JNDIRealm docs to be released soon?
Craig, A week or so ago, you mentioned that you are in the process of re-writing the docs on how to configure Realms. I'm wondering if you've had a chance to do that yet? When you do, please let me know, as I'm interested in trying to get JNDIRealm to work. Thanks, Jon
Re: Upcoming Tomcat 4.0 Final Release
I just wanted to say, thank you, to all the developers. I think you guys are doing a great job. I had a chance to read through the docs more thoroughly recently and I'm starting to get an idea of all the hard work you've been putting in. I'm looking forward to using Tomcat 4 in our production environment. Thanks and great work. Jon - Original Message - From: Pier Fumagalli [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, September 04, 2001 9:37 PM Subject: Re: Upcoming Tomcat 4.0 Final Release Craig R. McClanahan [EMAIL PROTECTED] wrote: I've just announced a release plan for Tomcat 4.0 (final release) on the Tomcat developer's list. Assuming it gets approved, you will see a final release of Tomcat 4 on or about September 17, 2001. How can you help? By downloading the beta-7 release (or, better, a more recent nightly build) and banging your applications against it. Any bugs you find should be reported (as soon as possible) to: http://nagoya.apache.org/bugzilla/ under product category Tomcat 4, so that they can be addressed before the final release. There are two release candidate releases scheduled prior to the final release, on September 9 and September 12. It would be very helpful if people would download and test these releases as well, to make sure we don't break something while fixing something else. Thanks for your help! For fellow folks of the WebApp module development, I'm going to do the same with our little Apache connector, especially now that we have support for the iPlanet web server, and Apache 2.0 (last one was a precious week!)... I still need to fix a couple of issues with the build process, before decretating martial law on that, but we should be ready to roll a new alpha release by the end of the week, and then go beta when Tomcat 4.0 goes final. Thanks to ALL of you who report bugs and hints... Really appreciate it... Pier
Re: a simple ( irritating) classpath problem
- Original Message - From: Dmitri Colebatch [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 11:33 PM Subject: Re: a simple ( irritating) classpath problem hi, There are three basic areas that classes can be put in tomcat: WEB-INF/classes - contains all the classes that form the web application WEB-INF/lib - contains jars that the web application uses TOMCAT_HOME/lib - contains jars that are available to _all_ applications using tomcat There's one other one that I came across yesterday as well. TOMCAT_HOME/server/lib I think this is probably Tomcat 4 specific, not sure. I found that in order to get JDBCRealm to work, I had to copy the .jar file for my JDBC driver to this directory. Note, it didn't work when I first tried copying it to TOMCAT_HOME/lib. Jon
Re: JDBCRealm Security setup Help Required.
As far as I know, the users, roles, and user_roles tables are global and will get used by whatever Web applications you have protected. Are you saying that you want to have a separate set of these table, one for each Web application? Why not just create different roles, one for each Web application? Personally, I'm hoping that the MemoryRealm class will be improved upon in the future. Putting this information in a SQL database seems like a lot of overhead to me (even though it does seem to work well, once you get it setup). Basically, the functionality that I'm looking for in MemoryRealm is the ability to tell Tomcat to reload the user database. Also, it would be nice to have a digest property like you have with JDBCRealm, so that you can store the passwords as hashes instead of in clear-text. Jon - Original Message - From: Nitin Goyal [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 6:46 AM Subject: JDBCRealm Security setup Help Required. Hi, We are setting up the JDBCRealm security with Tomcat. We have seen the jdbcrealm.howto file and we are able to make a small test sample run perfectly fine. However, there are some clarifications in the implementation scenario that require your inputs: We have more than one webapps running in the Tomcat Server. I understand that it is recommended to create a separate schema for jdbcrealm authentication, but one can create the authentication schema in the application database too rather then create a new schema. Lets say we have 5 database schemas in a single database, which are for 5 different webapps, and we want to use JDBCrealm authentication. One option is to create a separate schema (as mentioned in the .howto document), but this will require extensive changes in our code for each web app. In case we are to bundle the security schema with the application database schema, how do we create the corresponding multiple RequestInterceptor entries in server.xml for all of these? How will tomcat validate the username with the correct username/password? Are there any other ways to implement this authentication? Are there any disadvantages in NOT creating a separate database schema? Any suggestions are most welcome! Regards Nitin Goyal Webrizon eSolutions Pvt. Ltd., INDIA [EMAIL PROTECTED] There is no failure except in no longer trying.
Re: JDBC Driver for sql server 2000
Oops, actually the link is http://www.inetsoftware.de. Always forget about that... Jon - Original Message - From: Jonathan Eric Miller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 11:05 AM Subject: Re: JDBC Driver for sql server 2000 http://www.inetsoftware.com has a great driver IMHO. It's a JDBC type 4 and they seem to be very proactive about keeping it up to date. I tried JTurbo awhile back and I liked Inet's driver better. The JTurbo one seemed buggy to me. I don't remember what the specific issue was that I found with it. It was a long time ago, so, it may no longer be an issue. I can say that I really like the driver that Inetsoftware has though. I've been using it for about a year and a half and it works great. Also, they come out with periodic updates. Probably at least one per quarter. I'm using the Opta2000 driver, version 4.11. Jon - Original Message - From: Saritha Pula [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 11:00 AM Subject: RE: JDBC Driver for sql server 2000 Hi JTurbo JDBC driver works well with SQLServer2000 --Pula -Original Message- From: Trig Gullberg [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 8:54 AM To: '[EMAIL PROTECTED]' Subject: JDBC Driver for sql server 2000 Does any one know of a good sql server 2000 jdbc driver that works well with tomcat? Any help or suggestions are appreciated.
