VS: Tomcat configuration with multiple services
If I put two connectors under the same service like this: How can I force that users use https(or prevent http) when they access to hastobehttps.mydomain.com? I know I can make eg. httpsapps/ROOT/index.html for redirecting user always to https://hastobehttps.mydomain.com/myapp but then I have to define "myapp" directory in url and still it is possible to access my application via http(http://hastobehttps.mydomain.com/myapp). That's why I have defined two different services. (The previous configuration is working fine, but sometimes I have to restart tomcat twice to get it running) -- Jaakko -Alkuperäinen viesti- Lähettäjä: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Lähetetty: 2. helmikuuta 2009 17:21 Vastaanottaja: Tomcat Users List Aihe: RE: Tomcat configuration with multiple services > From: Jaakko Taipale [mailto:jaakko.taip...@dbmanager.fi] > Subject: Tomcat configuration with multiple services > There is two services other for http and other for https connections. > Is this right way to do this I've never seen anyone try that. Can't imagine what your requirements would be that result in having multiple elements in Tomcat. One normally simply has two elements, one for HTTP, one for HTTPS: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html > Also I point users accessing by ip to directory that doesn't exist > because I want that robots that are scanning ip addresses doesn't get > anything as response, Lack of a valid appBase directory will cause a 500 response, not no response, so that's pretty much a waste of time. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: mod_jk 1.2.27 strange default reply_timeout
Hubert de Heer wrote: Hi, Thanks for the quick answer. So the main difference between socket_timeout and socket_connect_timeout is that the later only affects the connect phase. Correct. I rolled back to mod_jk 1.2.26 but will try 1.2.27 with socket_connect_timeout tomorrow. Any advice on whether I should forget about the socket_timeout or not? What would be recommendable for a production environment? It depends. Socket timeout is supposed to be used to enforce the application responsiveness. If it happens, it usually means that you have either too slow backend box or you've set your expectations too high :) There are some usages where the application response time is mandatory, and other nodes should be tried if one is too slow. The second one is more pragmatic. If the socket_timeout is infinite, the httpd ServerTimeout will kill the client connection, so you will get different error.log message then the actual reason was. So set the socket_timeout to some lower value (eg 90%) of ServerTimeout. In majority of cases you won't need the socket_timeout, because with balancer you should use cping/cpong and reply_timeout, that will handle most of the issues. connect_timeout however will improve the overall responsiveness in cases when backend nodes refuse the connections (eg. too high connection count or simply dead) Hope this helps a bit. Regards -- ^(TM) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat only query localhost database
Mihamina Rakotomandimby wrote: Any help? I suspect there is a system-wide configuration that tells not to consider the webapp-specific configuration, but I dont find where... -- Chef de projet chez Vectoris http://www.google.com/search?q=mihamina+rakotomandimby - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Eric B. wrote: > "Gregor Schneider" wrote in message > news:a2d59f0d0902021308v6f80a37btca0380933436c...@mail.gmail.com... >> hm, since I'd like to avoid to browse through the whole webinar: >> >> what are the benefits / advantages / disadvantages? >> >> actually we've been quite happy with mod_jk, that's why I'm wondering > > That's why I'm wondering the same thing as well. They don't say much except > that AJP is less configurable and more difficult to debug since it is a > binary protocol, it doesn't perform any better than the HTTP/1.1 protocol > and that they do not recommend its use. Other than that, they don't say > much about it, so I find myself wondering as well. > > I've been using mod_jk for several years now, but am looking at a brand new > deployment (new servers, new app, new cluster, etc), so I was wondering > myself if it was worth looking at different ways to connect to apache. The > only other thing I found was mod_proxy, but from what I gathered quickly, is > that it is not as reliable and slower. > > Anyone have any ideas? The (very) short version is: mod_proxy_ajp is not as stable as mod_jk. mod_jk and mod_proxy_http are prety much neck and neck. mod_proxy_http has a very slight edge on average but on a case by case basis either may be the better choice. Of course, as mod_proxy_ajp improves the balance will change. For the record I used mod_proxy_ajp quite happily with httpd and a two node Tomcat cluster on a production system without any issues for over a year in a previous job. In the end, YMMV - use what works for you. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat resets the connection during load
Barak Yaish wrote: > I've records the traffic using Wireshark (http://www.wireshark.org), and > I've noticed that Tomcat send TCP Reset to the client, before it writes the > reponse to the stream. > > Can you please assist understanding this behavior and tuning Tomcat in order > to avoid these problems? Did you run out of threads and fill the accept queue? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat only query localhost database
Hi, A developper gave me a .war webapp. When deploying it, it creates an xml file: /etc/tomcat6/Catalina/localhost/webappName.xml which is a copy of the one in /var/lib/tomcat6/webapps/webappName/META-INF/context.xml Then context.xml file contains the JDBC/MySQL host,login,pass where host is NOT localhost But the tomcat insist to connect to localhost. after deployment, if I change (after stopping RMI & tomcat) the content of /etc/tomcat6/Catalina/localhost/webappName.xml to another host (then start RMI & tomcat) tomcat still use localhost as database host. It's an Ubuntu tomcat6 packaged install. Any help? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running tomcat with root user.....umask in jsvc?
If you have control of the mode of the directory where the files are placed you may find the sticky bit helpful for propagating stuff down the treee: http://www.dartmouth.edu/~rc/help/faq/permissions.html epicwin...@hotmail.com wrote: Date: Mon, 2 Feb 2009 22:00:24 +0100 From: a...@ice-sa.com To: users@tomcat.apache.org Subject: Re: running tomcat with root user.umask in jsvc? epicwin...@hotmail.com wrote: That is a possible solution. There is a fairly heavy amount of files uploaded from many different users so it would mean a lot of configuration and a lot of maintenance to that config as i add new users. So I am trying to avoid the operating system chmod commands in my code. I don't really like that either, and it does break if you ever (yuk) would decide to run your code on some other platform. If i add umask 002 in my ./etc/init.d/tomcat start up script it seems to fix the problem but i think this is setting that umask for more than just tomcat so i am not sure how safe that is. As far as I can tell, it would only change the umask for the current process (the shell executing your startup script) and all its offsprings (jsvc, tomcat). But it will do it for *everything* that these processes do (such as creating temporary files, logfiles, etc..). That may indeed not be very secure. For instance, one thing which Tomcat to my knowledge does (if you have not disabled it) is to rewrite the "conf/users.xml" file each time it starts up (or stops ?). That particular file is not essential, and maybe Tomcat does not do that anymore in recent versions, but there might be other such things lurking around unexpectedly. That was my concern, I think it is a very mild security concern but still an issue nonetheless. Since the tomcat user doesn't have shell access or root access I can't see it being a big issue, it would be nice if you could set the umask for just the class loader or running java process. I'm still a bit curious about how you did organise the upload directories and their rights and groups etc.. finally, because you want this one Tomcat user to be able to write into upload directories owned originally by other users, right ? Or at least, you want these other users afterward to have access to these files somehow. So you must have established some common group or groups between the Tomcat user, and these other users, right ? I am just wondering if by doing this, you have not "weakened" the general protection of all that stuff. You got it. Here is how i have it set up let me know what you think: I created a shared group : groupadd sharedgroup Then i changed it so all my users were members of this group: usermod -g sharedgroup tomcat usermod -g sharedgroup jaileduser1 usermod -g sharedgroup jaileduser2 ...etc Then I found some settings in the jailkit ( http://olivier.sessink.nl/jailkit/ ) that allow for the jailed users to have group read/write permissions: in /etc/jailkist/jk_chrootsh.ini relax_home_group=1 relax_home_group_permissions=1 relax_home_other_permissions=1 Then in the jail jk_lsh.ini i set up the umask for the shared group: [group sharedgroup] paths= /usr/bin, /usr/lib/ executables= /usr/bin/scp, /usr/libexec/openssh/sftp-server umask= 002 Finally I added the umask 002 line to my tomcat startup script The external jailed users only have sftp access and aren't able to move outside their home directories. Since the jailed user shares a group with tomcat they can all incestially read and write files to these home directories and since the umask is set the permissions are retained as new directories are created and so forth. What do you think? I had a quite similar case to resolve not so long ago (with Apache, not Tomcat), and only ended up with ACLs after being forced to use them, because no other solution would really provide the security I wanted. Yeah the ACLs look very effective but like yourself i am trying to avoid extra complications - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org _ Windows Live™ Hotmail®…more than just e-mail. http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_howitworks_012009 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: ExtendedAccessLogValve pattern?
> From: CameronL [mailto:cameron.develo...@gmail.com] > Subject: ExtendedAccessLogValve pattern? > > Can you not mix the different field patterns like this? A quick look at the code says you can't - you have to use the W3c fields, as documented here: http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/valves/ExtendedAccessLogValve.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Deploy 1st Service to Tomcat proper
> From: Michael Ludwig [mailto:mil...@gmx.de] > Subject: Re: Deploy 1st Service to Tomcat proper > > I see. So my advice was irrelevant to Tori's problem. Not necessarily; we don't know definitively what's been done. > I just set up Tomcat to use Log4J and got 17 MB of messages > on startup. Got a little light reading for tonight? > So in that case it would probably need just the JAR in > WEB-INF/lib, the log4j.properties or log4j.xml somewhere, > and some coding. Yes. If more than that has been done, it might well be complicating things. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
ExtendedAccessLogValve pattern?
I'm attempting to configure my Tomcat 6 installation to print out a few POST parameters. I understand that in order to do this, I'll need to configure the ExtendedAccessLogValve and use the 'x-P(XXX)' field to print out the parameter I want. However, when I mix with some fields from the AccessLogValve (%a %v &u, etc...), all that prints to my access logs are blank lines. Can you not mix the different field patterns like this? I assumed that since ExtendedAccessLogValve is a subclass of the AccessLogValve, that those properties would work as well. -- View this message in context: http://www.nabble.com/ExtendedAccessLogValve-pattern--tp21802341p21802341.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Deploy 1st Service to Tomcat proper
Caldarale, Charles R schrieb am 02.02.2009 um 18:32:46 (-0600): > > From: Michael Ludwig [mailto:mil...@gmx.de] > > Subject: Re: Deploy 1st Service to Tomcat proper > > > > http://tomcat.apache.org/tomcat-6.0-doc/extras.html > > http://tomcat.apache.org/tomcat-6.0-doc/logging.html > > Note that the above discusses using log4j within Tomcat itself, not > log4j within individual webapps; the logging of Tomcat and the logging > of webapps are separate. I see. So my advice was irrelevant to Tori's problem. I just set up Tomcat to use Log4J and got 17 MB of messages on startup. Immediately returning to the status quo ante. > If log4j is only being used in the webapp of interest (I think that's > what Tori is doing), it won't bother Tomcat. So in that case it would probably need just the JAR in WEB-INF/lib, the log4j.properties or log4j.xml somewhere, and some coding. > P.S. shatner.william? Did Tori steal the wig as well as the e-mail > address? Bizarre. Identity theft becoming ever more common these days. Tori? Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: running tomcat with root user.....umask in jsvc?
