RE: META-INF/context.xml question
Mine looks like this: ... -Original Message- From: Scott Purcell [mailto:[EMAIL PROTECTED] Sent: Monday, April 11, 2005 11:58 AM To: tomcat-user@jakarta.apache.org Subject: META-INF/context.xml question Hello, I am still configuring my Tomcat 5.5.7 on a PC. I am configuring a
RE: Tomcat 5.5 hot deploy question
Most likely a jar or resource file is locked, and tomcat cannot undeploy the last app. Try turning on antiJarLocking and antiResourceLocking. |)ave -Original Message- From: Mufaddal Khumri [mailto:[EMAIL PROTECTED] Sent: Friday, April 08, 2005 2:38 PM To: Tomcat Users List Subject: Tomcat 5.5 hot deploy question Hi, >From what I understand if I want a webapp to be auto deployed from a war file under tomcat I should have the following: ... ... The problem is that when I copy a new mywebapp.war file in to tomcat I see a half exploded Or deleted mywebapp folder. By this I mean that the mywebapp folder contains only certain folders and files. Any clues as to why this maybe happening? Is tomcat holding on to some jar files because some objects are being refrenced still or something like that? I am guessing here wildly because I cant seem to resolve this issue. What am I missing? Thanks -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Consult your physician prior to the use of any medical supplies or product. -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: special characters in property files
I didn't it was trial and error... I couldn't get \$ to work. I had this problem in my realm configuration. |)ave -Original Message- From: Robert Harper [mailto:[EMAIL PROTECTED] Sent: Thursday, April 07, 2005 1:18 PM To: 'Tomcat Users List' Subject: RE: special characters in property files I ended up finding that \$ would work too. Where to I find a doc that explains all this? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: special characters in property files
I know on Tomcat 5.0.x I had to escape the '$' by doing '$$' |)ave -Original Message- From: Robert Harper [mailto:[EMAIL PROTECTED] Sent: Thursday, April 07, 2005 12:14 PM To: Tomcat Users Subject: OT: special characters in property files I need to retrieve a value from a property file with a '$' as part of the data. How do I decorate this character so that the value will be loaded when I call ResourceBundle.getString() ? I am not having much success googling for it. Thanks in advance. Robert S. Harper Senior Engineer - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Using Tomcat 5.5.x with Mysql
I am using mysql 4.1 and Tomcat 5.5.x successfully. My context looks the same as yours, but I do not have a resource-ref in my web.xml as you do. I simple reference it like this: "java:comp/env/jdbc/TestDB" in my hibernate configuration file. You may not be using hibernate, but the concept should be the same... Is the mysql-connector.jar in your $CATALINA_HOME/common/lib dir? |)ave -Original Message- From: Marchioni Francesco [mailto:[EMAIL PROTECTED] Sent: Thursday, April 07, 2005 7:09 AM To: 'tomcat-user@jakarta.apache.org' Subject: Using Tomcat 5.5.x with Mysql Hi all, I'm trying to configure a Connection Pool with Tomcat 5.5.x and MySql 4.1. Unfortunately I cannot lookup from JNDI context the Datasource. JNDI lookup failed : javax.naming.NameNotFoundException: Name jdbc: is not bound in this Context javax.naming.NameNotFoundException: Name jdbc is not bound in this Context at org.apache.naming.NamingContext.lookup(NamingContext.java:769) at org.apache.naming.NamingContext.lookup(NamingContext.java:152) at org.apache.naming.SelectorContext.lookup(SelectorContext.java:136) at javax.naming.InitialContext.lookup(Unknown Source) at fad.bean.BaseManager.(BaseManager.java:34) at fad.bean.UserManager.(UserManager.java:13) at fad.bean.UserManager.getInstance(UserManager.java:23) at fad.bean.LinkManager.getUserLinks(LinkManager.java:48) at fad.listener.SessionListener.buildSession(SessionListener.java:74) at fad.listener.SessionListener.sessionCreated(SessionListener.java:31) at org.apache.catalina.session.StandardSession.tellNew(StandardSession.java :371 ) at org.apache.catalina.session.StandardSession.setId(StandardSession.java:3 43) at org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:7 48) at org.apache.catalina.session.StandardManager.createSession(StandardManage r.ja va:290) at org.apache.catalina.connector.Request.doGetSession(Request.java:2199) at org.apache.catalina.connector.Request.getSession(Request.java:2017) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.jav a:82 2) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.jav a:83 3) at org.apache.jasper.runtime.PageContextImpl._initialize(PageContextImpl.ja va:1 48) at org.apache.jasper.runtime.PageContextImpl.initialize(PageContextImpl.jav a:12 3) at org.apache.jasper.runtime.JspFactoryImpl.internalGetPageContext(JspFacto ryIm pl.java:104) at org.apache.jasper.runtime.JspFactoryImpl.getPageContext( The configuration is the same published on Tomcat docs server.xml: web.xml: http://java.sun.com/xml/ns/j2ee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"; version="2.4"> MySQL Test App DB Connection jdbc/TestDB javax.sql.DataSource Container Does anybody know if Tomcat can create a Connection pool with MySQL4.1 ? Personally I've tried with JBoss4.1 and it works.why not with tomcat 5.5.x ? Thanks Francesco - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: mod_jk2 connection