Re: Tomcat 4.0.7b and lib help
My guess is that this may be the same problem that I ran into while trying to use JDBCRealm. I think you have to put the .jar file in TOMCAT_HOME/server/lib instead of TOMCAT_HOME/lib for low-level .jar files that get used by Tomcat itself? I'm not an expert, that just seemed to be experience that I had. Jon - Original Message - From: Shawn Evans [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 11:45 AM Subject: Tomcat 4.0.7b and lib help I have a servlet FBJServlet that uses a DB connection pool, and I have the JDBC driver for Oracle installed as well in the /lib/classes12.jar... I open the jar and see OracleDataSource... but I get the error below. Root Cause: java.lang.NoClassDefFoundError: oracle/jdbc/pool/OracleDataSource at com.sterling.util.db.pooling.DBPoolManager.init(DBPoolManager.java:110) at com.sterling.util.db.pooling.DBPoolManager.(DBPoolManager.java:17) at com.sterling.util.db.pooling.DBPoolManager.getInstance(DBPoolManager.java:23 ) at com.sterling.ForceBrowserJ.FBJServlet.init(FBJServlet.java:15) at javax.servlet.GenericServlet.init(GenericServlet.java:366) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:833) at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:602) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja va:214) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5 66) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja va:215) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5 66) at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:2 46) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5 64) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2314) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164 ) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5 66) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:462) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5 64) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java :163) at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5 66) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943) at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java: 1000) at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1093 ) at java.lang.Thread.run(Thread.java:484)
Re: JNDIRealm questions
I did a search of the Tomcat Developer List archive and found that it looks like #2 is possible (or was only planned and isn't yet implemented?), so, that's cool. Now, if I could only find the documentation on how to use this... ;-) Craig, if you're listening, can you post an example Realm entry for JNDIRealm that would go in server.xml? If there were a JNDIRealm.howto, like the JDBCRealm.howto, that would be great. I'm guessing that you guys just haven't had a chance to do that yet. I'd being willing to write one up similar to the JDBC one once I get it figured out. A sample entry for a user and a role in LDIF format would also be very helpful. Also, I like the example JDBCRealm entries that are currently in server.xml, if there was a sample one for JNDIRealm that would be great. Jon [Tomcat 4] - JndiRealm Proposals From: Craig R. McClanahan Subject: [Tomcat 4] - JndiRealm Proposals Date: Tue, 10 Apr 2001 10:05:39 -0700 Over the last few weeks, there has been a high degree of interest in having a Realm implementation for Tomcat 4.0 that authorizes users via a JNDI-accessed directory server (typically, but not limited to, LDAP servers). There have been proposed contributions on both TOMCAT-USER and TOMCAT-DEV towards this end. I'd like to combine the best features of these submissions, but wanted to get some feedback and agreement on overall goals before doing so. Here's my list so far: * Usable via JNDI 1.2 (or the JNDI classes built in to J2SDK 1.3). * Does not interfere with existing use of JNDI APIs inside Catalina, or in user web apps. * Pluggable initial context factory, and factory initialization parameters (so you can use any JNDI-accessible service you want). * Configurable access to the internal data elements and attributes, so we don't have to predefine the structure (in the same way that JDBCRealm lets you configure table and column names). * Reuse functionality in existing Realm implementations as appropriate (may cause a little minor refactoring along the way). * Support for two major modes of operation: * SYSTEM LOGIN. Realm implementation binds itself to the server using a system-level username/password, then reads the username and password attributes to perform authentication (analogous to how JDBCRealm works). Would also support the optional digesting functionality that JDBCRealm supports. * USER LOGIN. Realm implementation attempts to bind to the server using the username and password specified by the user. If this is successful, the user is considered to be authenticated, and the associated roles are looked up. Comments? Questions? Changes? Craig - Original Message - From: Jonathan Eric Miller [EMAIL PROTECTED] To: Tomcat User List [EMAIL PROTECTED] Sent: Thursday, August 16, 2001 5:25 PM Subject: JNDIRealm questions I'm currently looking at trying to use JNDIRealm for authentication and I've come up with a number of questions. I'm wondering if anyone knows the answers to any of the following questions. 1. Does anyone have it working that can provide an example entry of what should go in server.xml and also an example entry for a user (and a role, if separate entry is required for that)? 3. What are the specific digest formats that are supported with regard to the userPassword attribute? Clear-text and MD5, or are there more? Does it support crypt? Also, does it check all userPassword values or only one? 2. Is it possible to get it to bind as the user being authenticated and not require access to the userPassword attribute? If not, why? I'm guessing performance, but, this is problematic because it requires the password to be in a specific format. Also, it is less secure since the password is sent out over the wire even if it is encrypted and it won't work with directories such Active Directory which won't let you query the password attribute. 4. Does it query the server for each page request, or does it do caching? Jon
Re: JDBC Driver for sql server 2000
Doesn't look very up to date though. The file date is 1/25/2000. I guess if it works, that's all that matters... Jon - Original Message - From: Chris McNeilly [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 3:25 PM Subject: RE: JDBC Driver for sql server 2000 I can vouch for FreeTDS as well. We've had no problems with it. -Original Message- From: Jim Urban [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 4:23 PM To: [EMAIL PROTECTED] Subject: RE: JDBC Driver for sql server 2000 FreeTDS is free and it works fine. http://www.freetds.org/ Jim Urban Product Manager Netsteps Inc. Suite 505E 1 Pierce Pl. Itasca, IL 60143 Voice: (630) 250-3045 x2164 Fax: (630) 250-3046 -Original Message- From: Stéphane De Jonghe [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 11:35 AM To: [EMAIL PROTECTED] Subject: RE: JDBC Driver for sql server 2000 Hi, But is there any free (or open source) JDBC driver for MS SQL Server who is not using the jdbc:odbc link ? I tried JSQLConnect, but it is a trial version... Thanks, Stef -Original Message- From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 6:05 PM To: [EMAIL PROTECTED] Subject: Re: JDBC Driver for sql server 2000 http://www.inetsoftware.com has a great driver IMHO. It's a JDBC type 4 and they seem to be very proactive about keeping it up to date. I tried JTurbo awhile back and I liked Inet's driver better. The JTurbo one seemed buggy to me. I don't remember what the specific issue was that I found with it. It was a long time ago, so, it may no longer be an issue. I can say that I really like the driver that Inetsoftware has though. I've been using it for about a year and a half and it works great. Also, they come out with periodic updates. Probably at least one per quarter. I'm using the Opta2000 driver, version 4.11. Jon - Original Message - From: Saritha Pula [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 11:00 AM Subject: RE: JDBC Driver for sql server 2000 Hi JTurbo JDBC driver works well with SQLServer2000 --Pula -Original Message- From: Trig Gullberg [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 8:54 AM To: '[EMAIL PROTECTED]' Subject: JDBC Driver for sql server 2000 Does any one know of a good sql server 2000 jdbc driver that works well with tomcat? Any help or suggestions are appreciated.
