of the permission url. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 2:50 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied I added the below line in the general grant{} block. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; I tried placing the certs file in other directory too where there is no whitespace issue. But i still have the problem. can you think of anything else? -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:32 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5 JK2 IIS 5
Also in the workers2.properties file I have seen uri entries with ether worker or context. Neither both. [uri:/*.jsp] Context=/ [uri:/servlet/*] Context=/ or [uri:/*.jsp] worker=ajp13:localhost:8009 [uri:/servlet/*] worker=ajp13:localhost:8009 The log I posted makes me seem to think it's a context issue. But everything works perfectly in Tomcat via it's web server 8080. If contexts or something else as wrong it should be wrong there as well? Do you need to specify contexts or a worker for each uri? -- Sincerely, William L. Thomson Jr. Support Group Obsidian-Studios, Inc. http://www.obsidian-studios.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
You shouldn't need to add it anywhere else: Permissions are cumulative, so if that file permission is in a grant{} block, all the code running under the jvm will have it. You mentioned making the changes to java.policy as well: This should be unnecessary, as the catalina.policy file is the only one in effect if you start TC with the -security option. The situation as you're describing it sounds right, but since I know from experience that the security manager works just fine in 4.1.x, something is getting left out. Are you using the -security option to get the security manager, or are you using some parameters in $JAVA_OPTS? Are you certain about the syntax of your policy file (although that usually fails more dramatically than this)? Can you write a test JSP or servlet that reads a file out of that directory? Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:10 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied No certs is a directory. shall i add it in other place other than the general grant block. -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:09 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied If certs is a file and not a directory, take off the \\- at the end of the permission url. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 2:50 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied I added the below line in the general grant{} block. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; I tried placing the certs file in other directory too where there is no whitespace issue. But i still have the problem. can you think of anything else? -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:32 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
I am using -security option to run TC. I am not quite sure about the syntax of the policy file, i should check that, but can u suggest me what is the correct syntax ? and also i will try to read this file using some test.jsp and let you know. thanks. -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:42 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied You shouldn't need to add it anywhere else: Permissions are cumulative, so if that file permission is in a grant{} block, all the code running under the jvm will have it. You mentioned making the changes to java.policy as well: This should be unnecessary, as the catalina.policy file is the only one in effect if you start TC with the -security option. The situation as you're describing it sounds right, but since I know from experience that the security manager works just fine in 4.1.x, something is getting left out. Are you using the -security option to get the security manager, or are you using some parameters in $JAVA_OPTS? Are you certain about the syntax of your policy file (although that usually fails more dramatically than this)? Can you write a test JSP or servlet that reads a file out of that directory? Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:10 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied No certs is a directory. shall i add it in other place other than the general grant block. -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:09 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied If certs is a file and not a directory, take off the \\- at the end of the permission url. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 2:50 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied I added the below line in the general grant{} block. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; I tried placing the certs file in other directory too where there is no whitespace issue. But i still have the problem. can you think of anything else? -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:32 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and catalina.policy to grant permission on the cert file as below. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; But this does not help, is there anything else i should do to the server.xml file... How does the security manager runs in Tomcat4.1 Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
pass password between apache and tomcat
Hi All, I am using Apache (1.3) as my http server, and tomcat (3.3) as my jsp container for my servlet. I can access my servlet via http://myhost/myservlet. I configured the apache to request users to enter username/password when myservlet folder is accessed. I can see the IE popped up a window to ask user to enter user/password when I clicked on one of the link from myservlet. But for some reason, it looks like the apache does not pass the user/pwd to the tomcat/myservlet. I am wondering if anyone could provide some suggestions about this problem? Thank you, weijun - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.security.AccessControlException: access denied
