manager not unpacking war files
I'm trying to get the Tomcat manager app to unpack war files when I install them. (using Deploy directory or WAR file located on server) The only setting I found that is supposed to control this is unpackWARs, so I have this in my server.xml: Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Nothing I tried caused the war to get unpacked, until I happened to install a war file that was writable by everyone, instead of just the owner and group. WTF? Is it supposed to do that? Why doesn't it unpack it when the permissions are more restrictive? eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using shared objects from tomcat
On Tue, Feb 08, 2005 at 10:53:37PM +0100, Andreas Andersson wrote: This is a debian suggesting strace to be the one for me. Can I attach strace to my .so-file or do I have to start tomcat via strace? I'm not certain about debian, but under NetBSD you can turn on tracing for an already running process. (ktrace -p pid) I'd imagine there'd be something similar under linux. Check the strace man page. Keep in mind that this can create a _lot_ of output. 2) Generally, you can get some clues on UnsatisfiedLinkError, in a pinch, by using LD_DEBUG or strace (or truss or whatever). If I'm not misstaken tomcat ignores environment variables so how can I set LD_DEBUG? The LD_DEBUG env variable would actually be interpreted by the dynamic linker code, so it's irrelevant whether tomcat ignores it or not. Tomcat will rely on the JVM's library loading functions, which in turn should use dlopen() and related functions. 5) Consider using an RPC protocol to talk to a server written in C/C++ instead of using JNI in the first place. If the performance is acceptable, your life could be a lot simpler. Unfortunatly the codes in the .so-files isn't mine. It's a third party product that we can't alter or even have altered for us. That really depends on how much the library depends on java. If it's a C/C++ library that had a thin JNI layer added on afterwards you can probably write a C/C++ program to use it fairly easily. A good indicator of this is if the .so comes with C/C++ header files, and if the java interface is light on it's use of objects. (e.g. all function arguments and return values are primitives, or data-only objects) Of course, if the library wasn't written that way you might not have an easy to use C function to call. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Request an app test (free beer!)
NetBSD(native jre): NetBSD NetBSD(using linux binaries): Linux Sent: Monday, December 20, 2004 2:26 PM To: Commons User; Struts User; Tomcat User Subject: [OT] Request an app test (free beer!) I was informed last OT post I made that the subject should always include the word beer. ?I added the free to get your attention :) I'm working on something for which I need to know what the os.name property on various OS's is. ?I would greatly appreciate it if some folks could try the following: public class test { public static void main(String[] args) { System.out.println(System.getProperty(os.name)); } } I'm particularly interested in various *nix variants, Linux, Mac and such. ?Windows I already have answers for (although some verification to be sure nothing fishy is going on wouldn't hurt). If you could just post your OS and what the result was, I would greatly appreciate it. ?Thanks in advance! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What's the defaukt Admin user id/password
On Tue, Nov 30, 2004 at 03:25:27PM -0600, Ron Day wrote: sorry, but some people are too important to send helpful replies. Have you even looked at the URL that Yoav mentioned? It describes _EXACTLY_ what you need to do and why you need to do it. It even gives an example of a line to add to the tomcat-users.xml file. That certiainly fits _my_ definition of helpful. eric From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Hi, RTFM: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/manager-howto.html#Confi guring%20Manager%20Application%20Access. Yoav Shapira http://www.yoavshapira.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Re: JavaScript/JSP Question
On Wed, Nov 24, 2004 at 07:11:31AM -0500, Ben Souther wrote: This question is not tomcat specific so I'm marking [OT]. I believe Javascript has the same startsWith/endsWith string functionality that Java has. You should be able to simulate that pretty easily. js also has full regular expression support through the RegExp class and the String.match function. Although that's might be a more difficult choice for exactly emulating the database LIKE function as all the other regexp features would need to be escaped. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL and form-based login
