Changing webserver from Tomcat 5.0 to 6.0.18
Hi, A website is running on server A (Tomcat 5.0) and it has to move to server B (Tomcat 6.0.18). I have configured everything which should be configured. But somehow the server is not able to locate the webapp. The apaches httpd.conf (on Server A) shows the following: JkMount /mywebapp/* ajp13 Is Tomcat 6.0.18 able to deal with "ajp13", or should it be changed in the name of the Tomcat from server B? Hope someone has experience with this. Ties -- View this message in context: http://www.nabble.com/Changing-webserver-from-Tomcat-5.0-to-6.0.18-tp23440775p23440775.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Form-based Container Security with SSL
Dear Chris,
Thank you very much. I can get the link redirect. But the tomcat's
container security seems to happen before it. Here is the stuff in
the web.xml. When I type
http://localhost:8080/InformProject/pages/login.jsp, it will redirect
to https://localhost:8443/. The browser will alert me because it
is self-certified. But when I go other pages, which should bring this
login page up, it just bring up the http plain version and bypass this
redirection.
login page
/pages/login.jsp
CONFIDENTIAL
FORM
/pages/login.jsp
/pages/error.jsp
Sincerely yours
Zhu, Guojun
On Wed, May 6, 2009 at 8:54 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Guojun,
>
> On 5/6/2009 3:05 PM, Guojun Zhu wrote:
>> We had a small web application on tomcat 5.5. We use tomcat realm
>> (MD5 digest) with the form-based login. I have a few questions on
>> this.
>>
>> 1. When we use http, does the form-based login page send the username
>> and password plainly or in the digested form?
>
> Your web browser will send the credentials in cleartext. The only
> "digest" being used here is the one used to hash the password before it
> is checked against your database (all on the server side).
>
> If you want the password sent securely, you'll need to either use HTTPS
> or use DIGEST authentication, which uses HTTP Auth instead of forms. I
> prefer HTTPS + form over DIGEST, FWIW.
>
>> 2. We set up the ssl in 8443 port. All links in our application are
>> relative link without the specified scheme. So currently all the
>> links (including login page) go either through normal http or
>> encrypted https. Is there anyway to limit the ssl only for the login
>> page alone and make sure login page always go through ssl? Rest pages
>> are really fairly low-risk stuff and we do not worry about the leak on
>> them.
>
> Are you comfortable with the possibility of session hijacking? If so,
> there is a way to do this that I outlined a few weeks ago. Hmm... I
> can't seem to find it in the archives; I'll give you the short-short
> version. Try something like this:
>
> web.xml:
> /login.jsp
> ...
>
>
> /login.jsp
>
>
> CONFIDENTIAL
>
>
>
> login.jsp:
> <%
> Cookie mySessionCookie = ...;
> if(mySessionCookie.isSecure())
> {
> // We don't want a secure session cookie. Kill it,
> // redirect to non-secure page and bounce back.
>
> session.invalidate();
>
> response.sendRedirect(response.encodeRedirectURL(BOUNCE_PAGE));
> }
> %>
>
> Your bounce page should simply create a session and redirect to
> https://yourhost/login.jsp.
>
> You should probably create a filter that watches every URL except your
> login page and drives everything back to HTTP if it finds HTTPS in use.
>
> This may interfere with the container's ability to store and re-play
> requests for protected resources /after/ a successful login. YMMV. If
> you can't get it working using this suggestion, feel free to hire me to
> do it for you ;)
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkoCPzoACgkQ9CaO5/Lv0PAPnwCcC9jIfZ9oc60imAgaw01sfcjJ
> MlEAoIsyPZ9f6dXGo5IInzLXOMxh7vs0
> =9YPw
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Performance with many small requests
Hello, IMHO, it would be better to use java concurrency package now than to use the old synchronize mechanism. The old mechanism is to low level and error prone. I think you could have a thread pool and some handler pattern to handle the request from your customer. 2009/5/8 Andre-John Mas > > On 7-May-2009, at 19:05, David Kerber wrote: > > Andre-John Mas wrote: >> >>> >>> That would be my impression too. It is best to avoid making the >>> synchronized scope so large, unless there is a very good reason. >>> >>> David, do you have any reason for this? Beyond the counter, what other >>> stuff do you synchronise? Also, it has generally been recommended to me to >>> avoid hitting the disk in every request, since you may result with an I/O >>> bottle neck, so if you can write the logs in batches you will have better >>> performance. If you know that you are only going to have very few users at a >>> time (say, less than 10), it may not be worth the time optimising this, but >>> if you know that you are going to get at least several hundred, then this is >>> something to watch out for. >>> >> >> Thanks for the comments, Andre-John and Peter. When I wrote that app, I >> didn't know as much as I do now, but I'm still not very knowledgeable >> about synchronized operations. >> >> The synchronized section doesn't do a whole lot, so it doesn't take long >> to process. My question is, what kinds of operations need to be >> synchronized? All I do is decrypt the data from the POST, send a small >> acknowledgement response back to the site, and write the line to the log >> file. Does that sound like something that would need to be >> synchronized? If not, pulling that out would be a really easy test to >> see if it helps my performance issue. >> >> > I am no expert in this myself, but I know enough to help me out in most day > to day scenarios. What you should be reading up on is concurrency in Java. A > few useful resources: > > site: http://java.sun.com/docs/books/tutorial/essential/concurrency/ > book: > http://www.amazon.com/Java-Concurrency-Practice-Brian-Goetz/dp/0321349601 > > I actually bought the book myself and find it a handy reference. > > What I can say is that any time two threads are likely to access the same > object, which has the potential to be modified by one of them, then you will > need to synchronize access to the object. If the object is only going to be > read during the life of the "unit of work", then you will need not > synchronize it. You shouldn't simply use the synchronize keyword as a > magical "solve all" for threading issues and instead need to understand what > the nature of the interactions are between the threads, if any. In certain > cases it is actually better to duplicate the necessary resources, have each > thread work on its copy and then synchronize the value at the end. > > In