instance has been stopped. could not load oracle.toplink.essentials...
I can't quite predict with certainty when this error will occur: 86899 Feb 28, 2009 10:05:50 PM org.apache.catalina.loader.WebappClassLoader loadClass 86900 INFO: Illegal access: this web application instance has been stopped already. Could not load oracle.toplink.essentials.internal.localization.i18n.LoggingLocalizationResource. The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact. 86901 java.lang.IllegalStateException but generally restarting tomcat, and some combination of undeploy/ redeploy fixes the problem. (I'm using NB 6.1, which automagically deploys the .war) I'm not entirely whether undeploying the app does anything or not, I don't see why it would, but it seems to help. >From what I've read the general solution is to just restart tomcat. What does the error mean? Also, just to clarify, if I'm using toplink for JPA then the toplink jars, and whatever I'm using for jdbc, need to be copied to tomcat as per: http://wiki.netbeans.org/DeployREST2Tomcat55 (instead of derby I'm using mssql.jar) thanks, Thufir - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how to compile tomcat source
Dear mks, Thank you very much, you saved my time . Now it works. Best Regards, H Iroshan On Sun, Mar 1, 2009 at 12:48 AM, Markus Schönhaber < tomcat-us...@list-post.mks-mail.de> wrote: > h iroshan: > > > I am new to Apache Tomcat. Can any body explain me to how to compile the > > source code of Apache Tomcat 5.5. > > http://tomcat.apache.org/tomcat-5.5-doc/building.html > > But: if you're new to Tomcat, what makes you think it's necessary for > you to build it from source? > > Regards > mks > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
serializing session in DB
Hi Group, I am trying to deploy a tomcat cluster. I was able to set up a test tomcat cluster using in-memory replication with version 6.0.10, but my session data is too much (almost 5 GB per tomcat instance, and using 2 nodes in cluster both instances will require 10GB of RAM to hold session data). So I fall back on storing session in database for which I used Persistent Manager and JDBCStore. But the problem is that its not full proof HA. The sessions are only persisted when they become idle or during graceful shutdown of the tomcat. Is there a way to persist the session in DB before the request gets served (as it happens for in-memory replication). Thanks, Amit - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve and RemoteHostValve
marc, do i understand you correct that you only whant to accept requests from "localhost"? next: wouldn't authorization solve your problem? rgds gregor Am 28.02.2009 um 19:14 schrieb Zak Mc Kracken : Thank you all for replies and detailed explanation. Now I understand what's happening. My specific problem is restrict a single web application to clients coming from localhost only. This was not working (everything blocked): I am using a Mac and, after your replies, I tried to see what request.getRemoteAddr() and request.getRemoteHost(). Well, it turns out that they both return "0:0:0:0:0:0:0:1%0", so now everything works with: Moreover, André's reply is pretty convincing, although it seems to i mply that RemoteHostValve should be avoided (isn't DNS reverse looku p cached?) and cannot be chained with RemoteAddrValve. Of course one can do what you suggests, although this is a bit impractical in lar ge networks where one wouldn't like to care about IP changes of symb olic names. Worse, I don't see what I could do to grant access to si ngle PCs in those LANs where users have fixed host names for their P Cs, but DHCP-assigned IPs (OK, maybe it's a theoretical case, I woul d probably switch to user/password). Cheers. Marco. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: error while building tomcat 5.5
h iroshan:
> I tried to build the Tomcat 5.5 source with ant 1.7 and SVN 1.5 . while
> building I faced with following error .