> Date: Tue, 3 Feb 2009 00:10:30 +0100 > From: a...@ice-sa.com > To: users@tomcat.apache.org > Subject: Re: running tomcat with root user.umask in jsvc? > > epicwin...@hotmail.com wrote: > [...] > I'm not a great security specialist, but your setup looks indeed safe > enough, if the users are chrooted to their home directories. > I can't imagine how they could break out and access things they shouldn't. > > Just one more question : how do you arrange to know who is uploading a > file, and thus where to put it ? Well each customer gets assigned it's own jailed user. The uploading facility is completely underneath a swing gui so all the customer knows is that the upload button works. When the customer logs in to their swing client they load some settings requested from the server, one of these settings happens to be their sftp login for the server and the other is the upload directory. So the server holds all this info in config files and the ysers don't even ever know what their login is. > > > > As a footnote : having a basic problem similar to yours (under Apache, > not Tomcat), I ended up with a solution like this, implemented with > Apache and mod_perl, but which should be also transposable to Tomcat > with servlet filters and such : > > To allow users to upload their files, I implemented the standard DAV > module in Apache (which also exists in Tomcat). This way, they can do > drag-and-drop directly from within their Windows Explorer, to one > directory structure on the server. And, I did not have to re-invent the > wheel for uploading files. > > But that did not at first allow me to know who was uploading the file, > and what to do with it. > To know who was doing it, I thus added an HTTP authentication. > But still, DAV doesn't care, and uploads all the files under the user > Apache (Tomcat) runs under. > > So I added a couple of filters, one in front and one behind DAV. The > front-end filter takes note of who this is (from the Apache > authentication), and where the user thinks he is uploading the file to > (from the URL), then changes the "PUT" URL sneakily (a la mod_rewrite), > so that DAV now uploads the file in fact somewhere completely different, > outside of the directories where the user thinks he is uploading. > > Then right after DAV, another filter picks up the uploaded file from the > known place where DAV put it, and moves it to the real destination and > with the correct ownership and permissions (which it gets from where the > first filter saved them). > > It is a bit like another solution suggested earlier based on a separate > daemon, only here everything happens in real-time. > > I am sure this could be done in Tomcat with a servlet filter around the > DAV webapp. > I haven't done much with those filters, but i like the idea of using the filters for something like this, it is nice that it is at least somewhat external to core code. > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _ Windows Live™ Hotmail®:…more than just e-mail. http://windowslive.com/explore?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_explore_012009
RE: Deploy 1st Service to Tomcat proper
> From: Michael Ludwig [mailto:mil...@gmx.de] > Subject: Re: Deploy 1st Service to Tomcat proper > > By default, Tomcat does not include Log4J. You have to take additional > steps in order to get it to work. Please read the following and ensure > you've configured your installation accordingly: > > http://tomcat.apache.org/tomcat-6.0-doc/extras.html > http://tomcat.apache.org/tomcat-6.0-doc/logging.html Note that the above discusses using log4j within Tomcat itself, not log4j within individual webapps; the logging of Tomcat and the logging of webapps are separate. If log4j is only being used in the webapp of interest (I think that's what Tori is doing), it won't bother Tomcat. - Chuck P.S. shatner.william? Did Tori steal the wig as well as the e-mail address? THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Deploy 1st Service to Tomcat proper
Toriacht schrieb am 02.02.2009 um 15:41:17 (-0800): > > My problem is on Tomcat with NO IDE. I mentioned just the IDE to > illustrate that the service does work. It's when I leave the IDE i > have problems. > > There are NO errors in any of the logs! Catilina.log mentions that it > is deplying the service on startup. thats it. > > I only mentioned the Log4j message because.. > > 1. Its the only message getting printed to any of the logs > 2. I know that it is definitely coming from my web service code. Hi Tori, I don't know how about Log4J but I'm sure getting rid of it would simplify things. I don't know if it is possible for Tomcat to be misconfigured to the point where it will not output any error messages because the error log system itself is misconfigured. Maybe others can provide that info. By default, Tomcat does not include Log4J. You have to take additional steps in order to get it to work. Please read the following and ensure you've configured your installation accordingly: http://tomcat.apache.org/tomcat-6.0-doc/extras.html http://tomcat.apache.org/tomcat-6.0-doc/logging.html These documents talk about building stuff. Note that you don't have to do that yourself, Instead, you may want to download the extra components from one of the mirrors. The extra components are in the bin/extra directory of the mirrors, so one level down from where the Tomcat archives are. You'll need: * tomcat-juli.jar * tomcat-juli-adapters.jar I hope this helps. Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Deploy 1st Service to Tomcat proper
Hi Michael... I'm sorry for the confusion. My problem is on Tomcat with NO IDE. I mentioned just the IDE to illustrate that the service does work. It's when I leave the IDE i have problems. There are NO errors in any of the logs! Catilina.log mentions that it is deplying the service on startup. thats it. I only mentioned the Log4j message because.. 1. Its the only message getting printed to any of the logs 2. I know that it is definitely coming from my web service code. Thanks, Tori Michael Ludwig-6 wrote: > > Toriacht schrieb am 29.01.2009 um 01:24:12 (-0800): >> >> When i click on the application in my Tomcat Manager page I get a HTTP >> Status 404 error telling me that my web service (requested resource) >> is not available. >> >> There is no error in the $Tomcat/logs" folder. I checked, manager, >> catalina, stdout, localhost, jakarta_service,host-manager and admin >> logs. But I could see no error. >> >> In catalina.2009.X.X.log when I start Tomcat it says it deploys the >> service. When I stop Tomcat I get a message in stdout_2009.X.X, a >> log4j error message telling me that LogManager.repositorySelector was >> null. This message is coming from my service as I used to get it >> within Eclipse before I set up Log4j correctly but I don't think this >> is the cause.. > > It's not clear to me what you're describing here. > > Is the Tomcat you're talking about running inside your IDE? Or > standalone? > > Is it possible that Log4J is improperly configured and thus not showing > you error messages? > > I'd get rid of the IDE and log4j to cut down complexity. Then, you > should find error messages in the log files. > > Michael Ludwig > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://www.nabble.com/Deploy-1st-Service-to-Tomcat-proper-tp21716925p21801104.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Deploy 1st Service to Tomcat proper
Toriacht schrieb am 29.01.2009 um 01:24:12 (-0800): > > When i click on the application in my Tomcat Manager page I get a HTTP > Status 404 error telling me that my web service (requested resource) > is not available. > > There is no error in the $Tomcat/logs" folder. I checked, manager, > catalina, stdout, localhost, jakarta_service,host-manager and admin > logs. But I could see no error. > > In catalina.2009.X.X.log when I start Tomcat it says it deploys the > service. When I stop Tomcat I get a message in stdout_2009.X.X, a > log4j error message telling me that LogManager.repositorySelector was > null. This message is coming from my service as I used to get it > within Eclipse before I set up Log4j correctly but I don't think this > is the cause.. It's not clear to me what you're describing here. Is the Tomcat you're talking about running inside your IDE? Or standalone? Is it possible that Log4J is improperly configured and thus not showing you error messages? I'd get rid of the IDE and log4j to cut down complexity. Then, you should find error messages in the log files. Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running tomcat with root user.....umask in jsvc?
epicwin...@hotmail.com wrote: [...] I'm not a great security specialist, but your setup looks indeed safe enough, if the users are chrooted to their home directories. I can't imagine how they could break out and access things they shouldn't. Just one more question : how do you arrange to know who is uploading a file, and thus where to put it ? As a footnote : having a basic problem similar to yours (under Apache, not Tomcat), I ended up with a solution like this, implemented with Apache and mod_perl, but which should be also transposable to Tomcat with servlet filters and such : To allow users to upload their files, I implemented the standard DAV module in Apache (which also exists in Tomcat). This way, they can do drag-and-drop directly from within their Windows Explorer, to one directory structure on the server. And, I did not have to re-invent the wheel for uploading files. But that did not at first allow me to know who was uploading the file, and what to do with it. To know who was doing it, I thus added an HTTP authentication. But still, DAV doesn't care, and uploads all the files under the user Apache (Tomcat) runs under. So I added a couple of filters, one in front and one behind DAV. The front-end filter takes note of who this is (from the Apache authentication), and where the user thinks he is uploading the file to (from the URL), then changes the "PUT" URL sneakily (a la mod_rewrite), so that DAV now uploads the file in fact somewhere completely different, outside of the directories where the user thinks he is uploading. Then right after DAV, another filter picks up the uploaded file from the known place where DAV put it, and moves it to the real destination and with the correct ownership and permissions (which it gets from where the first filter saved them). It is a bit like another solution suggested earlier based on a separate daemon, only here everything happens in real-time. I am sure this could be done in Tomcat with a servlet filter around the DAV webapp. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: UnsatisfiedLinkError in Windows Service (tomcat6w/5w.exe)
Martin Gainty schrieb am 02.02.2009 um 17:45:42 (-0500): > > i downloaded libxml and dont see any Visual Studio project files > (assuming they are *.ds?) ..although I see makefiles in \win32 folder That's a misunderstanding - I was talking about Berkeley DB XML, which is an XML extension to the Berkeley Database. > can you provide the link where you acquired the source? Here's the product homepage with a download link: Oracle Berkeley DB XML http://www.oracle.com/database/berkeley-db/xml/index.html Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: And how about this mod_jk.log ?