Re: JNDIRealm questions
Thanks, can you confirm that binding as the user rather as system is supported? Jon - Original Message - From: Craig R. McClanahan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 3:21 PM Subject: Re: JNDIRealm questions On Thu, 23 Aug 2001, Jonathan Eric Miller wrote: Date: Thu, 23 Aug 2001 15:08:12 -0500 From: Jonathan Eric Miller [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: JNDIRealm questions I did a search of the Tomcat Developer List archive and found that it looks like #2 is possible (or was only planned and isn't yet implemented?), so, that's cool. Now, if I could only find the documentation on how to use this... ;-) Craig, if you're listening, can you post an example Realm entry for JNDIRealm that would go in server.xml? If there were a JNDIRealm.howto, like the JDBCRealm.howto, that would be great. I'm guessing that you guys just haven't had a chance to do that yet. I'd being willing to write one up similar to the JDBC one once I get it figured out. A sample entry for a user and a role in LDIF format would also be very helpful. Also, I like the example JDBCRealm entries that are currently in server.xml, if there was a sample one for JNDIRealm that would be great. Jon I'm about halfway through a new HOWTO page that covers all three realm implementations -- it should be done by next week. It will need to include more than one example, because there's more than one usual way that people populate their LDAP servers. Craig
Re: JNDIRealm questions
Another thing to look at is that it would be good to have it iterate through all userPassword values in the user's entry if you do it the system way. i.e. the userPassword attribute might be multivalued and might contain the password in multiple different hash formats. For example, it might have it in crypt format and also in MD5 format. I was just looking at the source code and it looked like it was only checking the first value. Thanks, Jon - Original Message - From: Craig R. McClanahan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 3:42 PM Subject: Re: JNDIRealm questions On Thu, 23 Aug 2001, Jonathan Eric Miller wrote: Date: Thu, 23 Aug 2001 15:35:09 -0500 From: Jonathan Eric Miller [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: JNDIRealm questions Thanks, can you confirm that binding as the user rather as system is supported? At present it does not :-(. There are some proposed patches that provide this facility on the developer mailing list, and I plan to integrate those soon. Jon Craig - Original Message - From: Craig R. McClanahan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 3:21 PM Subject: Re: JNDIRealm questions On Thu, 23 Aug 2001, Jonathan Eric Miller wrote: Date: Thu, 23 Aug 2001 15:08:12 -0500 From: Jonathan Eric Miller [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: JNDIRealm questions I did a search of the Tomcat Developer List archive and found that it looks like #2 is possible (or was only planned and isn't yet implemented?), so, that's cool. Now, if I could only find the documentation on how to use this... ;-) Craig, if you're listening, can you post an example Realm entry for JNDIRealm that would go in server.xml? If there were a JNDIRealm.howto, like the JDBCRealm.howto, that would be great. I'm guessing that you guys just haven't had a chance to do that yet. I'd being willing to write one up similar to the JDBC one once I get it figured out. A sample entry for a user and a role in LDIF format would also be very helpful. Also, I like the example JDBCRealm entries that are currently in server.xml, if there was a sample one for JNDIRealm that would be great. Jon I'm about halfway through a new HOWTO page that covers all three realm implementations -- it should be done by next week. It will need to include more than one example, because there's more than one usual way that people populate their LDAP servers. Craig
Re: Jsse / SSL / Tomcat
- Original Message - From: zze-messager FTM balr002 [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 2:42 AM Subject: Jsse / SSL / Tomcat Hello, I need to use HTTPS 1. I've installed jsse.jar, jnet.jar and jcert.jar both in $JDK/jre/lib/ext and in $TOMCAT/lib. 2. I need now to create a server certificate : I've tried the command line : keytool -genkey -alias tomcat -keyalg RSA - i'm asked for the password : changeit but, the following error appears : keytool generator notr available. What version of the JDK are you using? Are you using Sun's JVM? What's haapened ? What can i do ? What's does it mean tomcat after the key word alias ?? That's the alias/name that is associated with the certificate that you are creating. Jon Tanks for help, Delphine
Re: Possible to return multiple responses/pages for a request?
Thanks for the response. Currently, I'm not doing any client-side scripting though and I want to try to avoid doing so if at all possible. I appreciate the suggestion though. It's something to think about. Jon - Original Message - From: Jim Urban [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 7:24 AM Subject: RE: Possible to return multiple responses/pages for a request? This is an unproven browser side solution which involves JavaScript and framesets... 1. The page that submits to the long running servlet should consists of a frame set. The one frame is visible and displays the page that allows the user to input the data. The second frame is invisible and contains a form containing duplicate form variables. 2. The submit button on the user input page does the following: 1. Copies the contents of its form variables to the hidden frame's form variables. 2. Redirects the current frame to your Processing your request, please wait... page. 3. Your Processing your request, please wait... contains an onload function which calls a JavaScript function in the hidden frame telling the hidden frame to submit itself to your servlet, targeting either the visible frame or top to replace the frameset completely. I have not tried this, but I think it should work. If you try it, please let me know if it works. Jim Urban Product Manager Netsteps Inc. Suite 505E 1 Pierce Pl. Itasca, IL 60143 Voice: (630) 250-3045 x2164 Fax: (630) 250-3046 -Original Message- From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 21, 2001 4:48 PM To: Tomcat User List Subject: Possible to return multiple responses/pages for a request? I'm wondering if it is possible to return multiple responses/pages from a given request? I have a servlet that performs some processing after a form is submitted to it. This processing sometimes takes several seconds to complete. What I want to do is first display a page which says Processing your request, please wait... Then, after the processing is done, I want to display another page. The second page should replace the first page in the user's browser. Does anyone know if this is possible to do? I want to say that at some point someone told me that you can do this with multi-part something-or-other? Basically, I want to do something like the following, but, it doesn't work. resp.setContentType(text/html); PrintWriter pw = resp.getWriter(); pw.println(htmlheadtitleTest/title/headbody); pw.println(pPlease wait.../p ); pw.println(/body/html); pw.close(); Thread.sleep(1); resp.setContentType(text/html); pw = resp.getWriter(); pw.println(htmlheadtitleTest/title/headbody); pw.println(pProcessing completed.../p); pw.println(/body/html); pw.close(); Jon
