RE: GSI Web Services with tomcat 5
Hi It was the laster. The connectors have changed from 4 to 5 and therefore the custmised solution does not work for 5. There are not obstacles stopping myself from trying to reimplement the solution but the fact that GSI delegation is complicated and it would need to be very secure in a web service environment. This delegation is vital to the grid environment and i would prefer to take a tried and tested solution to the problem than invent my own. glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
GSI Web Services with tomcat 5
Hi Has anybody achieved GSI delegation with tomcat 5, i have managed it with tomcat 4 (adding the new connectors and values etc to tomcat) but there seems no support or a work around for tomcat 5 yet. Anybody have any more information??? Cheers Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Secuity and patching tomcat
Hi We are running tomcat for our production server and i was wondering how other people cope with applying security patches (where do you find alerts about secuirty for tomcat?) as tomcat is distributed as either source or dist and not a rpms. Whats the best practise for the installation of tomcats for is process. Is it best to provide symbolic links to the war files and the applications and not dump them into the webapps directory as this will move when you upgrade the server? Cheers Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SSL and sessions
Hi I am using tomcat with ssl for the initial log into my application over ssl, the problem is that if i send the application back to http (normal) the session that i first created under ssl is different from the session that is created going back to http. Is there any configuration that allows the same session to go to and from https and http with the same session id. Cheers Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
catalina.out and access logs gunzipping
Hi with tomcat5, how do you make tomcat gz your access and log file ever so often. In some of my tomcat instances this has happened and other it has not?? Any ideas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Removing ROOT as default path to tomcat 5
Hi I wish to remove ROOT as the default path to Tomcat 5, I have added Context path=/ to the server.xml file but the default $CATALINA_HOME/webapps/ROOT/index.jsp page still appears with http://localhost:8080. This is how I did it with tomcat 4, has anything changed?? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
ClassCastException
Hi I am using axis web services with the java cog kit, each web service is a application under tomcat. But when two applications wish to use the cog kit, ie the web service is invoked, the first web service works fine and the the second throws this stackTrace: java.lang.ClassCastException at org.globus.gsi.bc.BouncyCastleUtil.getIdentity(BouncyCastleUtil.java:387) at org.globus.gsi.bc.BouncyCastleUtil.getIdentity(BouncyCastleUtil.java:402) at org.globus.gsi.GlobusCredential.getIdentity(GlobusCredential.java:342) at org.globus.gsi.gssapi.GlobusGSSCredentialImpl.lt;initgt;(GlobusGSSCredenti alImpl.java:56) Now if i restart tomcat, and call the second web service first, it works fine, but then the original first web service when called throws the exception. It seems that two applications cannot load the cog kit under tomcat? Has anyone any ideas on what is happening??? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: org.apache.catalina.valves.RemoteHostValve
Hi I have tried to put Valve className=org.apache.catalina.valves.RemoteHostValve deny=*.subnet.ac.uk/ in my context but it keeps on throwing an exception Catalina.start: java.lang.IllegalArgumentException: Syntax error in request filter pattern *.subnet.ac.uk Can wild cards be used in this context? Does anybosy know how to only allow the localhost to access the server /context??? Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
org.apache.catalina.valves.RemoteHostValve
Hi I am trying to only allow localhost to access my tomcat server. I have tried to put Valve className=org.apache.catalina.valves.RemoteHostValve deny=*.my.host.uk/ in my context but it keeps on throwing an exception Catalina.start: java.lang.IllegalArgumentException: Syntax error in request filter pattern *.my.host.uk Can wild cards be used in this context? Does anybosy know how to only allow the localhost to access the server /context??? Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: org.apache.catalina.valves.RemoteHostValve
Hi If i specify a host, then i only deny one machine. How do you deny all hosts on a sub net? Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Sticky sessions and load balancing
Hi I am using tomcat 5.0.14 with apache 2.0.47. I have 2 instances of tomcat working with apache infront taking the requests and forwarding to the 2 tomcats. I can make the apache do load balancing, giving each server 50% of the traffic. When i try to create sticky sessions, it works, but only the first tomcat instance gets all the traffic. Is it possible to have sticky sessions with load balancing, ie if a user with out a session comes in it goes to one tomcat, then the next etc, but if a user comes in with a session id, it goes to the tomcat that i was created on??? Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Sticky sessions and load balancing with apache 2