the case of your code, you should ask what are the shared objects that > are going to modified by the threads. You should also look if it is even > necessary for the objects to be shared. Also consider whether for the call > cycle the objects you are going to modify are only available on the stack, > as opposed to a class or instance member. > > To give you a real world analogy: consider a home that is being built and > you have an electrician and a plumber: > - is it better to have one wait until the other is finished (serial > execution)? > - is it possible for them to be working on different stuff and not be > stepping on each other's feet? (parallel execution) > - if you need them to work at the same time, what is the cost of > coordinating each other so that >they do not interfere with the other? (synchronization issues) > In many ways multi-threading is not much different, and you should be > asking yourself the same type of questions. > > André-John > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Sincerely yours and Best Regards, Xie Xiaodong
Re: Performance with many small requests
On 7-May-2009, at 19:05, David Kerber wrote: Andre-John Mas wrote: That would be my impression too. It is best to avoid making the synchronized scope so large, unless there is a very good reason. David, do you have any reason for this? Beyond the counter, what other stuff do you synchronise? Also, it has generally been recommended to me to avoid hitting the disk in every request, since you may result with an I/O bottle neck, so if you can write the logs in batches you will have better performance. If you know that you are only going to have very few users at a time (say, less than 10), it may not be worth the time optimising this, but if you know that you are going to get at least several hundred, then this is something to watch out for. Thanks for the comments, Andre-John and Peter. When I wrote that app, I didn't know as much as I do now, but I'm still not very knowledgeable about synchronized operations. The synchronized section doesn't do a whole lot, so it doesn't take long to process. My question is, what kinds of operations need to be synchronized? All I do is decrypt the data from the POST, send a small acknowledgement response back to the site, and write the line to the log file. Does that sound like something that would need to be synchronized? If not, pulling that out would be a really easy test to see if it helps my performance issue. I am no expert in this myself, but I know enough to help me out in most day to day scenarios. What you should be reading up on is concurrency in Java. A few useful resources: site: http://java.sun.com/docs/books/tutorial/essential/concurrency/ book: http://www.amazon.com/Java-Concurrency-Practice-Brian-Goetz/dp/0321349601 I actually bought the book myself and find it a handy reference. What I can say is that any time two threads are likely to access the same object, which has the potential to be modified by one of them, then you will need to synchronize access to the object. If the object is only going to be read during the life of the "unit of work", then you will need not synchronize it. You shouldn't simply use the synchronize keyword as a magical "solve all" for threading issues and instead need to understand what the nature of the interactions are between the threads, if any. In certain cases it is actually better to duplicate the necessary resources, have each thread work on its copy and then synchronize the value at the end. In the case of your code, you should ask what are the shared objects that are going to modified by the threads. You should also look if it is even necessary for the objects to be shared. Also consider whether for the call cycle the objects you are going to modify are only available on the stack, as opposed to a class or instance member. To give you a real world analogy: consider a home that is being built and you have an electrician and a plumber: - is it better to have one wait until the other is finished (serial execution)? - is it possible for them to be working on different stuff and not be stepping on each other's feet? (parallel execution) - if you need them to work at the same time, what is the cost of coordinating each other so that they do not interfere with the other? (synchronization issues) In many ways multi-threading is not much different, and you should be asking yourself the same type of questions. André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Performance with many small requests
Andre-John Mas wrote:
On 7-May-2009, at 17:28, Peter Crowther wrote:
From: David kerber [mailto:dcker...@verizon.net]
The tomcat application simply takes the post request,
does a checksum verification of it, decrypts the
lightly-encrypted data,
and writes it to a log file with the timestamps and site identifiers I
mentioned above. Pretty simple processing, and it is all inside a
synchronized{} construct:
protected synchronized void doPost(HttpServletRequest request,
HttpServletResponse response )
throws ServletException, IOException {
synchronized ( criticalProcess ) {
totalReqCount++;
dailyReqCount++;
processRequest( request, response, false );
}
}
Doesn't the "synchronized" in the above mean that you're essentially
single-threading Tomcat? So you have all this infrastructure... and
that sync may well be the bottleneck.
That would be my impression too. It is best to avoid making the
synchronized scope so large, unless there is a very good reason.
David, do you have any reason for this? Beyond the counter, what other
stuff do you synchronise? Also, it has generally been recommended to
me to avoid hitting the disk in every request, since you may result
with an I/O bottle neck, so if you can write the logs in batches you
will have better performance. If you know that you are only going to
have very few users at a time (say, less than 10), it may not be worth
the time optimising this, but if you know that you are going to get at
least several hundred, then this is something to watch out for.
Thanks for the comments, Andre-John and Peter. When I wrote that app, I
didn't know as much as I do now, but I'm still not very knowledgeable
about synchronized operations.
The synchronized section doesn't do a whole lot, so it doesn't take long
to process. My question is, what kinds of operations need to be
synchronized? All I do is decrypt the data from the POST, send a small
acknowledgement response back to the site, and write the line to the log
file. Does that sound like something that would need to be
synchronized? If not, pulling that out would be a really easy test to
see if it helps my performance issue.
Thanks!