On Tue, Nov 23, 2004 at 01:20:16PM -0800, footh wrote: However, if the original page is http and the login form is submitted with https then it works fine. That seems like an explicit constraint that tomcat enforces, but I can't find where in the authentication code it does that. Of course, encrypting other requests and not the login page is a pretty stupid thing to do. :) You kind of lost me here...sorry if I'm being dense. So you are saying the only way to have a link within an SSL page go to non-SSL is either to hardcode the entire URL in the link or have all the links flow through a page that forces a redirect to the requested URL with non-SSL? uh.. what you just said is true, but it wasn't the point I was making above. I was talking about the behavior of tomcat with respect to how and when it saves the original url when it needs to display the login form. For a new session, the first request the browser makes to a protected causes that url to be stored in the session, but that value isn't always available to subsequent requests if the protocol is different. Now that I think about it, most (if not all) of my non-SSL links are in include files. So, it is easy enough to just place the full link in there. What bugs me is I've seen other sites with relative links on SSL pages that go to the non-SSL version (even when you hover over the link and your browser claims it is going to https). Using full links will be a pain too for maintaining production and development environments. Ugh... as Carl Howells mentioned in a different message, this could be done with a filter. Or you could write a javascript function that runs when the body onload happens that goes and and rewrites the urls of all the links on the page. (or if you want to be evil, leaves the urls alone but sets onclick handlers that redirect the browser directly.) eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: OFF TOPIC: Merging data into a PDF form
On Tuesday 23 November 2004 18:29, David Wall wrote: I have an existing PDF form (actually lots of them) and my webapp is querying a user for the missing data on the HTML form. I'd like to merge the POST data into the PDF document and end up with a new filled out PDF document. Has anybody done this or can point to tools that will help? I don't know about doing this in java, but if you can use then there are some libraries available for doing stuff like this. Take a look at PDF::Reuse. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL and form-based login
On Sun, Nov 21, 2004 at 10:53:52AM -0800, footh wrote: The URL in the browser is the URL of the protected page I'm trying to access. So, for example if /test/test.jsp is protected by forms-login and I click a link to that page, /test/test.jsp will be the URL in the browser, but the login page will appear on the screen. Well, that sounds like you're not getting an actual redirect to the login page. Unless you do that, the brower never sends another request, so you stay in http mode. According to the servlet spec it's not supposed to do a redirect. Since it's not a redirect, the urls specified in login-config don't get matched against a security constraint. If they did, it'd be hard not to create loops. e.g.: access to somepage.jsp triggers security-constraint on *.jsp requiring realm foo. login-config is triggered to allow tomcat to figure out which realm the user is in url for that is login.jsp, security-constraint is triggered, etc... That seems to make the automatic form login not all that useful for ssl stuff, at least not at first glance. A solution might be to point your login-config url at a page that does an immediate redirect to the actual login page. i.e.: define a security constraint that forces ssl and applies only to login.jsp no realm! since there's an explicit redirect we don't want to create a loop. define another security constraint that specifies a realm and applies to everything else. setup login-config to point to redirect.jsp redirect.jsp does an immediate c:redirect to login.jsp login.jsp works like normal. (j_security_check form and all) Well, that's how I'm hoping it would work. That depends on whether the redirect that redirect.jsp does, and the extra get the browser does, will cause tomcat to clear out it's original stored url. It seemed to work that way with a quick test I just did, but I'm not entirely sure I did it right. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL and form-based login
