problem setting up tomcat 5.5 as deamon with jsvc
Hi there I'm having a problem getting tomcat 5.5 working with jsvc on a server of mine as of this moment I have not managed to get it working properly (I'm sending this to both commons-user and tomcat-user mailing lists in hope to get good answers :-)) The hardware: SunFire x4200 (http://www.sun.com/servers/entry/x4200/) 2 dualcore opteron 8 GB ram The software Mandriva Corporate Server 4 Sun Java sdk 1.5.0.11 Tomcat 5.5.20 jsvc is set up to change to user apache after startup all files in /user/local/apache-tomcat are setup with apache/apache owner/group all files in /var/www/ROOT is set up with apache/apache owner/group Just one note, if I execute the bin/startup.sh everything works ok. I've copied the Tomcat5.sh to /etc/init.d/tomcat and changed it so that it matches my locations running /etc/init.d/tomcat start do seem to work, it starts up 2 jsvc processes (on for ROOT and one for the apache user) also all ports open as they should (80, etc) I have also set up log4j rootlogger set to DEBUG level shows that tomcat is starting up however here comes the problematic part.. from here on I get random results sometimes when starting up (according to the logfiles tomcat starts ok) I can surf to my pages, and then it breaks surfing to the pages just makes the browser wait (as if the server hangs) looking at the logfile also showes that the server has stopped since nothing is happening here anymore. sometimes, the server seems to hang when starting up (I have several webapplications in /var/www/ and configured in server.xml since I cannot see in the log file that it has started some webapps (and not all access log files are beeing created) I just cannot get tomcat up and running properly using jsvc.. (and as I said, startin tomcat up with bin/startup.sh do work properly) Is there some know bugs in jsvc regarding this. (I could not find any in jira) from what I can see the only download from the jsvc pages is version 1.0.1 and that is the same version that tomcat 5.5 uses. At the moment I have redirected the port 80 to 8080 in the firewall and starting up tomcat manually as user apache since I don't want to run tomcat as root. -- Christian Andersson - [EMAIL PROTECTED] Configuration and Collaboration for OpenOffice.org Open Framework Systems AS http://www.ofs.no - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
java.lang.UnsupportedClassVersionError -- Please advise
Hi everybody My system confi is : Win XP , JDK 6 . My env variables are : PATH :C:\Program Files\Java\jdk1.6.0\bin and CLASSPATH : . (Dot). I have ran many java programs in my system without any problems. I have installed tomcat 6 (by just using the Windows Service installer - apache.tomcat.6.0.10.exe and making no other configurations ) . Now I face problem whenever I want to run any java programs, I get error message : Exception in thread main java.lang.UnsupportedClassVersionError: Tutorial05 (Unsupported major.minor version 50.0) Could you please advise ? Thanks - Heres a new way to find what you're looking for - Yahoo! Answers
Re: [OT] server.xml configuration..
Thank you for your help, If i dont want to remov the jsp files so my solution is good ? Another example is, Uploaded images was stored in products/images under test, i change it to d:\data\products\images buy same solution, added this part to server.xml under the Host tag, Context path=/test/products/images docBase=d:\data\products\images debug=0 crossContext=false/. So when i run this link http://localhost/test/products/images/344.jpg, the image is take from d:\data\products\images\344.jpg. Is there another way to do this with out remove the jsp files ? Thank you all. Li-3 wrote: You can move your jsp files which you would like to secure to WEB-INF/, and use dispatched way to access ... then you can define few error files like 404, 503 or your own error.jspwhich can be handled by your java class wish this helps On 3/6/07, prt [EMAIL PROTECTED] wrote: Hi to all, Where i have to config and what, to prevent direct access to my jsp files ? For example, I have project name test. If i whant to show product data the link is, http://localhost/test?do=showProductData. This link run the index.jsp that is in text, and in index.jsp there is include to actions/showProducData.jsp. To prevent direct access to jsp files that are locate in actions i added this part to server.xml in the host part, Context path=/test/actions docBase=/err debug=0 crossContext=false/ So when i try to do direct access to any jsp in actions is run the index file under err. The problem is when i run the link like this http://127.0.0.1/test?do=showProductData, is not work. If i want to cover this problem i have to add Host section to server.xmlfor 127.0.0.1 and put in it this part Context path=/test/actions docBase=/err debug=0 crossContext=false/. Is there any better solution for this problem ? Thank you all. -- View this message in context: http://www.nabble.com/server.xml-configuration..-tf3353902.html#a9327284 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- When we invent time, we invent death. -- View this message in context: http://www.nabble.com/server.xml-configuration..-tf3353902.html#a9328234 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] How to get hold of security information from web.xml
Thanks for the reply Mark. In my case that should not really be an issue so I'll go for it. Peter Mark Thomas-14 wrote: Peter Coppens wrote: Works fine, but what worries me is that I have to make this a priviliged web app now and I am unclear as to what the consequences of that are. The Tomcat doc is fairly brief on the meaning of the privileged attribute of the context element so that did not reallly help. Perhaps someone is willing to explain? It means the app has carte blanche to do what it likes to the Tomcat internals. How much of an issue this is depends on your environment. Mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/How-to-get-hold-of-security-information-from-web.xml-tf3350216.html#a9328278 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: java.lang.UnsupportedClassVersionError -- Please advise
From: Arshan Varsi [mailto:[EMAIL PROTECTED] My system confi is : Win XP , JDK 6 . My env variables are : PATH :C:\Program Files\Java\jdk1.6.0\bin and CLASSPATH : . (Dot). I have ran many java programs in my system without any problems. I have installed tomcat 6 (by just using the Windows Service installer - apache.tomcat.6.0.10.exe and making no other configurations ) . Now I face problem whenever I want to run any java programs, I get error message : Exception in thread main java.lang.UnsupportedClassVersionError: Tutorial05 (Unsupported major.minor version 50.0) Could you please advise ? Something is trying to use an older JDK to run Tomcat - probably 1.5. I think you should look at the Tomcat service properties and check that it is correctly configured. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Named based virtual host redirection
Hi there I'm doing some testing of redirection with a separate Apache web farm serving front end redirection of specific tags to Tomcat server via an ajp13 worker. The problem I'm coming across is redirecting a DNS alias to a specific tag on the same web server. I've been trying virtual host directives, to no avail (the ajp13 redirection works for normal tags). The configuration is as follows; httpd.conf LoadModule jk_module modules/mod_jk.so JkWorkersFile conf/workers.properties JkShmFile logs/mod_jk.shm JkLogFile logs/mod_jk.log JkLogLevelinfo JkLogStampFormat [%a %b %d %H:%M:%S %Y] JkMount /app1/* worker1 ServerName fred.abc.co.uk DocumentRoot D:/Apache2/htdocs Include conf/extra/httpd-vhosts.conf httpd-vhosts.conf NameVirtualHost 1.2.3.4:80 VirtualHost 1.2.3.4:80 DocumentRoot d:/apache2/htdocs ServerName test.abc.co.uk Redirect / http://fred.abc.co.uk/app1/ /VirtualHost workers.properties worker.list=worker1 worker.worker1.type=ajp13 worker.worker1.host=1.2.3.5 worker.worker1.port=8009 Now if I hit the http://fred.abc.co.uk/app1/ without the vhosts include, the site comes up...great! If I include the vhosts, and try to hit http://test.abc.co.uk http://test.abc.co.uk/ without an appended /app1/ tag (this is what I'm trying to achieve) to get the same site, I get nothing at allin fact, it times out. In the Apache web server logs all I see is a recursive get on /app1/. Also, the original URL does not work any more. This seems to be a simple requirement but it is not proving to be straightforward. Can anybody help, or point me in the right direction? Darren Kukulka IT Infrastructure Consultant Conntrol Connaught PLC Connaught honoured AIM 'Decade of Excellence' Award Connaught awarded Partnering Contractor of the Year 2005 Connaught wins AIM 'Company of the Year' award 2004 West of England Business of the Year Award Winner 2003 Why not visit our website http://www.connaught.plc.uk Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this message. Connaught plc, Head Office 01392 444546
Re: trimDirectiveWhitespaces not working
trimDirectiveWhitespaces is only applicable at servlet configuration time. See $TOMCAT_HOME/conf/web.xml -Tim Peik Feng wrote: Hi, I have installed Tomcat 6.0.10 with JRE 1.6.0. I tried to set trimDirectiveWhitespaces in page directive but it doesn't take effect. %@ page trimDirectiveWhitespaces=true % I also tried to set in jsp-property-group in web.xml also no effect. jsp-property-group trim-directive-whitespacestrue/trim-directive-whitespaces /jsp-property-group - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server.xml configuration..