You should have something like this: JkWorkersFile conf/workers.properties Now, let me clarify that I am using mod_jk, not mod_jk2 (which is no longer supported by the way). -Original Message- From: Jobish P [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 06, 2005 10:47 AM To: Tomcat Users List Subject: RE: mod_jk2 connection Hi , Thanks Owens. That was a nice article. Howewer I encountered a problem while starting my apache server. The error message was, "Syntax error on line 270 of /apache/conf/httpd.conf: Invalid command 'JkWorkersFile', perhaps mis-spelled or defined by a module not included in the server configuration" This repeats for other directives also, Eg : JkLogFile logs/mod_jk.log JkLogLevel info JkMount /*.jsp loadbalancer JkMount /servlet/* loadbalancer etc. I wonder what I missed here. Any observations ? Thanks in advance, --- JOBISH P NCSI Indian Institute of Science Bangalore-12 On Wed, 6 Apr 2005, David Owens wrote: > Here's a good article: > > http://raibledesigns.com/tomcat/ > > > -Original Message- > From: Jobish P [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 06, 2005 6:07 AM > To: tomcat-user@jakarta.apache.org > Subject: mod_jk2 connection > > > Hi, > > Could any one guide me to connect apache to tomcat through mod_jk. > I tried some documents but each differ from one another. I have to > connect > apache2, with tomcat 5.0.19 using modjk2.so. > > Thanks in advance, > > --- > JOBISH P > NCSI > Indian Institute of Science > Bangalore-12 > > > "Get it down. Take chances. It may be bad, but it's the only way you can > do anything really good." William Faulkner > > --- > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Authentication problems with tomcat clustering.
That was exactly it! Thank you. I had changed the configs, but had not commented in that section. All is well now. Thank you very much! |)ave -Original Message- From: David Rees [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 05, 2005 6:51 PM To: Tomcat Users List Subject: Re: Authentication problems with tomcat clustering. On Apr 5, 2005 3:13 PM, David Owens <[EMAIL PROTECTED]> wrote: > After further debug, I see this is happening because mod_jk is > "ignoring" the sticky sessions, and continuing to lb back and forth. > After looking at the mod_jk code, I see it is looking for something > after the '.' character in the JSESSIONID to tell it where the session > should stick. > > How do I setup tomcat (or is it httpd) to provide this piece of > information? The name of your worker in the mod_jk config must match the value in each Tomcat instance's server.xml. For example (abbreviated configs) in tomcat-workers.properties: worker.list=tomcat1,tomcat2 And in tomcat1's server.xml: And in tomcat2's server.xml: Hope this helps... -Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: mod_jk2 connection
This is a fairly simple example. (Basically as simple as it can be due to all the configuration that needs to happen.) To make it work for windows just get the .zip instead of the .tar.gz and you should be fine. Don't use the self-installing tomcat because you can't have 2 on the same windows box very easily. Hope this helps. -Original Message- From: Victor Daniel Diaz Suarez [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 06, 2005 7:41 AM To: Tomcat Users List Subject: Re: mod_jk2 connection It´s very interesting, but do you Know any good and simple manual for windows? David Owens wrote: >Here's a good article: > >http://raibledesigns.com/tomcat/ > > >-Original Message- >From: Jobish P [mailto:[EMAIL PROTECTED] >Sent: Wednesday, April 06, 2005 6:07 AM >To: tomcat-user@jakarta.apache.org >Subject: mod_jk2 connection > > >Hi, > >Could any one guide me to connect apache to tomcat through mod_jk. >I tried some documents but each differ from one another. I have to >connect >apache2, with tomcat 5.0.19 using modjk2.so. > >Thanks in advance, > >--- >JOBISH P >NCSI >Indian Institute of Science >Bangalore-12 > > >"Get it down. Take chances. It may be bad, but it's the only way you can >do anything really good." William Faulkner > >--- > > >- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > >- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > -- ## Víctor Daniel Díaz Suárez Centro de Tecnología Médica-Universidad de Las Palmas de G.C. ## - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: mod_jk2 connection
Here's a good article: http://raibledesigns.com/tomcat/ -Original Message- From: Jobish P [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 06, 2005 6:07 AM To: tomcat-user@jakarta.apache.org Subject: mod_jk2 connection Hi, Could any one guide me to connect apache to tomcat through mod_jk. I tried some documents but each differ from one another. I have to connect apache2, with tomcat 5.0.19 using modjk2.so. Thanks in advance, --- JOBISH P NCSI Indian Institute of Science Bangalore-12 "Get it down. Take chances. It may be bad, but it's the only way you can do anything really good." William Faulkner --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Authentication problems with tomcat clustering.