D
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: After deployment to tomcat: entity class not found
Hello, This class "MyClass", could not be found. Maybe you should include the package name in your configuration files. 2009/5/7 itay sahar > Hello, > > I've successfully created all hbm,POJO and DAO files using Hibernate tool > which is great!!! > > Once deploy to Tomcat I got the exception: > nested exception is org.hibernate.MappingException: entity class not found: > MyClass > > the full stack is: > org.springframework.beans.factory.BeanCreationException: Error creating > bean > with name 'sessionFactory' defined in ServletContext resource > [/WEB-INF/applicationContext.xml]: Invocation of init method failed; nested > exception is org.hibernate.MappingException: entity class not found: > MyClass > at > > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1362) > at > > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:540) > at > > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:485) > at java.security.AccessController.doPrivileged(Native Method) > at > > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:455) > at > > org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:251) > at > > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:169) > at > > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:248) > at > > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:170) > at > > org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:407) > at > > org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:735) > at > > org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:369) > at > > org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:251) > at > > org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:190) > at > > org.springframework.web.context.ContextLoaderServlet.init(ContextLoaderServlet.java:81) > at javax.servlet.GenericServlet.init(GenericServlet.java:212) > at > > org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1139) > at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:966) > at > > org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3956) > at > org.apache.catalina.core.StandardContext.start(StandardContext.java:4230) > at > > org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760) > at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) > at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) > at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825) > at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714) > at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490) > at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138) > at > org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) > at > > org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120) > at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) > at org.apache.catalina.core.StandardHost.start(StandardHost.java:736) > at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) > at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) > at org.apache.catalina.core.StandardService.start(StandardService.java:448) > at org.apache.catalina.core.StandardServer.start(StandardServer.java:700) > at org.apache.catalina.startup.Catalina.start(Catalina.java:552) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:585) > at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) > Caused by: org.hibernate.MappingException: entity class not found: Regional > at > > org.hibernate.mapping.PersistentClass.getMappedClass(PersistentClass.java:99) > at org.hibernate.tuple.PropertyFactory.getGetter(PropertyFactory.java:168) > at > > org.hibernate.tuple.PropertyFactory.buildIdentifierProperty(PropertyFactory.java:44) > at > org.hibernate.tuple.entity.EntityMetamodel.(EntityMetamo
Re: How to make request parameters available to a login.jsp?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregor,
On 5/7/2009 7:12 AM, Gregor Schneider wrote:
> Chris, maybe you'll get the hang of this Valve if I explain the
> business-requirement I had:
I think I understand your business requirement. It's your code I don't
understand.
> Now let's assume, session is timing out, and after that timeout the
> user selects one of the menue-entries on the left side.
> What's happening?
>
> The url requested will look like "http://mysite/protected/some_stuff";
It will look like http://mysite/protected/some_stuff.html
> The HTML in that case looks like
>
> http://mysite/protected/some_stuff.html";
> target="some_content">menue4
>
> No this triggers j_security_check, but unfortunately j_security_check
> just stores the last request, and after passing the credentials,
> you'll won't see your "index.html" but "/protected/some_stuff.html" -
> without the iframe and aboviously without the menue.
Where did index.html come from? Your link should open in the
"some_content" window. So, you'll get the login page shown in your
iframe, then you login, and then /protected/some_stuff.html is shown in
the iframe. Is that not what you want?
> So the purpose of this Valve is to provide a mechanism which makes
> sure, that if a non-authorized request comes in requesting anything
> else but your "/protected/index.html", that the original request (i.e.
> "/protected/some_stuff") is replaced by
> "/protected/index.html" (or any other url being specified in the
> Valve-descriptor).
Wow. You're right: I didn't understand your business requirement. I
think this use case is ... minimally represented among web sites.
> This basically says, that all /non-authorized/ requests to the
> protected content will be re-routed to "/protected/index.html"
> (redirectAfterAuth).
Note that this violates the servlet spec, which you are certainly free
to do.
>> 1. Why can't the "redirectAfterAuth" path be within the protected space?
>
> Actually I do not see why this shouldn't be possible:
Sorry, looking back, I'm not sure why I made that statement.
> If you take a look at the first condition:
>
> + if (aRequest.getRequestURI().startsWith(protectedPath)
> + &&
> !aRequest.getRequestURI().startsWith(redirectAfterAuth)
> + && !aRequest.getRequestURI().startsWith(
> + "/j_security_check",
> 10)) {
>
> Basically it says:
>
> - Only URLs are handled being in my protected area
> - the URL must /not/ be equal my default protected starting-URL
No, it says that it can't start with your redirectAfterAuth URL.
> - the URL requested must /not/ be j_security_check
No, this checks characters 10-16 of your URL.
> The two latter conditions are necessary to avoid an infinite loop when
> accessing protected content
Why? If the user is not authenticated, they get redirected. If the user
is authenticated, nothing happens. The loop only occurs when the
redirectAfterAuth URL lives within the protected space, which is what
you said you wanted. Presumably, the container intervenes and serves the
login page before the loop is allowed to occur.
Note that you have an extraneous level of if/then... the authType check
could just as easily be a part of the 3-part predicate just discussed.
>> 2. Why do you check to see if the request URI /startsWith/ the
>> redirectAfterAuth instead of being equal to it?
>
> Because there might be some parameters after the adress in the URL -
> i.e., if Cookies are not possible so that the session-information is
> stored within the URL
Check the spec: the ';jsessionid' will not be included in
request.getRequestURI.
> When "j_security_check" is triggered, the URL will look like
>
> /protected/j_security_check
I'm not sure that's guaranteed. Your app may work this way, but someone
else's app might use /j_security_check no matter what (i.e. the
"protected" prefix does not have to be in front of j_security_check in
order for logins to work).