On Mon, Nov 22, 2004 at 08:21:11AM -0800, footh wrote: On another note, once I'm in a page that is set to use SSL all relative links within that page continue to use SSL even though I would rather they be non-SSL. Is there an easy way to prevent that other than hardcoding absolute URLs in all the non-SSL links? nope. that's just how relative links work. The https://; part is treated no differently than the www.somewhere.com portion. I guess I could set transport-guarantee tags to NONE for every single non-SSL page. That just seems like a bit of an administrative hassle as everytime I add a new page (or rather, folder) I'd have to add the appropriate transport tag. That won't work. The guarantee is a _minimum_ guarantee. If you really want to switch back to non-SSL after login you need to jump through another explicit redirect. It seems almost like tomcat handles that automatically for you, except that the save request is not available to a http login form if the original request was https. i.e. if I point my browser at https://foo.com/some_protected_page;, then simulate a redirect by going to http://foo.com/unprotectedlogin.html; and submit the form (which would be http://foo.com/j_security_check;), it complains about the time allowed for the login process has been exceeded. However, if the original page is http and the login form is submitted with https then it works fine. That seems like an explicit constraint that tomcat enforces, but I can't find where in the authentication code it does that. Of course, encrypting other requests and not the login page is a pretty stupid thing to do. :) eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL and form-based login
On Sat, Nov 20, 2004 at 04:59:31PM -0800, footh wrote: SSL seems to be working fine, however, I don't believe the login page is using SSL. The reason being is, when I try to hit any other page on the site with SSL, my browser invokes the certificate dialog box. However, when the form-based login forces the redirect to my custom login page, I don't get the certificate dialog box. Here's a snippet the relevant parts of web.xml (sorry if the formatting is bad): Does your browser url say https? If so, it should be in secure mode. Are you sure you didn't already accept the certificate during your browser session? Try sniffing your network traffic to make sure though. However, all these types of posts seem to be several years old. Is this still a bad idea...to switch from https to http? That depends on what you're trying to guarantee. If you're just trying to protect the password information that is entered during login, then switching back to http is ok. However, since the subsequent traffic is unencrypted an attacker could observe the sessionid that is used and hijack the session, often without any immediate indication of a problem from the user's point of view. If you're paranoid you'll want to do things like make sure a _new_ sessionid is created once you jump into https mode, and cause any non-https access using that new sessionid to instantly invalidate the session. (although as soon as there's any non-encrypted access with a given sessionid the attacker can theoretically race your session-killing request and create some havoc) For the slightly less paranoid, identifying the sensitive portions of your application and gating them with another https enabled password page might be reasonable. It all depends on how worried you are and how much effort you think someone will put into circumventing your security. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rotating catalina.out with Webmin
On Mon, Nov 15, 2004 at 02:36:57PM -0600, Filip Hanik - Dev wrote: nope, the moment you execute the mv the file handle has moved. switch to cronolog to save you some time, cronolog might recreate the file for you to, so no handle is ever lost, try it before you come back to the list :) [...snip...] if you dont get webmin fixed, I recommend cronolog instead. You cant just rotate it, cause then tomcat loses the file handle, and you will lose all further output. This is incorrect. A reference to an open file stays perfectly valid regardless of what is done to the name of the file. You can even remove the file entirely and any previously opened file handle will continue to function (and take up disk space!). Renaming a file changes the way you get access to the underlying file object but does not change the object itself. Since a file handle that a process has refers to the the underlying object, not the name, output will continue to be written to the original file and the new catalina.out will remain empty. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rotating catalina.out with Webmin
On Mon, Nov 15, 2004 at 03:39:01PM -0600, Filip Hanik - Dev wrote: this was not the case when using a java.io.FileOutputStream(), so I assume you tried and verified this :) You are confused. It _is_ the case with FileOutputStream. The only way it could be otherwise is if the output stream re-opens the file, either on every write, or when it notices that the file name no longer refers to the same file. Create aa.java with this code: import java.io.*; public class aa { public static void main(String[] args) throws Exception { FileOutputStream f = new FileOutputStream(args[0]); f.write(80); f.flush(); synchronized(f) { f.wait(5 * 1000); } f.write(81); f.flush(); } } And run this: java aa foo mv foo bar Notice that the output of the second write (which occurs after the file is renamed) is in the original file (bar), not in a new foo. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Signals sent by Tomcat to web applications during shutdown.