After further debug, I see this is happening because mod_jk is "ignoring" the sticky sessions, and continuing to lb back and forth. After looking at the mod_jk code, I see it is looking for something after the '.' character in the JSESSIONID to tell it where the session should stick. How do I setup tomcat (or is it httpd) to provide this piece of information? Thanks! |)ave -Original Message----- From: David Owens Sent: Tuesday, April 05, 2005 7:11 AM To: tomcat-user@jakarta.apache.org Subject: RE: Authentication problems with tomcat clustering. I have done some further testing and have found what I think the problem is, but I still do not know the solution. What is happening is that the first time I access the webapp through httpd, I am getting the first tomcat server. I then type in my username and password and hit submit. I see in the logs of the first tomcat server log the authentication happening successfully, however, I am then redirected to the second tomcat server where my session is not available. I am using a 'lb' type load balancer, and by default it has sticky sessions, so I wonder why I am being balanced over to the other tomcat. Is this, perhaps, a question for the mod_jk team? Is there such a mailing list? |)ave -----Original Message- From: David Owens Sent: Monday, April 04, 2005 10:04 AM To: 'tomcat-user@jakarta.apache.org' Subject: Authentication problems with tomcat clustering. I have setup load balancing and clustering between two Tomcat 5.5.7 instances and Apache 2.0.50 with mod_jk. Almost everything works great. I can fail back and forth between the 2 tomcat instances with no trouble. However, I am having problems with the form based authentication. I have an index.html file which redirects the user to a secured resource. When the user hits this file through Apache, it works like normal, directing them to the login page. However, when I attempt to login I get "Invalid direct reference to form login page". When I look in the logs, I see the user is being authenticated, and the correct roles are being found. If I continually try logging in, and hitting the secure page, eventually I get in. Then, if I bounce apache, the problem starts again. If I login in the exact same manner directly against one of the tomcat instances, everything works, and I continue to the secure resource. In addition, I have found that if I stop one tomcat instance, I can login on the first try even when going through apache. It's worth noting, once I get successfully logged in once through apache (after many tries), I can logout/in repeatedly with no problem. Once I bounce apache, the problem starts again. I think something strange is happening with the login stuff when tomcat is clustered... Maybe I'm logging into 1 tomcat successfully, but being load balanced over to the other one, and the session has not been completely replicated yet? Any one else out there have this issue, or have any ideas? Thanks in advance! |)ave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: HTTP Status 408 - The time allowed for the login process...
I'm sorry, I pointed you in the wrong direction. Session timeout is actually set in the web.xml: 30 The problem with logging in twice is most likely due to your logout page/function not properly expiring the session and sending the user to the right place. Your logout function should expire the session, and then send the user to some place inside the protected area, not the login page. This will cause the user to land on the login page. Let me know if this works out for you. |)ave -Original Message- From: Skely Vengaboy [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 05, 2005 2:20 PM To: Tomcat Users List Subject: RE: HTTP Status 408 - The time allowed for the login process... Good insight.. Yes, my browser does open to the login page. I tried looking at server.xml file.. but could'nt find a clue on it... Also, I have two web applications hooked up with Single Sign On feature. SSO function works fine.. But once I log out of an web app and try to re-login again... Its showing the login screen twice before I could log-in to the web-app. A few strange behaviours that could only be answered by the Tomcat Team Cheers, Magesh David Owens <[EMAIL PROTECTED]> wrote: This can also happen if you have your browser open to the login page, and then reload the webapp. This is happening because your session is timing out. The default timeout in Tomcat is 30 minutes. I can't remember the exact place, but this can be changed in the server.xml. |)ave -Original Message- From: Skely Vengaboy [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 05, 2005 1:14 PM To: Tomcat Users List Subject: HTTP Status 408 - The time allowed for the login process... Guys, I use JDBC realm for authentication. In the login screen, when the user enteres an invalid username and password for the first time and retries to login with valid username and password, I get this message on browser: How to come around this situation. Any help is appreciated. Thanks, Skely HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser... type Status report message The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser description The client did not produce a request within the time that the server was prepared to wait (The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser). - Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: HTTP Status 408 - The time allowed for the login process...
This can also happen if you have your browser open to the login page, and then reload the webapp. This is happening because your session is timing out. The default timeout in Tomcat is 30 minutes. I can't remember the exact place, but this can be changed in the server.xml. |)ave -Original Message- From: Skely Vengaboy [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 05, 2005 1:14 PM To: Tomcat Users List Subject: HTTP Status 408 - The time allowed for the login process... Guys, I use JDBC realm for authentication. In the login screen, when the user enteres an invalid username and password for the first time and retries to login with valid username and password, I get this message on browser: How to come around this situation. Any help is appreciated. Thanks, Skely HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser... type Status report message The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser description The client did not produce a request within the time that the server was prepared to wait (The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser). - Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Authentication problems with tomcat clustering.
