Re: Server Side file access
Thanks.
It worked.
On 12/1/05, Martin Gainty <[EMAIL PROTECTED]> wrote:
> Good Afternoon Philip-
>
> only if you have assigned the proper FilePermission in
> $CATALINA_HOME/conf/catalina.policy
>
> grant {
> permission java.io.FilePermission "${/}*", "read, write";
> };
>
> HTH,
> Martin-
> - Original Message -
> From: "Phillip Mangwiro" <[EMAIL PROTECTED]>
> To:
> Sent: Thursday, December 01, 2005 12:55 PM
> Subject: Server Side file access
>
>
> > Can I read & write to File on the server while in a JSP page? I keep
> > getting
> > errors on the line to create the File:
> >File f = new File("myinfo.txt");
> >
> > The error is reported to be because Tomcat expects an array or an Object.
> >
> >
> > I'm using Tomcat 5.5 & jre 1.5.
> >
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
How to get security policy grants to work with principals
Hi,
I'm trying to implement a security policy on Tomcat 5.0.25. It works
fine with grants of the form
grant codeBase "file:" {
permission ..
};
However when I try a grant of the form
grant codeBase "file:", principal "username" {
permission ..
};
I get a java.lang.ClassCircularityError exception with the name of the
principal class in the exception's description. I take it that in
refreshing the policy tomcat is trying to check the permission to open
the principal class and in order to do so it tries to refresh the
policy, which in turn tries to check the permission to open the
principal class and hence I get a ClassCircularityError exception.
All the documentation I have seen only refers to the first form of
grant. Any ideas anyone?
Here's an example of the exception stack trace:
java.lang.ClassCircularityError:
com/symbio/sona/security/principal/UserPrincipal
java.lang.Class.forName0(Native Method)
java.lang.Class.forName(Class.java:219)
sun.security.provider.PolicyFile.addPermissions(PolicyFile.java:1335)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1238)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1201)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1144)
sun.security.provider.PolicyFile.implies(PolicyFile.java:1099)
java.security.ProtectionDomain.implies(ProtectionDomain.java:189)
java.security.AccessControlContext.checkPermission(AccessControlContext.
java:254)
java.security.AccessController.checkPermission(AccessController.java:401
)
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
java.lang.SecurityManager.checkRead(SecurityManager.java:863)
java.io.File.exists(File.java:678)
org.apache.naming.resources.FileDirContext.file(FileDirContext.java:826)
org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:20
8)
org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:
287)
org.apache.catalina.loader.WebappClassLoader.findResourceInternal(Webapp
ClassLoader.java:1707)
org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappCla
ssLoader.java:1575)
org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader
.java:860)
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.java:1307)
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.java:1189)
java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
java.lang.Class.forName0(Native Method)
java.lang.Class.forName(Class.java:219)
sun.security.provider.PolicyFile.addPermissions(PolicyFile.java:1335)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1238)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1201)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1144)
sun.security.provider.PolicyFile.implies(PolicyFile.java:1099)
java.security.ProtectionDomain.implies(ProtectionDomain.java:189)
java.security.AccessControlContext.checkPermission(AccessControlContext.
java:254)
java.security.AccessController.checkPermission(AccessController.java:401
)
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
java.lang.SecurityManager.checkRead(SecurityManager.java:863)
java.io.File.exists(File.java:678)
org.apache.naming.resources.FileDirContext.file(FileDirContext.java:826)
org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:20
8)
org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:
287)
org.apache.catalina.loader.WebappClassLoader.findResourceInternal(Webapp
ClassLoader.java:1707)
org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappCla
ssLoader.java:1575)
org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader
.java:860)
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.java:1307)
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader
.java:1189)
java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
org.apache.jsp.index_jsp._jspService(index_jsp.java:85)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:241)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(
Re: mod_proxy_ajp
"Bill Barker" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > "Joseph Shraibman" wrote in message > news:[EMAIL PROTECTED] >> Does anybody have any idea how to use mod_proxy_ajp? The documentation >> page http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html just talks >> about the ajp protocol. > > # Forward all to myapp > > ProxyPass ajp:/localhost:8009/myapp > > > # Forward all JSP files > RewriteRule (.*)\.jsp ajp:/localhost:8009/$1.jsp [P] > > > The more sophisticated stuff about configuring load-balancing is covered > pretty well in the mod_proxy_balancer docs. Urm, typo. All of the 'ajp:/' strings above should be 'ajp://' - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Upgrading Tomcat
Thanks very much for your help with my questions. I don't know how I missed the note in the archive; I suppose I was distracted by too many balls in the air today :-) Rhino - Original Message - From: "Caldarale, Charles R" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, December 01, 2005 4:04 PM Subject: RE: Upgrading Tomcat From: Rhino [mailto:[EMAIL PROTECTED] Subject: Re: Upgrading Tomcat I'm having trouble finding the note you mentioned in the mailing list archives. It's here: http://marc.theaimsgroup.com/?l=tomcat-user&m=113332618812952&w=2 I'm trying to figure out the following: - does "Core" include the Administration webapp? It did in 5.0, does not in 5.5. - does "Core" include the Deployer? If not, what does the Deployer do? No. See the referenced e-mail. - does "Core" include the Embedded bundle? If not, what does it do? No. See the referenced e-mail. - when do I want do download "Core" as a Windows Executable and when do I want to download it as a zip? I never use the .exe since it's missing the .bat (and .sh) scripts, which are useful for debugging. See the referenced e-mail. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/11/2005 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/11/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat won't start
I like use green soft. @echo off rem set dytlib=E:\workspace\lib set Driver=d: set JAVADIR=%Driver%\Java set JAVALIB=%JAVADIR%\_LIB set soaplib=%JAVALIB%\soaplib set soapjar=%soaplib%\activation.jar;%soaplib%\mail.jar;%soaplib%\soap.jar set apache_beehive_a=%JAVADIR%\apache-beehive-incubating-1.0-alpha-snapshot set castor_0.9.5.3=%JAVADIR%\castor-0.9.5.3 set xerces-2_4_0=%JAVADIR%\xerces-2_4_0 set ant1.6.0=%JAVADIR%\ant-1.6.0 set ant1.6.2=%JAVADIR%\ant-1.6.2 set ant1.5.4=%JAVADIR%\ant-1.5.4 set httpunit-1.6=%JAVADIR%\httpunit-1.6 set j2sdk150=%JAVADIR%\jdk1.5.0_04 set j2sdk141=%JAVADIR%\j2sdk1.4.1_02 set j2sdk142=%JAVADIR%\j2sdk1.4.2 set junit3.8.1=%JAVADIR%\junit3.8.1 set jboss3.2.6=D:\Java\jboss-3.2.6 set MYSQL5=%JAVADIR%\mysql5 set MYSQL4=%JAVADIR%\mysql4 set james-2.1.3=%JAVADIR%\james-2.1.3 rem 系统中的 Tomcat set tomcat41=%JAVADIR%\tomcat-4.1.27 set tomcat50=%JAVADIR%\tomcat-5.0.25 set tomcat55=%JAVADIR%\tomcat-5.5.12 rem 系统中的 MAVEN set MAVEN_1.0.2=%JAVADIR%\Maven_1.0.2 set MAVEN_LOCAL=%JAVADIR%\maven_local set REPO_DIR=%MAVEN_LOCAL% set TC=%% rem paus path=C:\Program Files\Subversion\bin;%PATH% set CYGWIN_HOME=C:\cygwin @echo off call SetEnv.bat set DYTLIB=%JAVALIB% set ANT_HOME=%ant1.6.2% set BEEHIVE_HOME=%apache_beehive_a% set CASTOR_HOME=%castor_0.9.5.3% set CATALINA_HOME=%tomcat55% set COMPIERE_HOME = C:\Compiere2 set CYGWIN_HOME=C:\cygwin set JAMES_HOME=%james-2.1.3% set JAVA_HOME=%j2sdk150% set JBOSS_HOME=%jboss3.2.6% set JUNIT_HOME=%junit3.8.1% set MAVEN_HOME=%MAVEN_1.0.2% set MYSQL_HOME=%MYSQL4% set xerces_HOME=%xerces-2_4_0% set path=%PATH%;%javadir%\jadnt158\bin;%CYGWIN_HOME%\bin;%MAVEN_HOME%\bin;%JAVA_HOME%\bin;%ANT_HOME%\bin;%MYSQL_HOME%\bin;%ANT_HOME%\bin;%CATALINA_HOME%\bin;c:\windows;c:\windows\system32;c:\WINNT\system32;C:\PostgreSQL\8.0\bin;C:\cygwin set LIBRARY_PATH=%CYGWIN_HOME%\lib set C_INCLUDE_PATH=%CYGWIN_HOME%\include set CPLUS_INCLUDE_PATH=%CYGWIN_HOME%\include\c++\3.2.3;%CYGWIN_HOME%\include\c++\3.2.3\mingw32;%CYGWIN_HOME%\include\c++\3.2.3\backward;%CYGWIN_HOME%\include set classpath=.;%JAVA_HOME%\jre\lib;%soapjar%;%JAVALIB%\mysql- connector-java-3.1.5-gamma-bin.jar ;%dytlib%\j2ee.jar;%dytlib%\soap.jar;%dytlib%\commons-logging.jar ;%dytlib%\xerces.jar;%dytlib%\classes;%JUNIT_HOME%\junit.jar;F:\oracle\ora92\jdbc\lib\classes12.jar cd \java\workspace cmd 2005/12/2, Martin Gainty <[EMAIL PROTECTED]>: > > for C:\Program Files use the abbreviated 8.3 filename C:\PROGRA~1 instead > > Martin- > - Original Message - > From: "Raghupathy,Gurumoorthy" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" > Sent: Thursday, December 01, 2005 8:44 PM > Subject: RE: Tomcat won't start > > > > Uninstall java and install the same in a directory without spaces in > them > > ... This is a known issue > > > > -Original Message- > > From: Alla Winter [mailto:[EMAIL PROTECTED] > > Sent: 01 December 2005 22:49 > > To: 'Tomcat Users List' > > Subject: RE: Tomcat won't start > > > > > > Here it is an additional information to this. > > It complains about JAVA_HOME variable, but I can not figure out why. > > I installed JDK and by default it was put under c:\Program files\java > > I would appreciate any help on it > > > > Please see the attached for details > > Thanks > > > > -Original Message- > > From: Alla Winter [mailto:[EMAIL PROTECTED] > > Sent: Thursday, December 01, 2005 4:00 PM > > To: users@tomcat.apache.org > > Subject: Tomcat won't start > > > > I just installed TOMCAT, set the environment variable for JAVA_HOME and > > CATALLINA_HOME and just wanted to start the TOMCAT to see if it starts > up. > > > > I got the message " Can not find file > > -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager'. > Make > > sure that the path and file name are correct and that all required > > libraries > > are available. > > > > I am not sure what I should be looking for. > > > > Any suggestions would be greatly appreciated. > > > > Thanks > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- [EMAIL PROTECTED]
Re: mod_proxy_ajp
I think its a port of mod_jk, which could need a bit of love :) I am really hoping that mod_proxy_ajp grows solid, as I am sure it will be a great improvement. "Joseph Shraibman" skrev i en meddelelse news:[EMAIL PROTECTED] > Does anybody have any idea how to use mod_proxy_ajp? The documentation > page http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html just talks > about the ajp protocol. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat won't start
for C:\Program Files use the abbreviated 8.3 filename C:\PROGRA~1 instead Martin- - Original Message - From: "Raghupathy,Gurumoorthy" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" Sent: Thursday, December 01, 2005 8:44 PM Subject: RE: Tomcat won't start Uninstall java and install the same in a directory without spaces in them ... This is a known issue -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: 01 December 2005 22:49 To: 'Tomcat Users List' Subject: RE: Tomcat won't start Here it is an additional information to this. It complains about JAVA_HOME variable, but I can not figure out why. I installed JDK and by default it was put under c:\Program files\java I would appreciate any help on it Please see the attached for details Thanks -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 4:00 PM To: users@tomcat.apache.org Subject: Tomcat won't start I just installed TOMCAT, set the environment variable for JAVA_HOME and CATALLINA_HOME and just wanted to start the TOMCAT to see if it starts up. I got the message " Can not find file -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager'. Make sure that the path and file name are correct and that all required libraries are available. I am not sure what I should be looking for. Any suggestions would be greatly appreciated. Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with filters and form authentication
Found the answer http://publib.boulder.ibm.com/infocenter/wsdoc400/index.jsp?topic=/com.ibm.websphere.iseries.doc/info/ae/ae/cweb_sfilt.html need to add extra DISPATCHER entries to the filter-mapping to ensure that it is called in forward; Forward is done as part of security... Now I just need to figure out why I get a session timeout upon success. "hv @ Fashion Content" <[EMAIL PROTECTED]> skrev i en meddelelse news:[EMAIL PROTECTED] >I have set up the standard form authentication which posts to the url >'/j_security_check' with two forms > Home.htm and AccessDenied.htm. > > If I fail log in > 1) The sitewide filter is not called upon receiving the j_security_check > POST > 2) It does determine the failure and chains to Home.htm > 3) It doesn't call the sitewide filter before servicing Home.htm > 4) It loads Tapestry ApplicationServlet with servlet path /Home.htm > > I have a sitewide filter mapping '/*' so all requests should pass through > it. > > Shouldn't they ? > > Henrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jasper encryption and patents
"Tim Funk" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Jasper does not contain any encryption code which would violate any > commercial export laws. There are no IP patent suits against tomcat at the > moment. If this were to happen - we would have the assistance of the > solicitors for the ASF guide us in a best course of action for resolution. > It's actually true more generally: None of the Tomcat libraries contain any encryption code. The Java SSL Connector and the Digest authentication uses whatever it finds installed in the JVM. The APR SSL Connector uses whatever it finds in OpenSSL. > -Tim > > Joan K. Drejer (AH/LMD) wrote: > >> Hi >> At Ericsson we are considering using Jasper-runtime and Jasper-compile >> in a commercial product. >> However, we would like to know if the product contains encryption, and >> if you possibly know about which ECCN (Export code) to put on it? >> Also, do you know if there are any patents which we should be aware of? >> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with filters and form authentication
I expected to be able to do something after auth and before loading the page based on this: http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.exp.doc/info/exp/ae/tsec_servlet.html "hv @ Fashion Content" <[EMAIL PROTECTED]> skrev i en meddelelse news:[EMAIL PROTECTED] >I have set up the standard form authentication which posts to the url >'/j_security_check' with two forms > Home.htm and AccessDenied.htm. > > If I fail log in > 1) The sitewide filter is not called upon receiving the j_security_check > POST > 2) It does determine the failure and chains to Home.htm > 3) It doesn't call the sitewide filter before servicing Home.htm > 4) It loads Tapestry ApplicationServlet with servlet path /Home.htm > > I have a sitewide filter mapping '/*' so all requests should pass through > it. > > Shouldn't they ? > > Henrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy_ajp
"Joseph Shraibman" wrote in message news:[EMAIL PROTECTED] > Does anybody have any idea how to use mod_proxy_ajp? The documentation > page http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html just talks > about the ajp protocol. # Forward all to myapp ProxyPass ajp:/localhost:8009/myapp # Forward all JSP files RewriteRule (.*)\.jsp ajp:/localhost:8009/$1.jsp [P] The more sophisticated stuff about configuring load-balancing is covered pretty well in the mod_proxy_balancer docs. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL InvalidKeystore Format?