Re: Jsse / SSL / Tomcat
I'd do a search of IBM's documentation for keytool and see if they have that command. I don't know if that is a required part of the JDK or not. It may be that they have an equivalent command, but, it's called something else? Jon - Original Message - From: zze-messager FTM balr002 [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 8:31 AM Subject: RE: Jsse / SSL / Tomcat i use jdk1.2.2 (ibm) -Message d'origine- De : Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] Envoyé : mercredi 22 août 2001 15:29 À : [EMAIL PROTECTED] Objet : Re: Jsse / SSL / Tomcat - Original Message - From: zze-messager FTM balr002 [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 2:42 AM Subject: Jsse / SSL / Tomcat Hello, I need to use HTTPS 1. I've installed jsse.jar, jnet.jar and jcert.jar both in $JDK/jre/lib/ext and in $TOMCAT/lib. 2. I need now to create a server certificate : I've tried the command line : keytool -genkey -alias tomcat -keyalg RSA - i'm asked for the password : changeit but, the following error appears : keytool generator notr available. What version of the JDK are you using? Are you using Sun's JVM? What's haapened ? What can i do ? What's does it mean tomcat after the key word alias ?? That's the alias/name that is associated with the certificate that you are creating. Jon Tanks for help, Delphine
Re: where is build-solaris.sh
Have you guys thought about just using Tomcat in standalone mode? That's what I'm planning to do once 4.0 comes out. Previously, I had the same problems as you guys with regard to building mod_jk. There were never any Solaris binaries available by default. Once I figured it out, it wasn't too bad. But, it did seem that there were a few gotchas. Also, it seemed that the docs improved a bit later on. It's been awhile since I did that, so, I don't remember the specific issues that I had. Jon - Original Message - From: Peter Shankey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 4:42 AM Subject: RE: where is build-solaris.sh Please let me know how it goes for you. I am struggling with the same issues. I have just posted a message about compiling mod_jk with Solaris 8. If I get it to work I will certainly send mod_jk to you. Pete [EMAIL PROTECTED] Shahed A Moolji [EMAIL PROTECTED] wrote: Hi, I just downloaded the tomcat 3.2.3 src tarball. I cant find the build-solaris.sh or README.solaris or any Makefile for building the solaris mod_jk.so Thanks Shahed __ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/
Re: Help: Can't build mod_jserv.so for tomcat
I'm pretty sure that it's no longer recommended that people use mod_jserv. I think mod_jk replaced it, or maybe there is something even newer? Jon - Original Message - From: Rob Cartier [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 5:27 AM Subject: Help: Can't build mod_jserv.so for tomcat I have downloaded the source for tomcat 3.2.3 and am trying to build the mod_jserv.so module. But no matter what I do I get the following error: apxs:Error: @sbindir@httpd not found or executable or apxs: Error @LIBEXECDIR@ not found or executable any ideas or does someone have a generic module for use with tomcat 3.2.3 and apache 1.3.19-5 (RH 7.1 distribution) Rob
Re: ldap authentication with tomcat
I think JNDIRealm will do this. However, it seems to be a pretty newly added feature and as far as I can tell, it isn't documented very well. I've been wondering the same thing. If you figure it out, please let me know. You might want to do a search of the mail list archives. I saw a few messages about it in there. However, it looked like it was about a 3rd party add-on that did it. I'm pretty sure the functionality now exists in it natively. I think it's configured similar to JDBCRealm in server.xml. So, I've been thinking that I might try to figure that out first, since, it seems to be better documented. Jon - Original Message - From: Astrid Wagner [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 6:04 AM Subject: ldap authentication with tomcat Hi, I am new to the subject: How can I enforce ldap authentication for certain resources using tomcat - similar to the Directory toProtectResourcePath Options FollowSymLinks AllowOverride None AuthType Basic AuthName Authentication AuthLDAPURL ldap://ldapUrl require valid-user /Directory for apache in order to be able to get user information via e.g. getRemoteUser() etc. ? And by the way: Where is a valuable description of the configuration with server.xml and web.xml? Thanks. Astrid
Re: Sending email from servlet?
Yeah, that's what I'm doing and it seems to work well. Jon - Original Message - From: Leandro de Oliveira e Ferreira [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 8:08 AM Subject: Re: Sending email from servlet? Download javamail from www.javasoft.com There you'll find the classes and lots of examples , including this one. []s Leandro At 16:05 22/08/01 +0200, you wrote: can someone please explain to me how to send email from a servlet. Regards, Yuval Domain The Net Technologies Ltd. 6 Weitzman Blvd. Ramat-Hasharon Israel 47211 Tel: 972-3-5474443 Fax: 972-3-5474446 www.DomainTheNet.com This email message and any attachments hereto are intended only for use by the addressee(s) named above, and may contain legally privileged and/or confidential information. If you are not the intended addressee, you are hereby kindly notified that any dissemination, distribution or copying of this email and any attachments hereto is strictly prohibited. If you have received this email in error, kindly delete it from your computer system, and notify us at the telephone number or email address appearing above. Thank you
Re: Pre-install question
Yup. Jon - Original Message - From: Gregory Reddin [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 6:38 PM Subject: RE: Pre-install question So if I only need to be able to run JSPs then all I need is Tomcat? It's its own webserver? -Greg --- Rob S. [EMAIL PROTECTED] wrote: Apache serves documents plain and simple. You request a file from the server and it gives it back to you. Of course, there are lots of modules written for Apache that enable it to do extra things, this is just an extreeemely high level description =) Tomcat is a servlet container (an environment that servlets run in) and a jsp engine (process JSP requests). Check out the introduction in the Tomcat 3.x guides on integrating Apache with Tomcat for more info... - r -Original Message- From: Gregory Reddin [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 22, 2001 11:17 AM To: [EMAIL PROTECTED] Subject: Pre-install question I have a Windows 2000 Server that I would like to be able to process JSP files with. I do not have IIS installed on this server. I am getting confused with the difference between Apache webserver and Tomcat. Do I need to download and install Apache before using Tomcat? What would be the best to do? Thank you, -Gregory Reddin __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
Re: Bug in ServletResponse.flushBuffer() in Tomcat 4.0b7?