I wrote a jsp file to read the cert file from the C:/certs dir. Initially i got the same error, then i changed the catalina.policy file to include file name permission java.io.FilePermission C:/certs/f73e89fd.0, read; and it worked. But for some reason the verisign authentication still shows the same error. -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:50 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied I am using -security option to run TC. I am not quite sure about the syntax of the policy file, i should check that, but can u suggest me what is the correct syntax ? and also i will try to read this file using some test.jsp and let you know. thanks. -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:42 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied You shouldn't need to add it anywhere else: Permissions are cumulative, so if that file permission is in a grant{} block, all the code running under the jvm will have it. You mentioned making the changes to java.policy as well: This should be unnecessary, as the catalina.policy file is the only one in effect if you start TC with the -security option. The situation as you're describing it sounds right, but since I know from experience that the security manager works just fine in 4.1.x, something is getting left out. Are you using the -security option to get the security manager, or are you using some parameters in $JAVA_OPTS? Are you certain about the syntax of your policy file (although that usually fails more dramatically than this)? Can you write a test JSP or servlet that reads a file out of that directory? Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:10 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied No certs is a directory. shall i add it in other place other than the general grant block. -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:09 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied If certs is a file and not a directory, take off the \\- at the end of the permission url. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 2:50 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied I added the below line in the general grant{} block. permission java.io.FilePermission C:\\Program Files\\Apache Group\\Tomcat 4.1\\certs\\-, read; I tried placing the certs file in other directory too where there is no whitespace issue. But i still have the problem. can you think of anything else? -Original Message- From: Benjamin Armintor [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 3:32 PM To: Tomcat Users List Subject: RE: java.security.AccessControlException: access denied Where did you add the permission in the catalina.policy file? In a general grant{} block? If not, it's possible that your code doesn't have the permission. It may also be the case that the whitespace in the filepath causes problems, but someone who actually runs on Windows could tell you better than I. Benjamin J. Armintor Operations Systems Specialist ITS-Systems: Mainframe Group University of Texas - Austin tele: (512) 232-6562 email: [EMAIL PROTECTED] -Original Message- From: Shilpa Nalgonda [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: java.security.AccessControlException: access denied I am running Tomcat4.1.30 on windows 2000, with security option turned on. My java application which is using JDK 1.4, connects to the the credit card authorizing company called verisign, and returns the approval authorization code. I have installed the digital certificate on $TOMCAT_HOME\certs directory. There are read permissions on the cert file. But still for some reason the verisign is not able to read the cert file due to the below error. RESULT=-31RESPMSG=The certificate chain did not validate, no local certificate found, java.security.AccessControlException: access denied (java.io.FilePermissi on C:\Program Files\Apache Group\Tomcat 4.1\certs read) However when i run Tomcat server without security, everything is file. Somehow tomcat is restricting the permission to read the cert file. Verisign uses Jsse.jar to do the security authentication. I have modofied both java.policy and
RE: Request parameters in catalina.out
On Aug 10, 2004, at 9:19 AM, [EMAIL PROTECTED] wrote: From: Benjamin Armintor [EMAIL PROTECTED] Date: August 10, 2004 9:19:07 AM PDT To: Tomcat Users List [EMAIL PROTECTED] Subject: RE: Request parameters in catalina.out Are you using log4j to handle the Tomcat internal logs? I had a similar problem a while back when a misconfigured log4j was having the Connector effectively log at the trace level. It's a stock tomcat setup -- I won't rule out the possibility of a misconfigured log4j file somewhere though. I haven't seen a place to configure the global logs, though. Where would I look for that? In the log4j.properties of the individual apps? Or is there a global file somewhere that I just haven't seen. (sorry for long response time, I've been on vacation for a while.) Thanks, Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jsp:include does nothing [ debug info ]
Hi everyone. More on this problem. When I do -- jsp:forward page=cgi-bin/search/test.pl/ then, in org.apache.catalina.servlets.CGIServlet.java, inner class CGIEnvironment, method boolean setCGIEnvironment(HttpServletRequest), the following is true -- sPathInfoOrig = /search/test.pl sCGINames[0] = /home/ihab/swdev/smdj/webapp/smd/cgi-bin/search/test.pl sCGINames[1] = /smdj/smd/html/cgi-bin/search/test.pl sCGINames[2] = /search/test.pl sCGINames[3] = test.pl however, when I do -- jsp:include page=cgi-bin/search/test.pl/ the corresponding variables are -- sPathInfoOrig = /smd/html/index.jsp sCGINames[0..3] = null In other words, for some reason, the servlet handling the CGI is being told that the name of the CGI is actually the name of the enclosing JSP page, not the CGI it is supposed to be handling. As a result (and perhaps not surprisingly), the request fails with an HTTP 404. Is there a Tomcat expert or developer on the list who can comment on this? Am I doing something wrong? Thanks a lot and peace, Ihab -- Ihab A.B. Awad [EMAIL PROTECTED] Snr Scientific Programmer, Dept of Genetics - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat deployment issue