Hi Scott, Good to hear that it works. Thank also go to Remy and Nate Rock. You have purchased SSL. In this purchase process, did you submit Certificate Request (csr) to Verisign? As far as I know the process of getting signed SSL certificate is first you have to generate certificate request (csr), then you have to submit this csr to Verisign or Thawte, then they will give you actual signed certificate (.crt) and then you have to use that crt in this process. Based upon my knowledge,to incorporate Verisign certificate, steps are as follows: (Derived from http://www.fatofthelan.com/articles/articles.php?pid=12 ) (1) openssl req -new -out server.csr (This will generate csr and private key. Make sure you feel the values correctly on openssl command prompt. ) (2) openssl rsa -in privkey.pem -out server.key (This removes the passphrase from the private key. Also delete generated .rnd file) (3) Here there are two (either or) possibilities: (a) save the key and submit this csr to Verisign. They will sign it and give you the final certificate (.crt format may be). You may also need to give them key. (this is paid option but mostly used in production environment) (b) create self-signed certificate. openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 (this is free but it can be used in production environment. You dont need to perform this step if you have certificate from Versign) Is the self signed certificate good? Yes and may be no. Yes. It is nearly same as Verisign certificate and if you use it, the SSL will be enabled as it is going to be enabled using Verisign. The only problem you will face, is when you open the website in any browser it will complain about authenticity of the certificate. Browser can not verify it and so it will ask user if he/she wants to proceed further or not. The communication is still SSL enabled and secure. This method is more preferred in testing environment. I have seen many web projects using it in production environment also. May be no. Again if you have good professional website, it is almost standard now that you use signed certificate from Verisign or Thawte. For example, if you do any online shopping from amazon or any store, you will visit the SSL page and they dont display any warning or anything. So the choice is in your hand. There is no harm involved in any of the above method. Again all of above explanation is based upon my reading. I would like users to comment about it so that I also can update myself and you have correct and better answer. Hope it helps you understanding SSL a bit further. Regards, D --- Scott Purcell <[EMAIL PROTECTED]> wrote: > Hard to believe ... but Dhaval the below steps actually worked, and my site > appears to have SSL. Thank you so much. But of course this draws me to > another question. > > I had just purchased a "Verisign" certificate and do not know how to handle > this? Can I just call the Verisign certificate when doing this: > openssl x509 -in server.csr -out server.crt -req -signkey server.key -days > 365 and using the one verisign gave me here? > > Also, is this a good certificate? Do I need the Verisign one? > > As you may be able to tell, I am very confused and could use a little > explanation if possible. > > Thanks much > Scott > > > > - Original Message - > From: "Dhaval Patel" <[EMAIL PROTECTED]> > To: "Tomcat Users List" > Sent: Thursday, December 01, 2005 2:08 PM > Subject: RE: SSL InvalidKeystore Format? > > > > Hi, > > > > I should have mention that I am running tomcat as a standalone server. I > mentioned the link > > (http://www.fatofthelan.com/articles/articles.php?pid=12) as a reference > to generate self-signed > > certificate with OpenSSL on windows. Even though it is very nice article > about how to setup SSL > > with Apache. I only applied part-3 (Generate a test certificate) from that > article to my > > Tomcat+SSL procedure. > > > > One thing that I found intersting on that article is part-4 (Configuring > Apache and mod_ssl). In > > this part, if you look at changes in httpd.conf, as mentioned below, > > > > SSLEngine o���n > > SSLCertificateFile conf/ssl/server.cert > > SSLCertificateKeyFile conf/ssl/server.key > > > > which is the same parameter that Remy has suggested. If I have found > this article early, I may > > be able to solve the issue. But again since I figured it out, I like it > now. > > > > Regards. > > D > > > > > > > > --- Scott Purcell <[EMAIL PROTECTED]> wrote: > > > > > Hello Dhaval, > > > > > > I was reading the article below, and it looks you you are not running > Tomcat as standalone? Are > > > you running Apache behind the scenes? > > > > > > I was just curious. > > > > > > Scott > > > > > > > > > -Original Message- > > > From: Dhaval Patel [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, December 01, 2005 8:49 AM > > > To: Tomcat Users List > > > Subject: Re: SSL Inva
Re: 408 error with Form Authentication and Proxy. Doesn't occur with Basic Auth.
I am in the same situation. What sort of proxying do you use? "Brian Bonner" <[EMAIL PROTECTED]> skrev i en meddelelse news:[EMAIL PROTECTED] Does anyone have a suggested solution to this problem? Thanks. Brian On 10/31/05, Brian Bonner <[EMAIL PROTECTED]> wrote: > I forgot to share that there is *negligible* clock time lag between > when the form is presented and the userid and password are entered. > Still not sure why this error is popping up. It sounds like this also > occurs in 5.5.9 and other configurations. > > Thanks. > > Brian > On 10/31/05, Brian Bonner <[EMAIL PROTECTED]> wrote: > > I've seen several posts that describe a 408 error in tomcat. I'm > > using Apache 2.0.55 as a proxy to Tomcat 5.0.30. Using Form based > > authentication, I access a secured URL and I'm challenged with a login > > form. I submit a valid userid/password and receive the following > > error. > > > > "HTTP Status 408 - The time allowed for the login process has been > > exceeded. If you wish to > > continue you must either click back twice and re-click the link you > > requested or close and re-open your browser". > > > > I can access the same secured resource using the tomcat hostname on > > port 8082 or 8080, I'm presented with the same form and provide the > > same userid and password, but instead I can access the resource > > without any problem. > > > > If I switch to Basic Authentication in web.xml, and I repeat both > > tests, I'm presented with the basic auth dialog and both tests are > > successful, I'm presented with the secured resource. > > > > Does anyone know of a configuration setting or problem that exists > > with form authentication when the resource is proxied by a web server > > (i.e. httpd).? > > > > Thanks. > > > > Brian > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problem with filters and form authentication
I have set up the standard form authentication which posts to the url '/j_security_check' with two forms Home.htm and AccessDenied.htm. If I fail log in 1) The sitewide filter is not called upon receiving the j_security_check POST 2) It does determine the failure and chains to Home.htm 3) It doesn't call the sitewide filter before servicing Home.htm 4) It loads Tapestry ApplicationServlet with servlet path /Home.htm I have a sitewide filter mapping '/*' so all requests should pass through it. Shouldn't they ? Henrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: limiting access to an application where IP filtering is not possible
How about using http-header -> HTTP-X-FORWARDED-FOR ? On 12/2/05, Alexander Voss <[EMAIL PROTECTED]> wrote: > > > Hi, > > I have to restrict usage of an application > to a number of selected machines. Problem is > that these machines are part of a large > (no, huge) network that sits behind a NAT > gateway, so I can't just filter for IP addresses > as the only IP I ever see is the one of the > gateway. I am assuming that using client > certificates is the way to go there? However, > I want to require both a certificate to be present > and the user to log in using their username and > password. Question: are the two mechanisms > orthogonal and does anyone have any pointers or > configurations file snippets to show how this > can be configured? Any help much appreciated. > > Cheers, > > Alex > -- > Alexander Voss, Research Associate > School of Informatics, University of Edinburgh > 1 Buccleuch Place, Edinburgh EH8 9LW > Office +44 131 650 4412 > Lab +44 131 650 8288 > NTRAC+44 131 537 3363 > Email[EMAIL PROTECTED] > Homepage http://homepages.inf.ed.ac.uk/avoss > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- --- html version : http://www.psychotazkia.or.id wml version : http://wap.psychotazkia.or.id #365364 Registered Linux User
how to get jboss jndi in tomcat5.x
Hi, there: We are going to switch our web server from jetty to TomCat. We will run tomcat and jboss separately. I used tomcat 3.x long long times ago, and to use tomcat 3.x to lookup jboss jndi, a. copied jndi.properties to common\classes directory; b. run it with -nonaming option. However, we are going to use TomCat 5.x, I tried the same above steps, I got exception about UserDatabase like: 2005-12-01 15:14:15 UserDatabaseRealm[Catalina]: Exception looking up UserDatabase under key UserDatabase java.lang.NullPointerException Checked internet there are some options to get TomCat 5.0 talk to JBoss without changing any source code: a. someone suggest removing UserDatabaseRealm from server.xml before using -nonaming option; b. modified catalina.bat JAVA_OPTS=-Djava.naming.factory.initial=org.jnp.interfaces.NamingContextFact ory - I tried option b above, and it works fine for me. However, just wonder if any other options to set up jndi resource for my web application to talk to jboss without changing my source code? Any sample example about how to create such kind of jndi resource in ? Thanks a lot in advance, highly appreciated any suggestion. David
RE: Tomcat won't start
Uninstall java and install the same in a directory without spaces in them ... This is a known issue -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: 01 December 2005 22:49 To: 'Tomcat Users List' Subject: RE: Tomcat won't start Here it is an additional information to this. It complains about JAVA_HOME variable, but I can not figure out why. I installed JDK and by default it was put under c:\Program files\java I would appreciate any help on it Please see the attached for details Thanks -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 4:00 PM To: users@tomcat.apache.org Subject: Tomcat won't start I just installed TOMCAT, set the environment variable for JAVA_HOME and CATALLINA_HOME and just wanted to start the TOMCAT to see if it starts up. I got the message " Can not find file -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager'. Make sure that the path and file name are correct and that all required libraries are available. I am not sure what I should be looking for. Any suggestions would be greatly appreciated. Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL InvalidKeystore Format?
Hard to believe ... but Dhaval the below steps actually worked, and my site appears to have SSL. Thank you so much. But of course this draws me to another question. I had just purchased a "Verisign" certificate and do not know how to handle this? Can I just call the Verisign certificate when doing this: openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 and using the one verisign gave me here? Also, is this a good certificate? Do I need the Verisign one? As you may be able to tell, I am very confused and could use a little explanation if possible. Thanks much Scott - Original Message - From: "Dhaval Patel" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, December 01, 2005 2:08 PM Subject: RE: SSL InvalidKeystore Format? > Hi, > > I should have mention that I am running tomcat as a standalone server. I mentioned the link > (http://www.fatofthelan.com/articles/articles.php?pid=12) as a reference to generate self-signed > certificate with OpenSSL on windows. Even though it is very nice article about how to setup SSL > with Apache. I only applied part-3 (Generate a test certificate) from that article to my > Tomcat+SSL procedure. > > One thing that I found intersting on that article is part-4 (Configuring Apache and mod_ssl). In > this part, if you look at changes in httpd.conf, as mentioned below, > > SSLEngine on > SSLCertificateFile conf/ssl/server.cert > SSLCertificateKeyFile conf/ssl/server.key > > which is the same parameter that Remy has suggested. If I have found this article early, I may > be able to solve the issue. But again since I figured it out, I like it now. > > Regards. > D > > > > --- Scott Purcell <[EMAIL PROTECTED]> wrote: > > > Hello Dhaval, > > > > I was reading the article below, and it looks you you are not running Tomcat as standalone? Are > > you running Apache behind the scenes? > > > > I was just curious. > > > > Scott > > > > > > -Original Message- > > From: Dhaval Patel [mailto:[EMAIL PROTECTED] > > Sent: Thursday, December 01, 2005 8:49 AM > > To: Tomcat Users List > > Subject: Re: SSL InvalidKeystore Format? > > > > > > Hi Scott, > > > > I am not tomcat expert as well as I can not help you about the error you are getting. > > After Remy's last message on SSL with APR, I finally got my windows xp + tomcat 5.5.12 + APR + > > SSL working. Following are the steps that I have followed: > > > > (1) Install Tomcat 5.5.12 and make sure it is working. > > (2) Download APR component (openssl.exe and tcnative-1.dll) and put it in %TOMCAT_HOME%\bin. > > (http://tomcat.heanet.ie/native/1.1.0/binaries/win32/) > > (3) I generated server.key and server.cert following guide at > > http://www.fatofthelan.com/articles/articles.php?pid=12 .I have put them in %TOMCAT_HOME%\bin > > only. > > (Make sure you follow the guide. I had trouble setting openssl.exe on windows xp. The answer is > > on > > that page only. You have to download openssl.cnf from google and place it in some folder and > > make > > a new environment OPENSSL_CONF pointing to that file. Trust me that link is very good.) > > (4) Change the server.xml in following way: > > >maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > >enableLookups="false" disableUploadTimeout="true" > >scheme="https" secure="true" > >SSLEngine="on" > >SSLCertificateFile="C:\Tomcat5.5\bin\server.crt" > >SSLCertificateKeyFile="C:\Tomcat5.5\bin\server.key" /> > > (5) Restart the tomcat and SSL is enabled. > > > >I dont know if you have did the same way and you have issues. If you want to try, you can > > follow the above steps on some other windows xp machine. It worked for me so it should work for > > you. If you start from scratch, it may take about 30-40 mins to setup above things. > > > >Let me know how it goes. > > > > Regards, > > D > > > > --- Scott Purcell <[EMAIL PROTECTED]> wrote: > > > > > Well, after wasting much time trying to get the SSL running on 5.5.12, on XP, and finding out > > > about the bad tcnative-1.dll, I thought I was out of the woods on my SSL configuration. But it > > > appears I have one last issue (hopefully) > > > Since I renamed the tcnative-1.dll, I am getting logs in regards to my SSL (I was not getting > > > those prior, see earlier posts) and I am receiving this error: I believe I have a good > > keystore, > > > because my public key from Verisign was happy with it, but for some reason, Tomcat is stikll > > not > > > happy with it. > > > Any ideas why this error may occur? > > > Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Http11BaseProtocol init > > > INFO: Initializing Coyote HTTP/1.1 on http-80 > > > Nov 30, 2005 10:44:54 PM org.apache.coyote.http11.Http11BaseProtocol init > > > SEVERE: Error initializing endpoint > > > java.io.IOException: Invalid keystore format > > > at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) > > > a
Re: Recursive Tagfile and JSP Precompilation
Thanks Tim but it doesn't appear to be entirely resolved...
