from:"Johann Uhrmann"

Re: Tomcat -> Apache with JK2: mapping urls...

2004-10-18 Thread Johann Uhrmann

Andrzej Jan Taramina wrote:
Douglas WF Acheson has said late last year:

# Define the Manager proxy that comes with Tomcat
[uri:/tomcat/manager/*]
context=/manager
info=Manager prefix mapping
But, after frustrating attempts I cannot seem to get it correct.  I have
search the mail archives and a few people have asked similar questions, but I
have not see any replies.  Hope someone can help me ...

I'm trying to do the same thing. I want Apache/JK2 to trap a specific URI 
(tomcat/manager/* in this example), but to map it to something else (eg. 
"manager") before it sends the request on to Tomcat through the JK 
connection.

The context parameter shown above in workers2.properties does not do this, in 
fact, who knows what it does. I agree with Doug that the JK2 docs are 
abysmal. 
Hi Andrzej,
I am trying to deploy a web application to multiple instances of Tomcat and it would
be great to have a mapping like /tomcat1/axis -> /axis on the first worker and
/tomcat2/axis -> /axis on the second worker.
Unfortunately, the context parameter is ignored and just as You mentioned, the jk2 docs
are lousy. It seems that there is no other choice but digging through the source code
of JK2 or trashing JK2/Tomcat and using something well documented.
Has anyone already been through the hell of digging through the source code and is
there a usable documentation about jk2?
Regards,
Hans
(sorry for being rude, but in my oppinion some guys have not discovered that the
 best software is worth nothing without documentation)
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Load balancing and the /manager webapp

2004-04-14 Thread Johann Uhrmann

Hello,

I have Apache 1.3 with JK2 and two instances of Tocmat5.

JK2 is configured for load balancing between the tomcat instances.
However, I want to have access to the /manager web application
of a single tomcat instance.
For example:
http://my.server/myapp should be load balanced (this already works)
http://my.server/manager1 should give me the /manager from my
first tomcat.
http://my.server/manager2 should give me the /manager from my
second tomcat.
My question is:
Do I have to configure this in tomcat? (If yes, then how can I rename
/manager to /manager1?)
Or do I have to configure jk2 in a way that makes /manager1 access
the context /manager of the backend?
In Tomcat 4 it helped to rename the manager.xml file to manager1.
This does not seem to work anymore in Tomcat 5.
Kind regards,

Hans

--
Dipl.-Inf.(FH) Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

jk2 is ignoring graceful flag

2004-01-21 Thread Johann Uhrmann

Hello,

according to
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk2/configwebcom.html
setting graceful to 1 in the channel.socket session should disable the
channel for new sessions.
In my installation, the flag seems to be ignored.

Therefore, I have two questions:

1. If I want a channel to get requests for existing sessions only,
   is the correct setting:
  a) graceful = 1
 disabled = 0
	or

  b) graceful = 1
 disabled = 1
2. If a channel is configured for not accepting any new sessions,
   how can the number of remaining sessions be checked?
   I need this to determine if the tomcat instance can be safely
   switched off without kicking out users.
Thank You,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Loadbalancing with mod_jk2

2003-12-17 Thread Johann Uhrmann

Hello,

what is the correct way to use JK2 for load balancing?

According to the docs, jk2 should support load balancing
and "graceful" shutdown of a worker. (Meaning that a particular
worker will not get any new sessions.)
This is a snippet my current configuration:

[channel.socket:localhost:8009]
port=8009
host=127.0.0.1
[channel.socket:localhost:8010]
port=8010
host=127.0.0.1
[ajp13:localhost:8009]
channel=channel.socket:localhost:8009
[ajp13:localhost:8010]
channel=channel.socket:localhost:8010
[uri:/foobar/*]
worker=ajp13:localhost:8009


How can I tell jk2 that foobar is served by both tomcat instances?
How to tell that tomcat2 should not get new sessions for foobar?
Thank You very much,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Error messages for the jsp compiler

2003-11-10 Thread Johann Uhrmann

David Allison wrote:
[...]
The other thing which caused me an issue is that there is no way to disable
custom tag pooling when pre-compiling JSPs, my application uses some Struts
tags which do no work correctly with pooling enabled..
Could You provide some details, e.g. what tags are not compatible with
tag pooling?
Regards,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Error messages for the jsp compiler

2003-11-10 Thread Johann Uhrmann

Hello,

I am currently using Tomcat 4.1.24 as server and the included
jasper2 compiler for offline compilation (via ant).
Unfortunately, if the jsp compiler is called via ant, the only
error message is a NullPointerException. If it is called from
tomcat, it produces more useful output.
Is that a known issue? Is there a setting for jasper2 to produce
error messages in an offline-compile run that actually help to
find the error?
Kind regards,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Missing jdbc context

2003-10-26 Thread Johann Uhrmann

Shapira, Yoav wrote:
Howdy,
Set debug="99" for your server, engine, host, so you can see why tomcat
is running into errors processing server.xml.  

