ClassCastException when retrieving PostGres JDBC Connection from Tomcat 4.0.4 pool

[Phil Steitz]

I am running Tomcat 4.0.4 using the JNDI DataSource support to access a 
PostGres database.

The following throws java.lang.ClassCastException: 
tyrex.jdbc.xa.EnabledDataSource  

Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env");
DataSource ds = (DataSource)
envCtx.lookup("jdbc/"+ jndiName);
return ds.getConnection();

When I build with tyrex-0.9.7.0.jar and change DataSource to 
EnabledDataSource, things work fine.
Why do I get the exception and why does the fix work?  Shouldn't the 
type of the resource returned match the type specification in server.xml 
and web.xml below?  

In server.xml:





user
libuser


password
should_not_be_clear_text


driverClassName
org.postgresql.Driver


driverName
jdbc:postgresql://hanley/library



In web.xml:




Resource reference to a factory for java.sql.Connection
instances used for connecting via JNDI to library
database as configured in the server.xml file.

jdbc/libraryDB
javax.sql.DataSource
Container
  

PostGres driver is in ${catalina.home}/common/lib




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: encrypt passwords for JNDI Resources (Datasource specifically)

[Phil Steitz]

Jacob Kjome wrote:

>Can someone comment on this?  I'd really like to know if I can digest
>the passwords that I use for my configuration in the Server.xml for
>DBCP Datasources.  Is it possible?  If not, is it planned?
>
>Jake
>
I will leave it to one of the developers to comment on what may be 
planned; but I do not think that what you want to do -- protect the 
uid/pwd data in the config file is currently supported.  It looks to me 
as though the JDBC Datasource provided in Tomcat 4 uses exactly what you 
have in server.xml to connect to the database.  Hashing would add no 
value here, since the hash would be visible in the config file.  

If what you really want to do is to protect the uid/pwd info in the 
file, you need to encrypt (not hash) these data and then create your own 
resource factory that decrypts before attempting the database connection.  

I am also curious about what may be in the works here.  Are there any 
plans to support a "crypto-enabled" version of the commons digester to 
allow entire config files to be encrypted?

Phil Steitz

>
>
>Thursday, August 01, 2002, 1:00:16 PM, you wrote:
>
>
>JK> Seems to me someone wrote about this before, but I can't find it.  I'm 
>JK> wondering if passwords can be digested in JNDI Resource configuration
>JK> just like one can in the Realm configurations?  I'd rather not store
>JK> the password for my database in cleartext.  The Resource docs don't
>JK> seem to mention anything about digesting passwords.  Is it not
>JK> possible?  If not now, is this feature planned?  I'm using
>JK> Tomcat-4.1.8.
>
>JK> Jake
>
>
>JK> --
>JK> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
>JK> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
>




--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Tool for HTTP Request Stress Test

[Phil Steitz]

randie ursal wrote:

Hi,

  can anyone suggest an HTTP Stress Test tool.

  coz i wanna stress test my web application which is deployed
  on Tomcat.

thanks.



Try jmeter -- http://jakarta.apache.org/jmeter/index.html and look at
http://jakarta.apache.org/jmeter/usermanual/boss.html for references to 
other tools.

-Phil






--
To unsubscribe, e-mail:   

For additional commands, e-mail: 






--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Listing all JNDI resources available

[Phil Steitz]

[EMAIL PROTECTED] wrote:
Hi there,

Is it somehow possible to look up all JNDI configuration values available 
in a servlet/context?
This would be quite fine for debugging purposes, and it seems there is no 
function available for this, only for looking up a specific value.

thx 
Johannes
Johannes,

You can use JNDI APIs to do this.
Check out the Naming example that ships with Tomcat 4.  HTML source is 
in /examples/servlets/jndi.html.

-Phil

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Library management for Tomcat using ant

[Phil Steitz]

[EMAIL PROTECTED] wrote:
Hi Jerome,

Yes, certainly that's what I thought at the first glance as well.

But wouldn't it make more sense to make the fileset importable from 
another file (i.e. extend the FileSet datatype to allow imports from 
another file)?
e.g.
build.xml:

  


lib.xml:

  
  
  

==> but since I'm not yet an ant expert, I don't know where to start to 
extend the FileSet datatype of ant. Anybody any ideas?
I think this kind of action (=reading a tag from an external file) could 
be required more often, so I think it would make sense to extend the 
FileSet datatype.