On Fri, Oct 29, 2004 at 10:20:49AM -0400, Shapira, Yoav wrote: Should have remembered that, I've used it before ::blush:: . I didn't consider it as the thread I'm looking at is deep within the business logic and doesn't have access to the Context. That it gets trickier. You can use the Runtime#addShutdownHook approach, but that only applies when the JVM is shutting down, so it won't work for a webapp reload. one way to solve that is to create a singleton class that is the ServletContextListener and have your business threads register themselves with it. Basically use the same interface as Runtime#addShutdownHook but implement it to be triggered on actions local to your app. This also helps keep the tomcat specific code and the core business logic code separate. (if you have you app designed that way) eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Somewhat OT] Content vs. Programming
On Fri, Oct 22, 2004 at 01:24:00PM -0400, Anthony E. Carlos wrote: I've thought of having them upload to a alternate directory and then running some ant script to copy new and changed files into the Tomcat directories, but that still won't help with the merging process. To make things even more complicated, and we're also using Tiles so my content providers have to ask me to add entries into struts-config.xml and tiles-defs.xml when they create a new page. Sounds like you need to impose some structure on how your clients upload things. Since you have more than one person/group of people working on the same stuff _someone_ needs to do the merging, but there's no reason to do it by hand. Since you're using CVS, let CVS do some of the work for you. 1: Have your clients upload to a checked out copy of your sources This assumes your source layout and your installed layout are fairly similar. This can be made easier if you declare that all of their stuff needs to go in some subdirectory that maps to the installed layout in a well define manner. 2: To satisfy their immediate update requirement, write a script that watches for new files and copies them to the webapps directory when they appear. 3: Before you install a new war file, go into the upload directory, run an update, merge changes, check in those changes. Then re-update your development box and rebuild. If you define a branch for the client upload changes you can import each of their changes to the branch and then do all of your merging work on your development box. In fact, you could even automate the checkin using the afore mentioned script. Branches are extremely useful for things like this. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to make Tomcat write its server config to server.xml ...
On Tue, Oct 12, 2004 at 11:21:29AM +0200, Krist van Besien wrote: Hello all, (This is a repost, as I had no anwers last time. I still hope there is an answer though, as this issue just bit me again). Around here we install webapps in non standard locations from the command line. We do this by creating an .xml that contains all that tomcat (ver 4.1.27) needs to know about a new context and then do: get --http-user=admin --http-passwd=* -O- \ http://localhost:8080/manager/install?config=file:/data/myapp/conf/myapp.xml This installs the context just fine, everything works. Just one problem remains. The new context is not added to the server.xml. I need to get in to a browser, log on to the admin application, and then press commit changes. If I don't do that Tomcat forgets all about the new context after the next restart. Is there way to tell Tomcat to write any changes to the running config back to the server.xml, _from the command line_ ? Grab the login page: get http://localhost:8080/admin foo.html parse the html and grab the jsessionid: jsid=`grep jsessionid foo.html | sed -e's/.*jsessionid=\(.*\)\'.*/\1/'` login: get \ http://localhost:8080/admin/j_security_check;jsessionid=${jsid}?j_username=...j_password=... commit changes: get \ http://localhost:8080/admin/commitChanges.do;jsessionid=${jsid}?submit=Commit%20Changes That should work. I haven't tried it though. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: method level synchronization doesn't work
On Fri, Oct 01, 2004 at 04:05:53PM +1200, [EMAIL PROTECTED] wrote: Is your primary key generated automatically? If so, the combined insert/query is: String stmt=INSERT INTO SOMEFILE (FLD1,FLD2,FLD3) VALUES(?,?,?); PreparedStatement sql = conn.prepareStatement(stmt,Statement.RETURN_GENERATED_KEYS); Does mysql actually support this? I know postgresql does not support returning generated keys, but I was able to work around it by tacking a select from the sequence immediately after the insert: e.g. insert into foo ... ; select currval('foo_keyfield_seq'); Is postgres just behind the times? eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Multiple arguments in a GET URL
On Fri, Oct 01, 2004 at 04:51:47PM -0400, [EMAIL PROTECTED] wrote: For example, my index.jsp is the frameset that takes an argument mainFrame specifying the JSP/HTML to use as the center frame of the frameset. So for example I would have http://ndsc.eng.vzwcorp.com/index.jsp?mainFrame=blahblah.jsp A word of caution: What you're doing seems like a great way to allow anyone to crash your app, or at least use up a lot of memory. Think what happens if someone sends you a url that looks like this: http://ndsc.eng.vzwcorp.com/index.jsp?mainFrame=index.jsp eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Multiple arguments in a GET URL