Okay, not quite right... I first hit tomcat1 though httpd. When I submit I see successful authentication in the log for tomcat2. I then get the "Invalid direct reference..." message. I am now using mod_jk 1.2.10. Still no idea why this is happening... |)ave -Original Message----- From: David Owens Sent: Tuesday, April 05, 2005 7:11 AM To: tomcat-user@jakarta.apache.org Subject: RE: Authentication problems with tomcat clustering. I have done some further testing and have found what I think the problem is, but I still do not know the solution. What is happening is that the first time I access the webapp through httpd, I am getting the first tomcat server. I then type in my username and password and hit submit. I see in the logs of the first tomcat server log the authentication happening successfully, however, I am then redirected to the second tomcat server where my session is not available. I am using a 'lb' type load balancer, and by default it has sticky sessions, so I wonder why I am being balanced over to the other tomcat. Is this, perhaps, a question for the mod_jk team? Is there such a mailing list? |)ave -Original Message----- From: David Owens Sent: Monday, April 04, 2005 10:04 AM To: 'tomcat-user@jakarta.apache.org' Subject: Authentication problems with tomcat clustering. I have setup load balancing and clustering between two Tomcat 5.5.7 instances and Apache 2.0.50 with mod_jk. Almost everything works great. I can fail back and forth between the 2 tomcat instances with no trouble. However, I am having problems with the form based authentication. I have an index.html file which redirects the user to a secured resource. When the user hits this file through Apache, it works like normal, directing them to the login page. However, when I attempt to login I get "Invalid direct reference to form login page". When I look in the logs, I see the user is being authenticated, and the correct roles are being found. If I continually try logging in, and hitting the secure page, eventually I get in. Then, if I bounce apache, the problem starts again. If I login in the exact same manner directly against one of the tomcat instances, everything works, and I continue to the secure resource. In addition, I have found that if I stop one tomcat instance, I can login on the first try even when going through apache. It's worth noting, once I get successfully logged in once through apache (after many tries), I can logout/in repeatedly with no problem. Once I bounce apache, the problem starts again. I think something strange is happening with the login stuff when tomcat is clustered... Maybe I'm logging into 1 tomcat successfully, but being load balanced over to the other one, and the session has not been completely replicated yet? Any one else out there have this issue, or have any ideas? Thanks in advance! |)ave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Authentication problems with tomcat clustering.
I have done some further testing and have found what I think the problem is, but I still do not know the solution. What is happening is that the first time I access the webapp through httpd, I am getting the first tomcat server. I then type in my username and password and hit submit. I see in the logs of the first tomcat server log the authentication happening successfully, however, I am then redirected to the second tomcat server where my session is not available. I am using a 'lb' type load balancer, and by default it has sticky sessions, so I wonder why I am being balanced over to the other tomcat. Is this, perhaps, a question for the mod_jk team? Is there such a mailing list? |)ave -Original Message----- From: David Owens Sent: Monday, April 04, 2005 10:04 AM To: 'tomcat-user@jakarta.apache.org' Subject: Authentication problems with tomcat clustering. I have setup load balancing and clustering between two Tomcat 5.5.7 instances and Apache 2.0.50 with mod_jk. Almost everything works great. I can fail back and forth between the 2 tomcat instances with no trouble. However, I am having problems with the form based authentication. I have an index.html file which redirects the user to a secured resource. When the user hits this file through Apache, it works like normal, directing them to the login page. However, when I attempt to login I get "Invalid direct reference to form login page". When I look in the logs, I see the user is being authenticated, and the correct roles are being found. If I continually try logging in, and hitting the secure page, eventually I get in. Then, if I bounce apache, the problem starts again. If I login in the exact same manner directly against one of the tomcat instances, everything works, and I continue to the secure resource. In addition, I have found that if I stop one tomcat instance, I can login on the first try even when going through apache. It's worth noting, once I get successfully logged in once through apache (after many tries), I can logout/in repeatedly with no problem. Once I bounce apache, the problem starts again. I think something strange is happening with the login stuff when tomcat is clustered... Maybe I'm logging into 1 tomcat successfully, but being load balanced over to the other one, and the session has not been completely replicated yet? Any one else out there have this issue, or have any ideas? Thanks in advance! |)ave
RE: Setting up to use j_security_check??