Long story short:
- Tried to precompile using the jbossweb-tomcat55.sar from jboss-4.0.3
- Same problem (I think its Tomcat-5.5.12)
- Upgraded jars to Tomcat-5.5.13
- Got an error during compilation of actual tag file (instead of the
client JSP):
C:\dev\J2EE\libraryserver\build.xml:819: org.apache.jasper.JasperException:
/WEB-INF/tags/jspTags/displayValue.tag(27,88)
Unable to load tag handler class
"org.apache.taglibs.standard.tag.rt.core.SetTag" for tag "c:set"
- Discovered a workaround and have reverted back to native
jbossweb-tomcat50.sar
Here is the workaround:
- Need to 'snip' the compile time tracing of recursion by the use of
- Create a JSP file that simply calls the tag using parameters
supplied in request attribs
- 'include' this JSP instead of performing a recursive call in the tag file
- BEWARE CAVEAT: relative paths don't work inside a tagfile
Example JSP:
<[EMAIL PROTECTED] errorPage="/error.jsp"
%><%@ taglib tagdir="/WEB-INF/tags/jspTags" prefix="slk"
%>
Example Tagfile snippet:
<%java.util.Map recurseParamMap = new java.util.HashMap();
recurseParamMap.put("value", SOME_OBJECT);
request.setAttribute("recurseParamMap", recurseParamMap);
%>
Cheers,
Pete
On 12/1/05, Tim Funk <[EMAIL PROTECTED]> wrote:
> IIRC - this is fixed in 5.5. I'm not sure if it was fixed with 5.5.12 - but
> 5.5.13 was just tagged and should be available soon. BUT it hasn't been voted
> how stable it is yet. (beta, alpha, stable)
>
> -Tim
>
> Peter L wrote:
> > Hello,
> > I'm trying to precompile JSP's for a JBoss(4.0.1) / Tomcat(5.0) server
> > and everything is cool except I get a ClassNotFoundException when a
> > Recursive Tagfile is encountered
> >
> > [jasper2] SEVERE: ERROR-the file
> > '\WEB-INF\pages\templates\resolveResultsDialog.jsp' generated the
> > following general exception:
> > [jasper2] java.lang.ClassNotFoundException:
> > org.apache.taglibs.standard.tlv.JstlCoreTLV
> > [jasper2] at java.net.URLClassLoader$1.run(URLClassLoader.java:199)
> > [jasper2] at java.security.AccessController.doPrivileged(Native Method)
> > [jasper2] at java.net.URLClassLoader.findClass(URLClassLoader.java:187)
> > [jasper2] at java.lang.ClassLoader.loadClass(ClassLoader.java:289)
> > [jasper2] at java.lang.ClassLoader.loadClass(ClassLoader.java:235)
> > [jasper2] at
> > org.apache.jasper.compiler.TagLibraryInfoImpl.createValidator(TagLibraryInfoImpl.java:645)
> > [jasper2] at
> > org.apache.jasper.compiler.TagLibraryInfoImpl.parseTLD(TagLibraryInfoImpl.java:246)
> > [jasper2] at
> > org.apache.jasper.compiler.TagLibraryInfoImpl.(TagLibraryInfoImpl.java:162)
> >
> >
> > If I comment out the actual line of recursion inside the tag file I
> > can generate, compile, deploy and use all the servlets just fine
> > (except for the missing functionality).
> >
> > I understand we use a jstl.jar and a standard.jar that are a little
> > suspect. But given that there are no other similar jars available
> > during the process then it should be fine (That and I upgraded them to
> > 1.1.2 temporarily and got the same result).
> >
> > Questions:
> > - Why does dynamic compilation work? What is Tomcat doing differently?
> > - Is there a Jasper configuration inside Tomcat I can inspect? (I
> > couldn't find it in server.xml)
> >
> > Bonus Questions:
> > - Is there an easy way to precompile jsp's (for error checking and
> > initial speed) and retain runtime customizability?
> > - Will this rash ever go away?
> >
> > Thank you in advance for your consideration / help,
> > Pete
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
mod_proxy_ajp
Does anybody have any idea how to use mod_proxy_ajp? The documentation page http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html just talks about the ajp protocol. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat won't start
Here it is an additional information to this. It complains about JAVA_HOME variable, but I can not figure out why. I installed JDK and by default it was put under c:\Program files\java I would appreciate any help on it Please see the attached for details Thanks -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 4:00 PM To: users@tomcat.apache.org Subject: Tomcat won't start I just installed TOMCAT, set the environment variable for JAVA_HOME and CATALLINA_HOME and just wanted to start the TOMCAT to see if it starts up. I got the message " Can not find file -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager'. Make sure that the path and file name are correct and that all required libraries are available. I am not sure what I should be looking for. Any suggestions would be greatly appreciated. Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Deploying new virtual hosts
I'm trying to sort out a way I can automate deploying new virtual hosts on my Tomcat server. Right now I'm running about 70 virtual hosts. Each virtual host has only one ROOT context. I'm planning on scaling up to at least 200 virtual hosts before I need to get a second machine. The second machine will probably be more powerful, and I'll want to scale it into the region of something like 1000 virtual hosts. I've looked through the documentation on the Tomcat site and don't think I'm seeing what I need. Ideally I would like something that would be scriptable that would let me automatically deploy the virtual hosts. If I can't get that, some application that would let me create a new virtual host without stopping and re-starting tomcat would be nice. I'm thinking in the near future I will need to deploy several new virtual hosts per day. If I can't do it automatically, I'd at least like one tool that works that could be used to create a virtual host correctly. I've tried using the host-manager application, but it has some major problems. They are: 1) It auto deploys manager.xml. That's just rude. I don't want 70 copies of the manager application deployed, when they will never be used. The only change ever made to a host is in the aliases, and that can't be edited by the manager application. 2) The host creation parameters aren't serialized. Things like aliases and appbase are lost on re-start. 3) It does not create context.xml files in the [enginname]/[hostname] dirctory for any contexts that are auto-deployed when the virtual host is created. IOW, if I create a virtual host with a appbase of /home/abc, and there exists a web application /home/abc/ROOT, then I expect that it would create [enginename]/[hostname]/ROOT.xml. This is particularly important since appbase isn't getting saved. 4) There is no documentation. I looked at the Admin application (5.5.9). I just don't think its going to be up to any kind of task. 1) A major problem is that if there is a permission problem on any virtual host or context where it wants to write a file, the write of server.xml just aborts, and the user is given the message that changes were saved successfully. So, you just go along fine until you re-start the server and then the crap hits the fan in a really major way. 2) There were also issues where added aliases would not work until the virtual host was stopped and re-started. Of course the admin app doesn't give you any way of stopping and re-starting a host. You have to use host-manager for that. 3) Admin also seems incapable of deleting the manager application. 4) I've also noticed that admin puts "WatchedResource" entries in the context.xml even when the context is not reloadable, and it seems to add an extra entry for this each time the configuration is saved. I've been manually editing the server.xml file to add new host entries and then re-starting Tomcat. This hasn't been a really great solution, but it has worked. This is cumbersome because I don't want to bounce a lot of customers so I end up doing things in the late evening when possible. If I've missed a way of doing things, I'd appreciate any pointers. Thanks. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat won't start
I just installed TOMCAT, set the environment variable for JAVA_HOME and CATALLINA_HOME and just wanted to start the TOMCAT to see if it starts up. I got the message " Can not find file -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager'. Make sure that the path and file name are correct and that all required libraries are available. I am not sure what I should be looking for. Any suggestions would be greatly appreciated. Thanks
Running an ftp server within tomcat?
Hi, I would like to include an ftp server within tomcat to be able to serve ftp requests. The intention is to not run the ftp server in a separate jvm but use it within tomcat so that servlets in tomcat and ftp server, both can access a common embedded database. Is this doable? If yes, would there be any issues that I should be aware of? I'm planning to use the ftp-server available from apache's incubator to provide ftp services. Any help will be very much appreciated. Thanks, Roopa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Upgrading Tomcat
Actually one of the benefits I could see in reguards to using OpenSSL for SSL in tomcat is the ability for OpenSSL to hand of the encryption to a hardware acceleration device. We have that set up in front of some of our installations that have Apache frontending tomcat clusters using the AJP connector. We had to do this because with a high volume of traffic going through the box running apache load balancing, the CPU was bogged down doing encryption/decryption instead of doing the load balancing between 12 or so tomcat servers so throughput performance suffered. Once we hooked mod_ssl into a hardware accelerator card the CPU was free to do it's usual load balancing tasks. Although there seems to be limited availiablity of SSL cards that are supported for Win32. If anyone has had luck configuring this set up and has an SSL accelerator card they recommend please feel free to let me know. -rOcK -Original Message- From: Nate Rock [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:29 PM To: Tomcat Users List Subject: RE: Upgrading Tomcat The same architecture change that allows tomcat to serve static content quickly (the APR native connector) also allows Tomcat to use OpenSSL instead of the JSSE for SSL which should improve performance. I have been trying to get it configured using Tomcat 5.5.12 (native APR connector) for the past few days and have hashed out a process with a few other peeps in the list to configure it, but there are still a few small details that need some clarification. -rOcK -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:22 PM To: users@tomcat.apache.org Subject: FW: Upgrading Tomcat Thanks for finding this link. Beside the explanation on various packages of TOMCAT, the message in there also suggests that it is not worthy to use APACHE on a top of TOMCAT due to TOMCAT now is handling static pages almost as good as APACHE. But what about handling SSL - somewhere I read that APACHE handles encryption much better than TOMCAT. Is it still true? -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:05 PM To: Tomcat Users List Subject: RE: Upgrading Tomcat > From: Rhino [mailto:[EMAIL PROTECTED] > Subject: Re: Upgrading Tomcat > > I'm having trouble finding the note you mentioned in the mailing list > archives. It's here: http://marc.theaimsgroup.com/?l=tomcat-user&m=113332618812952&w=2 > I'm trying to figure out the following: > - does "Core" include the Administration webapp? It did in 5.0, does not in 5.5. > - does "Core" include the Deployer? If not, what does the Deployer do? No. See the referenced e-mail. > - does "Core" include the Embedded bundle? If not, what does it do? No. See the referenced e-mail. > - when do I want do download "Core" as a Windows Executable and when > do I want to download it as a zip? I never use the .exe since it's missing the .bat (and .sh) scripts, which are useful for debugging. See the referenced e-mail. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Webdav PROPPATCH implementation
Got it . Thanks. -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 4:33 PM To: Tomcat Users List Subject: Re: Webdav PROPPATCH implementation William Durrell wrote: > Hi , > >I looked at the webdav servlet in apache-tomcat-5.5.13-src and it > does not appear that the PROPPATCH method is implemented . Is there a > release that it is or am I looking in the right place? > You are in the right place. This method is not, and has never been, implemented. If you want a more complete WEBDav implementation, take a look at Apache Slide. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: FW: Upgrading Tomcat
Alla Winter wrote: Thanks for finding this link. Beside the explanation on various packages of TOMCAT, the message in there also suggests that it is not worthy to use APACHE on a top of TOMCAT due to TOMCAT now is handling static pages almost as good as APACHE. But what about handling SSL - somewhere I read that APACHE handles encryption much better than TOMCAT. Is it still true? There is no hard and fast rule for this. The only way you will get a definitive answer for your environment with your web application is to set it up and benchmark it. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Webdav PROPPATCH implementation
William Durrell wrote: Hi , I looked at the webdav servlet in apache-tomcat-5.5.13-src and it does not appear that the PROPPATCH method is implemented . Is there a release that it is or am I looking in the right place? You are in the right place. This method is not, and has never been, implemented. If you want a more complete WEBDav implementation, take a look at Apache Slide. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Upgrading Tomcat
> From: Alla Winter [mailto:[EMAIL PROTECTED] > Subject: FW: Upgrading Tomcat > > But what about handling SSL - somewhere I read that APACHE handles > encryption much better than TOMCAT. Is it still true? In theory, doing SSL encryption in native code should be faster than Java. However, I haven't done any performance tests (Peter Lin, where are you?), and it won't really matter much unless you're driving your CPUs flat out. The JVM byte code translators of today are significantly better than just a year ago, so the difference between Java and native code performance continues to diminish. With the 5.5.12 and above levels, you now have the option of using APR, including its SSL engine, for Tomcat connectors. This is the same SSL used by Apache httpd, so that should eliminate any performance distinction. Configuring SSL on APR appears to require some care, judging from the recent threads on the subject. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Upgrading Tomcat
The same architecture change that allows tomcat to serve static content quickly (the APR native connector) also allows Tomcat to use OpenSSL instead of the JSSE for SSL which should improve performance. I have been trying to get it configured using Tomcat 5.5.12 (native APR connector) for the past few days and have hashed out a process with a few other peeps in the list to configure it, but there are still a few small details that need some clarification. -rOcK -Original Message- From: Alla Winter [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:22 PM To: users@tomcat.apache.org Subject: FW: Upgrading Tomcat Thanks for finding this link. Beside the explanation on various packages of TOMCAT, the message in there also suggests that it is not worthy to use APACHE on a top of TOMCAT due to TOMCAT now is handling static pages almost as good as APACHE. But what about handling SSL - somewhere I read that APACHE handles encryption much better than TOMCAT. Is it still true? -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:05 PM To: Tomcat Users List Subject: RE: Upgrading Tomcat > From: Rhino [mailto:[EMAIL PROTECTED] > Subject: Re: Upgrading Tomcat > > I'm having trouble finding the note you mentioned in the mailing list > archives. It's here: http://marc.theaimsgroup.com/?l=tomcat-user&m=113332618812952&w=2 > I'm trying to figure out the following: > - does "Core" include the Administration webapp? It did in 5.0, does not in 5.5. > - does "Core" include the Deployer? If not, what does the Deployer do? No. See the referenced e-mail. > - does "Core" include the Embedded bundle? If not, what does it do? No. See the referenced e-mail. > - when do I want do download "Core" as a Windows Executable and when > do I want to download it as a zip? I never use the .exe since it's missing the .bat (and .sh) scripts, which are useful for debugging. See the referenced e-mail. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FW: Upgrading Tomcat
Thanks for finding this link. Beside the explanation on various packages of TOMCAT, the message in there also suggests that it is not worthy to use APACHE on a top of TOMCAT due to TOMCAT now is handling static pages almost as good as APACHE. But what about handling SSL - somewhere I read that APACHE handles encryption much better than TOMCAT. Is it still true? -Original Message- From: Caldarale, Charles R [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 3:05 PM To: Tomcat Users List Subject: RE: Upgrading Tomcat > From: Rhino [mailto:[EMAIL PROTECTED] > Subject: Re: Upgrading Tomcat > > I'm having trouble finding the note you mentioned in the mailing list > archives. It's here: http://marc.theaimsgroup.com/?l=tomcat-user&m=113332618812952&w=2 > I'm trying to figure out the following: > - does "Core" include the Administration webapp? It did in 5.0, does not in 5.5. > - does "Core" include the Deployer? If not, what does the Deployer do? No. See the referenced e-mail. > - does "Core" include the Embedded bundle? If not, what does > it do? No. See the referenced e-mail. > - when do I want do download "Core" as a Windows Executable > and when do I want to download it as a zip? I never use the .exe since it's missing the .bat (and .sh) scripts, which are useful for debugging. See the referenced e-mail. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Webdav PROPPATCH implementation
Hi ,
I looked at the webdav servlet in apache-tomcat-5.5.13-src and it
does not appear that the PROPPATCH method is implemented . Is there a
release that it is or am I looking in the right place?