Has anybody a good idea where to start? 
(probably at the ant mailinglist :)?
This really is a question for the Ant list.

You might be able to solve your problem, however, using the "XML 
include" technique described in 
http://ant.apache.org/faq.html#xml-entity-include, or by just piping the 
lib file list in on the command line, using:
http://ant.apache.org/faq.html#passing-cli-args

-Phil

thx,
Johannes




jerome moliere <[EMAIL PROTECTED]> 
30.03.2003 14:26
Please respond to
"Tomcat Users List" <[EMAIL PROTECTED]>

To
Tomcat Users List <[EMAIL PROTECTED]>
cc
Subject
Re: Library management for Tomcat using ant




[EMAIL PROTECTED] wrote:


Hi there,

I know this is more a question about ant, but maybe a tomcat user here 
has 

faced the same issue as I do when using a central lib directory for all 
of 

the JAR files in the various webapps:

In the prepare task I copy the JAR files I need for my webapp into the 
WEB-INF/lib folder in the build path:
===


  
  
  
  

=

However, this library listing is the only thing which distinguishes the 
various build.xml files for my different webapps.
I'd prefer to have only ONE build.xml file for all of my webapps so they 
all have the same structure.

How can I import a fileset like above from a separate filename?
(so I can have 
*) ONE build.xml for all of my webapps and 
*) a specific lib.xml for each of my webapps?

thx alot
Johannes

Hi Johannes,
why not coding your own task ? reading a single filename then copying 
files is an easy task to be coded in Java isn't it ?

HTH
Jerome
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Alternate password encyption code?

[Phil Steitz]

Jeff Sexton wrote:
On Thu, 29 May 2003, Raible, Matt wrote:

Why don't you just have the JDBCRealm do it - add digest="SHA".


I need something other than SHA, I need to use my own custom code for an
encyrption method of my own that is not provided by JDBCRealm

To programmatically do it using form-based authentication, I've used a
LoginServlet that's mapped to "auth" in my login.jsp's form.  In this
servlet, I encrypt the password and redirect to "j_security_check" - is that
what you're looking for?


Maybe.  I'll do some reading about form-based authentication.  I'm not
sure.
I'm after this because I already have set up a JDBCRealm based system,
with BASIC authentication, and SHA, under Tomcat for both servlets and
cocoon stuff.  Now I want to tie this together with another application
that encypts passwords differently from any method available in JDBCRealm.
I have the code for the encyption.  If I could simply drop this code into
the user validation JDBCRealm does for me in Tomcat, it'd be great because
the security would all work and I wouldn't have to create any
user/password management pages of my own.
Based on the documentation here

http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#Digested%20Passwords

and a quick look at the sources here

http://cvs.apache.org/viewcvs.cgi/*checkout*/jakarta-tomcat-4.0/catalina/src/
share/org/apache/catalina/realm/JDBCRealm.java?rev=HEAD&content-type=text/plain
it does not look to me like you are going to be able to do this without 
hacking the JDBC Realm implementation.  The tomcat JDBC Realm 
implementation supports digested (*not* encrytped) passwords using 
java.security.MessageDigest to do the hashing.  This means that the 
hashing must be performed using one of the standard algorithms specified 
here
http://java.sun.com/j2se/1.4.1/docs/guide/security/CryptoSpec.html#AppA

You are probably best off going with one of the approaches that Matt has 
outlined if you want to serve login pages from the tomcat nodes.