Just sets up a role, and may not even be required. Please post the relevant sections from your web.xml, and your login page. Also, are you trying to go directly to j_security_check, or are you trying to access a protected location, and then the login page comes up? You want the latter. |)ave -Original Message- From: J Malcolm [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 4:07 PM To: 'Tomcat Users List' Subject: RE: Setting up to use j_security_check?? Hmmm, I have the first two, but not the security-role. Not sure why that wasn't in this particular webapp. It's been working w/ basic auth, though. Is that the magic key that's missing in form auth? Is that a tag that's only required with form auth and not required for basic auth? I'll add it and try again. Thanks. Jerry -----Original Message- From: David Owens [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 4:06 PM To: Tomcat Users List Subject: RE: Setting up to use j_security_check?? Have you defined the following in your web.xml? |)ave -Original Message- From: J Malcolm [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 3:03 PM To: 'Tomcat Users List' Subject: Setting up to use j_security_check?? I'm attempting to move from basic authentication to form-based. Got everything configured and the forms created, etc. The login form comes up as expected. But when I submit, it says it can't find url j_security_check. Am I supposed to do something to configure/enable that url in tomcat? I've seen docs that say to use action="j_security_check" and some that say to include a slash: action=/j_security_check. But neither works for me. What am I missing? Thx Jerry - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Setting up to use j_security_check??
Have you defined the following in your web.xml? |)ave -Original Message- From: J Malcolm [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 3:03 PM To: 'Tomcat Users List' Subject: Setting up to use j_security_check?? I'm attempting to move from basic authentication to form-based. Got everything configured and the forms created, etc. The login form comes up as expected. But when I submit, it says it can't find url j_security_check. Am I supposed to do something to configure/enable that url in tomcat? I've seen docs that say to use action="j_security_check" and some that say to include a slash: action=/j_security_check. But neither works for me. What am I missing? Thx Jerry - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Authentication problems with tomcat clustering.
Are your servlets in the /servlet/ directory? Or some other name? You have only redirected /servet/*, /*.vm and /therestaurant/servlet/ControllerServlet/* You may want to try just /therestaurant/* And you may want to do this JkMount / therestaurant /* loadbalancer On my problem: So I did some more investigation, and have found that I am authenticating against one tomcat, and then being balanced over to the other tomcat. This is presumably happening before the session is replicated... still looking for a solution... perhaps synchronous replication... I am also trying to find the 1.2.10 mod_jk for my system. (linux) -Original Message- From: Vaneet Sharma [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 10:09 AM To: Tomcat Users List Subject: RE: Authentication problems with tomcat clustering. Your Apache and Tomcat configuration is exactly like me.. However today I installed connector mod_jk.. Connector 1.2.10... And ... Though apache and tomcat are talking .. I cannot run my servlet page. Pls have a look below to see the configuration Thankx The connector is not loading my servlets? I am writing down my httpd.conf and workers.properties Httpd.conf LoadModule jk_module modules/mod_jk.so JkWorkersFile /usr/local/jakarta-tomcat-5.5.4/conf/workers.properties JkLogFile /etc/httpd/logs/mod_jk.log JkLogLevel info JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories JkLogStampFormat "[%a %b %d %H:%M:%S %Y]" JkAutoAlias /usr/local/jakarta-tomcat-5.5.4/webapps JkShmFile /etc/httpd/logs/mod_jk.shm JkMount /servlet/* ajp13Worker JkMount /*.vm ajp13Worker JkMount /therestaurant/servlet/ControllerServlet/* ajp13Worker NameVirtualHost xxx.xxx.xxx.xxx:80 ServerAdmin [EMAIL PROTECTED] DocumentRoot /usr/local/jakarta-tomcat-x.x.x/webapps/therestaurant ServerName www.therestaurant.name And below is workers.properties file worker.ajp13Worker.port=8009 worker.ajp13Worker.host=xxx.xxx.xxx.xxx worker.ajp13Worker.type=ajp13 worker.ajp13Worker.lbfactor=50 worker.ajp13Worker.cachesize=10 worker.ajp13Worker.cache_timeout=600 -Original Message----- From: David Owens [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 6:04 PM To: tomcat-user@jakarta.apache.org Subject: Authentication problems with tomcat clustering. I have setup load balancing and clustering between two Tomcat 5.5.7 instances and Apache 2.0.50 with mod_jk. Almost everything works great. I can fail back and forth between the 2 tomcat instances with no trouble. However, I am having problems with the form based authentication. I have an index.html file which redirects the user to a secured resource. When the user hits this file through Apache, it works like normal, directing them to the login page. However, when I attempt to login I get "Invalid direct reference to form login page". When I look in the logs, I see the user is being authenticated, and the correct roles are being found. If I continually try logging in, and hitting the secure page, eventually I get in. Then, if I bounce apache, the problem starts again. If I login in the exact same manner directly against one of the tomcat instances, everything works, and I continue to the secure resource. In addition, I have found that if I stop one tomcat instance, I can login on the first try even when going through apache. It's worth noting, once I get successfully logged in once through apache (after many tries), I can logout/in repeatedly with no problem. Once I bounce apache, the problem starts again. I think something strange is happening with the login stuff when tomcat is clustered... Maybe I'm logging into 1 tomcat successfully, but being load balanced over to the other one, and the session has not been completely replicated yet? Any one else out there have this issue, or have any ideas? Thanks in advance! |)ave Vaneet Sharma executive manager iDeasTank Limited an iwg business dolphins' court po 388 valletta, m-malta/europe mobile: +356 9943 8263 skype: CALLVANEET fax: +356 9952 phone: +356 9942 [EMAIL PROTECTED] call me on www.skype.com - my ID is CALLVANEET Want a signature like this? - www.plaxo.com\signature iwg is a global e-mobile company creating, building and growing new businesses. iwg founders are pioneers in creating multi-billion dollar mobile and Internet businesses in Europe, Asia and the US. www.iWG.info www.countryprofiler.com/iWG www.visitmalta.com www.mfc.com.mt Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
Authentication problems with tomcat clustering.