> Why do I not ask for the String ending with "j_security_check"?
> I was not sure how that URL looks like if session-info is encoded
> within the URL - therefore I'm using startsWith()
See above. It's easy to test this, btw.
>> 4. Why are killing the session if the authtype is null?
>
> Because we experienced with some users, esp. behind company-proxies,
> that situations may occur where a session still exists, but the
> Principal was null.
> Therefore, if Principal is null, better be safe than sorry and make
> sure you definitely have a new session.
You already have a session... why not simply allow it to live? Having a
session and being authenticated are not the same (though the inverse
/is/ true for FORM authentication).
>> 5. Why does your valve pass-through any requests before the component
>> has "started"? Is there a valid use case where NOT performing these
>> checks and redirec
I am getting a Context initialization failed error
I am setting up tomcat and shibboleth to do SSO sign on with google apps. I am trying to use tomcat as a stand alone web server with NO apache httpd. I am following the iDp installation instructions at: https://spaces.internet2.edu/display/SHIB2/IdPApacheTomcatPrepare. I am using the google instruction from: http://code.google.com/apis/apps/articles/shibboleth2.0.html I do the install and start tomcat and I get the "Context initialization failed" error. The error seems to say it is unable to parse the file $IDP_HOME/conf/internal.xml -- which I have not touched. So, I assume there is something in the internal.xml file that refers to one of the files I did touch and the mistake is really there. I do not know how to determine where the problem is. Can anyone suggest something? I would be most grateful for any ideas or help. Thanks Dave Massie Below are the contents of Catalina.out: May 7, 2009 4:44:04 PM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/jdk/instances/jdk1.5.0/jre/lib/sparc/server:/usr/jdk/instances/jdk1.5.0/jre/lib/sparc:/usr/jdk/instances/jdk1.5.0/jre/../lib/sparc:/usr/lib May 7, 2009 4:44:04 PM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 May 7, 2009 4:44:09 PM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-8443 May 7, 2009 4:44:09 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 7645 ms May 7, 2009 4:44:09 PM org.apache.catalina.core.StandardService start INFO: Starting service Catalina May 7, 2009 4:44:09 PM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.18 16:44:34.315 [main] ERROR o.s.web.context.ContextLoader - Context initialization failed org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from URL [file:/var/services/shibboleth-idp/conf/internal.xml]; nested exception is java.lang.OutOfMemoryError: Java heap space at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:420) [spring-beans-2.5.5.jar:2.5.5] at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:342) [spring-beans-2.5.5.jar:2.5.5] at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:310) [spring-beans-2.5.5.jar:2.5.5] at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:143) [spring-beans-2.5.5.jar:2.5.5] at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:178) [spring-beans-2.5.5.jar:2.5.5] at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:149) [spring-beans-2.5.5.jar:2.5.5] at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124) [spring-web-2.5.5.jar:2.5.5] at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:92) [spring-web-2.5.5.jar:2.5.5] at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:123) [spring-context-2.5.5.jar:2.5.5] at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:423) [spring-context-2.5.5.jar:2.5.5] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:353) [spring-context-2.5.5.jar:2.5.5] at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255) [spring-web-2.5.5.jar:2.5.5] at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199) [spring-web-2.5.5.jar:2.5.5] at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45) [spring-web-2.5.5.jar:2.5.5] at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843) [catalina.jar:na] at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342) [catalina.jar:na] at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) [catalina.jar:na] at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771) [catalina.jar:na] at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525) [catalina.jar:na] at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627) [catalina.jar:na] at org.apache.catalina.startup.HostConfig.deployDescripto
Re: Performance with many small requests
On 7-May-2009, at 17:28, Peter Crowther wrote:
From: David kerber [mailto:dcker...@verizon.net]
The tomcat application simply takes the post request,
does a checksum verification of it, decrypts the
lightly-encrypted data,
and writes it to a log file with the timestamps and site
identifiers I
mentioned above. Pretty simple processing, and it is all inside a
synchronized{} construct:
protected synchronized void doPost(HttpServletRequest request,
HttpServletResponse response )
throws ServletException, IOException {
synchronized ( criticalProcess ) {
totalReqCount++;
dailyReqCount++;
processRequest( request, response, false );
}
}
Doesn't the "synchronized" in the above mean that you're essentially
single-threading Tomcat? So you have all this infrastructure... and
that sync may well be the bottleneck.
That would be my impression too. It is best to avoid making the
synchronized scope so large, unless there is a very good reason.
David, do you have any reason for this? Beyond the counter, what other
stuff do you synchronise? Also, it has generally been recommended to
me to avoid hitting the disk in every request, since you may result
with an I/O bottle neck, so if you can write the logs in batches you
will have better performance. If you know that you are only going to
have very few users at a time (say, less than 10), it may not be worth
the time optimising this, but if you know that you are going to get at
least several hundred, then this is something to watch out for.
André-John
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Performance with many small requests
> From: David kerber [mailto:dcker...@verizon.net]
> The tomcat application simply takes the post request,
> does a checksum verification of it, decrypts the
> lightly-encrypted data,
> and writes it to a log file with the timestamps and site identifiers I
> mentioned above. Pretty simple processing, and it is all inside a
> synchronized{} construct:
>
> protected synchronized void doPost(HttpServletRequest request,
> HttpServletResponse response )
> throws ServletException, IOException {
> synchronized ( criticalProcess ) {
> totalReqCount++;
> dailyReqCount++;
> processRequest( request, response, false );
> }
> }
Doesn't the "synchronized" in the above mean that you're essentially
single-threading Tomcat? So you have all this infrastructure... and that sync
may well be the bottleneck.