Hi. Just to anyone who contributed ideas to the issue originally mentioned, thanks. As a reminder, the problem was, on the one hand, entries like this one in the mod_jk logfile : [Mon Jan 19 15:02:52 2009] [6802:4416] [info] ajp_process_callback::jk_ajp_common.c (1447): Writing to client aborted or client network problems [Mon Jan 19 15:02:52 2009] [6802:4416] [info] ajp_service::jk_ajp_common.c (1846): (ajp13) request failed, because of client write error without recovery in send loop attempt=0 [Mon Jan 19 15:02:52 2009] [6802:4416] [info] jk_handler::mod_jk.c (2190): Aborting connection for worker=ajp13 and on the other hand user's Internet Explorer displaying a not very helpful internal error page saying "This page cannot be displayed". It turned out that what looked at first (to the customer) like a server or application problem, was in reality an intermediate network problem, with some in-between piece of equipment cutting off the browser/server TCP connection before the server had a chance to send the response (and, thus, that the mod_jk log was very accurate). Because the first part of this test had to be done by a non-specialist customer on a workstation to which I did not have access, I ended up writing a simple Perl script based on the integral LWP module, to better trace the problem at the workstation level. The script is not very sophisticated, but was enough to demonstrate the problem and create a time-stamped trace allowing it to be cross-checked with the mod_jk log. The script is very easy to use, on any platform that has perl installed (and that nowadays is not difficult to achieve, not intrusive, and easily cleaned up afterward if you so wish). It works a bit like a URL -checker, but has some options better-adapted to what I needed. You just feed it a text file containing some HTTP/HTTPS URLs to use for testing, and it will print useful time-stamped messages to STDOUT. It only gets verbose in case of error, which is generally what one wants. You can download it from here, and feel free to use it and modify it as you please, under whichever free license you favor. http://dev.dev.wissensbank.com/public/HTTPchecker.pl "perl HTTPchecker.pl" will display the usage. Also, if by any chance you did not know this much more sophisticated tool which comes automatically with the perl distributions, check out "lwp-request". - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: UnsatisfiedLinkError in Windows Service (tomcat6w/5w.exe)
i downloaded libxml and dont see any Visual Studio project files (assuming they are *.ds?) ..although I see makefiles in \win32 folder can you provide the link where you acquired the source? thanks/ Martin __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. > Date: Mon, 2 Feb 2009 23:35:26 +0100 > From: mil...@gmx.de > To: users@tomcat.apache.org > Subject: Re: UnsatisfiedLinkError in Windows Service (tomcat6w/5w.exe) > > Martin Gainty schrieb am 01.02.2009 um 22:42:59 (-0500): > > > > saw this in the 2.2.69 readme.txt did you use cscript to config the > > environment? > > Version 2.2.69 of what? Anyway, Berkeley DB XML on Windows is built > using a Visual Studio project file. > > > cscript configure.js help > > No such thing in the source tree. > > Michael Ludwig > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _ Windows Live™: E-mail. Chat. Share. Get more ways to connect. http://windowslive.com/explore?ocid=TXT_TAGLM_WL_t2_allup_explore_012009
Re: UnsatisfiedLinkError in Windows Service (tomcat6w/5w.exe)
Caldarale, Charles R schrieb am 01.02.2009 um 22:38:57 (-0600): > > From: Michael Ludwig [mailto:mil...@gmx.de] > > Subject: Re: UnsatisfiedLinkError in Windows Service (tomcat6w/5w.exe) > > > > The Java bridge DLLs (or whatever they're called) can be moved to a > > directory only contained in java.library.path, but not in PATH. The > > other libraries must be in a PATH directory in order to be loaded. > > If I'm interpreting your posting correctly, it looks like you have > discovered that the other DLLs are not being loaded by the JVM, but > rather indirectly, due to references from the ones the JVM loads. Sort of. I knew before that the Java bridge libraries would load the other ones, but I didn't know it would matter. I thought that under the hood, java.library.path would be equivalent to setting PATH, so I didn't understand that one would fail where the other wouldn't. > If you really wanted to keep them all under java.library.path, you > could write some initialization code for your webapp that does > loadLibrary() calls on the previously indirectly loaded ones; I see, System.loadLibrary(). Never used that before. > but it's probably simpler just to keep them visible in PATH. I think so, too. Thanks for your help and advice in dealing with this. Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: UnsatisfiedLinkError in Windows Service (tomcat6w/5w.exe)
Martin Gainty schrieb am 01.02.2009 um 22:42:59 (-0500): > > saw this in the 2.2.69 readme.txt did you use cscript to config the > environment? Version 2.2.69 of what? Anyway, Berkeley DB XML on Windows is built using a Visual Studio project file. > cscript configure.js help No such thing in the source tree. Michael Ludwig - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
IIS plugins and tomcat 6
We are using IIS ver6.0 with Tomcat 6.0 on windows 2003. setup the configuration according to steps in http://tomcat.apache.org/connectors-doc/reference/iis.html http://localhost/examples/jsp/ throws 404 error. entry in uriworkermap.properties: /examples/*=mobius entry in workers.properties *worker.tomcat_home=C:\apache *worker.java_home=C:\Program Files\Java\jdk1.5.0_13 ps=\ worker.list=mobius worker.mobius.type=ajp13 worker.mobius.port=8009 worker.mobius.host=localhost Message in the isapi_redirect.log file: [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_worker.c (293): Found worker type 'ajp13' [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (511): Checking extension for worker 0: mobius of type ajp13 (2) [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (171): uri map dump after extension stripping: index=0 file='c:\apache\conf\uriworkermap.properties' reject_unsafe=0 reload=60 modified=1233604330 checked=1233612158 [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (176): generation 0: size=0 nosize=0 capacity=0 [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (176): generation 1: size=1 nosize=0 capacity=4 [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (185): NEXT (1) map #0: uri=/examples/* worker=mobius context=/examples/* source=uriworkermap type=Wildchar len=11 [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (481): Switching uri worker map from index 0 to index 1 [Mon Feb 02 14:02:38.955 2009] [1728:3864] [info] jk_isapi_plugin.c (2564): Jakarta/ISAPI/isapi_redirector/1.2.27 initialized [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_isapi_plugin.c (1840): Filter started [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (1035): Attempting to map URI '/localhost/nordnetsample.html' from 1 maps [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (849): Attempting to map context URI '/examples/*=mobius' source 'uriworkermap' [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_uri_worker_map.c (849): Attempting to map context URI '/examples/*=mobius' source 'uriworkermap' [Mon Feb 02 14:02:38.955 2009] [1728:3864] [debug] jk_isapi_plugin.c (2060): [/nordnetsample.html] is not a servlet url [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_isapi_plugin.c (1840): Filter started [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_uri_worker_map.c (1035): Attempting to map URI '/localhost/examples/jsp/' from 1 maps [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_uri_worker_map.c (849): Attempting to map context URI '/examples/*=mobius' source 'uriworkermap' [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_uri_worker_map.c (849): Attempting to map context URI '/examples/*=mobius' source 'uriworkermap' [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_uri_worker_map.c (862): Found a wildchar match '/examples/*=mobius' [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_isapi_plugin.c (1921): check if [/examples/jsp/] points to the web-inf directory [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_isapi_plugin.c (1937): [/examples/jsp/] is a servlet url - should redirect to mobius [Mon Feb 02 14:02:53.143 2009] [1728:3864] [debug] jk_isapi_plugin.c (1977): fowarding escaped URI [/examples/jsp/] what are we missing in the setup.Any help will be appreciated. Thanks, Sangeeta - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: running tomcat with root user.....umask in jsvc?
> Date: Mon, 2 Feb 2009 22:00:24 +0100 > From: a...@ice-sa.com > To: users@tomcat.apache.org > Subject: Re: running tomcat with root user.umask in jsvc? > > epicwin...@hotmail.com wrote: > > That is a possible solution. There is a fairly heavy amount of files > > uploaded from many different users so it would mean a lot of configuration > > and a lot of maintenance to that config as i add new users. So I am trying > > to avoid the operating system chmod commands in my code. > I don't really like that either, and it does break if you ever (yuk) > would decide to run your code on some other platform. > > > If i add umask 002 in my ./etc/init.d/tomcat start up script it seems to > > fix the problem but i think this is setting that umask for more than just > > tomcat so i am not sure how safe that is. > As far as I can tell, it would only change the umask for the current > process (the shell executing your startup script) and all its offsprings > (jsvc, tomcat). But it will do it for *everything* that these processes > do (such as creating temporary files, logfiles, etc..). That may indeed > not be very secure. For instance, one thing which Tomcat to my knowledge > does (if you have not disabled it) is to rewrite the "conf/users.xml" > file each time it starts up (or stops ?). That particular file is not > essential, and maybe Tomcat does not do that anymore in recent versions, > but there might be other such things lurking around unexpectedly. > That was my concern, I think it is a very mild security concern but still an issue nonetheless. Since the tomcat user doesn't have shell access or root access I can't see it being a big issue, it would be nice if you could set the umask for just the class loader or running java process. > > I'm still a bit curious about how you did organise the upload > directories and their rights and groups etc.. finally, because you want > this one Tomcat user to be able to write into upload directories owned > originally by other users, right ? Or at least, you want these other > users afterward to have access to these files somehow. > So you must have established some common group or groups between the > Tomcat user, and these other users, right ? > I am just wondering if by doing this, you have not "weakened" the > general protection of all that stuff. > You got it. Here is how i have it set up let me know what you think: I created a shared group : groupadd sharedgroup Then i changed it so all my users were members of this group: usermod -g sharedgroup tomcat usermod -g sharedgroup jaileduser1 usermod -g sharedgroup jaileduser2 ...etc Then I found some settings in the jailkit ( http://olivier.sessink.nl/jailkit/ ) that allow for the jailed users to have group read/write permissions: in /etc/jailkist/jk_chrootsh.ini relax_home_group=1 relax_home_group_permissions=1 relax_home_other_permissions=1 Then in the jail jk_lsh.ini i set up the umask for the shared group: [group sharedgroup] paths= /usr/bin, /usr/lib/ executables= /usr/bin/scp, /usr/libexec/openssh/sftp-server umask= 002 Finally I added the umask 002 line to my tomcat startup script The external jailed users only have sftp access and aren't able to move outside their home directories. Since the jailed user shares a group with tomcat they can all incestially read and write files to these home directories and since the umask is set the permissions are retained as new directories are created and so forth. What do you think? > I had a quite similar case to resolve not so long ago (with Apache, not > Tomcat), and only ended up with ACLs after being forced to use them, > because no other solution would really provide the security I wanted. > Yeah the ACLs look very effective but like yourself i am trying to avoid extra complications > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _ Windows Live™ Hotmail®…more than just e-mail. http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_howitworks_012009
Re: AJP vs HTTP connectors?