Use a servlet filter which is mapped to *.jsp - see Google for more details on Servlet Filters. (javax.servlet.Filter) -Tim prt wrote: Hi to all, Where i have to config and what, to prevent direct access to my jsp files ? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 6 - includes broken
Thanks everyone. Much appreciated. I think part of my confusion was that when I create a directory to deploy into, I have to remove subdirectories from the appBase because it finds them first there before it looks in the ROOT directory I'm deploying into. This may be as intended but it was somewhat confusing when I've only ever used the old style deployment I picked up years ago. On 3/6/07, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Patrick Lee [mailto:[EMAIL PROTECTED] Subject: Re: Tomcat 6 - includes broken Host name=www.something.com. debug=0 appBase=c:/wwwroot/path/ unpackWARs=true autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase=. debug=0 privileged=true/ /Host This is what's not working. Additionally, If I do set the docBase to something else then it serves paths under the root relative to the appBase, not the docBase. Which is exactly what it's supposed to do. A docBase of . is never, never correct. As others have pointed out, you should stop trying to force use of the old deployment mechanism, and use the current, more robust one. 1) Remove the Context element from server.xml. 2) Remove the existing webapps/ROOT directory. 3) Deploy your app in C:/wwwroot/path/ROOT.war (or C:/wwwroot/path/ROOT, if expanded). 4) Create a META-INF/context.xml file in your webapp containing a Context element with only a privileged=true attribute (if you really need even that). You may alternatively place this Context element in conf/Catalina/www.something.com/ROOT.xml, if desired. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: server.xml configuration..
Any reason why cant you put all pf the jsp inside WEB-INF folder This way you can be sure that no one is able to access your jsp file Regards Guru --- Gurumoorthy Raghupathy Email : [EMAIL PROTECTED] Internal Extn : 2337 External Phone : 01483712337 Nielsen Book 3rd Floor Midas House 62 Goldsworth Road Woking Surrey GU21 6LQ Visit us at : http://www.nielsenbookdata.co.uk/ --- -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: 06 March 2007 11:37 To: Tomcat Users List Subject: Re: server.xml configuration.. Use a servlet filter which is mapped to *.jsp - see Google for more details on Servlet Filters. (javax.servlet.Filter) -Tim prt wrote: Hi to all, Where i have to config and what, to prevent direct access to my jsp files ? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Cannot re-set component value
Hi
I've written about this problem already, but still I didn't find
solution. The problem is that my components on the pages somehow are saving
values that are assigned to them for the first time. So, when I am first
time at page A and set hidden field value to 3, then go to B, and then once
again to A (not with back button), value is still 3, even when I assign new
one to it! I thought it can be OSCache, but I flush data from cache and old
value still is there!
I even changed the way of keeping value from hidden field to request
scoped bean with ajax4jsf keepAlive component (which holds new value
properly), but call to #{MyBean.value} results in old value in the html
code!
I would be grateful for any tips,
Michal
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
TZUpdater for Extended DST issue
Has anyone had any issue applying TZUpdater on the web server? Because of the Extended Daylight Savings Time, I need to apply this patch on our web servers where Tomcat are running, and I would like to hear if there is any known problem. Thanks. epy. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to request a client Certificate Authentication ?
Hello, I try to implement a custom client certificate authentication, that does some complicated LDAP-lookups in the background and gives an authenticated value with request.getRemoteUser() back to the applications. Peeking through the jcifs source, I chose to implement a filter. This works,but I'd like to limit the areas where the tomcat-SSL Connector asks for a SSL-Clientauthentication. I configured the connector with clientAuth=false and tried to force SSL client authentication within the applications web.xml with: security-constraint web-resource-collection web-resource-nameZugriffsschutz/web-resource-name url-pattern/secure/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint login-config auth-methodCLIENT-CERT/auth-method /login-config But this does not make the connector ask for a client certificate. How do I make the connector ask for it? (clientAuth=true in the connectors configuration works, but limits the access of all pages to users that have client certs). I'm using tomcat 5.5.20. Regards, Alexander Jung smime.p7s Description: S/MIME cryptographic signature
Re: How to request a client Certificate Authentication ?
Hi, SSL stuff happens before any actual HTTP data is sent. It not possible to see request's URL at this stage. Dima Tuesday, March 6, 2007, 3:29:15 PM, you wrote: JAA Hello, JAA I try to implement a custom client certificate authentication, that does JAA some complicated LDAP-lookups in the background and gives an authenticated JAA value with request.getRemoteUser() back to the applications. JAA Peeking through the jcifs source, I chose to implement a filter. This JAA works,but I'd like to limit the areas where the tomcat-SSL Connector asks JAA for a SSL-Clientauthentication. JAA I configured the connector with clientAuth=false and tried to force SSL JAA client authentication within the applications web.xml with: JAAsecurity-constraint JAAweb-resource-collection JAA web-resource-nameZugriffsschutz/web-resource-name JAAurl-pattern/secure/*/url-pattern JAA/web-resource-collection JAAuser-data-constraint JAA transport-guaranteeCONFIDENTIAL/transport-guarantee JAA/user-data-constraint JAA/security-constraint JAAlogin-config JAAauth-methodCLIENT-CERT/auth-method JAA/login-config JAA But this does not make the connector ask for a client certificate. How do I JAA make the connector ask for it? (clientAuth=true in the connectors JAA configuration works, but limits the access of all pages to users that have JAA client certs). JAA I'm using tomcat 5.5.20. JAA Regards, JAA Alexander Jung -- Best regards, Dimamailto:[EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: How to request a client Certificate Authentication ?