You could detect this by taking a thread dump in the middle of the day, and
seeing whether a significant number of threads were waiting on either of your
sync objects. If there are a significant number, consider re-engineering this
critical piece of your application to be multi-threaded :-).
- Peter
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SSL Mysterious Self Signed Certificate
Hi I created a new keystore, inported the root certificate from thawte, then the signed cert. The browser displays some self signed cert that has expired. Cheers W -Original Message- From: Jonathan Mast [mailto:jhmast.develo...@gmail.com] Sent: Friday, 8 May 2009 2:59 AM To: Tomcat Users List Subject: Re: SSL Mysterious Self Signed Certificate Its my understanding that all Self-signed certs generate the creepy browser messages. Not sure though. Were the imported root certs issued by a well known CA? On Wed, May 6, 2009 at 10:43 PM, Andrews, Wayne wrote: > > Hi > > I have an issue whereby on a windows installation of Tomcat; I have a > mysterious seflt signed certificate displayed within the browser. > Despite the fact that I have created a new keystore and imported the > relevant root certs and SSL cert and then redirected server.xml to point > to the keystore > > Any ideas?: > W. > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Performance with many small requests
I'm having performance issues with my installation of TC 5.5.15, Java
1.5.0_12, on Windows 2003 server 32 bit, dual-cpu dual-core (4 cores
total), 4GB physical RAM.
Tomcat startup params:
JvmMs = 256
JvmMx = 512
JvmSs = 0
This was the original entry in my server.xml, which has been running for
the last year:
Just today, I changed it to this, to see if it helps:
The performance issue (see description below) has been there all along
to a greater or lesser extent, but it just recently became enough of an
aggravation for me to try to do something about it, which is why I made
the changes to the connector settings.
Our application is a data collection server. There are approx 350 sites
around the US that transmit a small data packet to us every time a piece
of equipment cycles on and off. The transmission is an HTTP POST
request, with a data payload of about 60 bytes on average (always less
than 100 bytes). All the transmissions go through the customer's
corporate network, and out their single internet gateway several states
away from us. The total number of data transmissions runs approx 2
million per day, totaling around 200MB in the data log files (including
some time stamps and a couple of identifiers added to the raw data).
The vast majority of sites are 24 hour operations, so the data never
stops flowing. The tomcat application simply takes the post request,
does a checksum verification of it, decrypts the lightly-encrypted data,
and writes it to a log file with the timestamps and site identifiers I
mentioned above. Pretty simple processing, and it is all inside a
synchronized{} construct:
protected synchronized void doPost(HttpServletRequest request,
HttpServletResponse response )
throws ServletException, IOException {
synchronized ( criticalProcess ) {
totalReqCount++;
dailyReqCount++;
processRequest( request, response, false );
}
}
What is happening is that the data transmissions gradually fall behind
during the course of the day, to the point that some are 3 or 4 hours
behind by the end of the work day, while others are up to the minute,
with a full range in between. Then they all gradually catch up over
night. I can't find the bottle neck with any tools at my disposal,
though I suspect it's the customer's gateway that is the limiting
factor. However, I can't go back to them until I rule out all the stuff
under my control. So, here's what I've checked so far:
Even during the day, our internet connection bw usage rarely goes over
60%, and when it does, it never stays there for any length of time.
The cisco router/firewall handling the internet connections averages
about 12% cpu usage, and < 30% memory usage. The internal network is
all 1Gb from the first switch inside the router, all the way to the TC
server.
The tomcat instance (tomcat5.exe) on the server never goes over 2% CPU
usage, and the memory usage in task manager runs around 300MB
(significantly less than the 512 MB I've allowed the JVM). The total
memory usage (commit charge) listed in task manager runs right at 1GB.
Any and all suggestions for things to check or settings to modify
gratefully welcomed!
D
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how to build an multi lingual website
If Apache is handling your static content, and you are simply using
Tomcat
to serve dynamic content, then you can use the request.getLocale()
method
to find out what language the visitors browser is suggesting. For
example:
String lang = request.getLocale().getLanguage();
if ( "es".equals(lang) ) {
}
else {
...
}
How to get Tomcat to mimic Apache HTTPD's approach of serving static
HTML
pages in the right language, I am not sure. The only approach I can
think
of is to group all language content together in the same sub folder, for
example:
/en/...
/es/...
/fr/...
and then using relative paths. Using the above approach (ignoring
language
variations), you could do:
String lang = request.getLocale().getLanguage();
ServletContext context = getServletConfig().getServletContext();
if ( (new File(context.getRealPath("/" + lang)).exists() ) {
response.sendRedirect("/" + lang);
}
else {
response.sendRedirect("/en/");
}
This assumes index.jsp within the language folder.
As a commentary on my part: if you expect to support more than European
languages, then it is worthwhile standardising on UTF-8 for content
encoding.
On 7-May-2009, at 15:35, Andrew Davidson wrote:
Hi
I do you know how I can build a multi lingual website? My main
website is in
English. I want to have a landing page in Spanish that describes my
website
and invites the user to click through the English version of the web
site.
Any idea how I set this up using Tomcat? The bulk of our web site is
static
html pages.
Some one sent me a link about how to do this using the Apache web
server so
that it check the Accept-Language of the http header
http://developers.sun.com/dev/gadc/technicalpublications/articles/apache.htm
l
I have not been able to find a similar discussion for how to configure
Tomcat to get similar behavior
Do I have to replace index.html with a servlet that checks the value
of
Accept-Language and generates a redirect to something like
index.html.en or
index.html.en
Thanks
Andy
p.s. I am using Tomcat 5.5.x
_
Music Trainer makes it easy to learn new songs by slowing down or
speeding
up play back without changing the pitch!