uhm, basically you're right, however, i wouldn't consider mark thomas "some dude" ;) rgds gregor Am 02.02.2009 um 23:05 schrieb Filip Hanik - Dev Lists >: first and foremost, always apply "ol' grandpa's logic" The famous quote is "if it ain't broke, don't fix it" So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. That should take you 90% of the way. The rest is understanding the technology. Filip Caldarale, Charles R wrote: From: Gregor Schneider [mailto:rc4...@googlemail.com] Subject: Re: AJP vs HTTP connectors? hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
first and foremost, always apply "ol' grandpa's logic" The famous quote is "if it ain't broke, don't fix it" So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. That should take you 90% of the way. The rest is understanding the technology. Filip Caldarale, Charles R wrote: From: Gregor Schneider [mailto:rc4...@googlemail.com] Subject: Re: AJP vs HTTP connectors? hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: mod_jk 1.2.27 strange default reply_timeout
Hi, Thanks for the quick answer. So the main difference between socket_timeout and socket_connect_timeout is that the later only affects the connect phase. I rolled back to mod_jk 1.2.26 but will try 1.2.27 with socket_connect_timeout tomorrow. Any advice on whether I should forget about the socket_timeout or not? What would be recommendable for a production environment? PS we're running RHEL ES 4 lastest update. Regards, Hubert -Original Message- From: Mladen Turk [mailto:mt...@apache.org] Sent: Mon 02/02/2009 6:16 PM To: Tomcat Users List Subject: Re: mod_jk 1.2.27 strange default reply_timeout Hubert de Heer wrote: > Hi, > > > worker.host_1.socket_timeout=15 > This is the root of the problem cause it imposes the timeout on any socket operation between mod_jk and tomcat. > > > What we notice is that Apache will respond with an error 502 Bad Gateway > when a response takes more than 30sec. > socket_timeout x 2 (one op and one retry) > This seems quite strange as without a reply_timeout set I would expect > the reply_timeout to default to 0 (timeout disabled). > This is to have infinite socket_timeout and still have reply timeout. Note that socket_timeout is fixed with 1.2.27, so it actually works now ;) With 1.2.27 you have a new socket_connect_timeout property that you can set to a lower value (see the changelog and docs) Regards -- ^(TM)
Re: AJP vs HTTP connectors?
argl... - 4gimme my typos - I need an after-editor for this mailinglist - duuuh...! -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
What I do now is that mod_proxy is not all that easy to configure and offers quite some possibilities to open a leak if you don't know exactly what you're doing. Besides, I'm not aware that mod_proxy offers any loadbalancing features, but maybe I'm missing something here. And, last not least: Rainer Jung, one of the maintainers (the maintainer?) of mod_jk is within this list is gives a superb support, and updates to mod_jk are deployed on a very frequent basis. Therefore, for me no reason at all to change a running system. A new system I've setup recently now runs completely without Apache HTTPD, therefore using the APR, so no need for either one of mod_proxy or mod_jk (ok: we've got a hardware-loadbalancer ;) ) Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: package javax.servlet does not exist import javax.servlet.* ;
On 2 Feb 2009 at 18:36, Shaolin wrote: Send reply to: Tomcat Users List Date sent: Mon, 02 Feb 2009 18:36:04 + Subject:Re: package javax.servlet does not exist import javax.servlet.* ; From: Shaolin To: Tomcat Users List > It worked, but how comes I have to use classpath now and not when I > used to > do it before ? Two different problems. Running tomcat is different from compiling a java servlet application. It is not recommended to set a systemwide classpath, period. >is there any way of overcoming this ? Typing up CPs' > in > command line takes too much time. > Like Charles pointed out in his reply, use ANT or IDE. I've used batch and bash scripts also, something like javac -cp .:/path-to-tomcat/lib/servlet-api.jar:/path-to-additional-jars $1 where $1 is commandline parameter which would be the source file -Steve O. > 2009/2/2 Caldarale, Charles R > > > > From: Shaolin [mailto:shaolinfin...@gmail.com] > > > Subject: Re: package javax.servlet does not exist import > > > javax.servlet.* ; > > > > > > > You'll need to tell javac (or whatever IDE you're > > > > using) where the servlet-api.jar is. > > > > > > How do I do that ? > > > > For javac, use the -cp parameter; for any IDE, you'll have to > consult its > > documentation. > > > > - Chuck > > > > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE > PROPRIETARY > > MATERIAL and is thus for use only by the intended recipient. If > you received > > this in error, please contact the sender and delete the e-mail and > its > > attachments from all computers. > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
"Gregor Schneider" wrote in message news:a2d59f0d0902021308v6f80a37btca0380933436c...@mail.gmail.com... > hm, since I'd like to avoid to browse through the whole webinar: > > what are the benefits / advantages / disadvantages? > > actually we've been quite happy with mod_jk, that's why I'm wondering That's why I'm wondering the same thing as well. They don't say much except that AJP is less configurable and more difficult to debug since it is a binary protocol, it doesn't perform any better than the HTTP/1.1 protocol and that they do not recommend its use. Other than that, they don't say much about it, so I find myself wondering as well. I've been using mod_jk for several years now, but am looking at a brand new deployment (new servers, new app, new cluster, etc), so I was wondering myself if it was worth looking at different ways to connect to apache. The only other thing I found was mod_proxy, but from what I gathered quickly, is that it is not as reliable and slower. Anyone have any ideas? Thanks, Eric - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: AJP vs HTTP connectors?
> From: Gregor Schneider [mailto:rc4...@googlemail.com] > Subject: Re: AJP vs HTTP connectors? > > hm, since I'd like to avoid to browse through the whole webinar: > what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? actually we've been quite happy with mod_jk, that's why I'm wondering Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running tomcat with root user.....umask in jsvc?
epicwin...@hotmail.com wrote: That is a possible solution. There is a fairly heavy amount of files uploaded from many different users so it would mean a lot of configuration and a lot of maintenance to that config as i add new users. So I am trying to avoid the operating system chmod commands in my code. I don't really like that either, and it does break if you ever (yuk) would decide to run your code on some other platform. If i add umask 002 in my ./etc/init.d/tomcat start up script it seems to fix the problem but i think this is setting that umask for more than just tomcat so i am not sure how safe that is. As far as I can tell, it would only change the umask for the current process (the shell executing your startup script) and all its offsprings (jsvc, tomcat). But it will do it for *everything* that these processes do (such as creating temporary files, logfiles, etc..). That may indeed not be very secure. For instance, one thing which Tomcat to my knowledge does (if you have not disabled it) is to rewrite the "conf/users.xml" file each time it starts up (or stops ?). That particular file is not essential, and maybe Tomcat does not do that anymore in recent versions, but there might be other such things lurking around unexpectedly. I'm still a bit curious about how you did organise the upload directories and their rights and groups etc.. finally, because you want this one Tomcat user to be able to write into upload directories owned originally by other users, right ? Or at least, you want these other users afterward to have access to these files somehow. So you must have established some common group or groups between the Tomcat user, and these other users, right ? I am just wondering if by doing this, you have not "weakened" the general protection of all that stuff. I had a quite similar case to resolve not so long ago (with Apache, not Tomcat), and only ended up with ACLs after being forced to use them, because no other solution would really provide the security I wanted. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Eric B. wrote: My question, then becomes, if someone wants to use Tomcat to serve up pages behind Apache Httpd, how to configure it to use the http connector? So far, the only thing I found is to use proxy/reverse proxy which is slow and can be problematic. To date, I've always been using mod_jk with AJP connector, but is there a better/preferred way to do this? Use mod_proxy (mod_proxy_http specifically). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: running tomcat with root user.....umask in jsvc?
That is a possible solution. There is a fairly heavy amount of files uploaded from many different users so it would mean a lot of configuration and a lot of maintenance to that config as i add new users. So I am trying to avoid the operating system chmod commands in my code. If i add umask 002 in my ./etc/init.d/tomcat start up script it seems to fix the problem but i think this is setting that umask for more than just tomcat so i am not sure how safe that is. > Date: Mon, 2 Feb 2009 21:05:15 +0100 > From: a...@ice-sa.com > To: users@tomcat.apache.org > Subject: Re: running tomcat with root user.umask in jsvc? > > André Warnier wrote: > > epicwin...@hotmail.com wrote: > >> You are correct, I found a setting that relaxes the group access > >> permissions on the jailkit. > >> Now I just have one more problem. When tomcat creates files in these > >> user directories I need the permissions to be set appropriately. What > >> is the best way to set the umask value when running tomcat using jsvc? > >> > > That's a good question. > > I don't think jsvc would take any account of the Tomcat user's .profile > > file. > > ACLs would allow you to do that however :-) > > (Seriously, I believe you can set an ACL on the target directory that > > would make it so that when this particular user (Tomcat) creates a file > > there, it has by default a given set of permissions). > > Otherwise, you might have to do some kind of chmod from within your > > webapp itself, after it creates the file. I don't know what Java method > > that would be. > > > Replying to myself : upon further reflection, I am not even sure that > Java would have a method to do this, since it is supposed to be > platform-independent, and setting filesystem permissions and group > ownership is rather on the platform-dependent side. > How often do such upload requests come in ? I'm thinking that if this is > a single-platform solution, and file uploads don't come up tens per > second at a time, it may be possible (though I also don't know how) to > simply execute an OS-level command (chmod 0xxx filename; chgroup x > filename) from within a Tomcat webapp, or a servlet filter that would > run after the webapp. > > Otherwise, ACLs are complicated in terms of understanding the > documentation of setfacl; but once you have it down, it is after all > only a matter of running a single setfacl command once on each of your > target directories. And it has the advantage of being done totally > outside of your webapp, once and for all. It "sticks" to the directory, > not to your code. > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _ Windows Live™ Hotmail®:…more than just e-mail. http://windowslive.com/explore?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_explore_012009
AJP vs HTTP connectors?
Hi, I was listening to a webinar on spring source by Filip Hanik & Mark Thomas regarding tuning Tomcat for production in which they indicate that the Http connector is recommended vs an AJP connector (http://www.springsource.com/node/555). My question, then becomes, if someone wants to use Tomcat to serve up pages behind Apache Httpd, how to configure it to use the http connector? So far, the only thing I found is to use proxy/reverse proxy which is slow and can be problematic. To date, I've always been using mod_jk with AJP connector, but is there a better/preferred way to do this? Thanks! Eric - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: help Comet Tomcat
If you simply are looking for an example to use the CometProcessor interface, there is a module that is built around it https://svn.apache.org/repos/asf/tomcat/trunk/modules/bayeux/ Filip sam wrote: I am new to COMET in Tomcat, someone could show me one example on using COMET in Tomcat I have already changed the connector. i try example of http://tomcat.apache.org/tomcat-6.0-doc/aio.html and various example of this web I have managed to operate comet in Glassfish using Dojo, but Tomcat does not get anything sorry for my english any help will be good, thanx, thanx i using Tomcat 6.0.18 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running tomcat with root user.....umask in jsvc?