/**
* PROPPATCH Method.
*/
protected void doProppatch(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException {
if (readOnly) {
resp.sendError(WebdavStatus.SC_FORBIDDEN);
return;
}
if (isLocked(req)) {
resp.sendError(WebdavStatus.SC_LOCKED);
return;
}
resp.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED);
}
Thanks ,
Bill
RE: Upgrading Tomcat
> From: Rhino [mailto:[EMAIL PROTECTED] > Subject: Re: Upgrading Tomcat > > I'm having trouble finding the note you mentioned in the mailing list > archives. It's here: http://marc.theaimsgroup.com/?l=tomcat-user&m=113332618812952&w=2 > I'm trying to figure out the following: > - does "Core" include the Administration webapp? It did in 5.0, does not in 5.5. > - does "Core" include the Deployer? If not, what does the Deployer do? No. See the referenced e-mail. > - does "Core" include the Embedded bundle? If not, what does > it do? No. See the referenced e-mail. > - when do I want do download "Core" as a Windows Executable > and when do I want to download it as a zip? I never use the .exe since it's missing the .bat (and .sh) scripts, which are useful for debugging. See the referenced e-mail. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Upgrading Tomcat
Chuck, Thanks very much for the quick and helpful response! My email client - Outlook Express - won't let me intersperse with your reply so a follow up question, if I may I'm having trouble finding the note you mentioned in the mailing list archives. I looked at the titles of the threads you initiated in the last several weeks in the archive and clicked on the ones that looked like good candidates but couldn't find the one you mentioned. The Readme file you cited is too skimpy for me to really understand. Can you recall the date of the thread from the archive or the subject line or anything that would help me find the note in question? I don't want to make you regurgitate the whole thing again if I can help it :-) I'm trying to figure out the following: - does "Core" include the Administration webapp? - does "Core" include the Deployer? If not, what does the Deployer do? - does "Core" include the Embedded bundle? If not, what does it do? (Or, more to the point, when do I want Tomcat to be Embedded and when I should not do this? And what do you mean by embedded anyway?) - when do I want do download "Core" as a Windows Executable and when do I want to download it as a zip? What is the difference? (I'm installing to Windows XP.) Again, if all of this is explained somewhere, just tell me where; I don't want to waste your time restating things that are already documented. Rhino - Original Message - From: "Caldarale, Charles R" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, December 01, 2005 1:23 PM Subject: RE: Upgrading Tomcat From: Rhino [mailto:[EMAIL PROTECTED] Subject: Upgrading Tomcat 1. What are the major differences between the 5.0.x stream and the 5.5.x stream? Lots, especially performance. There are some configuration differences between the two, so read the docs carefully. Consult the changelog and FAQ for details. Perhaps I'd be smarter to use 5.0.x until 5.5.x is further along? I'd go with 5.5 - the newer level gets more attention from the developers and has definite performance advantages. 2. Are 5.5.12 and 5.0.28 both fairly stable and robust? Yes. 3. Do I need to download/install all of the different "bundles" for each version No, just download what you need. Look here: http://apache.intissite.com/tomcat/tomcat-5/v5.5.12/README.html I posted a more detailed description of the download packages a few days ago. Try: http://marc.theaimsgroup.com/?l=tomcat-user&r=1&w=2 to browse the mailing list archive. Do I need JDK 1.4 Compatibility if I develop primarily in J2SE 1.5? The key issue is "primarily" vs. "only". If you develop with 1.5 you run the risk of not being able to execute on a 1.4 system if you have written code that depends on 1.5 features. You only need the compatibility package for Tomcat installations that are actually running on 1.4. For that matter is it okay to use J2SE 1.5 with Tomcat or does Tomcat only support 1.4? Tomcat is built with 1.4, but runs happily on either 1.4 or 1.5. 4. Is Sysdeo still the plugin of choice to use for Servlet development in Eclipse? Is Lomboz still the plugin of choice to use for JSP development in Eclipse? Got me. I'm a command line person. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/11/2005 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/11/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Host Manager Questions
Since I'm currently running something like 70 some odd virtual hosts on one tomcat installation I would really rather not have the manager application deployed on each of those 70 hosts. Each host has only one context (the ROOT context) and after the virtual host is created, it is seldom if ever changed. Its just really ridiculous that the host-manager doesn't serialize the creation options for the virtual host when it creates it, or that when it auto-deploys a web application on creation, it doesn't create a context.xml that points to the auto-deployed context. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -Original Message- > From: Martin Gainty [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 01, 2005 1:34 PM > To: George Sexton > Cc: Tomcat Users List > Subject: Re: Host Manager Questions > > Good Afternoon George > > I deploy thru Tomcat 5.5.7 Manager where I > Browse to the war I want to deploy and > click deploy and > the webapp is unjar'ed, web.xml has correct entries for all jars and > resources etc.. > so the web application is installed and configured > automatically when you > use Tomcat 5.5.7 Manager > > Hope this helps, > Martin- > > - Original Message - > From: "George Sexton" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" ; "'Martin > Gainty'" > <[EMAIL PROTECTED]> > Sent: Thursday, December 01, 2005 3:18 PM > Subject: RE: Host Manager Questions > > > > OK, that pointed me in the right direction. The tomcat user > did not have > > WRITE permissions to the > > > > [enginename] directory. > > > > That now brings up the point that just slays me: > > > > Why in the world does it assume that I want the manager application > > deployed > > to the new host? Who thought that was a good idea? > > > > When I create the new host, it copies manager.xml, and > deploys my ROOT > > context (which exists in docbase), but doesn't create a > ROOT.xml file in > > the > > > > [enginname]/[hostname] > > > > Directory. Also, it doesn't appear that the host-manager modifies > > server.xml, so any aliases or options specified at creation > are lost when > > the server re-starts. > > > > As it stands, this is pretty useless. It just infuriates me > that any time > > I > > point out how bad the admin app is, everyone tells me to > use manager, or > > host-manager, but they're totally useless as well. > > > > > > > > > > George Sexton > > MH Software, Inc. > > http://www.mhsoftware.com/ > > Voice: 303 438 9585 > > > > > >> -Original Message- > >> From: Martin Gainty [mailto:[EMAIL PROTECTED] > >> Sent: Thursday, December 01, 2005 12:47 PM > >> To: Tomcat Users List > >> Subject: Re: Host Manager Questions > >> > >> Hello George > >> > >> Did you try to install manager.xml into > >> $CATALINA_HOME/conf/[enginename]/[hostname] > >> > >> Martin- > >> - Original Message - > >> From: "George Sexton" <[EMAIL PROTECTED]> > >> To: "'Tomcat Users List'" > >> Sent: Thursday, December 01, 2005 12:49 PM > >> Subject: Host Manager Questions > >> > >> > >> > I'm trying to use the host manager to deploy new hosts, and > >> when I try to > >> > do > >> > so I get this error message: > >> > > >> > FAIL - Couldnt install manager.xml > >> > > >> > Does anyone have any idea what is happening? I'm using > >> Tomcat version > >> > 5.5.9. > >> > > >> > George Sexton > >> > MH Software, Inc. > >> > http://www.mhsoftware.com/ > >> > Voice: 303 438 9585 > >> > > >> > > >> > > >> > > >> > - > >> > To unsubscribe, e-mail: [EMAIL PROTECTED] > >> > For additional commands, e-mail: [EMAIL PROTECTED] > >> > > >> > > >> > >> > - > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Host Manager Questions
Good Afternoon George I deploy thru Tomcat 5.5.7 Manager where I Browse to the war I want to deploy and click deploy and the webapp is unjar'ed, web.xml has correct entries for all jars and resources etc.. so the web application is installed and configured automatically when you use Tomcat 5.5.7 Manager Hope this helps, Martin- - Original Message - From: "George Sexton" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" ; "'Martin Gainty'" <[EMAIL PROTECTED]> Sent: Thursday, December 01, 2005 3:18 PM Subject: RE: Host Manager Questions OK, that pointed me in the right direction. The tomcat user did not have WRITE permissions to the [enginename] directory. That now brings up the point that just slays me: Why in the world does it assume that I want the manager application deployed to the new host? Who thought that was a good idea? When I create the new host, it copies manager.xml, and deploys my ROOT context (which exists in docbase), but doesn't create a ROOT.xml file in the [enginname]/[hostname] Directory. Also, it doesn't appear that the host-manager modifies server.xml, so any aliases or options specified at creation are lost when the server re-starts. As it stands, this is pretty useless. It just infuriates me that any time I point out how bad the admin app is, everyone tells me to use manager, or host-manager, but they're totally useless as well. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: Martin Gainty [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 12:47 PM To: Tomcat Users List Subject: Re: Host Manager Questions Hello George Did you try to install manager.xml into $CATALINA_HOME/conf/[enginename]/[hostname] Martin- - Original Message - From: "George Sexton" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" Sent: Thursday, December 01, 2005 12:49 PM Subject: Host Manager Questions > I'm trying to use the host manager to deploy new hosts, and when I try to > do > so I get this error message: > > FAIL - Couldnt install manager.xml > > Does anyone have any idea what is happening? I'm using Tomcat version > 5.5.9. > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Server Side file access
Good Afternoon Philip-
only if you have assigned the proper FilePermission in
$CATALINA_HOME/conf/catalina.policy
grant {
permission java.io.FilePermission "${/}*", "read, write";
};
HTH,
Martin-
- Original Message -
From: "Phillip Mangwiro" <[EMAIL PROTECTED]>
To:
Sent: Thursday, December 01, 2005 12:55 PM
Subject: Server Side file access
Can I read & write to File on the server while in a JSP page? I keep
getting
errors on the line to create the File:
File f = new File("myinfo.txt");
The error is reported to be because Tomcat expects an array or an Object.
I'm using Tomcat 5.5 & jre 1.5.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Host Manager Questions
OK, that pointed me in the right direction. The tomcat user did not have WRITE permissions to the [enginename] directory. That now brings up the point that just slays me: Why in the world does it assume that I want the manager application deployed to the new host? Who thought that was a good idea? When I create the new host, it copies manager.xml, and deploys my ROOT context (which exists in docbase), but doesn't create a ROOT.xml file in the [enginname]/[hostname] Directory. Also, it doesn't appear that the host-manager modifies server.xml, so any aliases or options specified at creation are lost when the server re-starts. As it stands, this is pretty useless. It just infuriates me that any time I point out how bad the admin app is, everyone tells me to use manager, or host-manager, but they're totally useless as well. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -Original Message- > From: Martin Gainty [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 01, 2005 12:47 PM > To: Tomcat Users List > Subject: Re: Host Manager Questions > > Hello George > > Did you try to install manager.xml into > $CATALINA_HOME/conf/[enginename]/[hostname] > > Martin- > - Original Message - > From: "George Sexton" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" > Sent: Thursday, December 01, 2005 12:49 PM > Subject: Host Manager Questions > > > > I'm trying to use the host manager to deploy new hosts, and > when I try to > > do > > so I get this error message: > > > > FAIL - Couldnt install manager.xml > > > > Does anyone have any idea what is happening? I'm using > Tomcat version > > 5.5.9. > > > > George Sexton > > MH Software, Inc. > > http://www.mhsoftware.com/ > > Voice: 303 438 9585 > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: SSL InvalidKeystore Format?