On Fri, Oct 01, 2004 at 05:10:22PM -0400, [EMAIL PROTECTED] wrote: it sees hello as expected -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] http://ndsc.eng.vzwcorp.com/index.jsp?mainFrame=blahblah.jsp?arg1=helloarg2 =helloagain In this scenario, I am able to perform a request.getParameter on arg1 in blahblah.jsp but when I try to do it on arg2, I receive a null pointer exception. For curiosity's sake, what value does blahblah.jsp see for arg1? Oh, I bet I know what you're doing. In index.jsp you're probably using the value of mainFrame directly as the url to load in the frame. But the value of the mainFrame arg is blahblah.jsp?arg1=hello, not just plain blahblah.jsp. That's why you can get arg1. arg2 is just another parameter being passed to index.jsp. You need to either escape those 's so the whole thing after mainFrame= is the value of mainFrame, or index.jsp needs to explicitly append any of _it's_ args (i.e. mainFrame and arg2) to the frame url. (or rather, any that you think should be passed on) eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ant build remote java.net.MalformedURLException (newbie Q)
On Wed, Sep 22, 2004 at 12:11:20PM -0400, Harry Hartley wrote: Thanks for the reply, but I am not sure what to do with the information you gave me. My objective is to use my ant build file to deploy. I have experimented with combinations of the information u gave me in my build.xml below, but still am not able to deploy from my local machine to a remote server. I have verified that if I ftp from my local machine to a remote machine, then run the build file there, everthing works great. But this is not what I want. As I mentioned earlier, I am able to do a list task from my build.xml, so I know that the manager URL and login information are set correctly. I just don't know what to put in the line: localWar=file://${build.home} instead of localWar I have: war=${distpath.project}/${project.distname}.war/ where ${distpath.project} is a relative path to where the war file is and ${project.distname} is the name of the war file. I'm not sure what the difference between localWar and war is, but I'd imagine you still need to specify the actual file name with localWar. ${build.home} sounds like a directory. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: seperate development spaces on same server/tomcat
On Tue, Sep 21, 2004 at 02:10:42PM -0400, Shapira, Yoav wrote: For development, drop Apache httpd, drop the connectors, drop the notion of CATALINA_BASE. Simply install Tomcat x separate times to x separate directories, with nothing in common. That's it. or, if your developers can deal with not restarting tomcat all the time (or notifying the others when they do), then you can just install you app to a separate path within a single tomcat instance and save the overhead of extra tomcat instances. If you're using the ant deploy task, it would look something like this: deploy url=http://${tomcaturl}/manager; username=${manager_username} password=${password} path=/yourapp.${username} war=yourapp.war/ You just have to give the developers access to the user that is running tomcat. I have a script that uses sudo to restart it when needed. It works reasonably well. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why tomcat 4 or even 3?
On Wed, Sep 15, 2004 at 04:07:52PM -0400, John Villar wrote: A question to everyone out there. why does anyone use nowadays Tomcat 4 branch?. isn't tomcat 5 branch more bug free, featurefull and backwards compatible? Perhaps because the tomcat home page seems to encourage the use of the old versions? Tomcat 3, 4 and 5 are placed mostly on a equal footing, especially with the language that says to see the detail below to help you determine which one is right for you. Also the table of Serlet/JSP spec to Tomcat version could imply, at first glance, that a JSP 1.2 app can't use tomcat 5 (which of course is completely false). eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 'referer' header contains Servlet path, not referrer
On Fri, Sep 10, 2004 at 12:58:30PM +0200, Bedrijven.nl wrote: I think you should use struts. How would that help? Struts is completely useless for figuring out which page a user came from. -Oorspronkelijk bericht- Van: Keith Hankin [mailto:[EMAIL PROTECTED] Verzonden: Friday, September 10, 2004 11:52 AM Aan: Tomcat Users List Onderwerp: Re: 'referer' header contains Servlet path, not referrer My code is in the Servlet, and I can't access Javascript within the Servlet. Keith Hankin wrote: Here's the scenario: I am getting input data from the user and have determined that the user has made an error. I want to redisplay the last page so they can fix the errors. well, your servlet could generate a small page that has the javascript in it. (although then it would be javascript:history.go(-2) instead of -1) If you have control over the input page (and feel like changing it) you could always add a hidden form field that describes which page the user is looking at. You could even use a bit of javascript (hiddenfield.value = location.href) to grab the url. Probably not the best way to do this, however. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help - Newbie questions - where are the uploaded files stored ?