André Warnier wrote: epicwin...@hotmail.com wrote: You are correct, I found a setting that relaxes the group access permissions on the jailkit. Now I just have one more problem. When tomcat creates files in these user directories I need the permissions to be set appropriately. What is the best way to set the umask value when running tomcat using jsvc? That's a good question. I don't think jsvc would take any account of the Tomcat user's .profile file. ACLs would allow you to do that however :-) (Seriously, I believe you can set an ACL on the target directory that would make it so that when this particular user (Tomcat) creates a file there, it has by default a given set of permissions). Otherwise, you might have to do some kind of chmod from within your webapp itself, after it creates the file. I don't know what Java method that would be. Replying to myself : upon further reflection, I am not even sure that Java would have a method to do this, since it is supposed to be platform-independent, and setting filesystem permissions and group ownership is rather on the platform-dependent side. How often do such upload requests come in ? I'm thinking that if this is a single-platform solution, and file uploads don't come up tens per second at a time, it may be possible (though I also don't know how) to simply execute an OS-level command (chmod 0xxx filename; chgroup x filename) from within a Tomcat webapp, or a servlet filter that would run after the webapp. Otherwise, ACLs are complicated in terms of understanding the documentation of setfacl; but once you have it down, it is after all only a matter of running a single setfacl command once on each of your target directories. And it has the advantage of being done totally outside of your webapp, once and for all. It "sticks" to the directory, not to your code. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: running tomcat with root user.....umask in jsvc?
epicwin...@hotmail.com wrote: You are correct, I found a setting that relaxes the group access permissions on the jailkit. Now I just have one more problem. When tomcat creates files in these user directories I need the permissions to be set appropriately. What is the best way to set the umask value when running tomcat using jsvc? That's a good question. I don't think jsvc would take any account of the Tomcat user's .profile file. ACLs would allow you to do that however :-) (Seriously, I believe you can set an ACL on the target directory that would make it so that when this particular user (Tomcat) creates a file there, it has by default a given set of permissions). Otherwise, you might have to do some kind of chmod from within your webapp itself, after it creates the file. I don't know what Java method that would be. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: NoClassDefFoundError: HttpServlet
> From: Ladislav Gaspar [mailto:ladislav.gas...@it-vision.com] > Subject: AW: NoClassDefFoundError: HttpServlet > > Sorry for the misinformation. The the servlet-api.jar is in > $catalina_home/lib. The %CLASSPATH% is not adjusted The symptoms are still identical with those that appear when servlet-api.jar is in WEB-INF/lib or otherwise appears in multiple places in a given branch of the classloader tree. Note that the conflicting servlet classes might also be hidden inside a jar of a different name, such as j2ee.jar. Do the sample servlet and JSP apps that come with Tomcat work? If so, the problem is inside your webapp; if not, then there's another copy of the servlet classes lurking somewhere visible to Tomcat, perhaps in the endorsed directory. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: running tomcat with root user.....umask in jsvc?
You are correct, I found a setting that relaxes the group access permissions on the jailkit. Now I just have one more problem. When tomcat creates files in these user directories I need the permissions to be set appropriately. What is the best way to set the umask value when running tomcat using jsvc? > Date: Sun, 1 Feb 2009 21:58:11 -0800 > From: rusty.wri...@gmail.com > To: users@tomcat.apache.org > Subject: Re: running tomcat with root user > > Are you sure about the group write permissions? I glanced at the jailkit web > page and it looks like it's sugar coating and chrome around a chroot. So I > would think that using unix groups would work. And on the flip side, if unix > groups don't work, it seems to me that ACLs wouldn't either. > > > epicwin...@hotmail.com wrote: > > I have the latest tomcat 6 installed under centos 5.2. The problem I am > > having is that it appears that I have to run tomcat as root user, because > > the spring app that tomcat starts needs to write files to other users' home > > directories. The tomcat user doesn't have access to these directories. > > > > I tried making these users part of a shared group, but to complicate the > > problem the users are jailed using jailkit. So it doesn't appear that > > jailkit lets me add group write privileges to the home directories and > > maintain a working jail. > > > > Can anyone suggest another alternative? I am not linux user expert so > > maybe there is an obvious solution i am missing? > > thanks > > > > > > > > > > _ > > Windows Live™ Hotmail®…more than just e-mail. > > http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_howitworks_012009 > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _ Windows Live™ Hotmail®…more than just e-mail. http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_howitworks_012009
Problem with mod_jk and Tomcat Native Connectors on Solaris
Hi I am having problems with the mod_jk module 1.2.26 and Tomcat Native connectors running in Solaris 10. The problem occurs in both processors x86 (64-bit) and sparc (64-bit). (The problem does not occur on RedHat EL5 64-bit). On the mod_jk workers.properties file I am specifying a value for reply_timeout: worker.localworker.reply_timeout=1(10 seconds) I am anticipating that some requests would need more time, so I decided to run my test suite just increasing the value to 3. Oddly, with this value and running the same set of tests I get sporadic errors. The mod_jk log shows the following message when this occurs: [error] ajp_get_reply::jk_ajp_common.c (1730) : (localworker) Timeout with waiting reply from tomcat. Tomcat is down, stopped or nertwork problems (errno=145) I am using the following components: Apache Web Server 2.2.11 APR 1.3.3 APR-util 1.3.4 openssl-0.9.8 mod_jk1.2.26 Tomcat 6.0.16 Tomcat Native Connectors 1.1.12 (using same APR version as Apache) jsvc Sun Java JDK 1.6 I also found that the problem only occurs if the Tomcat Native Connectors is enabled in Tomcat. I can't figure why increasing the reply timeout would actually produce the errors it is supposed to prevent!! Any help is appreciated. I would like to benefit from the Tomcat Native Connectors, but I can't figure what I am configuring wrong. --- Below is my workers.properties ... --- worker.list= wlb, jkwatch, jkmanage # Properties for worker: localworker worker.localworker.type=ajp13 worker.localworker.host=localhost worker.localworker.port=8009 worker.localworker.lbfactor=1 worker.localworker.connection_pool_timeout=600 worker.localworker.socket_keepalive=True worker.localworker.socket_timeout=60 ### this parameter causes trouble if increased to 3 worker.localworker.reply_timeout=1 # # Defining a load balancer (with a single worker, the local worker) worker.wlb.type=lb worker.wlb.balance_workers=localworker worker.wlb.max_reply_timeouts=3 --- ... and here is the segment of server.xml --- - Jorge - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: package javax.servlet does not exist import javax.servlet.* ;
> From: Shaolin [mailto:shaolinfin...@gmail.com] > Subject: Re: package javax.servlet does not exist import > javax.servlet.* ; > > It worked, but how comes I have to use classpath now and not > when I used to do it before ? Before what? > is there any way of overcoming this ? Typing up CPs' in > command line takes too much time. Which is why people normally use ant scripts (or IDEs) to build their products with. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: package javax.servlet does not exist import javax.servlet.* ;
It worked, but how comes I have to use classpath now and not when I used to do it before ? is there any way of overcoming this ? Typing up CPs' in command line takes too much time. 2009/2/2 Caldarale, Charles R > > From: Shaolin [mailto:shaolinfin...@gmail.com] > > Subject: Re: package javax.servlet does not exist import > > javax.servlet.* ; > > > > > You'll need to tell javac (or whatever IDE you're > > > using) where the servlet-api.jar is. > > > > How do I do that ? > > For javac, use the -cp parameter; for any IDE, you'll have to consult its > documentation. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: Location of properties file for web app in Tomcat
> From: Flavius [mailto:flav...@silverlion.com] > Subject: Re: Location of properties file for web app in Tomcat > > It seems the ContextClassLoader should know where it's running from > on the physical path. But I haven't figured that out yet. As has been discussed on this list several times, the container (Tomcat) need not expose any of the file system to the webapps other a spec-defined workspace area. You can't even be sure that your webapp resources will ever be in the underlying file system, even if there is one (think embedded controller). - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: package javax.servlet does not exist import javax.servlet.* ;
> From: Shaolin [mailto:shaolinfin...@gmail.com] > Subject: Re: package javax.servlet does not exist import > javax.servlet.* ; > > > You'll need to tell javac (or whatever IDE you're > > using) where the servlet-api.jar is. > > How do I do that ? For javac, use the -cp parameter; for any IDE, you'll have to consult its documentation. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: package javax.servlet does not exist import javax.servlet.* ;
if you're compiling from the console-window: javac -help take a look at "-classpath" if you're using an ide, check out your ide's documentation rgds gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Location of properties file for web app in Tomcat
Thanks guys. I think I'll try that. I had hoped to get around setting the system property by simply requiring that the properties file exist in the same dir as the war file. Then the war file can simply ask, "where am I?" and use that path to load the properties file. It seems the ContextClassLoader should know where it's running from on the physical path. But I haven't figured that out yet. Have a great day. -- View this message in context: http://www.nabble.com/Location-of-properties-file-for-web-app-in-Tomcat-tp21767095p21794946.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: package javax.servlet does not exist import javax.servlet.* ;