Hi I can make the apache do load balancing, giving each server 50% of the traffic. When i try to create sticky sessions, it works, but only the first tomcat instance gets all the traffic. Is it possible to have sticky sessions with load balancing (with tomcat and mod_jk2), ie if a user without a session comes in they go to tomcat1, then the next instance etc, but if a user comes in with a session id, it goes to the tomcat instance that i was created on??? Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Session Repication
Hi I am trying to replicate my sessions via clustering with tomcat5 behind a apache. The problem is that i get this exception when i try to add a string to a session. code: String name= request.getParameter(name); session.setAttribute(name, name); exception: java.lang.IllegalArgumentException: Value for attribute instance is not serializable. org.apache.catalina.cluster.session.ReplicatedSession.setAttribute(Replicate dSession.java:153) org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessi onFacade.java:176) org.apache.jsp.addition_jsp._jspService(addition_jsp.java:86) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:133) javax.servlet.http.HttpServlet.service(HttpServlet.java:856) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:3 11) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:301) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:248) javax.servlet.http.HttpServlet.service(HttpServlet.java:856) But i works if the code is session.setAttribute(name, Myname); Any ideas? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat5
Hi Does anybody know of the timetable for a stable release of tomcat 5? Glen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tomcat 4.1.12 problem
Hi I have managed to change the startup.bat file to run instead of start and i have the errot message. It is java.lang.ClassNotFoundException: org.apache.coyote.tomcat4.CoyoteConnector, which comes from the server.xml foe the http1.1 connector. Since i have installed tomcat fromt he original package and also tried installing it as a service i cannot see why it cannot find this class. Does anyone have any ideas or know which jar file this is in. Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: tomcat 4.1.12 problem
Hi i have solved the problem. I am not sure what happened but i reinstalled the jre and sdk and it now works. Cheers -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
tomcat 4.1.12 and xml spy
Hi I have been working with tomcat for a couple of years, but on friday i downloaded xml spy 5 enterprise edition and now my tomcat server will not work, it just falls over with out writing anything to catalina.out. All my older version will not work and even the one inside netbeans doesnt work. I have tried downloading it time and again without success. Has anybody else heard of this or had the same problems Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
access logs
Hi I have upgraded from tomcat 4.0.4 to 4.1.12 and the localhost_access_logs do not seem to be there. Has tomcat go rid of this log or is there a way to turn them on again??? Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Bug in 4.0.4 DefaultServlet
Hi I have just come back off holiday and have heard about the bug with org.apache.catalina.servlets.DefaultServlet where you can see the source code of jsp's. I have been on the jakarta web site and there solution is to comment out servlet-mapping servlet-nameinvoker/servlet-name url-pattern/servlet/*/url-pattern /servlet-mapping this from the web.xml file. I have done this but now my servlets dont work. Can anybody help?? Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Bug in 4.0.4 DefaultServlet
I am in the process of upgrading bu i need to test my application with the new version. So i need a patch until i have done this. glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Ref Http Session
in the server.xml file. add this tag inside you context path Manager className=org.apache.catalina.session.PersistentManager debug=0 saveOnRestart=false maxActiveSessions=-1 minIdleSwap=-1 maxIdleSwap=-1 maxIdleBackup=-1 Store className=org.apache.catalina.session.FileStore/ /Manager -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Réf. : RE: Ref Http Session
session cookies id's are not saved to you hard drive. they are stored in you memory until the browser is closed. session attributes are stored on the server and have not contact with he browser. The session id sent from your browser is used by the server to id you session object on the server, then it can access your stored attributes. if you want to see your session id and associating attributes you will have to write jsp page to print out your attributes something like this Enumeration en = session.getAttributeNames(); while(en.hasMoreElements){ String name = en.nextElement(); System.out.println(name + has value + session.getAttribute(name)); } -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Ref Http Session
session cookies id's are not saved to you hard drive. they are stored in you memory until the browser is closed. session attributes are stored on the server and have not contact with he browser. The session id sent from your browser is used by the server to id you session object on the server, then it can access your stored attributes. if you want to see your session id and associating attributes you will have to write jsp page to print out your attributes something like this Enumeration en = session.getAttributeNames(); while(en.hasMoreElements){ String name = en.nextElement(); System.out.println(name + has value + session.getAttribute(name)); } -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: How to Change Port Number of Tomcat