Unfortunately, that setting does not provide any more information
about the problem.
Regards,

Hans

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: error-page directive gives a wrong response code to apache

2003-10-22 Thread Johann Uhrmann

Julien Oix wrote:
hi everyone,

I have a problem with the error-page directive included in my web.xml

The RPM's I use on a Linux RedHat top box :

apache-1.3.27-2.7.1
tomcat4-4.1.18-full.1jpp
mod_jk-ap13-1.2.2-1jpp
so when apache gives a jsp to Tomcat, this one answers a code 200 instead of
a 404 in the apache log even if the jsp is not found ...
I know this bug is in the bugzilla database as "RESOLVED" yet (
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15406 ) but for 4.1.12
version so I can't understand what happens ...
It is "RESOLVED INVALID". In other words:
That behaviour is considered correct.
If You want Your JSP to return a response code different from 200
You have to include:
<% response.setStatus(response.SC_NOT_FOUND); %>

in Your 404-page.

Regards,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Missing jdbc context

2003-10-22 Thread Johann Uhrmann

Hello,

I have some problems with Tomcat 4.1.27 and database connection pooling:

Apparently, the context java:comp/env/jdbc does not exist.

This is what I get from catalina.out:

Starting service Tomcat-Standalone
Apache Tomcat/4.1.27-LE-jdk14
GlobalResourcesLifecycleListener: Destroying MBeans for Global JNDI Resources
Stopping service Tomcat-Standalone
GlobalResourcesLifecycleListener: Creating MBeans for Global JNDI Resources in Context 
'' [EMAIL PROTECTED]
GlobalResourcesLifecycleListener: Processing resource jdbc java.lang.String
GlobalResourcesLifecycleListener: Creating MBeans for Global JNDI Resources in Context 
'jdbc/' [EMAIL PROTECTED]
GlobalResourcesLifecycleListener: Naming exception processing jdbc: 
org.apache.naming.NamingContext:[EMAIL PROTECTED] javax.naming.NamingException: Cannot 
create resource instance
The configuration in server.xml is:



  
  
  


  
validationQuery
select version()
  
  
url
jdbc:postgresql://dbserver:5432/mydb
  
  
password
myPwd
  
  
maxActive
10
  
  
maxWait
5000
  
  
driverClassName
org.postgresql.Driver
  
  
username
dbuser
  
  
maxIdle
2
  

...
Can someone give me a hint why that context is not available?

Thank You,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

How to enforce URL-rewriting?

2003-09-16 Thread Johann Uhrmann

Hello,

is there a way to enforce URL rewriting in tag libraries?
(e.g. the common tag library and the struts tags)
As far as I know, setting
cookies="false"
in the context should disable all cookies and therefore
force URL rewriting to be used.
Unfortunately, some browsers fool Tomcat (4.1.24) and make it
think that session cookies are sent back. This suppresses
URL-rewriting and therefore breaks the application if the
session cookies are actually suppressed.
The strange thing is that 'cookies="false"' does not seem to
enforce the rewriting.
Kind regards,

Hans Uhrmann

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

JDBC via JNDI and the resource-env-ref tag

2003-09-09 Thread Johann Uhrmann

Hello,

what are the semantics of the resource-env-ref tag in the
deployment descriptor?
Has every object (e.g. DataSources for DB access) to be declared
in the deployment descriptor or is a Resource/ResourceLink in
the server.xml sufficient?
Does the application have to declare the use of a resource twice?
(via Resource in the server.xml and via resource-env-ref in web.xml)
Those questions might look like faq, but unfortunately I could not
find any documentation about it.
Kind regards,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

mod_jk2 and url-Mapping

2003-09-04 Thread Johann Uhrmann

Hello,

how to map different URLs to different tomcat servers with mod_jk2?

I need this for a migration scenario (upgrade from tomcat 4.1.12 to
4.1.24).
ajp13 is used as connector.
I tried to modify my load balancer configuration but jk2 seems to
ignore the settings.
Is there an example configuration that shows how to achieve this?