Hi, I'm not trying to see the SSL stuff itself, but make the connector ask for a client certificate. This works with the security-constraint config mentioned below, if I reference a role from the user-realm. As I do not have the users defined in some realm, i try to find a was to make the connector switch to requesting a client certificate without referencing a realm. The only alternative would be to dump the filter and implement a realm? Mit freundlichen Grüßen, Alexander Jung -Ursprüngliche Nachricht- Von: Dima Retov [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 6. März 2007 14:33 An: Tomcat Users List Betreff: Re: How to request a client Certificate Authentication ? Hi, SSL stuff happens before any actual HTTP data is sent. It not possible to see request's URL at this stage. Dima Tuesday, March 6, 2007, 3:29:15 PM, you wrote: JAA Hello, JAA I try to implement a custom client certificate authentication, that does JAA some complicated LDAP-lookups in the background and gives an authenticated JAA value with request.getRemoteUser() back to the applications. JAA Peeking through the jcifs source, I chose to implement a filter. This JAA works,but I'd like to limit the areas where the tomcat-SSL Connector asks JAA for a SSL-Clientauthentication. JAA I configured the connector with clientAuth=false and tried to force SSL JAA client authentication within the applications web.xml with: JAA security-constraint JAA web-resource-collection JAA web-resource-nameZugriffsschutz/web-resource-name JAA url-pattern/secure/*/url-pattern JAA /web-resource-collection JAA user-data-constraint JAA transport-guaranteeCONFIDENTIAL/transport-guarantee JAA /user-data-constraint JAA /security-constraint JAA login-config JAA auth-methodCLIENT-CERT/auth-method JAA /login-config JAA But this does not make the connector ask for a client certificate. How do I JAA make the connector ask for it? (clientAuth=true in the connectors JAA configuration works, but limits the access of all pages to users that have JAA client certs). JAA I'm using tomcat 5.5.20. JAA Regards, JAA Alexander Jung -- Best regards, Dimamailto:[EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
Server suddenly using GMT instead of local time
I had a weird thing happen yesterday: I'm running TC 5.5.12 on Windows 2000 server. The jre is version 1.5.0_07. I did windows updates through IE, and used tzedit to update the DST settings, then rebooted the server. Everything came back up normally, but when I looked at the data being written by my app, the timestamp that it uses to tag when the data was received was suddenly using GMT instead of local time. I didn't do any code changes to the app; just the windows updates and the DST change. The machine itself was still on local time, and the time zone was still correct (U.S. Eastern Time), but the data being written had a timestamp of 5 hours ahead. Any idea what could cause this? I'm still working on replicating it, but so far cannot do so on my dev machine. Thanks! Dave - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat Smart Card (CAC card) problem
Hi, The issue seems to be with the IE /Tomat handshake. When IE hits my Tomcat site, it puts up a dialog with a title of Choose a Digital Certificate. However the list of certificates to choose from is empty. The certificates are loaded into my IE browser. It seem to work with IIS. When I hit an IIS site, the same form comes up, but the form is pre-populated with the list of certifcates. Why doesn't IE show the certificates when accessing Tomcat but does when accessing IIS? Most probably, your Tomcat connector does not trust the CA from your Smartcard. As you Configured clientAuth=ture you make the connector request a client cert. The connector will send all the CA's it trusts to the client and your client will present the fitting ones for you to select from. When the Server (in this case the tomcat connector) trust no CA's your client has certificates from, you'll see the empty list. I can only guess that your IIS has the CA from your smartcard already imported. To fix it for tomcat you need to append your connectors configuration by the following: truststoreFile=conf/trust.keystore truststorePass=i_wont_say You need to put the CA cert (and all CA certs above that one) into the referenced trust-keystore. Mit freundlichen Grüßen, Alexander Jung smime.p7s Description: S/MIME cryptographic signature
Re: trimDirectiveWhitespaces not working
On 3/6/07, Tim Funk [EMAIL PROTECTED] wrote:
trimDirectiveWhitespaces is only applicable at servlet configuration
time. See $TOMCAT_HOME/conf/web.xml
There's a new directive and new jsp property which is supposed to do
the same as our trimSpaces (of course, it's far more complicated).
While it is parsed and validated (to pass the TCK), it doesn't seem to
be used.
The user could test the following patch to see what it does:
Index: TextOptimizer.java
===
--- TextOptimizer.java (revision 513314)
+++ TextOptimizer.java (working copy)
@@ -29,6 +29,7 @@
static class TextCatVisitor extends Node.Visitor {
private Options options;
+private PageInfo pageInfo;
private int textNodeCount = 0;
private Node.TemplateText firstTextNode = null;
private StringBuffer textBuffer;
@@ -36,6 +37,7 @@
public TextCatVisitor(Compiler compiler) {
options = compiler.getCompilationContext().getOptions();
+pageInfo = compiler.getPageInfo();
}
public void doVisit(Node n) throws JasperException {
@@ -71,7 +73,8 @@
public void visit(Node.TemplateText n) throws JasperException {
-if (options.getTrimSpaces() n.isAllSpace()) {
+if ((options.getTrimSpaces() ||
pageInfo.isTrimDirectiveWhitespaces())
+ n.isAllSpace()) {
n.setText(emptyText);
return;
}
Rémy
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
AW: How to request a client Certificate Authentication ?
Hello, I just found it searching the list. clientAuth=want Does what I need: It permits Users without clientcerts, but asks for them in case they have some... This together with my filter, that checks for the certs brings the desired effect. Mit freundlichen Grüßen, Alexander Jung -Ursprüngliche Nachricht- Von: Jung, Alexander (AGIS) Gesendet: Dienstag, 6. März 2007 14:39 An: Tomcat Users List Betreff: AW: How to request a client Certificate Authentication ? Hi, I'm not trying to see the SSL stuff itself, but make the connector ask for a client certificate. This works with the security-constraint config mentioned below, if I reference a role from the user-realm. As I do not have the users defined in some realm, i try to find a was to make the connector switch to requesting a client certificate without referencing a realm. The only alternative would be to dump the filter and implement a realm? Mit freundlichen Grüßen, Alexander Jung -Ursprüngliche Nachricht- Von: Dima Retov [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 6. März 2007 14:33 An: Tomcat Users List Betreff: Re: How to request a client Certificate Authentication ? Hi, SSL stuff happens before any actual HTTP data is sent. It not possible to see request's URL at this stage. Dima Tuesday, March 6, 2007, 3:29:15 PM, you wrote: JAA Hello, JAA I try to implement a custom client certificate authentication, that does JAA some complicated LDAP-lookups in the background and gives an authenticated JAA value with request.getRemoteUser() back to the applications. JAA Peeking through the jcifs source, I chose to implement a filter. This JAA works,but I'd like to limit the areas where the tomcat-SSL Connector asks JAA for a SSL-Clientauthentication. JAA I configured the connector with clientAuth=false and tried to force SSL JAA client authentication within the applications web.xml with: JAAsecurity-constraint JAAweb-resource-collection JAA web-resource-nameZugriffsschutz/web-resource-name JAAurl-pattern/secure/*/url-pattern JAA/web-resource-collection JAAuser-data-constraint JAA transport-guaranteeCONFIDENTIAL/transport-guarantee JAA/user-data-constraint JAA/security-constraint JAAlogin-config JAAauth-methodCLIENT-CERT/auth-method JAA/login-config JAA But this does not make the connector ask for a client certificate. How do I JAA make the connector ask for it? (clientAuth=true in the connectors JAA configuration works, but limits the access of all pages to users that have JAA client certs). JAA I'm using tomcat 5.5.20. JAA Regards, JAA Alexander Jung -- Best regards, Dimamailto:[EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
Re: Specify location of server.xml as a start up argument
You could put a case statement in the catalina.sh file where you change the CATALINA_BASE directory based on user input: echo Enter the application you want to start read app case $app in app1) export CATALINA_BASE=/usr/local/app1base ;; app2) export CATALINA_BASE=/usr/local/app2base ;; default) export CATALINA_BASE=/usr/local/tomcat/latest esac On 3/6/07, Anto Paul [EMAIL PROTECTED] wrote: Hi dev team, Any comments on this ?. It will be nice to run a different application by flipping server.xml. -- Forwarded message -- From: Anto Paul [EMAIL PROTECTED] Date: Feb 13, 2007 1:04 PM Subject: Specify location of server.xml as a start up argument To: users@tomcat.apache.org Hi, I run Tomcat from inside Eclipse. I pass the start up parameters to boot strap class. I want to specify server.xml as an argument so I could switch between run configuration to run different applications rather than edit server.xml context element or have 2 tomcat installations. Is it possible ?. I know about using different catalina.base and I am looking for a simpler config. Regards, Anto Paul
RE: Named based virtual host redirection