Thanks - Im using the exe version and replaced the tomcat6 and tomcat6w versions with the 64 bit ones. I tried it with another app of mine that works but it wouldnt compile that one either. > You'll need to tell javac (or whatever IDE you're using) where the servlet-api.jar is. How do I do that ? 2009/2/2 Caldarale, Charles R > > From: Shaolin [mailto:shaolinfin...@gmail.com] > > Subject: Re: package javax.servlet does not exist import > > javax.servlet.* ; > > > > 1. Im using 6.0.18 64 bit with windows xp 64 and Java SDK SE > > 6 update 11 (64bit). > > Did you install Tomcat from the .exe download or the .zip one? You will > need the 64-bit versions of tomcat6.exe and tomcat6w.exe if you want to run > Tomcat as a service. I would recommend running it from the command line > using the startup.bat and shutdown.bat scripts (from the .zip downloads) > until you get the bugs worked out. After that, get the 64-bit versions > here: > http://svn.apache.org/viewvc/tomcat/connectors/trunk/procrun/bin/amd64/ > > Rename them, changing the 5 to 6. > > > 3. The servlet-api jar is in the tomcat lib dir and not in app lib dir > > 4. Didnt find the j2ee jar in the tomcat folder. > > Do the servlet and JSP examples that come with Tomcat work? If so, and > it's just your webapp that's failing with the package does not exist error, > then something is odd with your webapp. > > It just struck me: this is a compilation message, not a run-time one. > You'll need to tell javac (or whatever IDE you're using) where the > servlet-api.jar is. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: mod_jk 1.2.27 strange default reply_timeout
Hubert de Heer wrote: Hi, worker.host_1.socket_timeout=15 This is the root of the problem cause it imposes the timeout on any socket operation between mod_jk and tomcat. What we notice is that Apache will respond with an error 502 Bad Gateway when a response takes more than 30sec. socket_timeout x 2 (one op and one retry) This seems quite strange as without a reply_timeout set I would expect the reply_timeout to default to 0 (timeout disabled). This is to have infinite socket_timeout and still have reply timeout. Note that socket_timeout is fixed with 1.2.27, so it actually works now ;) With 1.2.27 you have a new socket_connect_timeout property that you can set to a lower value (see the changelog and docs) Regards -- ^(TM) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: package javax.servlet does not exist import javax.servlet.* ;
> From: Shaolin [mailto:shaolinfin...@gmail.com] > Subject: Re: package javax.servlet does not exist import > javax.servlet.* ; > > 1. Im using 6.0.18 64 bit with windows xp 64 and Java SDK SE > 6 update 11 (64bit). Did you install Tomcat from the .exe download or the .zip one? You will need the 64-bit versions of tomcat6.exe and tomcat6w.exe if you want to run Tomcat as a service. I would recommend running it from the command line using the startup.bat and shutdown.bat scripts (from the .zip downloads) until you get the bugs worked out. After that, get the 64-bit versions here: http://svn.apache.org/viewvc/tomcat/connectors/trunk/procrun/bin/amd64/ Rename them, changing the 5 to 6. > 3. The servlet-api jar is in the tomcat lib dir and not in app lib dir > 4. Didnt find the j2ee jar in the tomcat folder. Do the servlet and JSP examples that come with Tomcat work? If so, and it's just your webapp that's failing with the package does not exist error, then something is odd with your webapp. It just struck me: this is a compilation message, not a run-time one. You'll need to tell javac (or whatever IDE you're using) where the servlet-api.jar is. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 6.0 loads blank page
Hello guys, Thank you again for your help chuck! 1) I just looked at the CGI servlet help that you sent. Actually I just have to uncomment the CGI servlet part in the web.xml and now at least i don't get an error, it's just a blank( which is probably the address problem, i.e a file pointing to a wrong directory) 2) I think you're right, just installing the fresh version from the website is better. How do i completely uninstall the apache( remove all the files) on ubuntu. I just started using ubuntu and not sure how it works. Thank you again for the help! Regards zia On Mon, Feb 2, 2009 at 10:51 AM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: zia mohades [mailto:zia.si...@gmail.com] > > Subject: Re: Apache Tomcat 6.0 loads blank page > > > > 3) however now i have a new problem: for some reason my html > > page doesn't communicate with the cgi file. > > Did you follow the instructions here, in particular enabling the CGI > servlet? > http://tomcat.apache.org/tomcat-6.0-doc/cgi-howto.html > > Again, if you're using a 3rd-party repackaged Tomcat, it's quite possible > what you're doing simply won't work with that installation. I strongly > recommend you download and install a real Tomcat, rather than wasting time > with what appears to be a damaged one. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: Apache Tomcat 6.0 loads blank page
> From: zia mohades [mailto:zia.si...@gmail.com] > Subject: Re: Apache Tomcat 6.0 loads blank page > > 3) however now i have a new problem: for some reason my html > page doesn't communicate with the cgi file. Did you follow the instructions here, in particular enabling the CGI servlet? http://tomcat.apache.org/tomcat-6.0-doc/cgi-howto.html Again, if you're using a 3rd-party repackaged Tomcat, it's quite possible what you're doing simply won't work with that installation. I strongly recommend you download and install a real Tomcat, rather than wasting time with what appears to be a damaged one. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 6.0 loads blank page
zia mohades wrote: [...] 1) for the connector port I have commented out one of them actually, so only two of them are active these ones: I'll let someone else comment definitely on the above, but in my understanding this is a no-no, and I don't understand how it could work. You should not have two connectors listening on the same port, and both above are listening on port 8080. The second one should probably have port="8443" instead of port="8080". You must have modified it yourself, because it probably did not come this way in your original server.xml file. 2) for the LiveHttpHeader,I just tried it again. and now it works in fact this is what I get: [...] Allright, that is more logical. So now you have a tool to check what a server is sending to your browser, even if the page looks blank in the browser. 3) however now i have a new problem: for some reason my html page doesn't communicate with the cgi file. "hesearch.html" in /usr/local/tomcat/webapps/mms_test , doesn't communicate with the cgi program test.cgi located in /usr/local/tomcat/bin. hesearch.html contains a button which when it is pushed it accesses the test.cgi which executes other programs. However when i push that button , i get this error: " HTTP Status 404 - /bin/test.cgi -- For the above, I suggest that you start by reading this : http://tomcat.apache.org/tomcat-6.0-doc/cgi-howto.html Read it really well, follow the instructions, and then post again with a separate new subject about cgi if you still have a problem. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: jsvc problem with PID. Resolution
Progress. Uninstalled the FC10 tomcat6 (it does need documentation, asp classes, servlet api classes, ROOT + examples, and other deps) Reinstalled from tc main site. As root. In $CATALINA_HOME/bin/jsvc-src/native there is a file Tomcat.sh which, when updated for various changes 1. paths. 2. PID (now tomcat6 rather than the original jsvc name) 3. I've added a restart option. Produces a working jsvc script... when run by root. Below if of interest to anyone. The envars are for my setup. # This is for of Tomcat-6.x (Apache Tomcat 6) # # Adapt the following lines to your configuration JAVA_HOME=/usr/java/default CATALINA_HOME=/apps/tomcat6 DAEMON_HOME=$CATALINA_HOME/bin TOMCAT_USER=dpawson PIDFILE=/var/run/tomcat6.pid TMP_DIR=/tmp CATALINA_OPTS= CLASSPATH=\ $JAVA_HOME/lib/tools.jar:\ $DAEMON_HOME/commons-daemon.jar:\ $CATALINA_HOME=/bin/bootstrap.jar case "$1" in start) # # Start Tomcat # $DAEMON_HOME/jsvc \ -user $TOMCAT_USER \ -home $JAVA_HOME \ -pidfile $PIDFILE \ -Dcatalina.home=$CATALINA_HOME \ -Djava.io.tmpdir=$TMP_DIR \ -outfile $CATALINA_HOME/logs/catalina.out \ -errfile '&1' \ $CATALINA_OPTS \ -cp $CLASSPATH \ org.apache.catalina.startup.BootstrapService # # To get a verbose JVM #-verbose \ # To get a debug of jsvc. #-debug \ ;; stop) # # Stop Tomcat # PID=`cat $PIDFILE` if [ -f $PIDFILE ] then kill $PID else echo "No PID, TC not running?" fi ;; restart) # # Stop Tomcat # PID=`cat $PIDFILE` if [ -f $PIDFILE ] then kill $PID else echo "No PID, TC not running?" fi # # Start Tomcat # $DAEMON_HOME/jsvc \ -user $TOMCAT_USER \ -home $JAVA_HOME \ -pidfile $PIDFILE \ -Dcatalina.home=$CATALINA_HOME \ -Djava.io.tmpdir=$TMP_DIR \ -outfile $CATALINA_HOME/logs/catalina.out \ -errfile '&1' \ $CATALINA_OPTS \ -cp $CLASSPATH \ org.apache.catalina.startup.BootstrapService PID=`cat $PIDFILE` echo "Tomcat now running, PID is $PID" ;; *) echo "Usage tomcat.sh start/stop" exit 1;; esac Thanks for the help. regards -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache Tomcat 6.0 loads blank page
Hi everyone, Chuck, I just double checked the web.xml and the following: index.html index.htm > welcome-file> > index.jsp > > is in fact there. And Also i restarted the apache server couple of time and now I can access the web server using http://localhost:8080/mms_test/index.html directly, w/o having to use index.jsp. Andre, for the questions you asked 1) for the connector port I have commented out one of them actually, so only two of them are active these ones: 2) for the LiveHttpHeader,I just tried it again. and now it works in fact this is what I get: http://localhost:8080/bin/test.cgi?searchvalue=asdfsdf&searchtype=sequence&option=Beta+sheets+Database+Only&length=3 GET /bin/test.cgi?searchvalue=asdfsdf&searchtype=sequence&option=Beta+sheets+Database+Only&length=3 HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.5) Gecko/2008121621 Ubuntu/8.04 (hardy) Firefox/3.0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/mms_test/hesearch.html HTTP/1.x 404 Not Found Server: Apache-Coyote/1.1 Content-Type: text/html;charset=utf-8 Content-Length: 991 Date: Mon, 02 Feb 2009 15:25:20 GMT 3) however now i have a new problem: for some reason my html page doesn't communicate with the cgi file. "hesearch.html" in /usr/local/tomcat/webapps/mms_test , doesn't communicate with the cgi program test.cgi located in /usr/local/tomcat/bin. hesearch.html contains a button which when it is pushed it accesses the test.cgi which executes other programs. However when i push that button , i get this error: " HTTP Status 404 - /bin/test.cgi -- *type* Status report *message* */bin/test.cgi* *description* *The requested resource (/bin/test.cgi) is not available.* * * However the program is in the right location and i have all the permissions. any suggestions? Thank you again for all your helps, regards zia On Mon, Feb 2, 2009 at 12:25 AM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: zia mohades [mailto:zia.si...@gmail.com] > > Subject: Re: Apache Tomcat 6.0 loads blank page > > > > perfect! thank you martin, I have just created a JSP file, > > index.jsp and copied the content of index.html into it. and > > then made this modification as you said: > > None of which you should have to do. A real Tomcat download (from > tomcat.apache.org) includes a default web.xml in Tomcat's conf directory > that already contains the following: > > > index.html > index.htm > index.jsp > > > It sounds like yours doesn't have that, so I would strongly suggest > removing the Ubuntu version of Tomcat and installing a real one from the > above web site. We've had innumerable strange problems with 3rd-party > repackaged versions of Tomcat that do not occur with the real one. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: Tomcat configuration with multiple services