Learn more at www.SantaCruzIntegration.com
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
how to build an multi lingual website
Hi I do you know how I can build a multi lingual website? My main website is in English. I want to have a landing page in Spanish that describes my website and invites the user to click through the English version of the web site. Any idea how I set this up using Tomcat? The bulk of our web site is static html pages. Some one sent me a link about how to do this using the Apache web server so that it check the Accept-Language of the http header http://developers.sun.com/dev/gadc/technicalpublications/articles/apache.htm l I have not been able to find a similar discussion for how to configure Tomcat to get similar behavior Do I have to replace index.html with a servlet that checks the value of Accept-Language and generates a redirect to something like index.html.en or index.html.en Thanks Andy p.s. I am using Tomcat 5.5.x _ Music Trainer makes it easy to learn new songs by slowing down or speeding up play back without changing the pitch! Learn more at www.SantaCruzIntegration.com
Session Replication problem
Hi I am trying to configure Clustering/Session Replication in Tomcat 6.0.18 and am getting this message when I start the tomcat 6.0.18 server. *INFO org.apache.catalina.tribes.membership.McastService - Binding to multicast address, failed. Binding to port only* Tomact log: 2009-05-01 12:00:06,400 [main] INFO org.apache.catalina.core.StandardService - Starting service Catalina 2009-05-01 12:00:06,401 [main] INFO org.apache.catalina.core.StandardEngine - Starting Servlet Engine: Apache Tomcat/6.0.18 2009-05-01 12:00:06,409 [main] INFO org.apache.catalina.ha.tcp.SimpleTcpCluster - Cluster is about to start 2009-05-01 12:00:06,555 [main] INFO org.apache.catalina.tribes.transport.ReceiverBase - Receiver Server Socket bound to:/172.31.3.10:28512 2009-05-01 12:00:06,600 [main] INFO org.apache.catalina.tribes.membership.McastService - Attempting to bind the multicast socket to /228.0.0.4:18512 2009-05-01 12:00:06,763 [main] INFO org.apache.catalina.tribes.membership.McastService - Binding to multicast address, failed. Binding to port only. 2009-05-01 12:00:06,764 [main] INFO org.apache.catalina.tribes.membership.McastService - Setting multihome multicast interface to:/172.31.3.10 2009-05-01 12:00:06,765 [main] INFO org.apache.catalina.tribes.membership.McastService - Setting cluster mcast soTimeout to 500 2009-05-01 12:00:06,982 [main] INFO org.apache.catalina.tribes.membership.McastService - Sleeping for 1000 milliseconds to establish cluster membership, start level:4 2009-05-01 12:00:08,033 [main] INFO org.apache.catalina.tribes.membership.McastService - Done sleeping, membership established, start level:4 2009-05-01 12:00:08,042 [main] INFO org.apache.catalina.tribes.membership.McastService - Sleeping for 1000 milliseconds to establish cluster membership, start level:8 2009-05-01 12:00:09,044 [main] INFO org.apache.catalina.tribes.membership.McastService - Done sleeping, membership established, start level:8 2009-05-01 12:00:09,072 [main] INFO org.apache.catalina.ha.session.JvmRouteBinderValve - JvmRouteBinderValve started Config: Can anybody help me pls ? Thanks in Advance Raju
changing location of conf/Catalina
Hi, I want to lock down the core Tomcat installation by making it read-only (and updateable only through a SCM). I've figured out how to relocate temp, work, logs, webapps directories, all of which get modified as part of Tomcat's standard operation. The last directory left inside the core that gets modified at runtime is conf/Catalina and I can't find a way to relocate it elsewhere. Is this even possible? Thanks Dmitry - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: SSL Mysterious Self Signed Certificate
Can you clarify on "mysterious self-signed certificate displayed within the browser"? Also, into what did you import the "relevant root certs and SSL cert"? The keystore? W is right. If your certificate is was not issued (signed) by a CA that the browser trusts, then the browser will not trust your certificate and will show a warning as a result. If that is your issue, then in order to get that message to go away, you'll either need use a certificate issued by a trusted CA, or import your certificate information into the browser. ~Mark -Original Message- From: Jonathan Mast [mailto:jhmast.develo...@gmail.com] Sent: Thursday, May 07, 2009 9:59 AM To: Tomcat Users List Subject: Re: SSL Mysterious Self Signed Certificate Its my understanding that all Self-signed certs generate the creepy browser messages. Not sure though. Were the imported root certs issued by a well known CA? On Wed, May 6, 2009 at 10:43 PM, Andrews, Wayne wrote: > > Hi > > I have an issue whereby on a windows installation of Tomcat; I have a > mysterious seflt signed certificate displayed within the browser. > Despite the fact that I have created a new keystore and imported the > relevant root certs and SSL cert and then redirected server.xml to point > to the keystore > > Any ideas?: > W. > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat / Java JNI and Classloading issues