Hi, I'm new to tomcat and trying to figure out how to deploy a WAR file without deleting all the contents of the old application. That is, I want to overwrite the files with my new archive but not delete any other files that were already there. The reason I want to do this is because my data and program files are all under the same hierarchy. I want to replace my programs, but not my data. I tried using a symbolic link for my data directory, but tomcat followed the symbolic link and deleted everything in there when expanding the new WAR file. Any help would be appreciated. DC
RE: Request parameters in catalina.out
Just a me too. Slackware 9.1 Apache 2 (sorry, can't find minor version) Tomcat 4.1.30 JK 1.2 I get the same sort of thing in my catalina.out, and only on POST submissions. If I switch my form temporarily to GET, the dump goes away. Here's my server.xml (which has been trimed from the 'out of the box' one): Server port=11005 shutdown=SHUTDOWN debug=0 Listener className=org.apache.catalina.mbeans.ServerLifecycleListener debug=0/ Listener className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener debug=0/ !-- Define the Tomcat Stand-Alone Service -- Service name=Tomcat-Standalone !-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=8080 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / !-- Define a Coyote/JK2 AJP 1.3 Connector on port 11009 -- Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=11009 minProcessors=5 maxProcessors=150 enableLookups=true redirectPort=8443 acceptCount=10 debug=0 connectionTimeout=2 useURIValidationHack=false protocolHandlerClassName=org.apache.jk.server.JkCoyoteHandler / !-- Define the top level container in our container hierarchy -- Engine name=Standalone defaultHost=localhost debug=0 !-- Global logger unless overridden at lower levels -- Logger className=org.apache.catalina.logger.FileLogger prefix=hosts_log. suffix=.txt timestamp=true/ Realm className=org.apache.catalina.realm.UserDatabaseRealm debug=0 resourceName=UserDatabase/ !-- Define the default virtual host -- Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=localhost_log. suffix=.txt timestamp=true / Context path= docBase=ROOT debug=0 / /Host Host name=devstar.globallyboundless.com debug=0 Context path= docBase=/home/data3/me20/ defaultSessionTimeOut=60 reloadable=true Resource name=mail/Session auth=Container type=javax.mail.Session/ ResourceParams name=mail/Session parameter namemail.smtp.host/name valuemail.globallyboundless.com/value /parameter /ResourceParams /Context /Host /Engine /Service /Server Where's my dumper? As for log4j, I've got a log4j file at $CATALINA_HOME/common/classes that contains: log4j.category.org.apache.jk.common.ChannelSocket=WARN, filer log4j.additivity.org.apache.jk.common.ChannelSocket=false log4j.category.org.apache.jk.server.JkCoyoteHandler=WARN, filer log4j.additivity.org.apache.jk.server.JkCoyoteHandler=false log4j.appender.filer=org.apache.log4j.RollingFileAppender log4j.appender.filer.layout=org.apache.log4j.PatternLayout log4j.appender.filer.layout.ConversionPattern=%-5p %c - [%m] %d{ISO8601}%n log4j.appender.filer.File=/usr/local/applications/tomcat-4.1.30-1/logs/debug .catalina log4j.appender.filer.MaxFileSize=100KB log4j.appender.filer.MaxBackupIndex=4 This was an attempt (so far successful) to shut off messages like: [Thread-14] INFO common.ChannelSocket - connection timeout reached and [Thread-121] INFO server.JkCoyoteHandler - RESET Is it mis-configured? Thanks, MC - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat deployment issue
Maybe you want to automate the build process so you don't depend on your expanded directory to store your data ? Say in ant just generate the war file along with your data (from your build directory) then deploy it.Then you never really worry what tomcat does to your war file or the directory it explodes to. Simply regenerate the war file along with your data when you make changes, :D On Tue, 24 Aug 2004 17:13:05 -0700, David Chang [EMAIL PROTECTED] wrote: Hi, I'm new to tomcat and trying to figure out how to deploy a WAR file without deleting all the contents of the old application. That is, I want to overwrite the files with my new archive but not delete any other files that were already there. The reason I want to do this is because my data and program files are all under the same hierarchy. I want to replace my programs, but not my data. I tried using a symbolic link for my data directory, but tomcat followed the symbolic link and deleted everything in there when expanding the new WAR file. Any help would be appreciated. DC - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat deployment issue
: I'm new to tomcat and trying to figure out how to deploy a WAR file without deleting all the contents of the old application. : [snip] : The reason I want to do this is because my data and program files are all under the same hierarchy. I want to replace my programs, but not my data. I tried using a symbolic link for my data directory, but tomcat followed the symbolic link and deleted everything in there when expanding the new WAR file. You'll benefit, in the long run, from an application redesign. Java webapps are meant to be somewhat self-contained bundles, which is why you have the option of deploying in a neat WAR file. (I may be mistaken, but I recall the spec says it's optional for a container to support the exploded-dir format.) Questions to consider: - What if your app grows, and needs to be spread amongst 2+ clustered servers? Where would the data go then? - How do you migrate from dev - testing - production? etc Find another place outside of the webapp to put your data, such as another directory (specified as a context param or in a properties file). -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: performance metrics of servlets in Tomcat 4.1.30.