Cool, thanks, I appreciate it. I'll give it a try. If this works, that's good investigative work. Jon - Original Message - From: Mauro Bertapelle [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 21, 2001 12:56 PM Subject: Re: Bug in ServletResponse.flushBuffer() in Tomcat 4.0b7? Jonathan, this was already discussed in this list some times ago.. Regards, mauro -- Scott, I've finally got it. The problem with Internet Explorer is that, no matter how many flavors of no-cache, cache-no, no-cache-thanks, etc.. you put in your header, it'll not output anything until it has read at least 256 characters: public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType(text/html); response.setIntHeader(Expires, -1); response.addHeader(Cache-Control, no-cache); response.addHeader(pragma, no-cache); PrintWriter out = response.getWriter(); out.println(html); // 7 out.println(headtitleTitle/title); // 34 out.println(/headbody); // 48 out.println(!- ); // 128 out.println(--- ); // 208 // out.println(- phase 1br); // 255, doesn't display till end of page out.println(-- phase 1br); // 256, start display immediately response.flushBuffer(); try { Thread.sleep(5000); } catch (Exception e) { }; out.println(phase 2); out.println(/body); out.println(/html); out.close(); } Regards, Mauro Bertapelle JMatica Srl [EMAIL PROTECTED] --
Re: Mozilla and Tomcat
I've ran into similar problems with Internet Explorer. Not exactly though. Basically, I've seen IE display a cached page, even if you have caching turned off. What I do is completely exit and restart my browser each time I test a change to a servlet. Jon - Original Message - From: John Baker [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 21, 2001 3:13 PM Subject: Mozilla and Tomcat Hello. Ever since the Mozilla builds between 0.9.2 and 0.9.3 (and I mean all builds, including 0.9.3), I have experienced some problems with redering Tomcat generated pages. If I change a jsp (I have reloadable on for development) then I will often see just this when the page reloads: htmlbody/body/html If I keep pressing refresh. after four or five attempts the page will reload properly. Now I assume this is something odd tomcat is doing, and Mozilla is then getting confused, because this doesn't happen with any other website I've visited. Any other Mozilla users seen this? Or have a solution? Cheers John Baler -- John Baker, BSc CS. Java Developer, TEAM Slb. (http://www.teamenergy.com) The views expressed in this mail are my own.
Possible to return multiple responses/pages for a request?
I'm wondering if it is possible to return multiple responses/pages from a given request? I have a servlet that performs some processing after a form is submitted to it. This processing sometimes takes several seconds to complete. What I want to do is first display a page which says Processing your request, please wait... Then, after the processing is done, I want to display another page. The second page should replace the first page in the user's browser. Does anyone know if this is possible to do? I want to say that at some point someone told me that you can do this with multi-part something-or-other? Basically, I want to do something like the following, but, it doesn't work. resp.setContentType(text/html); PrintWriter pw = resp.getWriter(); pw.println(htmlheadtitleTest/title/headbody); pw.println(pPlease wait.../p ); pw.println(/body/html); pw.close(); Thread.sleep(1); resp.setContentType(text/html); pw = resp.getWriter(); pw.println(htmlheadtitleTest/title/headbody); pw.println(pProcessing completed.../p); pw.println(/body/html); pw.close(); Jon
Re: Possible to return multiple responses/pages for a request?
I have a book named Java Servlet Programming which mentions a class called MultipartResponse that looks like it might do what I want, but, it says that IE doesn't support it. Also, it seems to be using a class provided by oreilly. It would be nice to be able to handle the problem in a synchronous fashion. Jon - Original Message - From: Shunsuke Masuda [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 21, 2001 8:06 PM Subject: Re: Possible to return multiple responses/pages for a request? Hello, I have the same requirement on the current project. What I am doing is to use threads for heavy tasks and let browsers reload by meta Refresh. References to the threads are setAttr'ed into HttpSession, and a servlet checks on each reload whether or not the threads complete. Shunsuke Masuda - Original Message - From: Jonathan Eric Miller [EMAIL PROTECTED] To: Tomcat User List [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 6:48 AM Subject: Possible to return multiple responses/pages for a request? I'm wondering if it is possible to return multiple responses/pages from a given request? I have a servlet that performs some processing after a form is submitted to it. This processing sometimes takes several seconds to complete. What I want to do is first display a page which says Processing your request, please wait... Then, after the processing is done, I want to display another page. The second page should replace the first page in the user's browser.
Re: SSL-How-2 for Tomcat 4
Try reading server.xml, I haven't had any problems here. All you have to do is uncomment a few lines of code and run the keytool command that's listed there. Also, you need to make sure you have JSSE is installed. Jon - Original Message - From: Curtis Dougherty [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 20, 2001 10:19 AM Subject: RE: SSL-How-2 for Tomcat 4 I wonder if anyone else has seen the eratic differences in behavior between Win2k Pro and Win2K Server... BIG Difference in IIS5 but... Chris - If you see this thread... Why won't the /examples site won't encrypt properly (https://localhost:8443/examples/servlets/index.html Thnx! cd -Original Message- From: Rob S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 10:05 AM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 Interesting... well Chris is a regular so I'm sure he'll have something to add =) - r On Mon, 20 Aug 2001 09:54:15 -0500 [EMAIL PROTECTED] wrote: I would LOVE to think that BUT... alas...that has NOT been my experience... I did it to two different machines... step-by-step (good instruction / lousy program) is my guess... I using Win2K / IIS 5 / Tomcat4 b6...my app aside... I could NOT get /examples to come over with SSL... I'm seeing a LOT of inconsistency (between win2k and win2k server et al) cd -Original Message- From: Rob S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 9:48 AM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 If you follow the steps... you CAN'T EVEN GET /examples in SSLThat sinches it... Abandom Hope All Ye Who Enter Here... I surmise that Tomcat4 b6 does NOT support SSL (any flavor / any way / never)... Looks like Bill will win again since the OSC is too busy writing viruses... That's interesting... several people have written saying how good that documentation is. Maybe you're missing something? Is that a possibility? - r
Anyone using JNDIRealm?