>
> BUILD FAILED
> /home/iroshan/Documents/sources/tomcatBuild/build.xml:67: The following
> error occurred while executing this line:
> /home/iroshan/Documents/sources/tomcatBuild/build/build.xml:1980: The
> following error occurred while executing this line:
> /home/iroshan/Documents/sources/tomcatBuild/build/build.xml:2031: Can't get
> http://tomcat.apache.org/dev/dist/tomcat-connectors/native/tomcat-native-1.1.12-src.tar.gzto
> /usr/share/java/tomcat-native-1.1.12/tomcat-native.tar.gz
Open ${tomcat.source}/build/build.properties.default, go to line 142 and
change the three following lines that they look like this:
# - Tomcat native library -
tomcat-native.home=${base.path}/tomcat-native-1.1.16
tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
tomcat-native.loc=${base-tomcat.loc}/tomcat-connectors/native/source/1.1.16/tomcat-native-1.1.16-src.tar.gz
Regards
mks
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: error while building tomcat 5.5
Do you have write permission to the following directory as the user you are using to do the build? You may have to 'su' or 'sudo' or change the access permissions on /usr/share/java to allow the build script to write to it. Regards Alan Chaney h iroshan wrote: /usr/share/java/tomcat-native-1.1.12/tomcat-native.tar.gz - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
error while building tomcat 5.5
Dear All, I tried to build the Tomcat 5.5 source with ant 1.7 and SVN 1.5 . while building I faced with following error . BUILD FAILED /home/iroshan/Documents/sources/tomcatBuild/build.xml:67: The following error occurred while executing this line: /home/iroshan/Documents/sources/tomcatBuild/build/build.xml:1980: The following error occurred while executing this line: /home/iroshan/Documents/sources/tomcatBuild/build/build.xml:2031: Can't get http://tomcat.apache.org/dev/dist/tomcat-connectors/native/tomcat-native-1.1.12-src.tar.gzto /usr/share/java/tomcat-native-1.1.12/tomcat-native.tar.gz please can any body solve me this problem. Best Regards, H Iroshan
Re: how to compile tomcat source
Dear mks, Sorry, you have miss understand me . Actually I have used Tomcat binary so many times. But I never compile the tomcat source before .I like to see tasks happening inside the Tomcat. Any way thank for your quick response it help me lot . Regards H Iroshan On Sun, Mar 1, 2009 at 12:48 AM, Markus Schönhaber < tomcat-us...@list-post.mks-mail.de> wrote: > h iroshan: > > > I am new to Apache Tomcat. Can any body explain me to how to compile the > > source code of Apache Tomcat 5.5. > > http://tomcat.apache.org/tomcat-5.5-doc/building.html > > But: if you're new to Tomcat, what makes you think it's necessary for > you to build it from source? > > Regards > mks > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: RemoteAddrValve and RemoteHostValve
Zak Mc Kracken wrote: ..., although it seems to imply that RemoteHostValve should be avoided (isn't DNS reverse lookup cached?) Well, I suppose it probably is, at some level. At the level of the Remote Host Valve possibly, if the designers thought about it, or else at some underlying level. But there can be other problems : - not all clients really have a proper reverse DNS mapping by mere sloppiness in their registration process. It is frequent to be able to forward-resolve a hostname, but to get an "unknown domain" when trying the reverse lookup of that IP address - there are cases where it's not due to sloppiness, but to the sheer difficulty/impossibility to do a proper reverse registration. One example is when you have a variable IP address provided by your ISP, but you arrange to re-register your hostname/IP whenever the IP changes, with a service like dyndns.org. Someone trying to reach your server through its hostname will succeed (because the forward mapping from myhost.dyndns.org works), but when doing a reverse lookup they will get, if anything, the canonical name that your ISP gives to this temporary connection. and cannot be chained with RemoteAddrValve. This is nitpicking, but I don't think that they cannot be chained per se. The problem in this case is to specify the attributes in a way that makes sense, which in this case is rather difficult to say the least. The problem is that each Valve operates independently, and either allows or denies access absolutely, they do not cooperate. It would in my view make a lot more sense to have a single Remote Access Valve to which one could specify, in "allow" or "deny", a hostname AND/OR an IP address expression. Like deny=".*\.badguys.com,10\.20\.30\.0" /> That's how it works in Apache httpd, and it seems to me to make a lot more sense than these two separate Valves. Of course one can do what you suggests, although this is a bit impractical in large networks where one wouldn't like to care about IP changes of symbolic names. True, but usually such networks have a specific range (or ranges) of IP addresses. We have several customers like that. Worse, I don't see what I could do to grant access to single PCs in those LANs where users have fixed host names for their PCs, but DHCP-assigned IPs (OK, maybe it's a theoretical case, I would probably switch to user/password). Yes, and in most cases you would then probably want to couple that with some kind of SSO and automatic network authentication, à la jCIFS or Jespa or Kerberos. These access Valves are a first line of defense, and as far as the Address Valve is concerned, a pretty effective one when applicable, because it is difficult (and rather pointless) for someone to fake someone else's IP address. But you should not consider this as an authentication mechanism, since after all anyone can be behind that workstation. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how to compile tomcat source
h iroshan: > I am new to Apache Tomcat. Can any body explain me to how to compile the > source code of Apache Tomcat 5.5. http://tomcat.apache.org/tomcat-5.5-doc/building.html But: if you're new to Tomcat, what makes you think it's necessary for you to build it from source? Regards mks - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve and RemoteHostValve
Thank you all for replies and detailed explanation. Now I understand what's happening. My specific problem is restrict a single web application to clients coming from localhost only. This was not working (everything blocked): I am using a Mac and, after your replies, I tried to see what request.getRemoteAddr() and request.getRemoteHost(). Well, it turns out that they both return "0:0:0:0:0:0:0:1%0", so now everything works with: Moreover, André's reply is pretty convincing, although it seems to imply that RemoteHostValve should be avoided (isn't DNS reverse lookup cached?) and cannot be chained with RemoteAddrValve. Of course one can do what you suggests, although this is a bit impractical in large networks where one wouldn't like to care about IP changes of symbolic names. Worse, I don't see what I could do to grant access to single PCs in those LANs where users have fixed host names for their PCs, but DHCP-assigned IPs (OK, maybe it's a theoretical case, I would probably switch to user/password). Cheers. Marco. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
how to compile tomcat source
Dear All, I am new to Apache Tomcat. Can any body explain me to how to compile the source code of Apache Tomcat 5.5. Thank You. Best regards. H. Iroshan.