Further to this I modified the httpd-vhosts.conf file, after discovering that the main server will not serve the jkmount directives if virtual hosts are active...hence the looping and no response... NameVirtualHost 1.2.3.4:80 VirtualHost *:80 DocumentRoot d:/apache2/htdocs ServerName fred.abc.co.uk JkMount /app1/* worker1 /VirtualHost VirtualHost *:80 DocumentRoot d:/apache2/htdocs ServerName test.abc.co.uk Redirect / http://fred.abc.co.uk/app1/ /VirtualHost This worked but I want to hide the redirect URL, so I tried using proxypass as follows for the second virtual host... VirtualHost *:80 DocumentRoot d:/apache2/htdocs ServerName test.abc.co.uk ProxyPass / http://fred.abc.co.uk/app1/ ProxyPassReverse / http://fred.abc.co.uk/app1/ /VirtualHost This almost works, but it only appears to show the html content, not the JSP. Does anybody have any suggestions how to make this work? -Original Message- From: Darren Kukulka [mailto:[EMAIL PROTECTED] Sent: 06 March 2007 10:18 To: Tomcat Users List Subject: Named based virtual host redirection Hi there I'm doing some testing of redirection with a separate Apache web farm serving front end redirection of specific tags to Tomcat server via an ajp13 worker. The problem I'm coming across is redirecting a DNS alias to a specific tag on the same web server. I've been trying virtual host directives, to no avail (the ajp13 redirection works for normal tags). The configuration is as follows; httpd.conf LoadModule jk_module modules/mod_jk.so JkWorkersFile conf/workers.properties JkShmFile logs/mod_jk.shm JkLogFile logs/mod_jk.log JkLogLevelinfo JkLogStampFormat [%a %b %d %H:%M:%S %Y] JkMount /app1/* worker1 ServerName fred.abc.co.uk DocumentRoot D:/Apache2/htdocs Include conf/extra/httpd-vhosts.conf httpd-vhosts.conf NameVirtualHost 1.2.3.4:80 VirtualHost 1.2.3.4:80 DocumentRoot d:/apache2/htdocs ServerName test.abc.co.uk Redirect / http://fred.abc.co.uk/app1/ /VirtualHost workers.properties worker.list=worker1 worker.worker1.type=ajp13 worker.worker1.host=1.2.3.5 worker.worker1.port=8009 Now if I hit the http://fred.abc.co.uk/app1/ without the vhosts include, the site comes up...great! If I include the vhosts, and try to hit http://test.abc.co.uk http://test.abc.co.uk/ without an appended /app1/ tag (this is what I'm trying to achieve) to get the same site, I get nothing at allin fact, it times out. In the Apache web server logs all I see is a recursive get on /app1/. Also, the original URL does not work any more. This seems to be a simple requirement but it is not proving to be straightforward. Can anybody help, or point me in the right direction? Darren Kukulka IT Infrastructure Consultant Conntrol Connaught PLC Connaught honoured AIM 'Decade of Excellence' Award Connaught awarded Partnering Contractor of the Year 2005 Connaught wins AIM 'Company of the Year' award 2004 West of England Business of the Year Award Winner 2003 Why not visit our website http://www.connaught.plc.uk Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete this message. Connaught plc, Head Office 01392 444546 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Named based virtual host redirection
On 3/6/07, Darren Kukulka [EMAIL PROTECTED] wrote: This worked but I want to hide the redirect URL, and eliminate the doubled network traffic, I hope? :-) Anyway, VirtualHost *:80 DocumentRoot d:/apache2/htdocs ServerName test.abc.co.uk ProxyPass / http://fred.abc.co.uk/app1/ ProxyPassReverse / http://fred.abc.co.uk/app1/ /VirtualHost This almost works, but it only appears to show the html content, not the JSP. Does anybody have any suggestions how to make this work? 1. move your static content to Tomcat, 2. use mod_proxy_ajp instead of mod_jk FWIW! -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Servlet Filtering performance..
Hi to all again, I added filter object for all requests url-pattern/*/url-pattern. In the Filter class i check the ServletPath (HttpServletRequest.getServletPath()) and i check if is equals to alist of allowd paths. it is work just perfect. But i think that is damage the performance, is it ? Thank you. -- View this message in context: http://www.nabble.com/Servlet-Filtering---performance..-tf3356429.html#a9334933 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: trimDirectiveWhitespaces not working
D'oh! I had an older copy of the spec without those notes. -Tim Rémy Maucherat wrote: On 3/6/07, Tim Funk [EMAIL PROTECTED] wrote: trimDirectiveWhitespaces is only applicable at servlet configuration time. See $TOMCAT_HOME/conf/web.xml There's a new directive and new jsp property which is supposed to do the same as our trimSpaces (of course, it's far more complicated). While it is parsed and validated (to pass the TCK), it doesn't seem to be used. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] log4j, fileappender, owner, group, and umask
Thanks for the input, Dan. Actually, I am aware of how permissions. The question is how to set permissions, owner, group on a log file created by FileAppender when it actually creates the log file. For the moment, I have solved the problem by using a separate log file for tomcat. Daniel Stephens wrote: If they are all the same group, then I would suggest just setting the umask to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100% sure of all the down falls here. I do know that 022 will work I've done some things with my source code, and others in my group not able to write to it, but they needed to. I'm attaching this link, so you can check out some of that settings. Sorry if your already familiar with these Admin concepts.. http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html On 3/2/07, stevethames [EMAIL PROTECTED] wrote: Hi Dan. Thanks for responding. Yes, that's true, the file is owned by the tomcat user. My mod_perl stuff runs under apache (the httpd user) and I have some Perl daemons that run as root. In Perl, using log4perl, I can set the owner, group, and umask of the log file for file creation. I have a reason for keeping the user IDs (apache, tomcat, root) as they are. So, what I've done is made them all part of the same group. Its the group and group permissions I need to set on the log file using FileAppender. Any thoughts? Daniel Stephens wrote: I would think if your using Tomcat as the Servlet container, The file itself would be owned by the account running Tomcat. Is this not the case? On 3/2/07, stevethames [EMAIL PROTECTED] wrote: I am using tomcat as a servlet server used by a mod_perl application running under apache. I have setup log4j and log4perl to that both tomcat and the Perl app can use the same log files. This all works fine. The problem I'm having is when tomcat creates the log file. Does anyone know how to set the log file owner, group, and permissions when FileAppender creates the log file? -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9335296 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: trimDirectiveWhitespaces not working
On 3/6/07, Tim Funk [EMAIL PROTECTED] wrote: D'oh! I had an older copy of the spec without those notes. It's a very minor issue anyway (trimSpaces doesn't do all that much). Rémy - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Servlet Filtering performance..
If your allowed list check is small and simple (and NOT synchronized) - the performance impact is probably not noticeable. If your list of URLS is large - then your check would be based on your check algorithm. (http://en.wikipedia.org/wiki/Big_O_notation) -Tim prt wrote: Hi to all again, I added filter object for all requests url-pattern/*/url-pattern. In the Filter class i check the ServletPath (HttpServletRequest.getServletPath()) and i check if is equals to alist of allowd paths. it is work just perfect. But i think that is damage the performance, is it ? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Server suddenly using GMT instead of local time
Look at your system properties [user.timezone] -Tim David Kerber wrote: I had a weird thing happen yesterday: I'm running TC 5.5.12 on Windows 2000 server. The jre is version 1.5.0_07. I did windows updates through IE, and used tzedit to update the DST settings, then rebooted the server. Everything came back up normally, but when I looked at the data being written by my app, the timestamp that it uses to tag when the data was received was suddenly using GMT instead of local time. I didn't do any code changes to the app; just the windows updates and the DST change. The machine itself was still on local time, and the time zone was still correct (U.S. Eastern Time), but the data being written had a timestamp of 5 hours ahead. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Server suddenly using GMT instead of local time
What file would that be in? Tim Funk wrote: Look at your system properties [user.timezone] -Tim David Kerber wrote: I had a weird thing happen yesterday: I'm running TC 5.5.12 on Windows 2000 server. The jre is version 1.5.0_07. I did windows updates through IE, and used tzedit to update the DST settings, then rebooted the server. Everything came back up normally, but when I looked at the data being written by my app, the timestamp that it uses to tag when the data was received was suddenly using GMT instead of local time. I didn't do any code changes to the app; just the windows updates and the DST change. The machine itself was still on local time, and the time zone was still correct (U.S. Eastern Time), but the data being written had a timestamp of 5 hours ahead. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Server suddenly using GMT instead of local time
Ok, thanks. This gave me enough to go on that I could find the fix with a bit of googling. Apparently it's something that occasionally happens in Win2k when messing with timezones and updates. The workaround was to just change the timezone to something different and then change it back, and everything is fine now. Thanks for the hint!! Dave Tim Funk wrote: Its a system property - you can see it by with of the following in a sample jsp: out.println(System.getProperties().getProperty(user.timezone)) or System.getProperties().list(new java.io.PrintWriter(out)); -Tim David Kerber wrote: What file would that be in? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: install DBCP and mm.mysql 2.0.14 (JDBC Driver) and test app, get class compile error.