Anyone out there using JNDIRealm? Jon
Re: SSL-How-2 for Tomcat 4
Are you receiving a specific error message? Jon - Original Message - From: Curtis Dougherty [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 20, 2001 1:03 PM Subject: RE: SSL-How-2 for Tomcat 4 I did... Still won't work... :( -Original Message- From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 1:01 PM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 Try reading server.xml, I haven't had any problems here. All you have to do is uncomment a few lines of code and run the keytool command that's listed there. Also, you need to make sure you have JSSE is installed. Jon - Original Message - From: Curtis Dougherty [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 20, 2001 10:19 AM Subject: RE: SSL-How-2 for Tomcat 4 I wonder if anyone else has seen the eratic differences in behavior between Win2k Pro and Win2K Server... BIG Difference in IIS5 but... Chris - If you see this thread... Why won't the /examples site won't encrypt properly (https://localhost:8443/examples/servlets/index.html Thnx! cd -Original Message- From: Rob S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 10:05 AM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 Interesting... well Chris is a regular so I'm sure he'll have something to add =) - r On Mon, 20 Aug 2001 09:54:15 -0500 [EMAIL PROTECTED] wrote: I would LOVE to think that BUT... alas...that has NOT been my experience... I did it to two different machines... step-by-step (good instruction / lousy program) is my guess... I using Win2K / IIS 5 / Tomcat4 b6...my app aside... I could NOT get /examples to come over with SSL... I'm seeing a LOT of inconsistency (between win2k and win2k server et al) cd -Original Message- From: Rob S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 9:48 AM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 If you follow the steps... you CAN'T EVEN GET /examples in SSLThat sinches it... Abandom Hope All Ye Who Enter Here... I surmise that Tomcat4 b6 does NOT support SSL (any flavor / any way / never)... Looks like Bill will win again since the OSC is too busy writing viruses... That's interesting... several people have written saying how good that documentation is. Maybe you're missing something? Is that a possibility? - r
Re: SSL-How-2 for Tomcat 4
What URL did you use to access the page? Jon - Original Message - From: Curtis Dougherty [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 20, 2001 4:15 PM Subject: RE: SSL-How-2 for Tomcat 4 No error message - per se... just no page to display -Original Message- From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 2:23 PM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 Are you receiving a specific error message? Jon - Original Message - From: Curtis Dougherty [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 20, 2001 1:03 PM Subject: RE: SSL-How-2 for Tomcat 4 I did... Still won't work... :( -Original Message- From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 1:01 PM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 Try reading server.xml, I haven't had any problems here. All you have to do is uncomment a few lines of code and run the keytool command that's listed there. Also, you need to make sure you have JSSE is installed. Jon - Original Message - From: Curtis Dougherty [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 20, 2001 10:19 AM Subject: RE: SSL-How-2 for Tomcat 4 I wonder if anyone else has seen the eratic differences in behavior between Win2k Pro and Win2K Server... BIG Difference in IIS5 but... Chris - If you see this thread... Why won't the /examples site won't encrypt properly (https://localhost:8443/examples/servlets/index.html Thnx! cd -Original Message- From: Rob S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 10:05 AM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 Interesting... well Chris is a regular so I'm sure he'll have something to add =) - r On Mon, 20 Aug 2001 09:54:15 -0500 [EMAIL PROTECTED] wrote: I would LOVE to think that BUT... alas...that has NOT been my experience... I did it to two different machines... step-by-step (good instruction / lousy program) is my guess... I using Win2K / IIS 5 / Tomcat4 b6...my app aside... I could NOT get /examples to come over with SSL... I'm seeing a LOT of inconsistency (between win2k and win2k server et al) cd -Original Message- From: Rob S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 9:48 AM To: [EMAIL PROTECTED] Subject: Re: SSL-How-2 for Tomcat 4 If you follow the steps... you CAN'T EVEN GET /examples in SSLThat sinches it... Abandom Hope All Ye Who Enter Here... I surmise that Tomcat4 b6 does NOT support SSL (any flavor / any way / never)... Looks like Bill will win again since the OSC is too busy writing viruses... That's interesting... several people have written saying how good that documentation is. Maybe you're missing something? Is that a possibility? - r
Bug in ServletResponse.flushBuffer() in Tomcat 4.0b7?
I'm having problems using ServletResponse.flushBuffer() and Tomcat 4.0b7. The following servlet demonstrates. What I want it to do is print out the title and the Test 1 line. Then, pause for 10 seconds and print out the Test 2 line. It doesn't work the first time through. However, if I then hit Refresh in my browser after going through it once, you can see clearly that it prints out the first line pauses and prints out the last line as I would expect it to. Is this a bug? Can someone else reproduce this? The reason I want to get this to work is that I have a servlet where I have a page with a Submit button on it, then on the next page, there is sometimes a few second lag while performing an update on a directory/database. I've had problems in the past where users click the Submit multiple times because they think it's stuck. Actually, it's not, it's just slow. So, what I want to do is print out at least the top part of the page so that the Submit button/previous page is no longer available for them to click on. If someone could fix this for the final version of Tomcat 4, I would greatly appreciate it. Either that or, if anyone else knows of a work around, that would be appreciated too. Thanks, Jon import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class SimpleServlet extends HttpServlet { public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { try { resp.setContentType(text/html); PrintWriter pw = resp.getWriter(); pw.println(htmlheadtitleSimpleServlet/title/headbody); pw.println(pTest 1/p); pw.flush(); resp.flushBuffer(); Thread.sleep(1); pw.println(pTest 2/p); pw.println(/body/html); pw.close(); } catch(Exception e) { System.out.println(e); } } }
Tomcat 4 restart command?
I'm wondering if in Tomcat 4 there is a restart command that you can use to restart it rather than having to stop and start it using startup and shutdown scripts? The problem that I have is that it takes time for it to startup and shutdown, especially when you have SSL enabled. So, a restart command would be nice. Or, if it printed out messages like it does in Tomcat 3.x where as each listening port becomes active (i.e. first port 8080 for HTTP, then later when HTTPS is available and the SecureRandom has been generated), it prints out a message to the screen. This way you know when Tomcat is fully started or stopped. Otherwise, the scripts just return you back to the UNIX prompt before it's actually started up or shutdown and you don't know exactly when that process is complete. I guess a restart command isn't really that important although it would be nice. I like the messages that are displayed in Tomcat 3.x better though. I like knowing exactly when the ports are ready for use. Jon
Way to tell Tomcat 4 to reload tomcat-users.xml without having to restart?
Does anyone know if there is a way to tell Tomcat 4 to reload the tomcat-users.xml file? I want to give users the ability to change their passwords without having to restart Tomcat in order for the changes to take affect. I was able to this with Apache Web Server without a problem because it apparently continuously checks that file to see if it has changed. Tomcat doesn't seem to do that. Also, I'm wondering if there are plans to make it so that the passwords in this file are encrypted? Jon
Re: Tomcat 4 restart command?