I have setup load balancing and clustering between two Tomcat 5.5.7 instances and Apache 2.0.50 with mod_jk. Almost everything works great. I can fail back and forth between the 2 tomcat instances with no trouble. However, I am having problems with the form based authentication. I have an index.html file which redirects the user to a secured resource. When the user hits this file through Apache, it works like normal, directing them to the login page. However, when I attempt to login I get "Invalid direct reference to form login page". When I look in the logs, I see the user is being authenticated, and the correct roles are being found. If I continually try logging in, and hitting the secure page, eventually I get in. Then, if I bounce apache, the problem starts again. If I login in the exact same manner directly against one of the tomcat instances, everything works, and I continue to the secure resource. In addition, I have found that if I stop one tomcat instance, I can login on the first try even when going through apache. It's worth noting, once I get successfully logged in once through apache (after many tries), I can logout/in repeatedly with no problem. Once I bounce apache, the problem starts again. I think something strange is happening with the login stuff when tomcat is clustered... Maybe I'm logging into 1 tomcat successfully, but being load balanced over to the other one, and the session has not been completely replicated yet? Any one else out there have this issue, or have any ideas? Thanks in advance! |)ave
RE: WAR files and web.xml
I'm not sure what kind of information you are trying to change but I have a few suggestions which might get you started: 1) If the changes are something like database/realm passwords or logging information, you can put those in a context file called .xml and put it in $CATALINA_HOME/conf/Catalina/localhost before you drop your war in place. (For that matter I guess you could put any sort of resource or resource reference in there) So the user can modify the xml file before they run "ant install" and the install target drops the context file in that dir, and then the war in the webapps dir. (Or better yet, the user could modify the build.properties before doing the install and ant could do the configuration/substitution in the context file as described below.) 2) You could setup tokens like @REPLACE_HERE@ in your web.xml and then have something like user1.information=A and user2.information=B etc in your build.properties. You could use ant's replace target to replace the tokens during the war target. The user (or you) could then specify the deploy environment like this: "ant -Ddeploy.env=user1 war" which would create a war file using the "user1." properties. We do this where I work to create wars for dev, test, uat, and production. If #2 looks like something you want to do, and you want the ant snippet, email me and I'll send it your way. :) |)ave -Original Message- From: Mark [mailto:[EMAIL PROTECTED] Sent: Friday, April 01, 2005 6:27 AM To: Tomcat Users List Subject: WAR files and web.xml I have a question concerning the generation of a war file and my web.xml file. I want to create a WAR file for my web application using Ant, and place my web.xml file into the WAR file. The problem I have is that once the web.xml file is placed into the web.xml file, users/admins will not be able to make changes to the configuration parameters in the web.xml file. For instance, I have a servlet that I load at tomcatstartup and it reads configuration information from the web.xml. Now if the web.xml file has to be placed into the WAR file, a customer will not be able to customize the values contained in the web.xml file. So, am I missing something, or is this how everything is supposed to work? Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tomcat 5 not deploying my war
If you had a webapp there before, the problem may be that it cannot undeploy the previous one because one of the jar or resource files is locked. If this is the case, you can turn on anti jar locking. Hope this helps. |)ave -Original Message- From: teknokrat [mailto:[EMAIL PROTECTED] Sent: Friday, April 01, 2005 3:24 AM To: tomcat-user@jakarta.apache.org Subject: tomcat 5 not deploying my war I place my war in the webapps directory. tomcat 5.5.7 creates the directory and maybe a few others but it does not complete the job. Reloading etc does not fix this. there are no error messages given. Anyone have a clue what could be going on here? thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: where are my files?