There's no reason I know of to have .classpath or .project in the webapp. The servlet spec doesn't define them and tomcat doesn't use them. I would imagine these are specific to the development environment you are working in. I've seen posts from other people integrating PHP with Tomcat, but don't do it myself. Hopefully someone else on the list might offer some helpful tips there. Glad you got things working. --David Wayne Bragg wrote: Thank you once again David, Yes I did upgrade the mysql driver, made the appropriate changes, and now it's all working fine! Is there any reason to have .classpath and .project in the \DBTest\ directory? Are they for deploying or a leftover from another platform? Next step is to tie in PHP the same way. I'll try configuring it with the docs I've come across, if not you'll see me back here. Unless you know right offhand were some newbie docs can be found for configuring the PHP using drivers like the mysql would you? Or have the steps handy! Can't thank you enough for what you have already done! - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Server suddenly using GMT instead of local time
Its a system property - you can see it by with of the following in a sample jsp: out.println(System.getProperties().getProperty(user.timezone)) or System.getProperties().list(new java.io.PrintWriter(out)); -Tim David Kerber wrote: What file would that be in? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Servlet Filtering performance..
Hi, My list is small only 5 URLS, I save it in (String[]), that load in the Filter init method by init parameter in the web.xml. Every request i take the ServletPath and to this part in function, boolean bRunURL; for(int i = 0, max = sArrAlowd.length; i max !bRunURL; i++) bRunURL = (sServletPath.indexOf(sArrAlowd[i],1) == 1); return bRunURL; U think is ok ? Tim Funk wrote: If your allowed list check is small and simple (and NOT synchronized) - the performance impact is probably not noticeable. If your list of URLS is large - then your check would be based on your check algorithm. (http://en.wikipedia.org/wiki/Big_O_notation) -Tim prt wrote: Hi to all again, I added filter object for all requests url-pattern/*/url-pattern. In the Filter class i check the ServletPath (HttpServletRequest.getServletPath()) and i check if is equals to alist of allowd paths. it is work just perfect. But i think that is damage the performance, is it ? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Servlet-Filtering---performance..-tf3356429.html#a9335687 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Servlet Filtering performance..
You won't even notice this code being run. -Tim prt wrote: Hi, My list is small only 5 URLS, I save it in (String[]), that load in the Filter init method by init parameter in the web.xml. Every request i take the ServletPath and to this part in function, boolean bRunURL; for(int i = 0, max = sArrAlowd.length; i max !bRunURL; i++) bRunURL = (sServletPath.indexOf(sArrAlowd[i],1) == 1); return bRunURL; - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Servlet Filtering performance..
Well so you say is good, thank you for your help. I have another problem, I save uploaded images(by users) in folder place at D:\storeg\data\uf\. So when the URL is http://localhost/test/uf/xyz.jpg; then is redirect to D:\storeg\data\uf\xyz.jpg And that so because i cunfigure in server.xml this part between the host tag, Context path=/uf docBase=D:\storeg\data\uf debug=0 crossContext=false/ Is ther way that i can do that by using the filter, how can i redirect the request from the flter when is /uf... to D:\storeg\data\uf... with out loading the image and print it out from the filter ? Thank you. (it take hourse to post amessage, my english is not good, sory) Tim Funk wrote: You won't even notice this code being run. -Tim prt wrote: Hi, My list is small only 5 URLS, I save it in (String[]), that load in the Filter init method by init parameter in the web.xml. Every request i take the ServletPath and to this part in function, boolean bRunURL; for(int i = 0, max = sArrAlowd.length; i max !bRunURL; i++) bRunURL = (sServletPath.indexOf(sArrAlowd[i],1) == 1); return bRunURL; - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Servlet-Filtering---performance..-tf3356429.html#a9339522 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Redirect question
Hello, I am migrating an application to a new server. The web application is installed on the new server, I still need to serve it on port 8080 since some users are using it like this. But I also need to serve it on port 80. On the old server, apache was installed to redirect to http://hostname:8080/. I wish to get rid of apache from the design, is there any way I can set it up so it listens on port 80 and redirects to 8080 ? Thanks. NOTICE: This email contains privileged and confidential information and is intended only for the individual to whom it is addressed. If you are not the named addressee, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this transmission by mistake and delete this communication from your system. E-mail transmission cannot be guaranteed to be secured or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. AVIS: Le présent courriel contient des renseignements de nature privilégiée et confidentielle et nest destiné qu'à la personne à qui il est adressé. Si vous nêtes pas le destinataire prévu, vous êtes par les présentes avisés que toute diffusion, distribution ou reproduction de cette communication est strictement interdite. Si vous avez reçu ce courriel par erreur, veuillez en aviser immédiatement lexpéditeur et le supprimer de votre système. Notez que la transmission de courriel ne peut en aucun cas être considéré comme inviolable ou exempt derreur puisque les informations quil contient pourraient être interceptés, corrompues, perdues, détruites, arrivées en retard ou incomplètes ou contenir un virus. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] log4j, fileappender, owner, group, and umask
Ok cool.. I just had a round with our umask and groups being setup incorrectly. just a mess. On 3/6/07, stevethames [EMAIL PROTECTED] wrote: Thanks for the input, Dan. Actually, I am aware of how permissions. The question is how to set permissions, owner, group on a log file created by FileAppender when it actually creates the log file. For the moment, I have solved the problem by using a separate log file for tomcat. Daniel Stephens wrote: If they are all the same group, then I would suggest just setting the umask to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100% sure of all the down falls here. I do know that 022 will work I've done some things with my source code, and others in my group not able to write to it, but they needed to. I'm attaching this link, so you can check out some of that settings. Sorry if your already familiar with these Admin concepts.. http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html On 3/2/07, stevethames [EMAIL PROTECTED] wrote: Hi Dan. Thanks for responding. Yes, that's true, the file is owned by the tomcat user. My mod_perl stuff runs under apache (the httpd user) and I have some Perl daemons that run as root. In Perl, using log4perl, I can set the owner, group, and umask of the log file for file creation. I have a reason for keeping the user IDs (apache, tomcat, root) as they are. So, what I've done is made them all part of the same group. Its the group and group permissions I need to set on the log file using FileAppender. Any thoughts? Daniel Stephens wrote: I would think if your using Tomcat as the Servlet container, The file itself would be owned by the account running Tomcat. Is this not the case? On 3/2/07, stevethames [EMAIL PROTECTED] wrote: I am using tomcat as a servlet server used by a mod_perl application running under apache. I have setup log4j and log4perl to that both tomcat and the Perl app can use the same log files. This all works fine. The problem I'm having is when tomcat creates the log file. Does anyone know how to set the log file owner, group, and permissions when FileAppender creates the log file? -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9335296 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Servlet Filtering performance..
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
prt,
prt wrote:
I have another problem,
You should post a separate message in this case.
I save uploaded images(by users) in folder place at D:\storeg\data\uf\.