Thank You,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: javax.servlet.http.HttpSession.getId() returns null

2003-09-02 Thread Johann Uhrmann

Johann Uhrmann wrote:
Hello,

I am writing a single-sign-on filter that uses cookies and
a request-wrapper in order to fake a form-based login in
case the user is already authenticated in another web application.
The filter needs some internal structures to perform the single-sign-on
process, e.g. a map that associates the logon name with all
active sessions of the user.
When I try to get the id of those session objects, they sometimes
return null.
Hello again,

after reviewing my logs, it seems that session objects are being
recycled by the server and the id is set to null while they are
not in use.
Is that correct?

Is there a docu that shows what objects are pooled in Tomcat so
application developer can consider the side-effects of pooling?
In my case, I held references to session objects and it seems that
the id changed over time. That behaviour broke my filter design
and was hard to track down.
Kind regards,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: javax.servlet.http.HttpSession.getId() returns null

2003-09-02 Thread Johann Uhrmann

Tim Funk wrote:
Before going farthar, have you looked at the Single Sign On valve?

If you are using container managed security(such as form 
authentication), those contraints are executed before the filter chain 
is ever made.
Unfortunately, I cannot use container managed security because I have to
support login from static pages, from other server or via links that
contain the logon key.
(Otherwise) I am unsure of the semantics of getId() without re-reading 
the javadocs or the spec.
The api does not mention a null value for that method.
(at least in the version I read)
Regards,

Hans



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

javax.servlet.http.HttpSession.getId() returns null

2003-09-02 Thread Johann Uhrmann

Hello,

I am writing a single-sign-on filter that uses cookies and
a request-wrapper in order to fake a form-based login in
case the user is already authenticated in another web application.
The filter needs some internal structures to perform the single-sign-on
process, e.g. a map that associates the logon name with all
active sessions of the user.
When I try to get the id of those session objects, they sometimes
return null.
Are the ids of expired sessions set to null in Tomcat 4.1.27?
If yes, is there a way to retrieve the former session ids?
Thank You,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Jasper2 ant task questions

2003-08-18 Thread Johann Uhrmann

Hello,

there a some strange phenomena in my build with the jasper2 ant task.
The following snippet is used to compile the JavaServer Pages:















   





Well, those phenomena occur:

- The task class cannot be found. Running ant with -verbose shows that
  the class javax.servlet.ServletContext cannot be found.
  The strange thing is that "jasper2" contains the path to servlet.jar
  and putting the very same jar file on the CLASSPATH environment fixes
  the problem.
- During the jasper2 run, the class
  org.apache.struts.util.PropertyMessageResourcesFactory
  cannot be found. However, the according jar file is on
  "jasper2.classpath".
  Adding the contents of "jasper2.classpath" to the CLASSPATH
  environment variable fixes the problem again.
It seems like not all jar files on "jasper2" and "jasper2.classpath" are
inspected by the class loader. Is there a size limit for the classpath
in ant/jasper2 or even jdk1.4.1?
The class pathes are quite huge (approx. 4kByte).

Does the order of the jar files matter?

Can someone give me a hint how to run this without changing the
CLASSPATH environment every time?
Thank You very much,

Johann Uhrmann

P.S.:
Can jasper2 be told to skip certain jsp files. Those used for static 
includes result in broken java-classes (classes that cannot be compiled).

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Incremental JSP offline compilation

2003-08-14 Thread Johann Uhrmann

Hello,

is there a way to compile JavaServer Pages offline with ant?

I am currently using the jspc ant task, but it has some significant
disadvantages:
- no support for incremental compilation
- no support for the compilation of directory trees
  (afaik every single page has to be mentioned in the build
   script)
- no generation of servlet and servlet-mapping entries for the
  deployment descriptor
Jasper2 seems to address that issues, however I was not able to
use it properly from my ant scripts. The problem is that it seems
to use the classpath from the CLASSPATH environment variable instead
of providing the possibility to specify a classpath in the build.xml.
Could someone please show me some information and/or links that show
how to use jasper2 (or another jsp compiler that addresses those issues)
and how to integrate it in ant.
Thank You very much,

Hans

P.S.:
Please correct me if I was wrong about the jspc disadvantages.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: jasper2 in ant and the classpath

2003-07-16 Thread Johann Uhrmann

Johann Uhrmann wrote:
[...]
The taskdef tag and the jasper2 tag do not care about the
path set in compile.classpath. Instead, the CLASSPATH variable
from the shell is used.
How do I make ant (or especially those two tags) recognize the
path in "compile.classpath"?
[...]