Special thanks to Remy for adding an example connector to the APR doc... I saw the change go through the dev list last night ;) Dhaval and Remy, between your two emails, I was actually able to get Tomcat 5.5.12 to use SSL, however there is one last problem I am running into... Dhaval, you created your PEM encoded key/certs using openssl and if you followed the article linked, you used the "openssl rsa" command. Using this I was able to get it to work just fine. I got super pumped and so I switched my Connector to point to the cert/key that I had exported from my PKCS12 keystore yesterda and it still didn't work correctly. After reading up on Private keys a bit more, it looks like the PEM encoding used by the "openssl rsa" command is in an older format (RSA) than the version my private key is being stored in. The key/cert I am using has the key in PKCS#8 format and not the antiquated SSLeay format. Output by the "openssl rsa" command as noted from the OpenSSL rsa(1) command page: "Note this command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the pkcs8 utility." Taken from the OpenSSL rsa command documenation located here: http://www.openssl.org/docs/apps/rsa.html If not, there might be an issue with the APR connector using PKCS#8 formatted private keys. Maybe I need to set up something differently in the connector when using the PKCS#8 private key format? After much deliberation, I found an issue with mod_ssl used in the APR. Evidently it doesn't support the PKCS#8 private key format. So you need to take it and convert it to the RSA format. Here is a nice article on how to convert your PKCS#8 private key extracted from your PKCS#12 keystore formatted in the non-encrypted, RSA, PEM format that OpenSSL expects: http://mark.foster.cc/kb/openssl-keytool.html The parts of the article that you should concern yourself about are: "The private key is being exported as PKCS#8 PEM format. To get it into the RSA format that works with Apache (see below) you can issue the following command:" openssl pkcs8 -inform PEM -nocrypt -in exported-pkcs8.key -out exported.key And "In summary, I had to re-encode the Java-base64-encoded private key using openssl to make it palatable to Apache:" openssl rsa -in privkey-java.key -out privkey.key I used Keystore Explorer 2.3 to extract the signed certificate and private key out of the PKCS#12. http://www.lazgosoftware.com/kse/ (free trial, $30 to buy. If you use java keystores/certificates a lot, totally worth it imo) I am still working on getting my certificate working 100% correctly but this information should help you guys out a lot if you are stuck with a PKCS#12 file. It won't be long now... -rOcK -Original Message- From: Dhaval Patel [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 8:49 AM To: Tomcat Users List Subject: Re: SSL InvalidKeystore Format? Hi Scott, I am not tomcat expert as well as I can not help you about the error you are getting. After Remy's last message on SSL with APR, I finally got my windows xp + tomcat 5.5.12 + APR + SSL working. Following are the steps that I have followed: (1) Install Tomcat 5.5.12 and make sure it is working. (2) Download APR component (openssl.exe and tcnative-1.dll) and put it in %TOMCAT_HOME%\bin. (http://tomcat.heanet.ie/native/1.1.0/binaries/win32/) (3) I generated server.key and server.cert following guide at http://www.fatofthelan.com/articles/articles.php?pid=12 .I have put them in %TOMCAT_HOME%\bin only. (Make sure you follow the guide. I had trouble setting openssl.exe on windows xp. The answer is on that page only. You have to download openssl.cnf from google and place it in some folder and make a new environment OPENSSL_CONF pointing to that file. Trust me that link is very good.) (4) Change the server.xml in following way: (5) Restart the tomcat and SSL is enabled. I dont know if you have did the same way and you have issues. If you want to try, you can follow the above steps on some other windows xp machine. It worked for me so it should work for you. If you start from scratch, it may take about 30-40 mins to setup above things. Let me know how it goes. Regards, D --- Scott Purcell <[EMAIL PROTECTED]> wrote: > Well, after wasting much time trying to get the SSL running on 5.5.12, > on XP, and finding out about the bad tcnative-1.dll, I thought I was > out of the woods on my SSL configuration. But it appears I have one > last issue (hopefully) Since I renamed the tcnative-1.dll, I am > getting logs in regards to my SSL (I was not getting those prior, see > earlier posts) and I am receiving this error: I believe I have a good > keystore, because my public key from Verisign was happy with it, but for some reason, Tomcat is stikll not happy with it. > Any ideas why this error may occur? > Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Htt
RE: SSL InvalidKeystore Format?
Hi, I should have mention that I am running tomcat as a standalone server. I mentioned the link (http://www.fatofthelan.com/articles/articles.php?pid=12) as a reference to generate self-signed certificate with OpenSSL on windows. Even though it is very nice article about how to setup SSL with Apache. I only applied part-3 (Generate a test certificate) from that article to my Tomcat+SSL procedure. One thing that I found intersting on that article is part-4 (Configuring Apache and mod_ssl). In this part, if you look at changes in httpd.conf, as mentioned below, SSLEngine on SSLCertificateFile conf/ssl/server.cert SSLCertificateKeyFile conf/ssl/server.key which is the same parameter that Remy has suggested. If I have found this article early, I may be able to solve the issue. But again since I figured it out, I like it now. Regards. D --- Scott Purcell <[EMAIL PROTECTED]> wrote: > Hello Dhaval, > > I was reading the article below, and it looks you you are not running Tomcat > as standalone? Are > you running Apache behind the scenes? > > I was just curious. > > Scott > > > -Original Message- > From: Dhaval Patel [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 01, 2005 8:49 AM > To: Tomcat Users List > Subject: Re: SSL InvalidKeystore Format? > > > Hi Scott, > > I am not tomcat expert as well as I can not help you about the error you > are getting. > After Remy's last message on SSL with APR, I finally got my windows xp + > tomcat 5.5.12 + APR + > SSL working. Following are the steps that I have followed: > > (1) Install Tomcat 5.5.12 and make sure it is working. > (2) Download APR component (openssl.exe and tcnative-1.dll) and put it in > %TOMCAT_HOME%\bin. > (http://tomcat.heanet.ie/native/1.1.0/binaries/win32/) > (3) I generated server.key and server.cert following guide at > http://www.fatofthelan.com/articles/articles.php?pid=12 .I have put them in > %TOMCAT_HOME%\bin > only. > (Make sure you follow the guide. I had trouble setting openssl.exe on windows > xp. The answer is > on > that page only. You have to download openssl.cnf from google and place it in > some folder and > make > a new environment OPENSSL_CONF pointing to that file. Trust me that link is > very good.) > (4) Change the server.xml in following way: > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" >enableLookups="false" disableUploadTimeout="true" > scheme="https" secure="true" >SSLEngine="on" >SSLCertificateFile="C:\Tomcat5.5\bin\server.crt" >SSLCertificateKeyFile="C:\Tomcat5.5\bin\server.key" /> > (5) Restart the tomcat and SSL is enabled. > >I dont know if you have did the same way and you have issues. If you want > to try, you can > follow the above steps on some other windows xp machine. It worked for me so > it should work for > you. If you start from scratch, it may take about 30-40 mins to setup above > things. > >Let me know how it goes. > > Regards, > D > > --- Scott Purcell <[EMAIL PROTECTED]> wrote: > > > Well, after wasting much time trying to get the SSL running on 5.5.12, on > > XP, and finding out > > about the bad tcnative-1.dll, I thought I was out of the woods on my SSL > > configuration. But it > > appears I have one last issue (hopefully) > > Since I renamed the tcnative-1.dll, I am getting logs in regards to my SSL > > (I was not getting > > those prior, see earlier posts) and I am receiving this error: I believe I > > have a good > keystore, > > because my public key from Verisign was happy with it, but for some reason, > > Tomcat is stikll > not > > happy with it. > > Any ideas why this error may occur? > > Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Http11BaseProtocol init > > INFO: Initializing Coyote HTTP/1.1 on http-80 > > Nov 30, 2005 10:44:54 PM org.apache.coyote.http11.Http11BaseProtocol init > > SEVERE: Error initializing endpoint > > java.io.IOException: Invalid keystore format > > at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) > > at java.security.KeyStore.load(Unknown Source) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:282) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:256) > > at > > > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getTrustManagers(JSSE14SocketFactory.java:174) > > at > > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109) > > at > > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) > > at > > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) > > at > > org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.java:137) > > at org.apache.catalina.connector.Connector.initialize(Connector.java:1016) > > at > > org.apache.catalina.core.StandardS
RE: SSL InvalidKeystore Format?
Hello Dhaval, I was reading the article below, and it looks you you are not running Tomcat as standalone? Are you running Apache behind the scenes? I was just curious. Scott -Original Message- From: Dhaval Patel [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 8:49 AM To: Tomcat Users List Subject: Re: SSL InvalidKeystore Format? Hi Scott, I am not tomcat expert as well as I can not help you about the error you are getting. After Remy's last message on SSL with APR, I finally got my windows xp + tomcat 5.5.12 + APR + SSL working. Following are the steps that I have followed: (1) Install Tomcat 5.5.12 and make sure it is working. (2) Download APR component (openssl.exe and tcnative-1.dll) and put it in %TOMCAT_HOME%\bin. (http://tomcat.heanet.ie/native/1.1.0/binaries/win32/) (3) I generated server.key and server.cert following guide at http://www.fatofthelan.com/articles/articles.php?pid=12 .I have put them in %TOMCAT_HOME%\bin only. (Make sure you follow the guide. I had trouble setting openssl.exe on windows xp. The answer is on that page only. You have to download openssl.cnf from google and place it in some folder and make a new environment OPENSSL_CONF pointing to that file. Trust me that link is very good.) (4) Change the server.xml in following way: (5) Restart the tomcat and SSL is enabled. I dont know if you have did the same way and you have issues. If you want to try, you can follow the above steps on some other windows xp machine. It worked for me so it should work for you. If you start from scratch, it may take about 30-40 mins to setup above things. Let me know how it goes. Regards, D --- Scott Purcell <[EMAIL PROTECTED]> wrote: > Well, after wasting much time trying to get the SSL running on 5.5.12, on XP, > and finding out > about the bad tcnative-1.dll, I thought I was out of the woods on my SSL > configuration. But it > appears I have one last issue (hopefully) > Since I renamed the tcnative-1.dll, I am getting logs in regards to my SSL (I > was not getting > those prior, see earlier posts) and I am receiving this error: I believe I > have a good keystore, > because my public key from Verisign was happy with it, but for some reason, > Tomcat is stikll not > happy with it. > Any ideas why this error may occur? > Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Http11BaseProtocol init > INFO: Initializing Coyote HTTP/1.1 on http-80 > Nov 30, 2005 10:44:54 PM org.apache.coyote.http11.Http11BaseProtocol init > SEVERE: Error initializing endpoint > java.io.IOException: Invalid keystore format > at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) > at java.security.KeyStore.load(Unknown Source) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:282) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:256) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getTrustManagers(JSSE14SocketFactory.java:174) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) > at > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) > at > org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.java:137) > at org.apache.catalina.connector.Connector.initialize(Connector.java:1016) > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:580) > at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) > at org.apache.catalina.startup.Catalina.load(Catalina.java:488) > at org.apache.catalina.startup.Catalina.load(Catalina.java:508) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) > Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load > SEVERE: Catalina.start > LifecycleException: Protocol handler initialization failed: > java.io.IOException: Invalid > keystore format > at org.apache.catalina.connector.Connector.initialize(Connector.java:1018) > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:580) > at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) > at org.apache.catalina.startup.Catalina.load(Catalina.java:488) > at org.apache.catalina.startup.Catalina.load(Catalina.java:508) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source)
Re: Upgrading Tomcat
Rhino wrote: 4. Is Sysdeo still the plugin of choice to use for Servlet development in Eclipse? Is Lomboz still the plugin of choice to use for JSP development in Eclipse? (I've never really tried a JSP but I might give it a go one of these days :-) My personal preference is MyEclipse. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Host Manager Questions
Hello George Did you try to install manager.xml into $CATALINA_HOME/conf/[enginename]/[hostname] Martin- - Original Message - From: "George Sexton" <[EMAIL PROTECTED]> To: "'Tomcat Users List'" Sent: Thursday, December 01, 2005 12:49 PM Subject: Host Manager Questions I'm trying to use the host manager to deploy new hosts, and when I try to do so I get this error message: FAIL - Couldnt install manager.xml Does anyone have any idea what is happening? I'm using Tomcat version 5.5.9. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Certificate Revocation Lists in Tomcat 5.5
Ok, hopefully I am getting close:
I have recompiled the tomcat-util.jar using the 1.5 JDK. I have looked at
the contents of the jar and it does now include the JSSE15Factory and
JSSE15SocketFactory classes. The version of the tomcat-util.jar that came
with Tomcat 5.5.12 did not even have these files in it. So, I take that to
mean that the recompilation was a success.
I place this jar in the {tomcat.home}/server/lib directory and restarted
Tomcat AND my webapp. I've also added the following to my
{tomcat.home}/conf/server.xml file:
crlFiles="C:\crl.txt"
This crl.txt is a CRL which I have confirmed (using openSSL) contains one of
my user certificates.
...and it's still not working. I put a System.out.println() statement in
the JSSE15SocketFactory to see if it is getting called, but I'm not seeing
this statement in the log, as if this class isn't getting called.
Any ideas? I think I'm close to getting this working, and looking through
the archives, a definitive solution to this problem would help a bunch of
people out!
Thanks,
Kennedy
- Original Message -
From: "Martin Dubuc" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Tuesday, November 29, 2005 3:11 PM
Subject: RE: Certificate Revocation Lists in Tomcat 5.5
CRL support is present in Tomcat 5.5.12.
I am not an expert on Tomcat CRL support but what I
know is the following:
- You will need to recompile some of the
tomcat-util.jar classes with JDK 1.5 because Tomcat
5.5.12 was compiled with JDK 1.4. The classes to be
recompiled are:
org.apache.tomcat.util.net.jsse.JSSE15Factory and
org.apache.tomcat.util.net.jsse.JSSE15SocketFactory
classes.
- The crlFile property needs to be added inside your
SSL Connector in the server.xml file. The value is the
location of the CRL file on your system.
Regards,
Martin
--- "Duan, Nick" <[EMAIL PROTECTED]> wrote:
Tomcat currently doesn't support cert validation
against CRL. You may
want to use Apache's mod_ssl to do the CRL checking.
You will have to
use mod_jk to connect Apache web server with tomcat.
SSL is very computational intensive. Use Apache's
httpd to do the SSL
work is more efficient than to use Java-based
tomcat.
ND
-Original Message-
From: Kennedy Roberts [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 29, 2005 10:55 AM
To: users@tomcat.apache.org
Subject: Certificate Revocation Lists in Tomcat 5.5
Hi all,
We've recently migrated our (SSL enabled) web
application from
SunOne to
Tomcat 5.5, and I can't find any information on
handling Certificate
Revocation Lists in Tomcat. In SunOne, there was a
function in the
administration console that let you import a CRL.
Is there any
equivalent
in Tomcat, or perhaps some other command line
equivalent?
Thanks for your help.