From the tomcat 4 RUNNING.txt file, to change the port number it only says to change 8080 to the number that you want. It does not mention changing anything else in the file. I have changed all my tomcats to 80 on windows, linux and solaris and have had not problems. Check netstat, also check ps -eaf for any old tomcat threads till holding on to the ports, and kill them. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: How to Change Port Number of Tomcat
I have got 2 running simultaneously. to have 2 running, on one of the tomcats you need to change 6 things. There are 4 connectors.http, https, ajp and test http. change https port. change http port and then change redirect port to whatever https port is. change ajp port and then do the same of the test http as the normal http. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Changing the IP address
There are two ways to do this. Firstly on your network, your users could use the name of your computer followed by the domain balam2.cuc.uqroo.mx. So you could use http://name.balam2.cuc.uqroo.mx:8080/examples/SendAMail.jsp to get to your server. Or have a alias on your DNS server for example http://alias:8080/examples/SendAMail.jsp in which you will have to contact you network admin. But in any case your employees can access your ip address with the command nslookup name.balam2.cuc.uqroo.mx or nslookup alias. Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Multithreading with tomcat
Hi I am trying to invoke more than one servlet from multiply resources at the same time. But at the moment i call them one after another. The problem is that if one of the servlets takes along time to do its work, and hangs, the other processes wait to be executed. I wish to use threads with the my servlet. But if i am using a single processor machine, the i/o of the first thread will use the processor till it has finished, then the next etc and i wont see any difference with the performance. Is there any possibility in using native threads instead of green threads, and how do you make the threads native??? Also, is there a way with tomcat to stop a connection that takes more than a certain time. These connections of mine aren't being timed out since the servlet is hanging and the connection is live. Is there something in the connector tag in the server.xml file. Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
URL connection timeout
Hi Is there any way to specify a timeout for a URL connection with tomcat. Is there something in the server.xml file??? Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Quick Question
tomcats default directory is where ever you called the startup.sh/bat file. So if you dont use another script to call the startup.sh/bat file tomcats default will be the bin directory. Use this code to find the directory where WEB-INF is. Then you can traverse your directory structure from there. //get context path ServletConfig scon = null ; String workingDir = null; public void init(ServletConfig config) { scon = config ; } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //get working dir ServletContext sc = scon.getServletContext(); workingDir = sc.getRealPath(); -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Quick Question
hi what you should try to do is either from your jsp use the method I suggested before and pass the info to your bean, or if this is a config file, use this method which works I have just tried it, to load your file into a properties class. Properties conf = new Properties(); conf.load(getClass().getResource(config.txt).openStream()); then you can extract the information. glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
SSL just for a login page
Hi I have been working with tomcat with a web site. There is a initial login page which sends the username and password to a servlet that checks them against a database. I want to have the informatin sent over ssl but then i want the user to be sent back to a none ssl page for the rest of the session. With out explicitly calling https:// and http:// within the redirects (ie i want all locations relative) how do i canfigure tomcat. I have configured it to the login page is on ssl but when the servlet sends the user back to a page that page is also ssl. I have added this to my web.xml file security-constraint web-resource-collection web-resource-nameDataPortal/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeNONE/transport-guarantee /user-data-constraint /security-constraint security-constraint web-resource-collection web-resource-nameDataPortal/web-resource-name url-pattern/Login.html/url-pattern url-pattern/servlet/LoginServlet/url-pattern http-methodGET/http-method /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint Also the second problem when i take off the Login page and off the CONFIDENTIAL section so a person goes to the login page and then enters the username and password, the information is sent to the server over ssl but my LoginServlet code cannot pick out the parameters passed to it??? Can anybosy help me with this Thanks glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: SSL just for a login page