So when the URL is http://localhost/test/uf/xyz.jpg; then is redirect to
D:\storeg\data\uf\xyz.jpg
I assume you mean it is mapped to d:\.. redirecting to a local
file path won't work unless you are running your browser from the
application server.
And that so because i configure in server.xml this part between the host
tag,
Context path=/uf docBase=D:\storeg\data\uf debug=0
crossContext=false/
Is there way that i can do that by using the filter, how can i redirect the
request from the filter when is /uf... to
D:\storeg\data\uf... with out loading the image and print it out from the
filter ?
You have two options:
1. Map a directory into your URL space (not sure how to do that in
Tomcat, but I'm sure that's been covered in the archives).
2. Write an image-serving servlet. Something like this:
servlet-mapping
url-pattern/ug/*/url-pattern
servlet-nameimageServlet/servlet-name
/servlet-mapping
Your servlet class, written in loose pseudocode:
doGet()
{
String filename = request.getExtraPathInfo();
// You should check for .. and other evil-looking paths
filename = D:/storeg/data/ug/ + filename;
File f = new File(filename);
response.setContentType(whatever/is+appropriate);
response.setContentLength(f.length());
FileInputStream in = new FileInputStream(filename);
OutputStream out = response.getOutputStream();
byte[] buffer = new byte[1024];
int count = 0;
while(1024 == (count = in.read(buffer)))
out.write(buffer);
out.write(buffer, 0 count);
in.close();
out.close();
}
Hope that helps,
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF7fGd9CaO5/Lv0PARAs09AJ9O85lqIEw+ouuSo3oOJnvWQNkl+wCff4c8
8QYH36U+LBA0jk9GXbt69HQ=
=Uz+L
-END PGP SIGNATURE-
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
tomcat connector through cgi-bin?
Hi, Has anyone here ever had to use a cgi-bin directory to try and connect to tomcat? ie, some script that when run under cgi-bin, connects and forwards the info to tomcat? I cant find much on it, but it would be really handy. (Have a web server that i cant install a connector in!). Best Regards, Jacob -- _ Jacob Rhoden Application Architect Systems Development and Integration University of Melbourne Phone: +61 3 8344 2884 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat connector through cgi-bin?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jacob, Jacob Rhoden wrote: Hi, Has anyone here ever had to use a cgi-bin directory to try and connect to tomcat? ie, some script that when run under cgi-bin, connects and forwards the info to tomcat? Ugh. This sounds miserable. ;) I cant find much on it, but it would be really handy. (Have a web server that i cant install a connector in!). Do you mean that you can't install something like mod_jk? Or, that you can't use a Tomcat connector with a port number? You might be able to use proxying (possibly?) already available in your web server to simply proxy requests to an HTTP connector running in Tomcat. I think this would be cleaner than a cgi-bin-Tomcat hack. What is your environment? Perhaps we can come up with a better solution. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF7ftP9CaO5/Lv0PARAjvqAJ9Z1TGdv4OWenrd04g14ywvSGtIggCfSJc2 +ASJtwy/XJsR9Ta6Wrt6yN4= =+63O -END PGP SIGNATURE- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] log4j, fileappender, owner, group, and umask
Here's the thing about umask. In the Unix file system, file permissions is an octal value with one digit for each user type. When using chmod, these permissions can be set directly and do not require a leading zero. chmod 664 file Each digit represents a user class and each bit within the digit represents a permission. Digits are from left to right. Values are shown: Digit 0 (6) = User (Owner) Digit 1 (6) = Group Digit 2 (4) = Others Bits within each digit are from right to left. Values for each digit are shown. Bit 0 (0,0,0) = Execute Bit 1 (1,1,0) = Write Bit 2 (1,1,1) = Read The chmod command, above, sets the permissions to rw for the owner (user), rw for the group, and r for all others. In symbolic form, this would be chmod u=rw,g=rw,o=r The confusing thing about umask is that, in octal form, the value represents a bit mask--not a bit value as shown above. Therefore, it does not set a bit value but masks a bit value from being set. In addition, the octal umask value has no effect on the execute permission bit. This must be set using chmod. Examples: umask 0222 says turn off write permissions for all user classes and allow only read. umask 0044 says Allow read/write for the owner but allow only write for group/others. umask 0066 says Allow read/write for the owner and no access for group/others. Its confusing because we're used to using chmod nnn and umask 0nnn is bass-akwards from that. I hope this is helpful. Daniel Stephens wrote: Ok cool.. I just had a round with our umask and groups being setup incorrectly. just a mess. On 3/6/07, stevethames [EMAIL PROTECTED] wrote: Thanks for the input, Dan. Actually, I am aware of how permissions. The question is how to set permissions, owner, group on a log file created by FileAppender when it actually creates the log file. For the moment, I have solved the problem by using a separate log file for tomcat. Daniel Stephens wrote: If they are all the same group, then I would suggest just setting the umask to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100% sure of all the down falls here. I do know that 022 will work I've done some things with my source code, and others in my group not able to write to it, but they needed to. I'm attaching this link, so you can check out some of that settings. Sorry if your already familiar with these Admin concepts.. http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html On 3/2/07, stevethames [EMAIL PROTECTED] wrote: Hi Dan. Thanks for responding. Yes, that's true, the file is owned by the tomcat user. My mod_perl stuff runs under apache (the httpd user) and I have some Perl daemons that run as root. In Perl, using log4perl, I can set the owner, group, and umask of the log file for file creation. I have a reason for keeping the user IDs (apache, tomcat, root) as they are. So, what I've done is made them all part of the same group. Its the group and group permissions I need to set on the log file using FileAppender. Any thoughts? Daniel Stephens wrote: I would think if your using Tomcat as the Servlet container, The file itself would be owned by the account running Tomcat. Is this not the case? On 3/2/07, stevethames [EMAIL PROTECTED] wrote: I am using tomcat as a servlet server used by a mod_perl application running under apache. I have setup log4j and log4perl to that both tomcat and the Perl app can use the same log files. This all works fine. The problem I'm having is when tomcat creates the log file. Does anyone know how to set the log file owner, group, and permissions when FileAppender creates the log file? -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9335296 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail:
Startup errors
Hello all, after upgrading my jdk to 1.6 on my gentoo server running tomcat 5.5 and started up i got this errors: Starting tomcat5: lock file found but no process running for pid 9691, continuing /usr/bin/rebuild-jar-repository: error: Could not find jdbc-stdext Java extension for this JVM /usr/bin/rebuild-jar-repository: error: Could not find jndi Java extension for this JVM /usr/bin/rebuild-jar-repository: error: Some detected jars were not found for this jvm /usr/bin/rebuild-jar-repository: error: Could not find jaas Java extension for this JVM /usr/bin/rebuild-jar-repository: error: Some detected jars were not found for this jvm I guess this as something to do with missing libraries, but some doubts remain: 1 - The jdbc drivers are the ones i normally use (for example i use de postgres jdbc3 driver)? 2 - jndi - this i can get from sun's site, correct? 3 - jaas - no idea wath this is, where can i get it? 4 - finnaly, after getting those libraries, where to put them? Any help? please? Thank's in advance Hernâni - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Startup errors
From: Hernâni Cerqueira [mailto:[EMAIL PROTECTED] Subject: Startup errors Hello all, after upgrading my jdk to 1.6 on my gentoo server running tomcat 5.5 and started up i got this errors: These errors are from a 3rd-party script that apparently comes with gentoo's repackaging of Tomcat, not an original Tomcat download. You might try installing a real Tomcat (from tomcat.apache.org) and using the real startup and shutdown scripts included with that download. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat connector through cgi-bin?
Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jacob, Jacob Rhoden wrote: Hi, Has anyone here ever had to use a cgi-bin directory to try and connect to tomcat? ie, some script that when run under cgi-bin, connects and forwards the info to tomcat? Ugh. This sounds miserable. ;) I cant find much on it, but it would be really handy. (Have a web server that i cant install a connector in!). Do you mean that you can't install something like mod_jk? Or, that you can't use a Tomcat connector with a port number? You might be able to use proxying (possibly?) already available in your web server to simply proxy requests to an HTTP connector running in Tomcat. I think this would be cleaner than a cgi-bin-Tomcat hack. What is your environment? Perhaps we can come up with a better solution. Its a system where we have no permission on any files except user home directories and the cgi-bin directory. So we can run tomcat as a non-unprivileged user on a high port, but we need the ability to allow files to be served through the apache web server on port 80. So it has to be something we can install in the cgi-bin directory. In the past we have had a perl script to simply make a connection to an app server and pass the data through. There is a very large set of Perl scripts (that have grown to the point where its inefficient and unmanageable) that I would like to start rationalizing/organizing into a simpler Java app. Best Regards, Jacob -- __ Jacob Rhoden - http://www.jacobrhoden.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
deploying without a context?
Hi. Sorry this seems so simple but I've been tearing my hair out. I want to have my Tomcat application deployed to /AAA/BBB/CCC and browseable at www.ABC.com. In the server.xml file I have a Host tag but I don't know what I should put into the Context tag. I've been trying Context path= docBase=.../Context but Tomcat seems to think that since I don't have a path or docBase I must mean that everything is in /AAA/BBB/CCC/ROOT which is NOT what I want. Surely this is a very common setup. What am I doing wrong? Thanks.
Re: Startup errors
I first tried that solution, i tried to install tomcat6 but i keep getting Could not reserve enough space for object heap error. This is kind of strange because my server is a vps with 8GB of shared memory, with just 50mb free but more than 4GB are in cache so there should be no problem. Then i found out that privvmpages was the problem, i get huge failcnt values. So, i don't know why, but seems that the vps has some weird limitations. But when i use the bundled tomcat (wich i use for almost a year), that problem don't seem to happen, just those library errors. But this time i need to upgrade jdk, because i need to deploy a webapp that uses lots of annotations, wich is java 1.5+ feature, and i'm using 1.4.2. I'm considering switching host and upgrade to a dedicated server, but rigth now my budget is kind of short, so i realy need to get on with this one... Any help??? Sorry for this super newbie questions, but my client is always asking why isn't my site online yet? and i'm freaking with this problem... Caldarale, Charles R escreveu: From: Hernâni Cerqueira [mailto:[EMAIL PROTECTED] Subject: Startup errors Hello all, after upgrading my jdk to 1.6 on my gentoo server running tomcat 5.5 and started up i got this errors: These errors are from a 3rd-party script that apparently comes with gentoo's repackaging of Tomcat, not an original Tomcat download. You might try installing a real Tomcat (from tomcat.apache.org) and using the real startup and shutdown scripts included with that download. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server.xml configuration..
Hi, Tomcat forbids directly access to files in your WEB-INF, which you can use the feature to setup a simple solution to protect certain jsp files so you can not direct access your jsp resource but use dispatched way to access ... On 3/6/07, Raghupathy, Gurumoorthy [EMAIL PROTECTED] wrote: Any reason why cant you put all pf the jsp inside WEB-INF folder This way you can be sure that no one is able to access your jsp file Regards Guru --- Gurumoorthy Raghupathy Email : [EMAIL PROTECTED] Internal Extn : 2337 External Phone : 01483712337 Nielsen Book 3rd Floor Midas House 62 Goldsworth Road Woking Surrey GU21 6LQ Visit us at : http://www.nielsenbookdata.co.uk/ --- -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: 06 March 2007 11:37 To: Tomcat Users List Subject: Re: server.xml configuration.. Use a servlet filter which is mapped to *.jsp - see Google for more details on Servlet Filters. (javax.servlet.Filter) -Tim prt wrote: Hi to all, Where i have to config and what, to prevent direct access to my jsp files ? - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- When we invent time, we invent death.
Re: java.lang.UnsupportedClassVersionError -- Please advise
I updated my tomcat 5 to 6 (beta) which I didnt have this problem. Class version problem sometimes caused by system time. have you changes your system time? Or try to clean up all classes you had generated and compile your java program again see how On 3/6/07, Peter Crowther [EMAIL PROTECTED] wrote: From: Arshan Varsi [mailto:[EMAIL PROTECTED] My system confi is : Win XP , JDK 6 . My env variables are : PATH :C:\Program Files\Java\jdk1.6.0\bin and CLASSPATH : . (Dot). I have ran many java programs in my system without any problems. I have installed tomcat 6 (by just using the Windows Service installer - apache.tomcat.6.0.10.exe and making no other configurations ) . Now I face problem whenever I want to run any java programs, I get error message : Exception in thread main java.lang.UnsupportedClassVersionError: Tutorial05 (Unsupported major.minor version 50.0) Could you please advise ? Something is trying to use an older JDK to run Tomcat - probably 1.5. I think you should look at the Tomcat service properties and check that it is correctly configured. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- When we invent time, we invent death.
Re: trimDirectiveWhitespaces not working
Hi, According to JSP Spec v2.1 (page 122/123): JSP.3.3.8 Removing whitespaces from template text Whitespaces in template text of a JSP page are preserved by default (See SectionJSP.1.3.8, White Space). Unfortunately, this means that unwanted extraneous whitespaces often make it into the response output. For example, the following code snippet (where - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: trimDirectiveWhitespaces not working
Hi, Sorry for the previous incomplete post. According to JSP Spec v2.1 (page 122/123), and also page 82-84 # The trim-directive-whitespaces element is a subelement of jsp-property-group (See SectionJSP.3.3.1, JSP Property Groups). It has no subelements. Its valid values aretrue andfalse, and it is disabled (false) by default. Enabling the trimming of whitespaces can be done by setting the trim-directive-whitespaces element totrue in the JSP configuration. Page authors can override the default value through the trimDirective- Whitespaces attribute of the page directive (see SectionJSP.1.10, Directives). # %@ page trimDirectiveWhitespaces=true % this should work right? -- Regards, Peik Feng - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to set global variable in Tomcat 5.5.17
Hi, I setup Tomcat 5.5.17 in Linux Fedora Core 4 and develop a Web Application under /webapps directory. I have so many configuration files that need to be loaded into my web application. These configuration files are in a self-defined format and I wrote some Java classes to parse these configuration files and save the parsing result in a linked list (java.util.List or java.util.Map). These configuration files are static (not change). In my web application, when a user session created, I call these Java classes to parse these configuration files and save the linked lists into the session. So, every user sessions contain the same set of linked list and, as a result, it reads these files every time when session created (so many I/O access, if many session created as the same time, it will slow down the server). Now, I want to save these linked lists as a global variables in Tomcat so that each JSP and Servlet can access these global variables and reduce I/O access and memory usage. So, would you please tell me how to set global variables in Tomcat and initialize them using the Java classes that I wrote. Thanks -- Kathy Lo - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to set global variable in Tomcat 5.5.17
Instead of attaching information to a session context you can attach information to an application context, whats more, instead of loading the config each time a session is created, you can create what is called a Lifecycle listener which will load the configuraiton file once, when the application is loaded into the web server! Look up lifecycle listener in google. I can send sample code if you need it. Best Regards, Jacob Kathy Lo wrote: Hi, I setup Tomcat 5.5.17 in Linux Fedora Core 4 and develop a Web Application under /webapps directory. I have so many configuration files that need to be loaded into my web application. These configuration files are in a self-defined format and I wrote some Java classes to parse these configuration files and save the parsing result in a linked list (java.util.List or java.util.Map). These configuration files are static (not change). In my web application, when a user session created, I call these Java classes to parse these configuration files and save the linked lists into the session. So, every user sessions contain the same set of linked list and, as a result, it reads these files every time when session created (so many I/O access, if many session created as the same time, it will slow down the server). Now, I want to save these linked lists as a global variables in Tomcat so that each JSP and Servlet can access these global variables and reduce I/O access and memory usage. So, would you please tell me how to set global variables in Tomcat and initialize them using the Java classes that I wrote. Thanks -- __ Jacob Rhoden - http://www.jacobrhoden.com/ - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to set global variable in Tomcat 5.5.17
Kathy Lo: I think you can use the interface javax.servlet.ServletContextListener.In you implementation's method contextInitialized(ServletContextEventfile:///E:/java/api/j2eeri-1_4-doc-api/apidocs/javax/servlet/ServletContextEvent.html sce),you can parse these configuration files and save the parsing result in the application scope,for example: sce.getServletContext().setAttribute(linkedlist,linkedlist); then when you want to the linkedlist,you can get the ServletContext,and call its getAttribute(). 2007/3/7, Kathy Lo [EMAIL PROTECTED]: Hi, I setup Tomcat 5.5.17 in Linux Fedora Core 4 and develop a Web Application under /webapps directory. I have so many configuration files that need to be loaded into my web application. These configuration files are in a self-defined format and I wrote some Java classes to parse these configuration files and save the parsing result in a linked list (java.util.List or java.util.Map). These configuration files are static (not change). In my web application, when a user session created, I call these Java classes to parse these configuration files and save the linked lists into the session. So, every user sessions contain the same set of linked list and, as a result, it reads these files every time when session created (so many I/O access, if many session created as the same time, it will slow down the server). Now, I want to save these linked lists as a global variables in Tomcat so that each JSP and Servlet can access these global variables and reduce I/O access and memory usage. So, would you please tell me how to set global variables in Tomcat and initialize them using the Java classes that I wrote. Thanks -- Kathy Lo - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
how to set role for JAASRealm
Hi:
I am trying to implement authentication and authorization using JAASRealm.