-Kennedy
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
__
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Setting up virtual hosts behind a reverse proxy
I have a Tomcat (5.5.12) server that is hidden behind Apache. On the Apache server, several virtual hosts are defined. ServerName .xxx.xx ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ Now I'd like to map some of these virtual hosts to virtual hosts on the Tomcat server. Unfortunately this doesn't quite work as Tomcat is unaware of the original hostname that was requested (even though this information remains present in a X-Forwarded-Host header value). Any suggestions? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Problem with default context when moving from 5.5.7 to 5.5.12
> From: Jason Burrows [mailto:[EMAIL PROTECTED] > Subject: Re: Problem with default context when moving from > 5.5.7 to 5.5.12 > > I agree, but the best documentation I could find on this was: > http://tomcat.apache.org/tomcat-5.5-doc/config/context.html > > ...and there's nothing in that document that would lead me to try what > you suggested, even reading now knowing that is the solution. The documentation has not kept up with the implementation. (Haven't yet met a programmer that actually likes to write documentation.) The key piece of hard-to-find information is that the default web app must be specified with the context name (not path) ROOT. > then says "context elements for the default context must go in > your server.xml file" I can't find any place that says that. What it does say is "In addition, you MUST define a Context with a context path equal to a zero-length string." Since zero-length filenames are a bit tricky, the current mechanism uses the name ROOT to create a zero-length context path. > Where are you getting documentation that more accurately explains > the context setup, and led you to the solution you provided? Reading this mailing list carefully, experimenting, and not sleeping much. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Upgrading Tomcat
Rhino wrote: > 1. What are the major differences between the 5.0.x stream and the 5.5.x > stream? The only one I really care about is 5.5 is perceptibly faster :-) > 2. Are 5.5.12 and 5.0.28 both fairly stable and robust? I'm running several production sites on 5.5.9, no problems. > 3. Do I need to download/install all of the different "bundles" for each > version... Core (and manager, if you use it) are all you need, if you're running Java 1.5. > 4. ...Eclipse?... Sorry, can't say -- not an Eclipse user. FWIW! -- Hassan Schroeder - [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Upgrading Tomcat
> From: Rhino [mailto:[EMAIL PROTECTED] > Subject: Upgrading Tomcat > > 1. What are the major differences between the 5.0.x stream > and the 5.5.x stream? Lots, especially performance. There are some configuration differences between the two, so read the docs carefully. Consult the changelog and FAQ for details. > Perhaps I'd be smarter to use 5.0.x until > 5.5.x is further along? I'd go with 5.5 - the newer level gets more attention from the developers and has definite performance advantages. > 2. Are 5.5.12 and 5.0.28 both fairly stable and robust? Yes. > 3. Do I need to download/install all of the different > "bundles" for each version No, just download what you need. Look here: http://apache.intissite.com/tomcat/tomcat-5/v5.5.12/README.html I posted a more detailed description of the download packages a few days ago. Try: http://marc.theaimsgroup.com/?l=tomcat-user&r=1&w=2 to browse the mailing list archive. > Do I need JDK 1.4 Compatibility if I develop primarily > in J2SE 1.5? The key issue is "primarily" vs. "only". If you develop with 1.5 you run the risk of not being able to execute on a 1.4 system if you have written code that depends on 1.5 features. You only need the compatibility package for Tomcat installations that are actually running on 1.4. > For that matter is it okay to use J2SE 1.5 > with Tomcat or does Tomcat only support 1.4? Tomcat is built with 1.4, but runs happily on either 1.4 or 1.5. > 4. Is Sysdeo still the plugin of choice to use for Servlet > development in Eclipse? Is Lomboz still the plugin of choice > to use for JSP development in Eclipse? Got me. I'm a command line person. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with default context when moving from 5.5.7 to 5.5.12
Thanks very much Chuck! That did indeed fix my problem. I have a couple of related questions though... > > > > This worked fine for me in 5.5.7 (on many machines). > > But it shouldn't have. I suspect this was one of the bugs fixed between > .7 and .12, where the documented rules are more tightly enforced. I agree, but the best documentation I could find on this was: http://tomcat.apache.org/tomcat-5.5-doc/config/context.html ...and there's nothing in that document that would lead me to try what you suggested, even reading now knowing that is the solution. In addition, there is that spot (directly quoted in my first email, but I'll paraphrase here) that first says "don't put context elements in your server.xml file" then says "context elements for the default context must go in your server.xml file" and then says "you must provide a default context". I don't see how all three statements can be true, and yet that is all I had to go off of. Where are you getting documentation that more accurately explains the context setup, and led you to the solution you provided? Thanks! Jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Server Side file access
Have you given Tomcat permission to create myinfo.txt? In your
catalina.policy file?
Bob
On Thu, 2005-12-01 at 19:55 +0200, Phillip Mangwiro wrote:
> Can I read & write to File on the server while in a JSP page? I keep getting
> errors on the line to create the File:
> File f = new File("myinfo.txt");
>
> The error is reported to be because Tomcat expects an array or an Object.
>
>
> I'm using Tomcat 5.5 & jre 1.5.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Deploying in ROOT folder using a war file
Hi Chuck, I tried using ROOT.war with Tomcat 5.5.12 and it worked fine. It does not work with Tomcat 4.1.x versions. I guess we will have to (finally) upgrade our Tomcat versions. thanks for all your help... all of you... regards, Gautam. --- "Caldarale, Charles R" <[EMAIL PROTECTED]> wrote: > > From: Vivek Mohan [mailto:[EMAIL PROTECTED] > > Subject: Re: Deploying in ROOT folder using a war > file > > > > Tomcat is extracting the files to localhost/_ > because thats where it > > knows it has to extract anything from the ROOT > application. > > However, that's true only if using the > unpackWARs="false" setting. In > that case, Tomcat extracts some of an app's .war > file into a > work/Catalina/localhost/ directory (where > "_" is substituted > for "ROOT" for some unknown reason, presumably > historical). > > I just zip'd up my webapps/ROOT directory into a > ROOT.war file in the > webapps directory, deleted the now redundant > webapps/ROOT, and restarted > Tomcat. The result, as expected, was recreation of > webapps/ROOT during > Tomcat initialization. This is on level 5.5.12; > I've never used any of > the 4.x levels. > > The only way I could duplicate the behavior reported > by the original > poster was by setting unpackWARs to "false". Are > you really, really > sure you have it set to "true"? Can you try using a > newer version of > Tomcat? > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR > OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended > recipient. If you > received this in error, please contact the sender > and delete the e-mail > and its attachments from all computers. > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Upgrading Tomcat
I need some basic information regarding upgrades to Tomcat. I haven't written any servlets in many months and have not followed the various updates made to Tomcat. When I go to http://tomcat.apache.org/download-55.cgi, I see that there are several different current versions of Tomcat available, including 5.5.13-beta, 5.5.12, 5.0.30-beta and 5.0.28. Also, as someone interested in a binary distribution, I see that there are several subsets of code for each Tomcat version: "Core", "Deployer", "Embedded", "Administration" and "JDK 1.4 Compatibility Package". Can someone answer some questions for me? 1. What are the major differences between the 5.0.x stream and the 5.5.x stream? In other words, what factors should I weigh in deciding which stream I should use? I tend to prefer to take the latest possible version that is stable and then stay with that a fair while so that I don't have to update Tomcat too frequently, which suggests 5.5.12 as my best bet, but I'm not sure if that's a good strategy in this case because I'm not clear on the different between 5.0.x and 5.5.x. Perhaps I'd be smarter to use 5.0.x until 5.5.x is further along? 2. Are 5.5.12 and 5.0.28 both fairly stable and robust? 3. Do I need to download/install all of the different "bundles" for each version, i.e. will I need "Core" AND "Deployer" AND "Embedded" and "Administration Web Application" AND "JDK 1.4 Compatibility Package" or is "Core" alone sufficient? Do I need JDK 1.4 Compatibility if I develop primarily in J2SE 1.5? For that matter is it okay to use J2SE 1.5 with Tomcat or does Tomcat only support 1.4? 4. Is Sysdeo still the plugin of choice to use for Servlet development in Eclipse? Is Lomboz still the plugin of choice to use for JSP development in Eclipse? (I've never really tried a JSP but I might give it a go one of these days :-) Rhino -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/11/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Server Side file access
Can I read & write to File on the server while in a JSP page? I keep getting
errors on the line to create the File:
File f = new File("myinfo.txt");
The error is reported to be because Tomcat expects an array or an Object.
I'm using Tomcat 5.5 & jre 1.5.
Host Manager Questions
I'm trying to use the host manager to deploy new hosts, and when I try to do so I get this error message: FAIL - Couldnt install manager.xml Does anyone have any idea what is happening? I'm using Tomcat version 5.5.9. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
limiting access to an application where IP filtering is not possible
Hi, I have to restrict usage of an application to a number of selected machines. Problem is that these machines are part of a large (no, huge) network that sits behind a NAT gateway, so I can't just filter for IP addresses as the only IP I ever see is the one of the gateway. I am assuming that using client certificates is the way to go there? However, I want to require both a certificate to be present and the user to log in using their username and password. Question: are the two mechanisms orthogonal and does anyone have any pointers or configurations file snippets to show how this can be configured? Any help much appreciated. Cheers, Alex -- Alexander Voss, Research Associate School of Informatics, University of Edinburgh 1 Buccleuch Place, Edinburgh EH8 9LW Office +44 131 650 4412 Lab +44 131 650 8288 NTRAC+44 131 537 3363 Email[EMAIL PROTECTED] Homepage http://homepages.inf.ed.ac.uk/avoss - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How to deploy my webapp as root context webapp without tomcat loading it twice?
> From: Vivek Mohan [mailto:[EMAIL PROTECTED]
> Subject: Re: How to deploy my webapp as root context webapp
> without tomcat loading it twice?
>
> I've kept myWebapp at ${CATALINA.HOME}/myWebapp and given this path in
> server.xml for the root context. Is that the correct way to do it? Is
> there anything in my webapp that I need to take care of when I do
> this?
That's an odd place to put a webapp. If you don't want to put the
default app in webapps/ROOT, then I think it would be much easier to
deal with if you keep it completely outside of the Tomcat directory
structure. Throwing things into arbitrary places just seems a bit risky
with regard to future maintenance and upgrades.
Tomcat will deploy webapps found by three mechanisms (that I know of):
1) Subdirectories of webapps or .war files in webapps. The app name is
defined by the name of the subdirectory or .war file. A tag
may be placed in META-INF/context.xml, if desired, but the path and
docBase attributes must not be used.
2) .xml files containing a tag in the
conf/Catalina/ directory. The app name is defined by the
name of the .xml file. The tag must include a docBase
attribute that provides the location of the webapp. I don't know what
happens if there are zero or multiple tags in the file or if
the docBase attribute is missing.
3) entries in server.xml (strongly discouraged these days).
The app name is taken from the path attribute, and this is the only time
a path attribute is allowed. The docBase attribute specifies the
location of the app.
Sounds like you want to use the second option, using ROOT.xml to hold
your tag.