Hello Everyone, I am attempting to integrate a Java JNI Library with Tomcat and GWT. I have had good sucess as far as initial proto-typing. I am aware of the classloaders (common, shared, and webapp), but seem to be missing something big here. I basically have problems cleanly using this Java OPC Library. I included a lot of extra information that may or may not be useful, hopefully someone can see something stand out? The library works great when running as Java Application, once I move to Tomcat, i begin to see problems. My hunch is that is has something to do with the JeasyOpc library multi-threading, I have noticed that the threads that it spawns reports that its class loader is 'WebAppClassLoader', the part that I am initially confused about is this, If my classes/libraries(dll) are located in ./common/lib or ./shared/lib why would my threads be loaded by WebAppClassLoader? There are no duplicates in WEB-INF/lib, am I looking in the right place? My shared/lib is generating threads with thread = new Thread(this); Should I be forcing the class loader context that I want?? I am I even looking in the right place? Thanks in Advance, the following are some notes that I took last night, I realize some of it is specific to OPC Client/Server, but I'm hoping my integration technique (Tomcat / Java / JNI) is the problem. JEasyOpc is an open source Java OPC Client Library. This library uses JNI (Java Native Interface) to access JCustomOpc.dll (Delphi originally). Using Tomcat 6 with JRE6 Testing Notes: When running a pure java application, I can successfully connect to the OPC server, register items/groups and also disconnect cleanly from the server (no hanging clients). Taking note that the library always reports Thread-0 no matter how many simultaneous applications I run (ony tested 4-5 at once). When deploying as a webapp on the Tomcat server, I can connect to the OPC server, register tags, and upon exiting, the following conditions occur in some particular order... [1] Upon Exit The library reports shutting down, but with an "UnableRemoveGroupException: Unable to remove some group." exception. The client drops clean from Kepware server (as the java classes has effectively died due to the runtime exception and in Java once all references to a class or library are gone, then it will processed through the garbage collector automatically). [1A]Notice below 4 times on condition [1]. Then does not report disconnect and leaves a client hanging., Tomcat also failed 06.05.2009 17:43:38 [Thread-13] INFO javafish.clients.opc.JEasyOpc - The OPC Client is connected. 06.05.2009 17:43:38 [Thread-13] INFO javafish.clients.opc.JEasyOpc - OPC Groups are registered. 06.05.2009 17:43:38 [Thread-13] INFO javafish.clients.opc.JEasyOpc - Asynchronous mode 2.0 is started. 06.05.2009 17:44:28 [Thread-13] ERROR javafish.clients.opc.JEasyOpc - javafish.clients.opc.exception.UnableRemoveGroupException: Unable to remove some group. 06.05.2009 17:44:28 [Thread-13] INFO javafish.clients.opc.JEasyOpc - The OPC Client is disconnected. 06.05.2009 17:45:14 [Thread-14] INFO javafish.clients.opc.JEasyOpc - The OPC Client is connected. 06.05.2009 17:45:14 [Thread-14] INFO javafish.clients.opc.JEasyOpc - OPC Groups are registered. 06.05.2009 17:45:14 [Thread-14] INFO javafish.clients.opc.JEasyOpc - Asynchronous mode 2.0 is started. 06.05.2009 17:45:25 [Thread-14] ERROR javafish.clients.opc.JEasyOpc - javafish.clients.opc.exception.UnableRemoveGroupException: Unable to remove some group. 06.05.2009 17:45:25 [Thread-14] INFO javafish.clients.opc.JEasyOpc - The OPC Client is disconnected. 06.05.2009 17:45:50 [Thread-15] INFO javafish.clients.opc.JEasyOpc - The OPC Client is connected. 06.05.2009 17:45:50 [Thread-15] INFO javafish.clients.opc.JEasyOpc - OPC Groups are registered. 06.05.2009 17:45:50 [Thread-15] INFO javafish.clients.opc.JEasyOpc - Asynchronous mode 2.0 is started. 06.05.2009 17:45:57 [Thread-15] ERROR javafish.clients.opc.JEasyOpc - javafish.clients.opc.exception.UnableRemoveGroupException: Unable to remove some group. 06.05.2009 17:45:57 [Thread-15] INFO javafish.clients.opc.JEasyOpc - The OPC Client is disconnected. 06.05.2009 17:46:04 [Thread-16] INFO javafish.clients.opc.JEasyOpc - The OPC Client is connected. 06.05.2009 17:46:04 [Thread-16] INFO javafish.clients.opc.JEasyOpc - OPC Groups are registered. 06.05.2009 17:46:04 [Thread-16] INFO javafish.clients.opc.JEasyOpc - Asynchronous mode 2.0 is started. 06.05.2009 17:46:08 [Thread-16] ERROR javafish.clients.opc.JEasyOpc - javafish.clients.opc.exc
Re: SSL Mysterious Self Signed Certificate
Its my understanding that all Self-signed certs generate the creepy browser messages. Not sure though. Were the imported root certs issued by a well known CA? On Wed, May 6, 2009 at 10:43 PM, Andrews, Wayne wrote: > > Hi > > I have an issue whereby on a windows installation of Tomcat; I have a > mysterious seflt signed certificate displayed within the browser. > Despite the fact that I have created a new keystore and imported the > relevant root certs and SSL cert and then redirected server.xml to point > to the keystore > > Any ideas?: > W. > >
RE: tomcat6 configuration best practice?