On Fri, Sep 10, 2004 at 12:00:45PM +0200, MATHOT Jacques wrote: I am implementing an upload function for my web applications using Tomcat 4.0.14 server. I was expecting the files to be stored on the root directory of my application and not in one of the own Tomcat directories. How can I specify that the directory to be used is my application root directory ? FileInputStream fis = new FIleInputStream(Doc8585.zip); ... I don't think you can. You'll run into what seems to be a related problem if you try to, for example, use struts-tiles and specify a dtd in the tiles-defs.xml file. The location is based on whereever you happen to be when tomcat is started. i.e. if you are in /foo/bar when you run startup.sh files will end up there. Either create a directory somewhere else, and hard code the entire path to that, or hardcode the path to the tomcat webapps directory and use request.getContextPath() to append the application directory. This message and any files transmitted with it are legally privileged and intended for the sole use of the individual(s) or entity to whom they are addressed. If you are not the intended recipient, please notify the sender by reply and delete the message and any attachments from your system. Any unauthorised use or disclosure of the content of this message is strictly prohibited and may be unlawful. What is this crap? This seems rather inappropriate to be sending to a mailing list. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help - Newbie questions - where are the uploaded files stored ?
On Fri, Sep 10, 2004 at 10:57:18AM -0400, Shapira, Yoav wrote: Isn't that crap self-evident? ;) Most companies attach such footers and related disclaimers or legal notices to all outgoing mail, and most users can't control it. well then you shouldn't be using a work email address to send email to a public list. It's not at all reasonable to claim that those messages are in any way confidential, or try to limit how they get saved and copied. You don't expect the list maintainer to trim out from the archives any messages that, as your footer says, may not be saved, do you? eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: ssl certs
On Tue, Aug 24, 2004 at 04:14:19PM +, Didier McGillis wrote: The site is all Java, tomcat is the app and web server, I have never dealt with Tomcat as a web server so is it easy to setup tomcat to handle ssl certs and https requests. Any thing I have to watch out for? One thing you want to watch out for is how you generate the certificate. If you use the standard JKS format keystore then it is extremely difficult to get the private key into or out of the keystore. Therefore you need to make sure to generate the certificate using keytool, instead of (e.g.) openssl. There are ways to get around this. For instance, you can configure tomcat to use a different keystore type by setting the keystoreType attribute on the Connector element in server.xml. The existing docs are not very helpful with this. I wrote up a page (mostly for my own use) at: http://www.swapsimple.com/tomcat_java_certificates.html It might be a little more helpful. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
application path/docBase property
I'm trying to find the property that corresponds to either the application path (i.e. the path attribute of the Context element), or the installed path (i.e. the docBase attribute). I haven't had any luck finding it. Is there such a property? Specifically, what I am trying to do is have a application that can be installed to an arbitrary path use a common log4j properties file and have the logs go to an appropriate log file. Right now I'm working around the problem by generating the log4j properties file at build time, but I'd prefer not to have to rebuild just to install to a new location. e.g., I'd like to be able to do something like this: log4j.appender.MYLOG.File=${catalina.home}/logs/${application.path}.log or even: log4j.appender.MYLOG.File=${application.path}/WEB-INF/logs/application.log Any suggestions? thanks, eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: application path/docBase property
On Thu, Jul 29, 2004 at 01:16:48PM -0400, Shapira, Yoav wrote: See Jacob Kjome's contributions to the log4j sandbox at http://cvs.apache.org/viewcvs.cgi/logging-log4j-sandbox/src/java/org/apa che/log4j/ (servlet and selector packages). People have been using them in production for a long time now, all reporting success. We will probably put it in log4j 1.3 proper (i.e. promote it from the sandbox, so it will be included in the default log4j distribution). hmm.. not much documentation on how to use it, but from what I could gather it seems to set a property named application path.log.home. That's not very useful when the application path isn't constant! I suppose I can probably hard code it somewhere in that code. More trouble than I was hoping for, but it probably won't be too bad. Thanks for the pointer. eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
application path/docBase property
I'm trying to find the property that corresponds to either the application path (i.e. the path attribute of the Context element), or the installed path (i.e. the docBase attribute). I haven't had any luck finding it. Is there such a property? Specifically, what I am trying to do is have a application that can be installed to an arbitrary path use a common log4j properties file and have the logs go to an appropriate log file. Right now I'm working around the problem by generating the log4j properties file at build time, but I'd prefer not to have to rebuild just to install to a new location. Any suggestions? thanks, eric - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]