Double deployment is almost always the result of having the app defined
by more than one of the mechanisms listed above.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: File Download not working for anchor tags
The anchor file links to an actual real file on the filesystem, so the first case. I'm using Tomcat stand alone. Mike At 04:56 PM 11/30/2005, you wrote: Display and generation are two separate issues and I'm confused about which is which for the OP. does the anchor tag link to an actual real file on the filesystem somewhere, like: click to download or are you linking to a dynamically generated file, as from a servlet: click to download in the first case, you're using JSP to display the link and it's more likely a web-server MIME type that is missing. Are you using TC stand-alone or fronted with Apache? in the second case, you need to worry about setting headers in your servlet/JSP (the generating servlet/jsp, _not_ the display one) both for content type and that disposition setting which is the FAQ that Tim linked to, because now you're generating the contents of the linked "file" in a JSP or servlet (so actually, not a file, but rather a streamed response). > -Original Message- > From: Mike [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 30, 2005 5:36 PM > To: Tomcat Users List > Subject: Re: File Download not working for anchor tags > > > > I'm using a JSP page for displaying the anchor actually. > The anchor is > linked to a file, either a .xls or .csv file. > >Mike > > At 04:09 PM 11/30/2005, you wrote: > >I assume you are using a servlet since JSPs always return a > >Content-Type. > >Try setting Content-Type in your servlet so the headers are > identical. > > > >Mark > > > >Mike wrote: > >>Hi Mark, > >> I compared them and the Content-Type is not showing in > 4.1.31. In > >> 4.1.18 it shows as "text/plain". > >> Thanks, > >> Mike Gilby > >>At 02:47 PM 11/30/2005, you wrote: > >> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: File Download not working for anchor tags
Hi Mark, I found a workaround that's pretty user friendly. I used a servlet instead of an anchor in a .jsp file to send the file. I set the content type to "text/plain" and the data transferred is good. Thanks for your help. Mike At 04:50 PM 11/30/2005, you wrote: Mike wrote: I'm using a JSP page for displaying the anchor actually. The anchor is linked to a file, either a .xls or .csv file. Mike In which case, the default servlet will be responsible for serving the content. I'll go and take a look at the changes between 4.1.18 and 4.1.31. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Deploying Servlet Project from Windows to Fedora
Aydin, The snipped from your web.xml does not prove anything. You need to carefully compre the web.xml entries versus the actual filename of the class file and to any references to the servlet from a JSP/HTML page. And you also need to make sure the CRLF line endings are properly adjusted. When you have done that, report back and maybe we can help some more. - Richard > -Original Message- > From: Aydın Toprak [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 01, 2005 8:29 AM > To: Tomcat Users List > Subject: Re: Deploying Servlet Project from Windows to Fedora > > but The system works fine under Windows ... I mean as an example ... > this is my servlet name : LoginManagerServletV2.java and the > the web.xml lines for this servlet : > > > LoginManagerServletV2 > Login ManagerV2 > Manager for the manager action > manager.LoginManagerServletV2 > > > > LoginManagerServletV2 > /login > > > this tricky definiton of servlet runs fine under XP ... how > ever the same lines are not enough for to tell the > linux-tomcat couple to find & use it ... > > > And there is another point that comes in my mind at the moment... > > The windows platform is 32 bit ... and of course the J2EE and > Jre are both 32bit... > but the server side, Fedora is 64 bit... also the JRE ... > > dose it make a problem ... ? > > > > > Richard Mixon wrote: > > >Aydin, > > > >I do not have reference for any such documentation. However > in the past > >I have been bit badly a number of times trying to move a web > >application from Windows to Linux. The other way around > works much more reliable. > > > >The two issues that resolved my problem always ended up being: > > > >1) Case sensitivity of file names. Windows will treat > "/myApp" the same > >as "/myapp" the same - so if you have been inconsistent in how you > >referred to a file/path name this could be an issue with a > "servlet not found" problem. > > > >2) Line endings of text files - in SOME situations. > Sometimes it does > >not seem to matter, but to be sure I would recomment either > running the > >"dos2unix" utility against all of your text files (XML, JSP, > HTML, etc) > >or you can use the equivalent Ant task in your build > process, something like: > > > > includes="ApplicationResources_handCoded.properties" > >eol="lf" > >eof="remove"/> > > > >Hope this helps -Richard > > > > > > > >>-Original Message- > >>From: Aydın Toprak [mailto:[EMAIL PROTECTED] > >>Sent: Thursday, December 01, 2005 7:48 AM > >>To: users@tomcat.apache.org > >>Subject: Deploying Servlet Project from Windows to Fedora > >> > >>Hii, > >> > >>I have developed web based project that covers many > servlets and uses > >>Postgresql dataBase, on ;Windows platform... > >>But I want to deploy the software to the Linux (Fedora Core > 4 64) .. > >>However I havent been able to deploy the compleate project > correctly > >>under the linux enviroment.. > >> > >>Tomcat cant find my servlets and so do nothing... > >>Should I modify the web.xml file of my own .. or do something > >>different ? .. > >> > >>I am looking for some clear descriptions or an accurate > documentation > >>to do it... > >> > >>thanks > >> > >> > - > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > >> > > > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat catalina.out and log4j
need some help with log4j... I have implemented it on our Tomcat 5 server, everything is fine as well. I can see my messages writting to the catalina.out. However I'm running on Solaris 8, so when I go to search the catalina.out with grep. I receive the following. Binary file catalina.out matches This only started after the log4j implementation. So, I can provided my properties file if need be, and whatever else. I've also looked at the API and don't see that it's doign a binary write or that it changes the file descriptor of catalina.out. I could be missing it, but anyway, any help is appreciated. _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to reload jsp using ant in Tomcat 5.5
Hello, I'm using Tomcat 5.5 on wich I deploy a web application with ant using: where install.home/component.name-component.version is a local directory wich contains a typical structure with JSP's and a WEB-INF directory wich includes lib and classes directories. I get to deploy the application right, but when I update any jsp in my install.home/component.name-component.version local directory I can not get Tomcat to update that file. I've tried to use the ant reload target as follows: but it doesn't work for jsp pages. Anyone could help me, please? Thanks in advantage. Guillermo
Re: Deploying Servlet Project from Windows to Fedora
Check your webapp folder structure to be sure it has the proper case. You should see this structure and exact naming including upper/lower case: /WEB-INF /classes /manager /LoginManagerServletV2.class /lib ...jars here Windows may be forgiving on this point, but Linux isn't. 32 vs. 64 bit won't make a difference. Also take a look at your catalina.out and other log files for exceptions during startup/deployment. They can point you in the right direction. --David Aydın Toprak wrote: but The system works fine under Windows ... I mean as an example ... this is my servlet name : LoginManagerServletV2.java and the the web.xml lines for this servlet : LoginManagerServletV2 Login ManagerV2 Manager for the manager action manager.LoginManagerServletV2 LoginManagerServletV2 /login this tricky definiton of servlet runs fine under XP ... how ever the same lines are not enough for to tell the linux-tomcat couple to find & use it ... And there is another point that comes in my mind at the moment... The windows platform is 32 bit ... and of course the J2EE and Jre are both 32bit... but the server side, Fedora is 64 bit... also the JRE ... dose it make a problem ... ? Richard Mixon wrote: Aydin, I do not have reference for any such documentation. However in the past I have been bit badly a number of times trying to move a web application from Windows to Linux. The other way around works much more reliable. The two issues that resolved my problem always ended up being: 1) Case sensitivity of file names. Windows will treat "/myApp" the same as "/myapp" the same - so if you have been inconsistent in how you referred to a file/path name this could be an issue with a "servlet not found" problem. 2) Line endings of text files - in SOME situations. Sometimes it does not seem to matter, but to be sure I would recomment either running the "dos2unix" utility against all of your text files (XML, JSP, HTML, etc) or you can use the equivalent Ant task in your build process, something like: Hope this helps -Richard -Original Message- From: Aydın Toprak [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 7:48 AM To: users@tomcat.apache.org Subject: Deploying Servlet Project from Windows to Fedora Hii, I have developed web based project that covers many servlets and uses Postgresql dataBase, on ;Windows platform... But I want to deploy the software to the Linux (Fedora Core 4 64) .. However I havent been able to deploy the compleate project correctly under the linux enviroment.. Tomcat cant find my servlets and so do nothing... Should I modify the web.xml file of my own .. or do something different ? .. I am looking for some clear descriptions or an accurate documentation to do it... thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Deploying Servlet Project from Windows to Fedora
but The system works fine under Windows ... I mean as an example ... this is my servlet name : LoginManagerServletV2.java and the the web.xml lines for this servlet : LoginManagerServletV2 Login ManagerV2 Manager for the manager action manager.LoginManagerServletV2 LoginManagerServletV2 /login this tricky definiton of servlet runs fine under XP ... how ever the same lines are not enough for to tell the linux-tomcat couple to find & use it ... And there is another point that comes in my mind at the moment... The windows platform is 32 bit ... and of course the J2EE and Jre are both 32bit... but the server side, Fedora is 64 bit... also the JRE ... dose it make a problem ... ? Richard Mixon wrote: Aydin, I do not have reference for any such documentation. However in the past I have been bit badly a number of times trying to move a web application from Windows to Linux. The other way around works much more reliable. The two issues that resolved my problem always ended up being: 1) Case sensitivity of file names. Windows will treat "/myApp" the same as "/myapp" the same - so if you have been inconsistent in how you referred to a file/path name this could be an issue with a "servlet not found" problem. 2) Line endings of text files - in SOME situations. Sometimes it does not seem to matter, but to be sure I would recomment either running the "dos2unix" utility against all of your text files (XML, JSP, HTML, etc) or you can use the equivalent Ant task in your build process, something like: Hope this helps -Richard -Original Message- From: Aydın Toprak [mailto:[EMAIL PROTECTED] Sent: Thursday, December 01, 2005 7:48 AM To: users@tomcat.apache.org Subject: Deploying Servlet Project from Windows to Fedora Hii, I have developed web based project that covers many servlets and uses Postgresql dataBase, on ;Windows platform... But I want to deploy the software to the Linux (Fedora Core 4 64) .. However I havent been able to deploy the compleate project correctly under the linux enviroment.. Tomcat cant find my servlets and so do nothing... Should I modify the web.xml file of my own .. or do something different ? .. I am looking for some clear descriptions or an accurate documentation to do it... thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Deploying Servlet Project from Windows to Fedora
Aydin, I do not have reference for any such documentation. However in the past I have been bit badly a number of times trying to move a web application from Windows to Linux. The other way around works much more reliable. The two issues that resolved my problem always ended up being: 1) Case sensitivity of file names. Windows will treat "/myApp" the same as "/myapp" the same - so if you have been inconsistent in how you referred to a file/path name this could be an issue with a "servlet not found" problem. 2) Line endings of text files - in SOME situations. Sometimes it does not seem to matter, but to be sure I would recomment either running the "dos2unix" utility against all of your text files (XML, JSP, HTML, etc) or you can use the equivalent Ant task in your build process, something like: Hope this helps -Richard > -Original Message- > From: Aydın Toprak [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 01, 2005 7:48 AM > To: users@tomcat.apache.org > Subject: Deploying Servlet Project from Windows to Fedora > > Hii, > > I have developed web based project that covers many servlets > and uses Postgresql dataBase, on ;Windows platform... > But I want to deploy the software to the Linux (Fedora Core 4 64) .. > However I havent been able to deploy the compleate project > correctly under the linux enviroment.. > > Tomcat cant find my servlets and so do nothing... > Should I modify the web.xml file of my own .. or do > something different ? .. > > I am looking for some clear descriptions or an accurate > documentation to do it... > > thanks > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Deploying Servlet Project from Windows to Fedora
Hi, The main difference between windows and linux for you is at the filesystem level i think. Check twice the configuration of your servlets in web.xml and the files in your war for uppercase/lower case mistakes. I may be you renamed at some point myServlet.java to MyServlet.java but never cleared the .class so you end up with a myServlet.class in your war, which is extracted by tomcat (tomcat always extract .war, it does not access it directly) as myServlet.class and when it later tries to load the class MyServlet using file MyServlet.class, it's not a problem in windows (myServlet.class is opened and contains the MyServlet class) but it is on linux (Myservlet.class is not the same as myServlet.class). The uppercase/lowercase problem might also be in having a directory named WEB-INF/CLASSES or web-inf/classes instead of WEB-INF/classes This is just a suggestion, but it may be the most obvious problem. Also, the error messages from tomcat might be usefull to find the problem :p regards Le Jeudi 1 Décembre 2005 15:47, Aydın Toprak a écrit : > Hii, > > I have developed web based project that covers many servlets and uses > Postgresql dataBase, on ;Windows platform... > But I want to deploy the software to the Linux (Fedora Core 4 64) .. > However I havent been able to deploy the compleate project correctly > under the linux enviroment.. > > Tomcat cant find my servlets and so do nothing... > Should I modify the web.xml file of my own .. or do something different > ? .. > > I am looking for some clear descriptions or an accurate documentation > to do it... > > thanks > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- David Delbecq Royal Meteorological Institute of Belgium - Pingouins dans les champs, hiver méchant - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session cookie path problem
I forgot to mention that I am using Tomcat through Apache and mod_jk. Christian Rudh wrote: > Hi > > I have set up so all users on my server can use Tomcat from their home > directories. They access servlets through > "domain/~user/java/servlet/TestServlet" and it works fine. > > But I tried setting a session value in a servlet and the session value > was never stored. So I checked the session cookie that Tomcat generates > and the path in it was set to "/%7Euser/" in the beginning. > > So if I access the servlet by writing > "domain/%7Euser/java/servlet/TestServlet" in the browser the session > values works, but not if I use "~" in the browser. > > I know that "%7E" is the URL-encoded "~", but the users shouldn't have > to enter that manually... > > What is doing this and how can I fix it? > -- Christian Rudh [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: SSL Certificate Beginner Question
> From: Paul Singleton [mailto:[EMAIL PROTECTED] > Subject: Re: SSL Certificate Beginner Question > > David Wall wrote: > > > > ...if the user accesses your site with http://, > > the port 80 Connector (or 8080 if testing or using a > > non-standard port) has a "redirectPort" element that > > causes Tomcat to automatically issue a redirect using > > https:// > > Are you sure? I thought redirectPort was only useful for > redirecting _https_ requests which were sent to the wrong port... Don't know if he's sure or not, but he is correct. If the deployment descriptor has transport-guarantee set to CONFIDENTIAL, Tomcat automatically switches the request to https. See section 12.8 of the servlet spec. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat 4.06, JK ISAPI redirector plugin 1.2.15.0, IIS 6.0 on Wind ows Server 2003 How To
Title: Tomcat 4.06, JK ISAPI redirector plugin 1.2.15.0, IIS 6.0 on Wind ows Server 2003 How To Can anyone point me to some documentation that is specific to getting the Jakarta ISAPI plugin to work with IIS 6.0 on Windows Server 2003? This all seems to work properly on Windows XP (IIS 5.0), but I can't seem to get it to work on Windows Server 2003 (IIS 6.0). Thank you. Jim Weegar McKESSON Shared Technology Group 5995 Windward Parkway Alpharetta, GA 30005 office: 404-338-3712 fax: 404-338-5111 email: [EMAIL PROTECTED] Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. <> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL InvalidKeystore Format?
Hi Scott, I am not tomcat expert as well as I can not help you about the error you are getting. After Remy's last message on SSL with APR, I finally got my windows xp + tomcat 5.5.12 + APR + SSL working. Following are the steps that I have followed: (1) Install Tomcat 5.5.12 and make sure it is working. (2) Download APR component (openssl.exe and tcnative-1.dll) and put it in %TOMCAT_HOME%\bin. (http://tomcat.heanet.ie/native/1.1.0/binaries/win32/) (3) I generated server.key and server.cert following guide at http://www.fatofthelan.com/articles/articles.php?pid=12 .I have put them in %TOMCAT_HOME%\bin only. (Make sure you follow the guide. I had trouble setting openssl.exe on windows xp. The answer is on that page only. You have to download openssl.cnf from google and place it in some folder and make a new environment OPENSSL_CONF pointing to that file. Trust me that link is very good.) (4) Change the server.xml in following way: (5) Restart the tomcat and SSL is enabled. I dont know if you have did the same way and you have issues. If you want to try, you can follow the above steps on some other windows xp machine. It worked for me so it should work for you. If you start from scratch, it may take about 30-40 mins to setup above things. Let me know how it goes. Regards, D --- Scott Purcell <[EMAIL PROTECTED]> wrote: > Well, after wasting much time trying to get the SSL running on 5.5.12, on XP, > and finding out > about the bad tcnative-1.dll, I thought I was out of the woods on my SSL > configuration. But it > appears I have one last issue (hopefully) > Since I renamed the tcnative-1.dll, I am getting logs in regards to my SSL (I > was not getting > those prior, see earlier posts) and I am receiving this error: I believe I > have a good keystore, > because my public key from Verisign was happy with it, but for some reason, > Tomcat is stikll not > happy with it. > Any ideas why this error may occur? > Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Http11BaseProtocol init > INFO: Initializing Coyote HTTP/1.1 on http-80 > Nov 30, 2005 10:44:54 PM org.apache.coyote.http11.Http11BaseProtocol init > SEVERE: Error initializing endpoint > java.io.IOException: Invalid keystore format > at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) > at java.security.KeyStore.load(Unknown Source) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:282) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:256) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getTrustManagers(JSSE14SocketFactory.java:174) > at > org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109) > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) > at > org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) > at > org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.java:137) > at org.apache.catalina.connector.Connector.initialize(Connector.java:1016) > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:580) > at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) > at org.apache.catalina.startup.Catalina.load(Catalina.java:488) > at org.apache.catalina.startup.Catalina.load(Catalina.java:508) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) > Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load > SEVERE: Catalina.start > LifecycleException: Protocol handler initialization failed: > java.io.IOException: Invalid > keystore format > at org.apache.catalina.connector.Connector.initialize(Connector.java:1018) > at > org.apache.catalina.core.StandardService.initialize(StandardService.java:580) > at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) > at org.apache.catalina.startup.Catalina.load(Catalina.java:488) > at org.apache.catalina.startup.Catalina.load(Catalina.java:508) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) > Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load > INFO: Initialization processed in 1890 ms > Nov 30, 2005 10:44:54 PM org.apache.catalina.core.StandardService start > > >
Deploying Servlet Project from Windows to Fedora
Hii, I have developed web based project that covers many servlets and uses Postgresql dataBase, on ;Windows platform... But I want to deploy the software to the Linux (Fedora Core 4 64) .. However I havent been able to deploy the compleate project correctly under the linux enviroment.. Tomcat cant find my servlets and so do nothing... Should I modify the web.xml file of my own .. or do something different ? .. I am looking for some clear descriptions or an accurate documentation to do it... thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat 4.06, JK ISAPI redirector plugin 1.2.15.0, IIS 6.0 on Wind ows Server 2003 How To
Title: Tomcat 4.06, JK ISAPI redirector plugin 1.2.15.0, IIS 6.0 on Windows Server 2003 How To Can anyone point me to some documentation that is specific to getting the Jakarta ISAPI plugin to work with IIS 6.0 on Windows Server 2003? This all seems to work properly on Windows XP (IIS 5.0), but I can't seem to get it to work on Windows Server 2003 (IIS 6.0). Thank you. Jim Weegar Sr. Technical Project Manager McKESSON Shared Technology Group 5995 Windward Parkway Alpharetta, GA 30005 office: 404-338-3712 remote: 678-344-7223 fax: 404-338-5111 email: [EMAIL PROTECTED] Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. <> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SSL InvalidKeystore Format?