> From: Jaakko Taipale [mailto:jaakko.taip...@dbmanager.fi] > Subject: Tomcat configuration with multiple services > There is two services other for http and other for https > connections. Is this right way to do this I've never seen anyone try that. Can't imagine what your requirements would be that result in having multiple elements in Tomcat. One normally simply has two elements, one for HTTP, one for HTTPS: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html > Also I point users accessing by ip to directory that doesn't > exist because I want that robots that are scanning ip addresses > doesn't get anything as response, Lack of a valid appBase directory will cause a 500 response, not no response, so that's pretty much a waste of time. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: package javax.servlet does not exist import javax.servlet.* ;
1. Im using 6.0.18 64 bit with windows xp 64 and Java SDK SE 6 update 11 (64bit). 2. I did do it just afew moments ago to see if it would work at which it didnt so I removed it. 3. The servlet-api jar is in the tomcat lib dir and not in app lib dir 4. Didnt find the j2ee jar in the tomcat folder. 2009/2/2 Caldarale, Charles R > > From: Shaolin [mailto:shaolinfin...@gmail.com] > > Subject: package javax.servlet does not exist import javax.servlet.* ; > > > > The servlet jars cannot be found. I checked the tomcat lib > > dir and it was present and it looks like its something to > > do with the classpath. > > 1) Tell us which version of Tomcat, what JVM/JRE you're using, and what > specific OS, including 32- or 64-bit. > > 2) NEVER, never, never set the CLASSPATH environment variable for Tomcat. > > 3) Make sure you do not have a copy of servlet-api.jar anywhere in Tomcat's > classloader hierarchy, other than Tomcat's lib directory. (Many > inexperienced users erroneously put that jar in a webapps's WEB-INF/lib > directory.) > > 4) Make sure j2ee.jar is not anywhere Tomcat or the JVM might stumble into > it. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: package javax.servlet does not exist import javax.servlet.* ;
> From: Shaolin [mailto:shaolinfin...@gmail.com] > Subject: package javax.servlet does not exist import javax.servlet.* ; > > The servlet jars cannot be found. I checked the tomcat lib > dir and it was present and it looks like its something to > do with the classpath. 1) Tell us which version of Tomcat, what JVM/JRE you're using, and what specific OS, including 32- or 64-bit. 2) NEVER, never, never set the CLASSPATH environment variable for Tomcat. 3) Make sure you do not have a copy of servlet-api.jar anywhere in Tomcat's classloader hierarchy, other than Tomcat's lib directory. (Many inexperienced users erroneously put that jar in a webapps's WEB-INF/lib directory.) 4) Make sure j2ee.jar is not anywhere Tomcat or the JVM might stumble into it. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
mod_jk 1.2.27 strange default reply_timeout
Hi, We have an environment running Apache 2.2.9, mod_jk 1.2.27 and Tomcat 5.5.27. The following settings are in place: Apache (prefork mode) = Timeout 60 KeepAliveTimeout 5 JkWatchdogInterval 90 JkOptions +DisableReuse worker.properties = worker.host_1.type=ajp13 worker.host_1.host=127.0.0.1 worker.host_1.port=8009 worker.host_1.socket_keepalive=1 worker.host_1.socket_timeout=15 worker.host_1.connect_timeout=1 worker.host_1.prepost_timeout=8000 worker.host_1.lbfactor=1 worker.host_1.ping_mode=A worker.host_1.connection_pool_timeout=600 server.xml == What we notice is that Apache will respond with an error 502 Bad Gateway when a response takes more than 30sec. This seems quite strange as without a reply_timeout set I would expect the reply_timeout to default to 0 (timeout disabled). The same setup with mod_jk 1.2.26 does not give this 502 Bad Gateway error, can't find any information on a behavioural change regarding reply timeouts. The error from mod_jk logging: [Mon Feb 02 13:45:18 2009] [8645:3086362304] [info] ajp_connection_tcp_get_message::jk_ajp_common.c (): (host_1) can't receive the response message from tomcat, network problems or tomcat (127.0.0.1:8009) is down (errno=11) [Mon Feb 02 13:45:18 2009] [8645:3086362304] [error] ajp_get_reply::jk_ajp_common.c (1920): (host_1) Tomcat is down or refused connection. No response has been sent to the client (yet) [Mon Feb 02 13:45:18 2009] [8645:3086362304] [info] ajp_service::jk_ajp_common.c (2407): (host_1) sending request to tomcat failed (recoverable), (attempt=2) [Mon Feb 02 13:45:18 2009] [8645:3086362304] [error] ajp_service::jk_ajp_common.c (2426): (host_1) connecting to tomcat failed. [Mon Feb 02 13:45:18 2009] host_1 127.0.0.1 "POST /hv/main/nav/processflightqry HTTP/1.1" 34.101650 Regards, Hubert de Heer
package javax.servlet does not exist import javax.servlet.* ;
Hi Guys The servlet jars cannot be found. I checked the tomcat lib dir and it was present and it looks like its something to do with the classpath. How can I change/update it so that it will work ? Im on a windows
Re: tomcat 5 and the JVM
thanks - removed On Mon, 2009-02-02 at 14:46 +0100, Felix Schumacher wrote: > Hi Ray, > > On Mon, February 2, 2009 1:59 pm, Ray Holme wrote: > > I run tomcat 6 on Linux and have multiple applications in development > > mode. From my testing I have discovered that a Java bean shared by all > > applications and with ALL methods as static SEEMS to have a separate > > instance for each appliction - i.e. > look at > http://tomcat.apache.org/tomcat-6.0-doc/class-loader-howto.html > > > cool, but it means that each application must do a > > System.gc() > If you have to do a System.gc() by yourself, you (most) probably did > something wrong with your Bean. And be careful with that call. First the > jvm is free to ignore it. Second it can be a major performance hit. We > once found an application to call System.gc() with every get|post call. We > disabled the System.gc() functionality by starting the jvm with > -XX:+DisableExplicitGC. > > Bye > Felix > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 5 and the JVM
thanks - makes sense. removed the GC call as someone else put it there a long time ago also removed System.runFinalization() - assume this is not something to do in my "garbage sweep" where I check for other things. :=] On Mon, 2009-02-02 at 14:45 +0100, Kees de Kooter wrote: > Hi Ray, > > It is one JVM, but separate classloaders so applications do not "see" > classes of other apps. > > Oh and please be extremely careful with using System.gc(). Using it > can lead to severe and unexpected performance issues. If you "need" > gc() you almost always have a flaw in your code. > > Cheers, > Kees de Kooter > http://www.boplicity.net > > > > On Mon, Feb 2, 2009 at 13:59, Ray Holme wrote: > > I run tomcat 6 on Linux and have multiple applications in development > > mode. From my testing I have discovered that a Java bean shared by all > > applications and with ALL methods as static SEEMS to have a separate > > instance for each appliction - i.e. > > > > getDebugLevel() returns 0 from the 2nd application > > even if the first has set it to 100 > > > > This is useful but contrary to what I would expect. I would expect one > > JVM for all applications. If there is one per application, that too is > > cool, but it means that each application must do a > > > > System.gc() > > > > occasionally and that this routine cannot be done once for all. > > > > So, does someone know for sure - one JVM per Tomcat OR one JVM per app?? > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 5 and the JVM
Hi Ray, On Mon, February 2, 2009 1:59 pm, Ray Holme wrote: > I run tomcat 6 on Linux and have multiple applications in development > mode. From my testing I have discovered that a Java bean shared by all > applications and with ALL methods as static SEEMS to have a separate > instance for each appliction - i.e. look at http://tomcat.apache.org/tomcat-6.0-doc/class-loader-howto.html > cool, but it means that each application must do a > System.gc() If you have to do a System.gc() by yourself, you (most) probably did something wrong with your Bean. And be careful with that call. First the jvm is free to ignore it. Second it can be a major performance hit. We once found an application to call System.gc() with every get|post call. We disabled the System.gc() functionality by starting the jvm with -XX:+DisableExplicitGC. Bye Felix - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 5 and the JVM
Hi Ray, It is one JVM, but separate classloaders so applications do not "see" classes of other apps. Oh and please be extremely careful with using System.gc(). Using it can lead to severe and unexpected performance issues. If you "need" gc() you almost always have a flaw in your code. Cheers, Kees de Kooter http://www.boplicity.net On Mon, Feb 2, 2009 at 13:59, Ray Holme wrote: > I run tomcat 6 on Linux and have multiple applications in development > mode. From my testing I have discovered that a Java bean shared by all > applications and with ALL methods as static SEEMS to have a separate > instance for each appliction - i.e. > > getDebugLevel() returns 0 from the 2nd application > even if the first has set it to 100 > > This is useful but contrary to what I would expect. I would expect one > JVM for all applications. If there is one per application, that too is > cool, but it means that each application must do a > > System.gc() > > occasionally and that this routine cannot be done once for all. > > So, does someone know for sure - one JVM per Tomcat OR one JVM per app?? > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Why tomcat 6.0.18 looks for MySQL JDBC driver to be placed in CATALINA_HOME/lib folder?
Within the docs I do not see a recommendation to place the JDBC-driver both in ${CATALIN_HOME}/lib *AND* WEB-INF: == 1. Install Your JDBC Driver Use of the JDBC Data Sources JNDI Resource Factory requires that you make an appropriate JDBC driver available to both Tomcat internal classes and to your web application. This is most easily accomplished by installing the driver's JAR file(s) into the $CATALINA_HOME/lib directory, which makes the driver available both to the resource factory and to your application. === > 2. If I copied more than one JDBC jars (with different version) in > CATALINA_HOME/lib folder for couple of my applications, how each of them > looks for the respective versions of JDBC driver? I'd reconsider my webapps preferabbly: Why should your webapps require different versions of the same JDBC-driver? Do you have different instance of MySQL running? If not, IMHO that doesn't make any sense at all. Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat 5 and the JVM
I run tomcat 6 on Linux and have multiple applications in development mode. From my testing I have discovered that a Java bean shared by all applications and with ALL methods as static SEEMS to have a separate instance for each appliction - i.e. getDebugLevel() returns 0 from the 2nd application even if the first has set it to 100 This is useful but contrary to what I would expect. I would expect one JVM for all applications. If there is one per application, that too is cool, but it means that each application must do a System.gc() occasionally and that this routine cannot be done once for all. So, does someone know for sure - one JVM per Tomcat OR one JVM per app?? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Why tomcat 6.0.18 looks for MySQL JDBC driver to be placed in CATALINA_HOME/lib folder?