Shapira, Yoav [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, Does Tomcat 4.1.30 provide any MBeans for monitoring the above metrics? No. Pure FUD. You need to specify the jsr77Names=true attribute to the ServerLifecyleListener to have TC 4 JMX register the servlets, but otherwise its much like TC 5. You might also need updated Connector jars (these can be swapped between any version of Tomcat), especially if you want the information for JK requests. Is there any way to get the performance metrics from Tomcat 4.1.30 other than JMX interface? You'd have to write some code and rebuild Tomcat with your code for tracking. Where can I find a document that specifies the MBeans supported in Tomcat 4.1.30 and Tomcat 5.0 versions? See the mbeans-descriptors.xml file (org.apache.catalina.mbeans package). There's a brief document at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/mbeans-descriptor-howto. html. But there's no one comprehensive document listing all the MBeans, operations, and attributes supported the different Tomcat version. Such a document would be nice: do you feel like writing and contributing it? ;) Consider this another reason to upgrade to Tomcat 5.x. Or, easier, wait until TC 4.1.31 comes out. Yoav This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: performance metrics of servlets in Tomcat 4.1.30.
oh, I didn't realize the new 4.1.31 includes back port of the new status servlet in tc5. or am I mis-reading that? peter On Tue, 24 Aug 2004 20:16:08 -0700, Bill Barker [EMAIL PROTECTED] wrote: Shapira, Yoav [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, Does Tomcat 4.1.30 provide any MBeans for monitoring the above metrics? No. Pure FUD. You need to specify the jsr77Names=true attribute to the ServerLifecyleListener to have TC 4 JMX register the servlets, but otherwise its much like TC 5. You might also need updated Connector jars (these can be swapped between any version of Tomcat), especially if you want the information for JK requests. Is there any way to get the performance metrics from Tomcat 4.1.30 other than JMX interface? You'd have to write some code and rebuild Tomcat with your code for tracking. Where can I find a document that specifies the MBeans supported in Tomcat 4.1.30 and Tomcat 5.0 versions? See the mbeans-descriptors.xml file (org.apache.catalina.mbeans package). There's a brief document at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/mbeans-descriptor-howto. html. But there's no one comprehensive document listing all the MBeans, operations, and attributes supported the different Tomcat version. Such a document would be nice: do you feel like writing and contributing it? ;) Consider this another reason to upgrade to Tomcat 5.x. Or, easier, wait until TC 4.1.31 comes out. Yoav This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: How to allow access just from one remote host?
Well I didnt expect this answer from GURU, but THANK YOU VERY-VERY MUCH! Tuesday, August 24, 2004, 9:43:54 AM, you wrote: Hi, Yes, you can do this with Tomcat by itself. RTFM on the Remote Host Filter Valve at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/valve.html. Yoav Shapira Millennium Research Informatics -Original Message- From: Eugene [mailto:[EMAIL PROTECTED] Sent: Monday, August 23, 2004 11:28 PM To: Tomcat Users List Subject: How to allow access just from one remote host? Hi! I have Apache2.0.50+mod_jk2+Tomcat5.0.27 running together on Windows 2003. Access to the applications directories mounted in Virtual Host of Apache. I'm trying to deny access to root of every site and the applications directory with Directory C:/server/apache/htdocs Order Deny,Allow Deny from all Allow from www.mysite.com /Directory But its didnt work. I can deny access to the htdocs/, but the application directory, for example htdocs/myapp/ still accesible to all. I've tryed to do that with LocationMatch / and Location /, then Tomcat cannot load applet, because it tells that applet innaccesible. I've tryed to resolve it like this: Directory C:/server/apache/htdocs/myapp-folder Order Deny,Allow Deny from all Allow from www.mysite.com /Directory Directory C:/server/apache/htdocs Order Deny,Allow Deny from all Allow from www.mysite.com /Directory But its working just for root (htdocs). I can close htdocs from Apache, but give some tips please how to close access to apps directories and allow it just from one host. Maybe any ideas how to do that with just Tomcat configuration? Thank you very much for any help. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. -- Best regards, Eugenemailto:[EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Spamed?
Are you a spammer? (I found your email on a spammer website!?!) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
What version of apache does Tomcat 3.3.1 support
Dear all, (B (Bcould you please tell me what versions of Apache (both major and minor) (Bdoes Tomcat 3.3.1 officially support? (B (BWhat about 4.1.12? (B (BAlso, what JDK version would you suggest using with both Tomcat 3.3.1 (Band 4.1.12 respectively? (B (BThanks in advance! (B (BTakeshi (B (B (B---SIGNATURE- (B NTT$B%3%`%&%'%"3t<02q