Anybody?

It seems that jasper2 is not ready for production use, is it?
(no offense - I really want to know.)
Regards,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Tomcat with log4j output

2003-07-16 Thread Johann Uhrmann

Abid Ali Teepo wrote:
Hi

I just added a servlet with logging done by log4j, and it apparently works ok.
But suddenly tomcat has started giving a lot of debug information. The thing is that 
even though i have set the level to info, it gives me tomcat debug.
Is there a setting or something i have awakened by log4j enabling my servlet ?
Where and how can i change this behaviour ?
Are You sure that the logger You set to info is also the logger You
write to?
If You use a "control servlet" in a different web application to change
log levels, there is a chance that You have two different instances
of Your logger.
Do You deploy the log4j-lib with the web application or do You have it
in common/lib?
(Putting it in common/lib might solve Your problem)
Kind regards,

Hans

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

jasper2 in ant and the classpath

2003-07-16 Thread Johann Uhrmann

Hello,

I have an issue with the following snippet of my
ant build-script:

		

	verbose="3"
	package="my.package"
	uriroot="${temp.home}"
	outputDir="${temp.home}" />



The taskdef tag and the jasper2 tag do not care about the
path set in compile.classpath. Instead, the CLASSPATH variable
from the shell is used.
How do I make ant (or especially those two tags) recognize the
path in "compile.classpath"?
The strange thing is, that the following snippet works:




However, I have to use a jspc-tag for every subpackage and that tag
cannot create includes for the web.xml file. Right?
Thank You,

Hans

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: nullpointer when precompile jsp with tag

2003-07-01 Thread Johann Uhrmann

Hi,

I have a hint on that issue:

The jasper compiler crashes if the TLD contains a -section.

In my case, commenting out the following section from my TLD
made jasper run without any errors:

  var
  java.lang.Boolean
  true
  NESTED
  Variable that becomes true if the tag body is 
evaluated.


Can someone please verify that?

Thanks,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: nullpointer when precompile jsp with tag

2003-07-01 Thread Johann Uhrmann

Hong Fan wrote:

> [...]
The interesting thing is that these same jsps run with
no problem on tomcat,
i.e. tomcat will precompile/compile them at run time
and they work fine
Does anyone know whats going on? How can I get Ant to
do the precompile.
I have encountered the very same problem here. However, I could not
even make ant display a stack trace:
 [jasperc] 2003-07-01 04:02:55 - ERROR-the file '/tagstest.jsp' 
generated the following general exception: java.lang.NullPointerException
  [jasperc] error:null

That's all I get.

How to display the stack trace of the NPE?
Has this already been filed as bug?
Regards,

Hans

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: http://www.xpecto.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Virtual hosts with mod_jk2 to different JVM

2003-03-05 Thread Johann Uhrmann

Hi,

is it possible to configure mod_jk2 to pass the requests to different
installations of tomcat depending on the host name used in the request?
Please note that this is not the virutal host feature from tomcat as 
Apache (or mod_jk2) has to decide where to pass the request to.

Thank You,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Restoring (recycling?) sessions

2003-03-05 Thread Johann Uhrmann

One additional question:

Is "request.getSession()" the only method where a session is retrieved?

I am asking this because I am planning to override the getSession method 
in a subclass of HttpServletRequest. However, I do not want a JSP-Page 
to bypass this method (e.g. by using the implicit session object from an 
other source).

Therefore my question: Are the implicit session-objects of JavaServer 
Pages also retrieved via HttpServletRequest.getSession()?

Thanks,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Restoring (recycling?) sessions

2003-03-04 Thread Johann Uhrmann

Hello,

I have the following scenario:

- The user can see a static page with a login form.
- The form action points to a web application.
In order to allow the user to log on, I have to use a request filter
and check the parameter values (username/password).
The typical Tomcat-Logins are no option for me as I want the user to be
able to log in from several static login forms.
However Tomcat requires the user to access the web application _first_ 
and sends the login form back _after_ that request.

Therefore, I use a authentication filter (from javax.servlet.Filter) in 
order to allow users to log in. The filter wraps the request in a 
wrapper (from javax.servlet.ServletRequestWrapper) and overrides the 
following methods to fake a tomcat-form-login:

 - getAuthType
 - getRemoteUser
 - getUserPrincipal
 - isUserInRole
So far, so good.