Hi I am not am expert in the security of the web at the moment. Could you explain to me why this would open such a big secuirty hole from swapping from https to https. I was suggesting this because it read this i a 'professional j2ee' book?!! The problem i have is that i need the username and password to be encrypted but i have heard that ssl hits performance quite badly!! I dont think that i could handle filtering, so what do you suggest for the security?? What is the 'norm' for these such problems. Thanks Glen. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: SSL just for a login page
Hi Let me reply to a few of the emails. the problem is your own encryption isn't signed by a third party, which means if someone hack into your server, they could compromise the security. wouldn't this still be a problem if my public key was signed by a CA?? isn't the cert. for the client to verify who i am, this would not effect the SSL encryption?? Why don't you just build your redirect after they log in. response.sendRedirect(http://; + request.getHostName() + /myApp/home.jsp); i have tried this. What i am doing is using the login to set up a session and adding a attribute to this session. Every jsp checks the session for this object to verify that the user has logged in, if they have not or they have logged out the user is unable to bookmark or go backward into the website. Using the redirect like this some how interferes with the session and messes up the checking. I am not sure why this happens? Glen -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: SSL just for a login page
Yes, you are probably right, I will have to use ssl. Does anybody know of some good stress testing free software??? How does this sound. 1)User logs on and username and password send over ssl. password md5 hashed and compared against users on a database. 2)If valid user logs on, if not user sent to error page. 3) rest of session ssl. if database compromised, hash value would be no use??? Lastly, how do i enforce that the whole of the web site must be over ssl, except the initial welcome page so the user doesn't have to type in port numbers is it something like this in the web.xml file. security-constraint web-resource-collection web-resource-name***/web-resource-name url-pattern/index.html/url-pattern /web-resource-collection user-data-constraint transport-guaranteeNONE/transport-guarantee /user-data-constraint /security-constraint security-constraint web-resource-collection web-resource-name***/web-resource-name url-pattern/*/url-pattern //or will this overwrite the index.html url-pattern/*jsp/url-pattern //should it be like this url-pattern/data/*/url-pattern url-pattern/etc/*/url-pattern //etc http-methodGET/http-method http-methodPOST/http-method /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: SSL just for a login page
just downloaded it version 1.7 using it with java 1.4 beta installation says that you dont need to do anything (already got JAVA_HOME), when i run it it just pulls up errors?? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Calling ejbs from tomcat
Hi, i have been using and working with ejbs from a java client calling ejbs from the server that comes with the j2ee package . But now i wish to call the ejbs from a servlet within tomcat. I have put all the jar files for the client that is needed it to the lib dir of my web application but i keep getting the exception javax.naming.NameNotFoundException: Name test is not bound in this Context where test is my JNDI name for the bean. This code works for the java client so i am wondering do i have to add anything to the server.xml file or something? Heres my servlet code: try{ Properties prop = new Properties(); prop.put(Context.PROVIDER_URL,localhost:1050); Context context= new InitialContext(); Object ob = context.lookup(test); MyBeanHome home = (MyBeanHome)PortableRemoteObject.narrow(ob, MyBeanHome.class); MyBean my = home.create(); message = my.getString(); System.out.println(result : +message); } catch(Exception e){ e.printStackTrace(); } -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
jsp class loading
I have written some java classes to help my servlet/jsp configuration. But the problem is that i want them to be accessable to my servlet and my jsp. i have jar the file and put them in the web-inf/lib folder and also in the java_home/jre/lib/ext folder. The servlets pick up the classes automatically but the jsp cannot 'see' them. can anybody help. Do i have to add a package to the classes before i jar them and then access then vis jsp with the package name in th eimport header. The only way at the moment i have suceeded is to put the classes in the java_home/jre/classes folder and call them when needed but i would particularly like them to be in the lib folder of the application for portability. -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
Help needed with package access
I am using tomcat and i am unable to compile my servlet classes when i try to make an instance of a class that i have created which lies in the same folder as my servlet, ie WEB-INF/classes. A error occurs telling me that it cannot resolve the class. The only way around this is to put these classes i need in the jre/classes folder of my java home directory. Does anybody know a way around this problem so that my servlets can 'see' my java classes in the classes folder, or below. Thanks Glen -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
RE: Help needed with package access
Sorry about that, worked it out , i was just been completly stupid. I have just changed computers and have set up everything correctly and i had everything working except one thing.!! .; in my classpath. cheers anyway -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]