Hi Ramesh, Did you configure a JNDI datasource in tomcat? In that case the datasource exists "outside" your app. Cheers, Kees de Kooter http://www.boplicity.net On Mon, Feb 2, 2009 at 13:06, peterramesh wrote: > > Hi, > > On reading Tomcat help doc > http://tomcat.apache.org/tomcat-6.0-doc/jndi-resources-howto.html, it > recommends to place the MySQL JDBC driver in both places (CATALINA_HOME/lib > and WEB-INF/lib folder of the app). > > If I haven't placed in CATALINA_HOME/lib folder, my app is failing with > driver not found error. I'm puzzled with.. > > 1. Why Tomcat look for the JDBC jar to be in CATALINA_HOME/lib folder? > 2. If I copied more than one JDBC jars (with different version) in > CATALINA_HOME/lib folder for couple of my applications, how each of them > looks for the respective versions of JDBC driver? > > Thanks, > Ramesh > -- > View this message in context: > http://www.nabble.com/Why-tomcat-6.0.18-looks-for-MySQL-JDBC-driver-to-be-placed-in-CATALINA_HOME-lib-folder--tp21788529p21788529.html > Sent from the Tomcat - User mailing list archive at Nabble.com. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
help Comet Tomcat
I am new to COMET in Tomcat, someone could show me one example on using COMET in Tomcat I have already changed the connector. i try example of http://tomcat.apache.org/tomcat-6.0-doc/aio.html and various example of this web I have managed to operate comet in Glassfish using Dojo, but Tomcat does not get anything sorry for my english any help will be good, thanx, thanx i using Tomcat 6.0.18 -- View this message in context: http://www.nabble.com/help-Comet-Tomcat-tp21788916p21788916.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Why tomcat 6.0.18 looks for MySQL JDBC driver to be placed in CATALINA_HOME/lib folder?
Hi, On reading Tomcat help doc http://tomcat.apache.org/tomcat-6.0-doc/jndi-resources-howto.html, it recommends to place the MySQL JDBC driver in both places (CATALINA_HOME/lib and WEB-INF/lib folder of the app). If I haven't placed in CATALINA_HOME/lib folder, my app is failing with driver not found error. I'm puzzled with.. 1. Why Tomcat look for the JDBC jar to be in CATALINA_HOME/lib folder? 2. If I copied more than one JDBC jars (with different version) in CATALINA_HOME/lib folder for couple of my applications, how each of them looks for the respective versions of JDBC driver? Thanks, Ramesh -- View this message in context: http://www.nabble.com/Why-tomcat-6.0.18-looks-for-MySQL-JDBC-driver-to-be-placed-in-CATALINA_HOME-lib-folder--tp21788529p21788529.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: jsvc problem with PID
2009/2/2 André Warnier : > Just a few points though in defense of the packagers, a much-criticised > group (to which I do not belong by the way) : NO critique of their work. They have different drivers. > - like the Tomcat people, they are working for free, in a spirit of helping > other people > - what they do allows one to install a package (any package), mainly by > typing " install package-name", and generally it works right out of the > box. ? There I'll beg to differ. Since they dont' provide any documentation, I have to fall back on TC docs... which are inapplicable (and sufficiently complex in their own right). The main issue is a 'standard' layout for a filesystem, which Linux has been battling for years. Roll on the day. > - they try to follow the usual conventions of the platform for which they do > it, which does not necessarily please the original package developers, but > pleases the sysadmins no end, because one then finds the same kind of files > in the same usual places (configuration files, logfiles, start/stop scripts > etc..), without having to scour the whole system to find them > - they also try to respect the filesystem conventions as to where one puts > things that get written to or not, permissions and so on > - they do not generally "break things", they just sometimes tend to spread > out the files and use a lot of links, which is a bit confusing at first. Were it documented, it may help. None found. > > About the missing pieces, I'm sure that the Tomcat Manager and the Tomcat > doc are also available, in their own Fedora package. > The packagers split them off, because they thought (probably justifiably) > that many people installing Tomcat on real-world servers did not necessarily > need them. I'll look. Thanks. Not much help to a newbie. Tks. regards -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: jsvc problem with PID
Dave Pawson wrote: [...] I tried the Fedora install (instead of the Main Tomcat one). It's horribly complex. Installs all over the machine, Is missing the manager app and the docs. Yuk. That will be music to the ears of some; can't wait for their comments. As for me, I'm glad to hear that it is not only the Tomcat Debian packager that has a great imagination. Just a few points though in defense of the packagers, a much-criticised group (to which I do not belong by the way) : - like the Tomcat people, they are working for free, in a spirit of helping other people - what they do allows one to install a package (any package), mainly by typing " install package-name", and generally it works right out of the box. - they try to follow the usual conventions of the platform for which they do it, which does not necessarily please the original package developers, but pleases the sysadmins no end, because one then finds the same kind of files in the same usual places (configuration files, logfiles, start/stop scripts etc..), without having to scour the whole system to find them - they also try to respect the filesystem conventions as to where one puts things that get written to or not, permissions and so on - they do not generally "break things", they just sometimes tend to spread out the files and use a lot of links, which is a bit confusing at first. About the missing pieces, I'm sure that the Tomcat Manager and the Tomcat doc are also available, in their own Fedora package. The packagers split them off, because they thought (probably justifiably) that many people installing Tomcat on real-world servers did not necessarily need them. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: jsvc problem with PID
2009/2/1 Qiao Jin : > Could it be that you are running the start-up script (the one using jsvc) as > a normal user and thus does not have the permission to write to /var/run? In > my system, CentOS 5, /var/run can only be written by root. I run my jsvc > script as root and use the "-user" option to switch to a normal user after > binding to port 80. That makes sense, thanks. So root runs the script, but the user 'used' as the parameter is a normal user. I'll try that. ps. I tried the Fedora install (instead of the Main Tomcat one). It's horribly complex. Installs all over the machine, Is missing the manager app and the docs. Yuk. regards -- Dave Pawson XSLT XSL-FO FAQ. Docbook FAQ. http://www.dpawson.co.uk - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat resets the connection during load
I'm running a Tomcat 6.0.16 (native library is compiled )on a Linux box (CentOS 5), java version is: java version "1.6.0" Java(TM) SE Runtime Environment (build 1.6.0-b105) Java HotSpot(TM) Server VM (build 1.6.0-b105, mixed mode) The connection configuration is: I've deployed my wepapp into tomcat, which on low load (few requests per second) the doGet() method lasts about 30-40ms. In order to measure the performance of the webapp under load, I wrote a simple test that simulates high load on tomcat (hundreds of requests per second). After few seconds of running, the client received the following exceptions from the server (not all the requests, some of them processed and return response, but it took few seconds though): java.net.SocketException: Unexpected end of file from server at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:714) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:577) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:711) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:577) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1004) at AdvertiserCaller.call(StressTest.java:192) at AdvertiserCaller.call(StressTest.java:166) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885) I've records the traffic using Wireshark (http://www.wireshark.org), and I've noticed that Tomcat send TCP Reset to the client, before it writes the reponse to the stream. Can you please assist understanding this behavior and tuning Tomcat in order to avoid these problems? Thanks, Barak.
Tomcat configuration with multiple services
Hi, I have following tomcat server.xml configuration: There is two services other for http and other for https connections. Is this right way to do this and does it have some performance issues? Also I point users accessing by ip to directory that doesn't exist because I want that robots that are scanning ip addresses doesn't get anything as response, is there better way to do this (I have tried something with valve but don't know how to do this with that)? -- Jaakko
Re: Tomcat 6 on Linux - session - DB connections and other shared resources
Servlet filters are the best way to solve this. Where do you get stuck with filters? Cheers, Kees de Kooter http://www.boplicity.net On Sun, Feb 1, 2009 at 23:55, Ray Holme wrote: > I have a few web applications being moved to tomcat. They all share some > commonality - I use Firebird not MySQL; I built my own ConnectionManager > long ago; and all three have an Application wide bean for shared > resources. Each user has a "UserInfo" bean (whether or not they log in > is important and can be found, but all functions require the common > resources and it is a VERY convenient place to put them) from which > hangs a DB-Connection bean and an Application bean. This enables > resources to be pooled (connections) and shared (Application). > > Perhaps due to lack of knowledge, I try get the session's UserInfo > (getAttribute(..)) and on failure intstantiate a new one in hundreds of > servlets and/or JSP servlet codes sets (adding resources as needed). > > I am sure that there must be some reasonable way to have all of the > servlets (no matter what form) go through some preliminary code, and > some post processing in order not to write the same code into hundreds > of places (and be sure the post processing routine which frees up > resources is ALWAYS executed). > > I have tried to do this with filterchains but am failing so far - due to > ignorance or whatever. I realize that I could modify the source and do > it, but that seems counter productive as this seems like a fairly common > need. > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Slightly OT: ApacheCon Europe 2009
Being a Belgian, I couldn't agree more! A wise man has spoken :-) After peeking at the schedule, I must say there are some very interesting talks and workshops. Unfortunately, I'm afraid my company isn't willing to pay for that trip. Therefor I was wondering whether there is any possibility to attend some meetings by live feeds, as some other conferences do? Cheers. On Fri, 2009-01-30 at 22:11 +0100, André Warnier wrote: > Mark Thomas wrote: > > > >> Hope to see you there for a *yuck* Heinecken... > > > > I'm sure we can find something better than that :) > > > Since we're already OT here, let's do something for the sake of general > cultural enlightenment outside of Tomcat and Java. > > As any real amateur knows, the only really good beer is Belgian > (though there's now hope also for Anheuser-Bush ;-)). > The very best beer in the whole world is a Trappist beer, from the abbey > of Westvleeteren, a little town in the North-West of Belgium, not far > from the Netherlands. It is unfortunately very hard to get, because the > enlightened monks who make it only make a small quantity of it, and one > has to go to the abbey itself to get it. > However, among the only other 6 genuine Trappist beers in the world, > which are all of a high quality, there happens to exist also a Dutch one > : La Trappe, which I'm sure can be found in Amsterdam. > > More information here : http://en.wikipedia.org/wiki/Trappist_beer > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -- Pieter Temmerman email: ptemmerman@sadiel.es skype: ptemmerman.sadiel SADIEL TECNOLOGÍAS DE LA INFORMACIÓN, S.A. http://www.sadiel.es. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org