It does not really use index.jsp It is remapped to a servlet in web.xml. So first edit webapps/ROOT/WEB-INF/web.xml and remove the mapping, then edit index.jsp. Hope this helps. |)ave -Original Message- From: Mike McMullin [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 23, 2005 10:13 AM To: Tomcat Subject: where are my files? I've installed TomCat-Jakarta 5.0.19 (from SuSE9.1 which I'm running) as well as the demo-server package. I'm trying to work through the Apress book Apache Jakarta-Tomcat, which is written around 4.0. My problem in a nut shell is that I cannot find which directory tomcat seems to be using. I load the page on port 8080 and note the file name, grab a shell run "locate index.jsp" and can find the page that the application loads, or so I think. I've edited the "If you're seeing this page via a web ..." so that seeing is pseeing, saved the page, and reloaded into the browser, and did could not "find" any change to the page. Any thoughts on why I'm lost? (Other than I'm new :) Mike - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: LDAP/JNDI Realm Tomcat 5.0 vs 5.5
Okay, I figured out the problem.
My password had some the '$' characters in it. Originally, back in 5.0,
to get this to work, I had to escape the '$' with
another '$'. It looks like this 'problem' has been 'fixed' in 5.5.
So in summary, if you had a 5.0 password of "$imple" then you had to
use "$$imple" in you realm definition. But for 5.5 you
just use "$imple" in your realm definition, as there is no need to
escape the dollar sign.
Hope this helps other who may encounter this problem.
|)ave
-Original Message-
From: David Owens
Sent: Monday, March 21, 2005 10:41 AM
To: 'tomcat-user@jakarta.apache.org'
Subject: LDAP/JNDI Realm Tomcat 5.0 vs 5.5
I am doing some investigation into upgrading from our Tomcat 5.0.x
servers to Tomcat 5.5.x and I am
trying to get everything working. In the old tomcat 5.0.x I was able to
create a realm which authenticated
against our ADS server. However, I cannot get it to work in Tomcat
5.5.7.
The only thing I have changed besides the version of tomcat is the
location of the file containing the
realm information. Originally I had put it in as
$CATALINA_HOME/conf/Catalina/localhost/myapp.xml
but for Tomcat 5.5 I have put the realm information in
webapps/myapp/META-INF/context.xml.
My understanding is that the location/name of the context information
should not change how the
realm works, but I thought it worth mentioning.
Here is the realm definition I used for both Tomcat 5.0.27 and Tomcat
5.5.7
ldap://test.testtrust.com:389";
alternateURL="ldap://192.168.0.10:389";
connectionName="CN=ADSAdmin,OU=Service
Accounts,DC=testtrust,DC=com"
connectionPassword="secretpassword"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
authentication="simple"
referrals="follow"
userBase="OU=People,DC=testtrust,DC=com"
userRoleName="memberOf"
userSubtree="true"
userSearch="(samaccountname={0})"
roleBase="OU=Groups,DC=testtrust,DC=com"
roleName="cn"
roleSearch="(member={0})"
roleSubtree="true"
/>
.
.
.
The error I get when deploying the app is:
SEVERE: Error deploying web application archive myapp.war
java.lang.IllegalStateException: ContainerBase.addChild: start:
LifecycleException: Exception opening directory server connection:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 52e,
v893 ]
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.ja
va:763)
.
.
.
My understanding is that it is picking up my realm information, and
trying to use it,
but his error means it is not properly authenticating.
So my question is, why did this exact realm setup work under Tomcat
5.0.x and not 5.5.x?
Any help would be greatly appreciated!
Thanks in advance,
Dave
RE: DIGEST authentication; Does it work??
The docs say this:
When a standard realm authenticates by retrieving the stored password
and comparing it with the value presented by the user, you can select
digested passwords by specifying the *digest* attribute on your
element. The value for this attribute must be one of the digest
algorithms supported by the java.security.MessageDigest class (SHA, MD2,
or MD5). When you select this option, the contents of the password that
is stored in the Realm must be the cleartext version of the password, as
digested by the specified algorithm.
I have starred the word digest. If you look at the source for the page
you will notice the word digest is in tags, and I think they are
trying to indicate this is a key word you can use in the tag.
Let us know if this works for you.
|)ave
-Original Message-
From: Mark Leone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 23, 2005 1:53 AM
To: Tomcat Users List
Subject: Re: DIGEST authentication; Does it work??
So at 3:00 AM I decided to read the Basic and Digest Access
Authentication spec (RFC 2617), and it says that MD5 is the default hash
algorithm. I had previously seen that Tomcat wasn't sending any response
headers explicitly specifying the hash algorithm, even though I had
specified SHA in the element in Server.xml. So I changed my
digest algorithm for the realm to MD5, and DIGEST authentication is now
working.
I'd like to make it work with SHA-1. I've looked all through the Tomcat
documentation, and I can't find a configuration parameter to set the
www-authenticate response header to indicate SHA-1 algorithm for the
digest. I see the API that supports this in
org.apache.catalina.authenticator.DigestAuthenticator (
setAuthenticateHeader() ), but I can't find a configuration parameter
that will determine the value for "algorithm" passed to this method.
Does anyone know how I can set this?*
*
-Mark
Mark Leone wrote:
> I found a silly classpath error that fixed the problem using
> RealmBase. I didn't realize that my system still had environment
> variable %catalina_home% pointing to an old tomcat 4.1.24 directory.