(I am following the instruction provided at -
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html). However, looks
like the role that I set (in the RolePrincipal) is not taking effect.
I have created a class extending Principal for the role. I am setting the
right name of the role (which I fetch from DB) and add the class to Subject
as follows -
LoginContext lc = null;
try {
lc = new LoginContext(TMSLogin,
new AuthCallBackHandler(username, password));
} catch (LoginException le) {
..
}
try {
lc.login();
} catch (LoginException le) {
}
// now I am trying to set the rolePrincipal
Subject mySubject = lc.getSubject();
TMSRoles tmsRoles = new TMSRoles(role);
mySubject.getPrincipals().add(tmsRoles);
I have also made entries in server.xml as follows (i set debug to 0 hoping
for more debug info, TMSLogin is defined in jaas.config in tomcat's conf
directory) -
Realm className=org.apache.catalina.realm.JAASRealm
appName=TMSLogin
userClassNames=tms.core.authentication.TMSPrincipal
roleClassNames=tms.core.authentication.TMSRoles
debug=0/
my entry in web.xml is the following -
security-constraint
display-nameAdminConstraint/display-name
web-resource-collection
web-resource-nameTMSAdmin/web-resource-name
descriptionOnly for administrators/description
url-pattern/admin/*/url-pattern
http-methodGET/http-method
http-methodPOST/http-method
/web-resource-collection
auth-constraint
description/
role-nameADMIN/role-name
/auth-constraint
/security-constraint
security-role
descriptionADMIN/description
role-nameADMIN/role-name
/security-role
the getName() of the TMSRoles instance returns ADMIN, which should allow
url /admin/*.
However, I am still getting HTTP 403.
Please help.
thanx
Shahab
--
View this message in context:
http://www.nabble.com/how-to-set-role-for-JAASRealm-tf3359888.html#a9346104
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: how to set role for JAASRealm
From: shahab [mailto:[EMAIL PROTECTED]
Subject: how to set role for JAASRealm
I have also made entries in server.xml as follows (i set
debug to 0 hoping for more debug info,
The value 0 provides minimal diagnostic information; 99 is what you
really want. Check all the logs to make sure there's not a problem
initializing the Realm and your LoginModule.
Realm className=org.apache.catalina.realm.JAASRealm
appName=TMSLogin
userClassNames=tms.core.authentication.TMSPrincipal
roleClassNames=tms.core.authentication.TMSRoles
debug=0/
In what element of server.xml did you put this? It normally goes inside
the Engine area.
However, I am still getting HTTP 403.
One thing I had to do for our environment was implement an equals()
method for the PrincipalRole class:
public boolean equals(Object o) {
if (o == null) return false;
if (this == o) return true;
if (!(o instanceof OurPrincipalRole)) return false;
OurPrincipalRole that = (OurPrincipalRole) o;
return this.getName().equals(that.getName());
}
Not sure if it's required, but it's part of the Principal interface.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tricks for enabling manager host-manager via IIS
Resending... Are there tricks/gotchas to getting IIS 6 to properly pass the auth check for manager and host_manager to the browser? - We have enabled the manager and host-manager apps, and they work through the http connector. - We have other apps working via isapi redirector. The difference between the working apps and the manager/host-manager is the auth mechanism, that is the use of the tomcat-user.xml file. Only manager and host-manager use this. It seems like IIS is blocking the auth check, and so Tomcat returns a 403 when we try to talk to the manager app. ___ HTTP Status 403 - Access to the requested resource has been denied type Status report message Access to the requested resource has been denied description Access to the specified resource (Access to the requested resource has been denied) has been forbidden. Apache Tomcat/5.5.17 ___ As a workaround we also tried doing the auth through IIS and setting tomcatAuthentication=false in the connector, but this did not work. Tomcat 5.5.17 JVM 1.5.0_11 Isapi redirect 1.2.18 IIS 6.0 Thanks, Dan Carwin - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Servlet Filtering performance..
I dont want to handle the display process, just to map it from the filter to
D:\storeg\data\uf...
But thank you for your solution.
Christopher Schultz-2 wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
prt,
prt wrote:
I have another problem,
You should post a separate message in this case.
I save uploaded images(by users) in folder place at
D:\storeg\data\uf\.
So when the URL is http://localhost/test/uf/xyz.jpg; then is redirect to
D:\storeg\data\uf\xyz.jpg
I assume you mean it is mapped to d:\.. redirecting to a local
file path won't work unless you are running your browser from the
application server.
And that so because i configure in server.xml this part between the host
tag,
Context path=/uf docBase=D:\storeg\data\uf debug=0
crossContext=false/
Is there way that i can do that by using the filter, how can i redirect
the
request from the filter when is /uf... to
D:\storeg\data\uf... with out loading the image and print it out from
the
filter ?
You have two options:
1. Map a directory into your URL space (not sure how to do that in
Tomcat, but I'm sure that's been covered in the archives).
2. Write an image-serving servlet. Something like this:
servlet-mapping
url-pattern/ug/*/url-pattern
servlet-nameimageServlet/servlet-name
/servlet-mapping
Your servlet class, written in loose pseudocode:
doGet()
{
String filename = request.getExtraPathInfo();
// You should check for .. and other evil-looking paths
filename = D:/storeg/data/ug/ + filename;
File f = new File(filename);
response.setContentType(whatever/is+appropriate);
response.setContentLength(f.length());
FileInputStream in = new FileInputStream(filename);
OutputStream out = response.getOutputStream();
byte[] buffer = new byte[1024];
int count = 0;
while(1024 == (count = in.read(buffer)))
out.write(buffer);
out.write(buffer, 0 count);
in.close();
out.close();
}
Hope that helps,
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF7fGd9CaO5/Lv0PARAs09AJ9O85lqIEw+ouuSo3oOJnvWQNkl+wCff4c8
8QYH36U+LBA0jk9GXbt69HQ=
=Uz+L
-END PGP SIGNATURE-
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Servlet-Filtering---performance..-tf3356429.html#a9347741
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