RE: RemoteAddrValve and RemoteHostValve
> From: André Warnier [mailto:a...@ice-sa.com] > Subject: Re: RemoteAddrValve and RemoteHostValve > > What I'm getting at, is that if you want to accept requests from > "www.somewhere.com" It's not clear to me whether the OP wants to check the origin or the destination; the original description: > > if it's www.somewhere.com -> OK > > else if it's 1.2.3.4 -> OK > > else -> KO is ambiguous. It's very odd for a request to come *from* www.somewhere.com ... - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve and RemoteHostValve
Zak Mc Kracken wrote: [...] Let's try this another way. You want to allow requests from either www.somewhere.com, or one or more IP addresses, and block all the rest. First, filtering requests on the base of a DNS hostname is "expensive" : it forces Tomcat to do a reverse DNS lookup. That is because when a request comes in, it does not come in with a DNS name for the client, but just with an IP address of the client. So Tomcat has to ask the DNS system for the name (or names) that correspond to IP address a.b.c.d (the client's address), and then match those names with the rule. There is also a good chance that some clients have (of course) an IP address and a DNS name, but their reverse DNS is not set up properly. In that case, you would be denying clients that maybe you don't want to deny. What I'm getting at, is that if you want to accept requests from "www.somewhere.com", you might already know the IP address (or the range of IP addresses), that correspond to this name. If so, then you can just use the Remote Address Filter Valve, and forget about the Remote Host Filter Valve. And it will be much more efficient. The second part is that for the Remote Address Filter Valve, both the allow and deny attributes are regular expressions, giving you a lot of flexibility in which addresses you allow or deny. As a practical example : Suppose that you want to allow requests from "www.somewhere.com", and from any IP address in the range 112.23.90.0-112.23.90.255, and deny all others. You would first do a DNS lookup for the hostname "www.somewhere.com", to get its IP address (nslookup www.somewhere.com). Suppose this gives you "213.87.32.100". Then you would configure your Valve as follows : Now suppose that, within the range 112.23.90.0-112.23.90.255 (which you in principle accept), you want nevertheless to deny the subrange 112.23.90.21-112.23.90.30, then you would change the Valve as follows : If you do not understand the expressions above like "112\.23\.90\.(2[1-9]|30)", then that is a question of "regular expressions" which you need to look up, but it's not really something specific to Tomcat. Final note : if you accept/deny ranges of IP addresses, it is probably a good idea to not deny requests from "localhost", if only just for testing. So add "127\.0\.0\.1" to your accept range. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve and RemoteHostValve
Gregor Schneider wrote: What in the documentation (http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html) is the part you don't understand? Thanks for replying. Maybe it's me, but what I gather from the documentation is that it's not possible to combine the two filters as I want, i.e.: telling a list of acceptance criteria and having all the rest forbidden, or, vice versa, telling what is denied and having the rest accepted. I was asking if I am missing something, cause if it works as I got it from the docs, to me it's quite baffling. Cheers. Marco. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve and RemoteHostValve
Gregor Schneider wrote: What in the documentation (http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html) is the part you don't understand? Thanks for replying. Maybe it's me, but what I gather from the documentation is that it's not possible to combine the two filters as I want, i.e.: telling a list of acceptance criteria and having all the rest forbidden, or, vice versa, telling what is denied and having the rest accepted. I was asking if I am missing something, cause if that is the case, to me it's quite baffling. Cheers. Marco. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve and RemoteHostValve
What in the documentation (http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html) is the part you don't understand? Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