> So when I opened a command window to generate digest values I was
> executing RealmBase in tomcat 4.1.24. But guess what. When I digest
> the same info with the same algorithm specifier (SHA) in Tomcat 4.1.24
> and Tomcat 5.5.8 I get different digest values. And DIGEST
> authentication still doesn't work, in either case. Something very
> strange is going on here. :(
>
> -Mark
>
> Mark Leone wrote:
>
>> Okay, I was using 5.5.7. So I just downloaded the source and built
>> 5.5.8, and things got worse. Digest authentication is not working for
>> me. I believe I've set everything up correctly. Using an HTTP monitor
>> I see a 401 response coming back from Tomcat with a www-authenticate
>> header whose parameters specify digest authentication and identify
>> the realm as JDBCRealm. And I have a digested password that I created
>> by digesting {username}:JDBCRealm:{password} (including the colons-
>> is that correct?), as directed in the how-to documentation. But when
>> I enter that username and password, the authentication fails. Now I
>> used SHA-1 to digest the password, and my element in
>> Server.xml identifies SHA as the digest algorithm for digesting
>> passwords. Does this mean that the DIGEST authentication will also be
>> done using SHA-1? Or do I need to specify that somewhere? Am I
>> missing something else?
>>
>> I said it got worse with 5.5.8 because now I can't even get RealmBase
>> to generate a digested password. I enter
>> java -cp %catalina_home%\server\lib\catalina.jar
>> org.apache.catalina.realm.RealmBase -a SHA
>> {username}:JDBCRealm:{password}
>>
>> and I get:
>>
>> Exception in thread "main" java.lang.NoClassDefFoundError:
>> org/apache/commons/lo
>> gging/LogFactory at
>> org.apache.catalina.realm.RealmBase.(RealmBase.java:69)
>>
>> So it's finding RealmBase, but while executing that code it fails to
>> find LogFactory. I don't see an org\apache\commons path in any of the
>> class directories generated during the build. Do I have a defective
>> build? Was I supposed to download something else?
>>
>> -Mark
>>
>> Mark Thomas wrote:
>>
>>> Yes it does. I tested this extensively with both IE and Firefox. Any
>>> combination of the following is OK:
>>>
>>> Auth:BASIC, FORM, DIGEST
>>> Realm:Memory, UserDatabase, JDBC, DataSource
>>> Passwords:Cleartext, digested
>>>
>>> There is a complication when using digested passwords with the
>>> digest realm.
>>>
>>> You need to be using 4.1.x from CVS HEAD or 5.5.8+
>>>
>>> For more info see:
>>> http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html
>>>
>>> Mark
>>>
>>>
>>> Mark Leone wrote:
>>>
I'm trying to use DIGEST authentication with Tomcat, and it doesn't
seem to work. I found some articles with Google about IE
implementing DIGEST authentication in a way that only worked with
LDAP/JNDI Realm Tomcat 5.0 vs 5.5
I am doing some investigation into upgrading from our Tomcat 5.0.x
servers to Tomcat 5.5.x and I am
trying to get everything working. In the old tomcat 5.0.x I was able to
create a realm which authenticated
against our ADS server. However, I cannot get it to work in Tomcat
5.5.7.
The only thing I have changed besides the version of tomcat is the
location of the file containing the
realm information. Originally I had put it in as
$CATALINA_HOME/conf/Catalina/localhost/myapp.xml
but for Tomcat 5.5 I have put the realm information in
webapps/myapp/META-INF/context.xml.
My understanding is that the location/name of the context information
should not change how the
realm works, but I thought it worth mentioning.
Here is the realm definition I used for both Tomcat 5.0.27 and Tomcat
5.5.7
ldap://test.testtrust.com:389";
alternateURL="ldap://192.168.0.10:389";
connectionName="CN=ADSAdmin,OU=Service
Accounts,DC=testtrust,DC=com"
connectionPassword="secretpassword"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
authentication="simple"
referrals="follow"
userBase="OU=People,DC=testtrust,DC=com"
userRoleName="memberOf"
userSubtree="true"
userSearch="(samaccountname={0})"
roleBase="OU=Groups,DC=testtrust,DC=com"
roleName="cn"
roleSearch="(member={0})"
roleSubtree="true"
/>
.
.
.
The error I get when deploying the app is:
SEVERE: Error deploying web application archive myapp.war
java.lang.IllegalStateException: ContainerBase.addChild: start:
LifecycleException: Exception opening directory server connection:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 52e,
v893 ]
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.ja
va:763)
.
.
.
My understanding is that it is picking up my realm information, and
trying to use it,
but his error means it is not properly authenticating.
So my question is, why did this exact realm setup work under Tomcat
5.0.x and not 5.5.x?
Any help would be greatly appreciated!
Thanks in advance,
Dave