Now, it would be nice if the user could close his browser and get his
session back after logging in again (within the session timeout).
My current approach is...
- to let the filter save the relation user<->session in an
  internal object (e.g. hashmap)
- to let the filter implement HttpSessionListener in order to
  remove unneeded relations from that object
- to override the method getSession() in the request wrapper
  and return the old session if a user comes back and has
  an session assossiated with his user name
Now the missing part of the jigsaw:

How can I tell the session (or tomcat) that the old session is still in
use and not idle?
An API that does something like the Unix command "touch" for tomcat 
sessions would be great.

Can all this be achieved easier than described here?

Thanks in advance,

Hans

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

How to maintain session attributes in a frameset?

2003-02-05 Thread Johann Uhrmann

Hi,

I'm using the following configuration:

- Tomcat 4.1.12
- Struts 1.1b3
- JSTL 1.0
- a frameset containing two frames (all JSP)

The JSP containing the frameset sets session attributes using the
 tag from JSTL. The frameset is built by using the Struts tag
 (relative URLs to frame in the same web-app).

The session attributes which are set in the frameset-page cannot be
retrieved in the frames because the frames could not be assigned to
the session that was created by the frameset.

This behaviour occured in all tested browsers (IE 6, Mozilla 4+7, Opera 
7). When using Mozilla 7, I deleted the session cookie JSESSIONID. 
Afterwards, the application worked as intended. However Mozilla did not
create any new session cookie.

Using URL-rewriting in the frameset showed no effect.

Is this a known problem and is there any work-around?

Thanks in advance,

Johann Uhrmann

--
Johann Uhrmann
xpecto AG | Lindenstrasse 81 | D-84030 Ergolding
Telefon: 0700 xpecto 00 (0700 973286 00)
Telefax: 0700 xpecto 10 (0700 973286 10)
Internet: www.xpecto.com


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Does Tomcat provide a API for user login?

2002-11-09 Thread Johann Uhrmann

Hi,

is it possible to call a method within a JSP or servlet and pass
a user name and password in order to validate those credentials
and log in the user?

It would be great if I there were an API supporting that as I have
a login scenario that does not seem to be supported by Tomcat
(login form without prior access to a restricted resource).

Thanks for any hints,

Hans


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

How to reference a form login page?

2002-11-08 Thread Johann Uhrmann

Hi,

I have a external site which is hosted on a server seperate from my 
tomcat server.


That server should provide a login form that can be used to log in into
an application on the tomcat web server.

However, I could not figure out how to log in from an external host.
The following code caused an error 400 "Invalid direct reference to form 
login page":

...
http://mytomcatserver/mywebapp/j_security_check";>
	
	

...


The first server has its own domain name and is hosted by a big web 
hoster. On every web page there should be a login form that allows the 
user to log in on one of the tomcat web applications.
The tomcat server has just an IP address and holds the web applications.

How can I realize a login form that sits on a different server than the 
tomcat server.

Thank You in advance,

Hans


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

mod_jk and local workers

2002-11-04 Thread Johann Uhrmann

Hi,

I am trying to set up JK 1.2 with Apache 1.3 and Tomcat 4.1.12.
All seems to work fine, but I am a bit confused about the "local worker"
configuration option:

According to the documentation at
http://www/tomcat-docs/jk2/jk/workershowto.html (section "Advanced lb
Worker properties") an incomming request is routed to the first local
worker.

Well, as the documentation is not quite clear to me, I have some
questions:

- Is the "local worker" just a switch to tell the load balancer
  "use this node"?

- If this is true and I want to shut down a node, can I just set the
  "local worker" flag of that node to 0, reload the Apache
  configuration, wait until the last session
  on that node has expired and shut it down?

- If there is no node marked as "local worker" (which seems to be the
  default), there is no session information stored. The log of JK 1.2
  says that every request gets its own session cookie set which means
  there are no sessions stored.
  Is that the behaviour that it should be?

Thank You,

Hans




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

DTD for server.xml

2002-10-27 Thread Johann Uhrmann

Hi,

after searching for quite a while now and having some trouble with
the server.xml file. I would like to ask where I can get a DTD for
the server.xml.

Is there something like the well documented specification for the
web.xml file (can be found in the servlet specification)?

Thank You,

Hans

P.S.: 
I have no idea where to put the  tag in my
server.xml as there is neither a ContextManger tag nor a AutoWebApp tag
in my server.xml. Unfortunately "ContextManger" and "AutoWebApp" are
the only hints that can be found at 
http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/doc/mod_jk-howto.html#s81






--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Tomcat and 401 custom page how?