Well, after wasting much time trying to get the SSL running on 5.5.12, on XP, and finding out about the bad tcnative-1.dll, I thought I was out of the woods on my SSL configuration. But it appears I have one last issue (hopefully) Since I renamed the tcnative-1.dll, I am getting logs in regards to my SSL (I was not getting those prior, see earlier posts) and I am receiving this error: I believe I have a good keystore, because my public key from Verisign was happy with it, but for some reason, Tomcat is stikll not happy with it. Any ideas why this error may occur? Nov 30, 2005 10:44:53 PM org.apache.coyote.http11.Http11BaseProtocol init INFO: Initializing Coyote HTTP/1.1 on http-80 Nov 30, 2005 10:44:54 PM org.apache.coyote.http11.Http11BaseProtocol init SEVERE: Error initializing endpoint java.io.IOException: Invalid keystore format at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source) at java.security.KeyStore.load(Unknown Source) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:282) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:256) at org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getTrustManagers(JSSE14SocketFactory.java:174) at org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109) at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88) at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292) at org.apache.coyote.http11.Http11BaseProtocol.init(Http11BaseProtocol.java:137) at org.apache.catalina.connector.Connector.initialize(Connector.java:1016) at org.apache.catalina.core.StandardService.initialize(StandardService.java:580) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) at org.apache.catalina.startup.Catalina.load(Catalina.java:488) at org.apache.catalina.startup.Catalina.load(Catalina.java:508) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load SEVERE: Catalina.start LifecycleException: Protocol handler initialization failed: java.io.IOException: Invalid keystore format at org.apache.catalina.connector.Connector.initialize(Connector.java:1018) at org.apache.catalina.core.StandardService.initialize(StandardService.java:580) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:762) at org.apache.catalina.startup.Catalina.load(Catalina.java:488) at org.apache.catalina.startup.Catalina.load(Catalina.java:508) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:247) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:412) Nov 30, 2005 10:44:54 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1890 ms Nov 30, 2005 10:44:54 PM org.apache.catalina.core.StandardService start - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How to deploy my webapp as root context webapp without tomcat loading it twice?
> From: Francis Galiegue [mailto:[EMAIL PROTECTED] > Subject: Re: How to deploy my webapp as root context webapp > without tomcat loading it twice? > > I wonder whether creating Catalina//ROOT.xml with the > appropriate would work... That works fine on 5.5.12, haven't tried it on older levels. Just make sure to delete the webapps/ROOT directory and clean out the work/Catalina//_ directory before restarting Tomcat. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to deploy my webapp as root context webapp without tomcat loading it twice?
2005/12/1, Paul Singleton <[EMAIL PROTECTED]>: > Vivek Mohan wrote: > > Like I mentioned in my problem statement: > > > > I don't want to move my application into ROOT folder or rename it to ROOT. > > And unlike as you said Mark, putting autoDeploy=false doesn't help in this > > case. > > > > Is this (loading a webapp twice if the context path and the docBase > > path is different) a feature of Tomcat? Can't this be turned off? > > My hunch is that you won't get a definitive answer to this question > in this group :-/ > > I *think* you need to do all these: > > * maintain an empty appBase directory > > * leave autoDeploy alone (there's nothing for it to deploy) > > * set docBase in Context to an absolute path to your app > That's what I did, I submitted this problem a month ago or so and came up with this solution, asking if there weren't any better ones. Renaming the webapp dir to ROOT is a nono so far, so I defined a nonexisting appBase and put an absolute path in . It works, but it's ugly, for sure :( I wonder whether creating Catalina//ROOT.xml with the appropriate would work... (BTW this is using tomcat 5.0.x, x>=27) -- Francis Galiegue, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] One2team - 12bis rue de la Pierre Levée, 75011 Paris - 0143381980 "When it comes to performance, weight is everything" - Tiff Needell - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
WARNUNG: Internal error flushing the buffer in release()
Hi all, I'm using Tomcat 5.0.19 and I'm receiving the following message on the console while running my web app: 01.12.2005 09:39:05 org.apache.jasper.runtime.PageContextImpl release WARNUNG: Internal error flushing the buffer in release() I've been searching the web for any information on this topic but couldn't find any helpful information ... What does this message mean to me and how can I avoid it? Has this anything to do with the buffer size of the response object? Any help would be appreciated, Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to deploy my webapp as root context webapp without tomcat loading it twice?
Vivek Mohan wrote: Like I mentioned in my problem statement: I don't want to move my application into ROOT folder or rename it to ROOT. And unlike as you said Mark, putting autoDeploy=false doesn't help in this case. Is this (loading a webapp twice if the context path and the docBase path is different) a feature of Tomcat? Can't this be turned off? My hunch is that you won't get a definitive answer to this question in this group :-/ I *think* you need to do all these: * maintain an empty appBase directory * leave autoDeploy alone (there's nothing for it to deploy) * set docBase in Context to an absolute path to your app regards Paul Singleton -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/Nov/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL Certificate Beginner Question
David Wall wrote: ...if the user accesses your site with http://, the port 80 Connector (or 8080 if testing or using a non-standard port) has a "redirectPort" element that causes Tomcat to automatically issue a redirect using https:// Are you sure? I thought redirectPort was only useful for redirecting _https_ requests which were sent to the wrong port... Paul S. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.362 / Virus Database: 267.13.10/189 - Release Date: 30/Nov/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jasper encryption and patents
Jasper does not contain any encryption code which would violate any commercial export laws. There are no IP patent suits against tomcat at the moment. If this were to happen - we would have the assistance of the solicitors for the ASF guide us in a best course of action for resolution. -Tim Joan K. Drejer (AH/LMD) wrote: Hi At Ericsson we are considering using Jasper-runtime and Jasper-compile in a commercial product. However, we would like to know if the product contains encryption, and if you possibly know about which ECCN (Export code) to put on it? Also, do you know if there are any patents which we should be aware of? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: confusion of tomcat downloading
Tomcat behind Apache. A PHP parser in java would be a non-trivial exercise. -Tim Seak, Teng-Fong wrote: Caldarale, Charles R wrote: If JSP and PHP are to be suppoerted in a server, what would everybody suggest? Tomcat behind Apache? Or a PHP parser module (probably written in Java) running inside Tomcat? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Recursive Tagfile and JSP Precompilation
IIRC - this is fixed in 5.5. I'm not sure if it was fixed with 5.5.12 - but 5.5.13 was just tagged and should be available soon. BUT it hasn't been voted how stable it is yet. (beta, alpha, stable) -Tim Peter L wrote: Hello, I'm trying to precompile JSP's for a JBoss(4.0.1) / Tomcat(5.0) server and everything is cool except I get a ClassNotFoundException when a Recursive Tagfile is encountered [jasper2] SEVERE: ERROR-the file '\WEB-INF\pages\templates\resolveResultsDialog.jsp' generated the following general exception: [jasper2] java.lang.ClassNotFoundException: org.apache.taglibs.standard.tlv.JstlCoreTLV [jasper2] at java.net.URLClassLoader$1.run(URLClassLoader.java:199) [jasper2] at java.security.AccessController.doPrivileged(Native Method) [jasper2] at java.net.URLClassLoader.findClass(URLClassLoader.java:187) [jasper2] at java.lang.ClassLoader.loadClass(ClassLoader.java:289) [jasper2] at java.lang.ClassLoader.loadClass(ClassLoader.java:235) [jasper2] at org.apache.jasper.compiler.TagLibraryInfoImpl.createValidator(TagLibraryInfoImpl.java:645) [jasper2] at org.apache.jasper.compiler.TagLibraryInfoImpl.parseTLD(TagLibraryInfoImpl.java:246) [jasper2] at org.apache.jasper.compiler.TagLibraryInfoImpl.(TagLibraryInfoImpl.java:162) If I comment out the actual line of recursion inside the tag file I can generate, compile, deploy and use all the servlets just fine (except for the missing functionality). I understand we use a jstl.jar and a standard.jar that are a little suspect. But given that there are no other similar jars available during the process then it should be fine (That and I upgraded them to 1.1.2 temporarily and got the same result). Questions: - Why does dynamic compilation work? What is Tomcat doing differently? - Is there a Jasper configuration inside Tomcat I can inspect? (I couldn't find it in server.xml) Bonus Questions: - Is there an easy way to precompile jsp's (for error checking and initial speed) and retain runtime customizability? - Will this rash ever go away? Thank you in advance for your consideration / help, Pete - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jasper encryption and patents
On 12/1/05, Joan K. Drejer (AH/LMD) <[EMAIL PROTECTED]> wrote: > Hi > > At Ericsson we are considering using Jasper-runtime and Jasper-compile > in a commercial product. > > However, we would like to know if the product contains encryption, and > if you possibly know about which ECCN (Export code) to put on it? Jasper does not contain any encryption. > Also, do you know if there are any patents which we should be aware of? We have not researched patents which might apply to Jasper. -- x Rémy Maucherat Developer & Consultant JBoss Group (Europe) SàRL x - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
jasper encryption and patents
Hi At Ericsson we are considering using Jasper-runtime and Jasper-compile in a commercial product. However, we would like to know if the product contains encryption, and if you possibly know about which ECCN (Export code) to put on it? Also, do you know if there are any patents which we should be aware of? Regards; Joan Drejer This communication is confidential and intended solely for the addressee(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you believe this message has been sent to you in error, please notify the sender by replying to this transmission and delete the message without disclosing it. Thank you. E-mail including attachments is susceptible to data corruption,interruption, unauthorized amendment, tampering and viruses, and we only send and receive e-mails on the basis that we are not liable for any such corruption, interception, amendment, tampering or viruses or any consequences thereof.
IllegalStateException after ReDeploy...
Hi to all! We have a JBOSS 3.2.3 + Tomcat 4.1.29 embedded. Sometimes we need to redeploy an application and, after such redeploy, a request to a JSP result in an unavailable page error. It seems related to the fact that, during a redeploy, a user request for a JSP of the application under deploy, causing a compilation error regardless if the JSP accessed is to be recompiled or not. i.e. suppose we have the application myApp with JSP_A and JSP_B. I made change on JSP_B then perform a redeploy. If nobody access myApp I find in work folder JSP_A original and JSP_B recompiled and all works fine. If someone access myApp, regardless JSP_A or JSP_B, while redeployng, this cause that the subsequent user access cause a IllegalStateException for each resource (both JSP_A and JSP_B). This means that a true "hot deploy" in not available? Or maybe there is some settings to do in .xml files? Any hint? TIA G. -- Giuseppe Briotti [EMAIL PROTECTED] "Alme Sol, curru nitido diem qui promis et celas aliusque et idem nasceris, possis nihil urbe Roma visere maius." (Orazio) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Session cookie path problem
Hi I have set up so all users on my server can use Tomcat from their home directories. They access servlets through "domain/~user/java/servlet/TestServlet" and it works fine. But I tried setting a session value in a servlet and the session value was never stored. So I checked the session cookie that Tomcat generates and the path in it was set to "/%7Euser/" in the beginning. So if I access the servlet by writing "domain/%7Euser/java/servlet/TestServlet" in the browser the session values works, but not if I use "~" in the browser. I know that "%7E" is the URL-encoded "~", but the users shouldn't have to enter that manually... What is doing this and how can I fix it? -- Christian Rudh [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to deploy my webapp as root context webapp without tomcat loading it twice?
Sorry Mark, but one question to you since you've suggested the option
of moving the webapp outside of appBase.
I've kept myWebapp at ${CATALINA.HOME}/myWebapp and given this path in
server.xml for the root context. Is that the correct way to do it? Is
there anything in my webapp that I need to take care of when I do
this?
--
Vivek.
On 12/1/05, Mark Thomas <[EMAIL PROTECTED]> wrote:
> Vivek Mohan wrote:
> > Question:
> >
> > I want to have myWebapp as the root context webapp in my tomcat
> > server. And I don't want to rename it to "ROOT". Is there a way by
> > which I can avoid tomcat from loading myWebapp twice?
>
> Options:
> - Don't put it in the appbase directory.
> - Turn off autoDeploy
> - Live with renaming it to ROOT
>
> Mark
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