Thanks for the info. Actually, I just enabled the reloadable option on my Context (development server). So, as long as that works reliably, I should have to restart my server far less often. Thanks, Jon - Original Message - From: Craig R. McClanahan [EMAIL PROTECTED] To: Tomcat User List [EMAIL PROTECTED] Sent: Thursday, August 16, 2001 3:17 PM Subject: Re: Tomcat 4 restart command? On Thu, 16 Aug 2001, Jonathan Eric Miller wrote: I'm wondering if in Tomcat 4 there is a restart command that you can use to restart it rather than having to stop and start it using startup and shutdown scripts? The problem that I have is that it takes time for it to startup and shutdown, especially when you have SSL enabled. So, a restart command would be nice. Or, if it printed out messages like it does in Tomcat 3.x where as each listening port becomes active (i.e. first port 8080 for HTTP, then later when HTTPS is available and the SecureRandom has been generated), it prints out a message to the screen. This way you know when Tomcat is fully started or stopped. Otherwise, the scripts just return you back to the UNIX prompt before it's actually started up or shutdown and you don't know exactly when that process is complete. You know it's done when you see the second Starting service x line in $CATALINA_HOME/logs/catalina.out. I guess a restart command isn't really that important although it would be nice. I like the messages that are displayed in Tomcat 3.x better though. I like knowing exactly when the ports are ready for use. Jon There's no restart command for the whole server, but there is a convenient way to restart a particular webapp (say, because you just updated it). Prerequisite: set up a user in your conf/tomcat-users.xml file that has a role named manager. It doesn't matter which user and password it is (Tomcat will only check for the presence of this role). Now, assume you want to force the web app at context path /examples to reload. Simply go to a browser and type: http://localhost:8080/manager/reload?path=/examples The first time you do this, you will be challenged for the username and password you have entered. But, after that, you can just hit reload to resubmit the same command again. This stuff will be covered in a (soon to be written, I promise :-) HOWTO document about the Manager web app. In the mean time, consult the source code of the Manager servelt (org.apache.catalina.servlets.ManagerServlet) for all the things it can do. Craig
Re: Way to tell Tomcat 4 to reload tomcat-users.xml without having to restart?
OK, thanks again. JNDIRealm cool! That was another question that I was going to ask is if it is possible to have it query an LDAP directory for the password information. I'll have to take a look at that. JDBCRealm never seemed like a good idea to me considering most SQL connections aren't encrypted. Hopefully JNDIRealm uses SSL. I'm wondering if the role information has to be stored in the directory? I'll see if I can find the docs... Thanks, Jon - Original Message - From: Craig R. McClanahan [EMAIL PROTECTED] To: Tomcat User List [EMAIL PROTECTED] Sent: Thursday, August 16, 2001 3:19 PM Subject: Re: Way to tell Tomcat 4 to reload tomcat-users.xml without having to restart? On Thu, 16 Aug 2001, Jonathan Eric Miller wrote: Does anyone know if there is a way to tell Tomcat 4 to reload the tomcat-users.xml file? No, although it would be technically feasible to implement somethng. I want to give users the ability to change their passwords without having to restart Tomcat in order for the changes to take affect. I was able to this with Apache Web Server without a problem because it apparently continuously checks that file to see if it has changed. Tomcat doesn't seem to do that. If you want to do this, you really want to be storing your users in a database and using JDBCRealm, or a directory server and using JNDIRealm. The tomcat-users.xml file is there primarily as the minimum level of stuff necessary to use container-managed security - it is not designed for use as the production means for storing usernames. Also, I'm wondering if there are plans to make it so that the passwords in this file are encrypted? Jon Craig
JNDIRealm questions
I'm currently looking at trying to use JNDIRealm for authentication and I've come up with a number of questions. I'm wondering if anyone knows the answers to any of the following questions. 1. Does anyone have it working that can provide an example entry of what should go in server.xml and also an example entry for a user (and a role, if separate entry is required for that)? 3. What are the specific digest formats that are supported with regard to the userPassword attribute? Clear-text and MD5, or are there more? Does it support crypt? Also, does it check all userPassword values or only one? 2. Is it possible to get it to bind as the user being authenticated and not require access to the userPassword attribute? If not, why? I'm guessing performance, but, this is problematic because it requires the password to be in a specific format. Also, it is less secure since the password is sent out over the wire even if it is encrypted and it won't work with directories such Active Directory which won't let you query the password attribute. 4. Does it query the server for each page request, or does it do caching? Jon
Are many people running Tomcat 4 in standalone mode?
I'm curious to know if there are a lot of people out there running Tomcat in standalone mode versus using it with Apache Web Server or some other Web server? Previously, I've been using it with Apache Web server on Solaris 8 with mod_jk. However, as of version 4, it seems like it's pretty stable and it seems to be getting sufficiently robust. So, I'm planning on running it in standalone mode. Everything seems to be working fine. I'm wondering if using it with Apache Web Server really makes that much difference in terms of performance? My Web application isn't taking a massive amount of hits, so, I think I should be OK. I was just curious what others are doing. Jon
load-on-startup broken in Tomcat 4?
I noticed in Tomcat 4-b6 that if you use the load-on-startup tag for a servlet in web.xml that it causes the init parameters to not work. i.e. they don't get set. Also, it appears that attributes such as cipher_suite don't get set. Is it no longer valid to use the load-on-startup tag in Tomcat 4, or is this a bug? Jon
Re: load-on-startup broken in Tomcat 4?
Nevermind, I think I coded something incorrectly in my web.xml file. I see an error in the log now... Jon - Original Message - From: Jonathan Eric Miller [EMAIL PROTECTED] To: Tomcat User List [EMAIL PROTECTED] Sent: Monday, July 23, 2001 4:25 PM Subject: load-on-startup broken in Tomcat 4? I noticed in Tomcat 4-b6 that if you use the load-on-startup tag for a servlet in web.xml that it causes the init parameters to not work. i.e. they don't get set. Also, it appears that attributes such as cipher_suite don't get set. Is it no longer valid to use the load-on-startup tag in Tomcat 4, or is this a bug? Jon
Which comes first basic authentication or redirection to SSL?
I'm using the following configuration in my web.xml file. I have it setup so that SSL is required. I also have it setup so that basic authentication is required. What I'm wondering though is what happens first, redirection to the SSL port or basic authentication? So, say I enter the following into my browser, http://localhost:8080/servlet/Test It gets redirected to, https://localhost:8443/servlet/Test However, I don't see the https until after I have authenticated. Does this mean that the authentication happened before the redirection? Jon ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/j2ee/dtds/web-app_2_3.dtd; web-app servlet servlet-name Test /servlet-name servlet-class Test /servlet-class init-param param-nameinitParameter/param-name param-valuevalue1/param-value /init-param /servlet security-constraint web-resource-collection web-resource-name Protected Area /web-resource-name url-pattern /* /url-pattern /web-resource-collection auth-constraint role-nametomcat/role-name /auth-constraint user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nametomcat/realm-name /login-config /web-app
Way to make Tomcat re-read tomcat-users.xml without having to restart Tomcat?