Phil



If I can do this, I can tie Tomcat authentication to the password system
my company has on other systems.
Any tips are helpful!  I'm a little lost with this.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Signal 11 causing Tomcat crash

[Phil Steitz]

Jim Goodspeed wrote:
Unfortunately we have also tried Sun's JVM and are
experiencing the same Signal 11 errors (I've included
two snippets of the Sun error - same error as the IBM
Sig 11, just in a different format).  Sometimes the
dump specifies the library in question, other times it
does not.
Thanks,
Jim
An unexpected exception has been detected in native
code outside the VM.
Unexpected Signal : 11 occurred at PC=0x1
Function=[Unknown.]
Library=(N/A)
An unexpected exception has been detected in native
code outside the VM.
Unexpected Signal : 11 occurred at PC=0x59DF83B0
Function=(null)+0x59DF83B0
Library=/usr/IBMdb2/V7.1/lib/libdb2.so.1
Are you sure that the driver version and fixpack match the server?  DB2 
can do funny things when this is not the case.  See for example: 
http://dbforums.com/arch/39/2002/9/515834

Phil





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Can't load server.xml message

[Phil Steitz]

Sean Schofield wrote:
I am an experienced Tomcat user who is all of a sudden having trouble
running Tomcat on my home machine.  I am running Tomcat 5.0.28 and I
get a Null Pointer when trying to start Tomcat.
I have JAVA_HOME and CATALINA_HOME configured.
The very first line in the output says "Can't load server.xml"
(actually the second line says the same thing as well.)  I tried
chaning to the minimal server.xml as well but no luck.
The stack trace seems to indicate a NullPointer exception at
Catalina.await line 619.  I have tried looking this up on the mailing
lists, but incredibly, nobody seems to have experienced this problem!
Anyways, any insight that could be provided would be greatly
appreciated.  I've never had this problem before ...
I had this problem once when I inadvertently moved server.xml from 
/conf.  I think the error message means what it says -- it cant't read 
the file.  Are you sure it is in the right place and the user running tc 
has permission to read the file?

Phil
TIA,
sean
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Can't load server.xml message

[Phil Steitz]

If you look at the 5.0.28 src distro, you can see that line 519 of 
Catalina.java includes a reference to the server object. Most likely the 
npe is happening because the server initialization is failing.

The first error ("Can't load server.xml") looks like it is generated by 
the load method when it can't open the file.

Phil
sven morales wrote:
  I looked in the wrong source codes.  I should have
looked at Catalina.java.  Here is the link:
http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/Catalina.java?rev=1.35&view=log
Anyhow, the await() call is at line 578 but thats
after the server has started.  It is after these lines
562 long t2 = System.currentTimeMillis();
563 log.info("Server startup in " + (t2 -
t1) + " ms");
  some test if useShutdownHook...
578 if (await) {..
Check your log file if it has made it this far.
aka_sergio
--- sven morales <[EMAIL PROTECTED]> wrote:

Hi,
   You seem to have added quite a few lines into
your
catalina.sh.  The stock script ends at line 287 for
me.  Can you tell us what modifications you have
made?
   Funny that I can not find how the server.xml is
loaded by the DigesterFactory.java nor by
Bootstrap.java when I browsed their source code.
aka_sergio
--- Sean Schofield <[EMAIL PROTECTED]> wrote:

I am an experienced Tomcat user who is all of a
sudden having trouble
running Tomcat on my home machine.  I am running
Tomcat 5.0.28 and I
get a Null Pointer when trying to start Tomcat.
I have JAVA_HOME and CATALINA_HOME configured.
The very first line in the output says "Can't load
server.xml"
(actually the second line says the same thing as
well.)  I tried
chaning to the minimal server.xml as well but no
luck.
The stack trace seems to indicate a NullPointer
exception at
Catalina.await line 619.  I have tried looking
this
up on the mailing
lists, but incredibly, nobody seems to have
experienced this problem!
Anyways, any insight that could be provided would
be
greatly
appreciated.  I've never had this problem before
...
TIA,
sean


-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]


		
__ 
Do you Yahoo!? 
Yahoo! Mail - Find what you need with new enhanced
search.
http://info.mail.yahoo.com/mail_250


-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [Fatal Error] :2:1: Content is not allowed in prolog.

[Phil Steitz]

Omar Adobati wrote:
Does anybody know what this line of log mean: "[Fatal Error] :2:1:
Content is not allowed in prolog".??
I'm using tomcat 5.0.28, JDK 1.5.0_01 and Win XP SP2
That looks like an XML parse error resulting from junk characters at the 
beginning of an XML document.  Check server.xml and web.xml to make sure 
that there are no bad / extra characters before the root elements.

Phil
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]