2002-10-25 Thread Johann Uhrmann

On Thu, 2002-10-24 at 16:24, Kristján Bjarni Guðmundsson wrote:
> I use custom error pages for various error codes (404. etc),  all of them 
> work except 401 error.
> 
> If I go to a protected page the browser just displays the 401 page without 
> prompting me
> to log in. What am I doing wrong?

Short answer: nothing

Tomcat sends that pages with response code 200. I consider this a bug.

If You want tomcat to send You 401-page with a 401 code You have to
use a JSP which sets the response code manually:

...
<% response.setStatus(response.SC_UNAUTHORIZED);
   response.setHeader("WWW-Authenticate", "BASIC realm=\"restricted\"");
%>
...

It is a hack but at least it is working.

hth,

Hans


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Send code 401 instead of 403

2002-10-25 Thread Johann Uhrmann

Hi,

when using basic authentication with tomcat, tomcat sends a 401 response
code if the user is accessing the page for the first time.

This makes the browser show a login window and retry the request with
the username/password provided by the user.

However, if there is already a username and password in the request,
then tomcat answers with a 403 code which does not result in a login
window.

Unfortunately, if the user makes a typo when he/she tries to log in
there is no chance to make another try except restarting the web
browser.

Does tomcat provide any mechanism to make it return 401 instead of 403?
(except the hack of specifying a user based 403 jsp and make it return
401)

Thanks,

Hans




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Using filters to authenticate users...

2002-10-14 Thread Johann Uhrmann


Hi,

what do You think about the following idea?
Is it possible at all:

I am looking for a way to build web applications that can
be used by logging in from a user/password HTML-form.

To do this, I would like to use the standard API which
would save me reimplementing the JDBC-Realm and Single-SignOn
features which already come with tomcat.

Is it possible to write a filter, which simply checks 

- the login name
Should be simple (request.getRemoteUser())

- in case there is no login name, the filter should read the
  parameters "username" and "password"...

- if there are values for this parameters, get an instance of
  org.apache.catalina.Realm and pass on the values to the 
  authenticate method.
  Now, check if request.getRemoteUser() still returns null...

That should be simple except of getting the proper instance of
org.apache.catalina.Realm. Does someone know how to do that?

Thank You,

Hans






--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Passing User/Pass via API

2002-10-13 Thread Johann Uhrmann


Hi,

is there an API function available to pass
user name and password from a servlet/JSP to
tomcat?

I found nothing about it and I guess it would
be useful to allow servlets to pass this kind
of information to the servlet container.

Thank You,

Hans




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Using external login pages for web applications

2002-10-11 Thread Johann Uhrmann


Hi,

our public internet site should contain a form which allows the user
to type in his/her user name and password.
Then, the user should be logged in with this data in a web application.

Does the form based login mechanism of tomcat support such a login
procedure or does it require that the user tries to access a protected
page before he/she can type in the username and password?

It would be more convenient to have a login form on a external (high
traffic) site than requesting the user to click a link to a different
login page. (one more click scares away a lot of users)

Is there a solution or is this already a supported scenario?

Thank You,

Hans




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Using external login pages for web applications

2002-10-11 Thread Johann Uhrmann


On Fri, 2002-10-11 at 14:58, Padhu Vinirs wrote:
> 
> Correct me if I understood this wrong:
> 
> Login Form html ( external web site )  --->Servlet/JSP  ( Your web 
> site )

Right, that's the configuration I want to use.

> If you setup https access in your web site, then the external form can 
> securely send the login info to your servlet, which can authenticate the 
> user, set a session attribute, which every secure page can check before 
> allowing user to continue. Else redirect to the login form again.

Is it possible to use a JDBCRealm and configure the required roles in
web.xml or do I have to re-implement the code for user verification,
role-checking,...?

-- Hans



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

DefaultContext vs Context

2002-10-07 Thread Johann Uhrmann


Hi,

is there a known problem / bug with defining resources in the
DefaultContext?

The following resource definition works in a Context-environment
but won't be inherited from the DefaultContext to contexts automatically
created by tomcat for war-files (and for the ant-target "deploy"):


 
  

  url
  jdbc:postgresql://dbserver:5432/foo


  validationQuery
  select name from users


  maxIdle
  10


  maxActive
  20


  driverClassName
  org.postgresql.Driver


  maxWait
  -1


  username
  foo


  factory
 
org.apache.commons.dbcp.BasicDataSourceFactory


  password
  bar

  

Is there anything more to do than moving this definition from Context
to DefaultContext in order to make the resource available for all
web applications?

Thank You in advance,

Hans


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

37 matches

Mail list logo