I noticed that it appears that Tomcat 4 only reads tomcat-users.xml on start up. Does anyone know if there is a way to programatically tell Tomcat to re-read this file? Basically, I want to have a Web page that allows a user to change their password. However, I don't want to have to restart Tomcat in order for the change to take affect. Also, does anyone know if there is a way to store the passwords crypt encrypted instead of in clear-text? Also, what about authentication via LDAP? Jon
Tomcat 4.0 release date?
Anyone have any ideas on when Tomcat 4.0 might be released? I see that it's currently in Beta 5 whereas 3.3 is only at milestone 4. As far as I can tell, milestones are actually Alphas. Why not name them as such? Is 4.0 expected to be released before 3.3? If so, what's the point of 3.3? Jon
Tomcat 4.0 redirectPort question, how to redirect to SSL?
I read in another message that was posted to this list that you can use the redirectPort variable in server.xml for a connector to have a non-SSL connection redirected to a SSL connection? Can someone tell me what other settings I need to use in order to get this to work? Basically, what I want to do is make it so that all connections using http:// get redirected to https://. i.e. I want to require SSL. However, I still want the Web server to listen on port 80 that way if I use forgets to enter the 's' at the end of https they will still get to the right place. Ideally, I would also like to require 128-bit encryption as well, but, if anyone can answer the question about redirection, I would be greaty appreciative. Anyone know how to do this? Also, I'm wondering if the variables and values for web.xml and server.xml are documented somewhere? For example, I'm thinking that maybe there is a security-constraint setting that you may need to use that specifies that access to a servlet needs to be over SSL or something? Jon
Way to require 128-bit SSL encryption with Tomcat 3.2.2?
Does anyone know if there is a way to require 128-bit SSL encryption using Tomcat 3.2.2? I found that if nothing else you can query the javax.servlet.request.key_size attribute using Tomcat 4.0. However, I would like to be able to do this with the current release version of Tomcat and this version does not seem to set that attribute (neither does 3.3-m4). Anyone know of some other way to require 128-bit SSL encryption. If so, please be somewhat specific. Also, if you can, please CC [EMAIL PROTECTED] in the response as I am not actually subscribed to this list. Thanks, Jon
Re: Starting Tomcat without new DOS Window
I don't know about the service related part of your question, but, I found out how to start it without opening a new Command Prompt window. In startup.bat, you should see a line like the following. call %TOMCAT_HOME%\bin\tomcat start %1 %2 %3 %4 %5 %6 %7 %8 %9 If you change the text start to run as in the following, it will run and not open another window. call %TOMCAT_HOME%\bin\tomcat run %1 %2 %3 %4 %5 %6 %7 %8 %9 I found this to be helpful when trying to get SSL to work. I didn't have things configured correctly and couldn't see what the error message was because the window was shutting too fast. BTW, Tomcat developers, it would be nice if errors were logged to the log file in this case and not just to the screen. Jon
Solaris binary for mod_jk.so
First off, I would like to congratulate the Tomcat developers for the release of 3.2. You guys are doing a greate job and I look forward to using it. One thing that I think would be very helpful to users is if you could provide binaries for mod_jk. I'm guessing it's just a matter of resources and not having developers around that can make these binaries. From what I remember, there used to be Solaris binaries awhile back. Then, Solaris seemed to be dropped in favor of Linux. I just wanted to make a point that there are probably still a lot of Solaris users out there that might appreciate have a binary as well. I'm going to try to build it right now. It's been a few months since I last did this. At that time I found that the instructions had improved a bit which I really appreciated. I had major problems building mod_jserv previously, due to pretty much non-existent or incorrect documentation. BTW, I'm hoping at some point to no longer have to use Apache Web Server at all and instead just use Tomcat in stand-alone mode. However, there are a few issues that I need to resolve first. One issue is that I want to limit SSL connections to using 128-bit encryption and not 40-bit or 56-bit. I'm not sure if this is possible with Tomcat. Jon
SSL, AJP13, and security related questions
NOTE, PLEASE RESPOND TO ME DIRECTLY AT [EMAIL PROTECTED] AS I AM NOT ON THIS LIST. I would like to be on the list, but, I can't handle getting all the email right now. I really wish there were a Usenet newsgroup for Tomcat to be honest. I'm using Tomcat 3.2 release with Apache 1.3.12, mod_ssl, and mod_jk. What I would like to be able to do is determine what cipher suite was negotiated between the Web server and client. It states that there is a variable named SSL_CIPHER in the tomcat-ssl-howto.html document. I'm trying to figure out how to access this variable. I'm wondering if someone could answer the following questions for me. 1. If the SSL_CIPHER variable is being passed to Tomcat, I should be able to call HttpServletRequest.getHeaderNames() and see that header, correct? If I don't see it, does that mean that something is configured incorrectly? 2. Do I have to use the AJP13 connector instead of the AJP12 connector in order to access the SSL_CIPHER variable? I'm using AJP13, but, it's still not working. I added the AJP13 connector to the server.xml file. I'm also using a custom mod_jk.conf file which I used mod_jk.conf-auto as a template. In this file, I changed the root settings to use ajp13 instead of ajp12. I also added the commands that are listed in tomcat-ssl-howto.html with regard to setting JkExtractSSL On (just to be on the safe side even though in theory it's on by default). I disabled the AJP12 connector in server.xml to make sure that the ajp13 connector was being used. I then ran https://myhost/servlet/SnoopServlet. I would assume that I should see the SSL_CIPHER header in the Headers section of the output, but, it isn't there. 3. Why is the default connector still AJP12 if AJP13 is the recommended one to use? 4. If I'm using Tomcat in stand alone mode with SSL enabled can I access the SSL_CIPHER variable? Or, is this variable specific to using Tomcat with Apache Web Server? 5. When running Tomcat in stand alone mode with SSL enabled, is it possible to specify in a configuration file that only connections that support strong encryption will be accepted? i.e. 128 bit. 6. Apache Web Server allows one to restrict access to a URL to a specific IP address or range of IP addresses. Is it possible to do this using Tomcat in stand alone mode? 7. Does Tomcat, or is it planned to in the future, support having user passwords crypt encrypted? i.e. like Apache Web Server. Thanks in advance for answering any of the above questions that you might know the answers to, Jon