> From: Kevin Jackson [mailto:foamd...@gmail.com] > Subject: Re: tomcat6 configuration best practice? > > We are using httpd as we serve *many* static files too Tomcat will server static files every bit as well as httpd (especially since you're using APR). > Do we need both the context.xml file and the exploded application > directory structure? You need the element to define the elements used by the webapp. Whether the webapp is deployed as a .war file or exploded directory is irrelevant. When you have a conf/Catalina/[host]/[appName].xml file, the webapp's META-INF/context.xml file is ignored. > just the application directory (which we can name as ROOT) Naming the directory (or .war file) ROOT is only applicable when the webapp is deployed under the appBase directory. Since you're not deploying your webapp under appBase, the name can be anything you choose; it's the name of the .xml file under conf/Catalina/[host] that determines the webapp path. Make sure you delete any existing ROOT directory (or ROOT.war file) from the appBase directory. > Can you explain why it would be so wrong to have a symlink at all? I find them to be a significant maintenance issue - easily forgotten when you decide to move things around. Your deployment process (script) should just copy the element to conf/Catalina/[host]/ROOT.xml and eliminate the potential for problems. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Connector Issue - Tomcat 6.0/IIS 6.0
Accessing the same url from localhost:8080 displays the page without any problem. I have attached the IIS_Redirect log when accessing the url :http://localhost/examples/jsp/jsp2/el/basic-arithmetic.jsp The IIS Log from W3SVC for the same is: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2009-05-07 14:02:08 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2009-05-07 14:02:08 W3SVC1 127.0.0.1 GET /examples/jsp/jsp2/el/basic-arithmetic.jsp - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 200 0 0 Rainer Jung-3 wrote: > > Your log snippet indicates, that the request was successfully forwarded > to Tomcat and Tomcat returned with 404. Since you left out to much from > the log, we can't say for sure, whether thew request in the redirector > log is the same, as the 200 request in the IIS log. > > If you can provide access to more of the log, we can check that. > > Try to access the same URL that gives you a 404 directly via the HTTP > port of Tomcat (usually 8080). If you get the same result there, then > you first need to correct your Tomcat installation. If that works, but > not via IIS, then provide the full redirector log of the startup and the > single request that doesn't work for you. > > Regards, > > Rainer > > On 06.05.2009 23:43, samr wrote: >> Following are the versions of software I have installed on Windows2003 >> Server >> SP2 >> Tomcat-6.0.18 >> Java - Version 6 Update 13 >> IIS - 6.0 >> Tomcat Connector - 1.2.28 >> >> I have done the configuration consulting the tomcat site.Here is how >> isapi_redirect.properties looks like: >> extension_uri=/jakarta/isapi_redirect.dll >> log_file=c:\Tomcat\logs\iis_redirect.log >> log_level=debug >> worker_file=C:\Tomcat\conf\workers.properties >> worker_mount_file=C:\Tomcat\conf\uriworkermap.properties >> >> Workers.properties >> >> worker.list=ajp13 >> worker.ajp13.host=localhost >> worker.ajp13.port = 8009 >> worker.ajp13.type = ajp13 >> >> >> uriworkermap.properties >> /examples/*=ajp13 >> >> >> >> When I try to access a jsp page using >> IIS(http://localhost/examples/jsp/jsp2/el/basic-arithmetic.jsp) >> I get a Http Status 404 eror from Tomcat >> >> >> The IIS_Redirect log with 400 error is here(I am just pasting a few lines >> that are relevant, the redirect calls happen fine) >> >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_util.c (455): >> Pre-processed log time stamp format is '[%a %b %d %H:%M:%S.000 %Y] ' >> [Wed May 06 16:31:04.662 2009] [9352:9452] [info] jk_isapi_plugin.c >> (2398): >> Starting Jakarta/ISAPI/isapi_redirector/1.2.28 >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2416): >> Detected IIS version 6.0 >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2418): >> Using ini file C:\Tomcat\ISAPI\isapi_redirect.properties. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2424): >> Using log file c:\Tomcat\logs\iis_redirect.log. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2425): >> Using log level 1. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2426): >> Using extension uri /jakarta/isapi_redirect.dll. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2427): >> Using worker file C:\Tomcat\conf\workers.properties. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2428): >> Using worker mount file C:\Tomcat\conf\uriworkermap.properties. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2430): >> Using rewrite rule file . >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2432): >> Using uri select 3. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c >> (2433): >> Using no chunked encoding. >> ... >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_map.c (490): Adding >> property '/examples/*' with value 'ajp13' to map. >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c >> (1101): Loading urimaps from C:\Tomcat\conf\uriworkermap.properties with >> reload check interval 60 seconds >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c >> (719): wildchar rule '/examples/*=ajp13' source 'uriworkermap' was added >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c >> (171): >> >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_worker.c (242): >> creating worker ajp13 >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_worker.c (146): >> about >> to create instance ajp13 of ajp13 >> ... >> [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c >> (171): uri map dump after extension stripping: index=0 >> file='C:\Tom
Re: tomcat6 configuration best practice?
> Why are you using httpd? If everything is being forwarded to Tomcat, adding > httpd just slows things down and makes your life more complicated. We are using httpd as we serve *many* static files too and not every request is being forwarded to Tomcat - we have our reasons for using apache as a front end webserver. >> Currently we have the following >> $CATALINA_HOME/webapps/ >> - app >> - ROOT -> app > > Bad practice - your app will be deployed twice. Just call it ROOT and be > done with it. As I suspected - removing this will improve our memory usage considerably >> $CATALINA_HOME/conf/Catalina/localhost/ >> - app.xml >> - ROOT.xml -> app.xml > > More bad practice; just use ROOT.xml and get rid of the silly symlinks. Do we need both the context.xml file and the exploded application directory structure? The documentation isn't clear (to me) if they are both required or just the application directory (which we can name as ROOT) > Why are you insisting on making things more complicated? Just use a ROOT.xml > in the proper place. Stop confusing things with the symlinks. > Can you explain why it would be so wrong to have a symlink at all? >> > The path attribute is not allowed (and you've got an invalid value for it); > remove it. Ok >> given the requirement to allow us to hot deploy jsp files (but not >> jars or classes), can we change reloadable to false? > > Yes, you can set reloadable to false; the monitoring of .jsp changes is > controlled by the jsp servlet settings in conf/web.xml, not by the reloadable > attribute of the element. Thanks, Kev - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Multiple Context and Websites
> From: Alexander Diedler [mailto:adied...@tecracer.de] > Subject: AW: Multiple Context and Websites > > AD : But we want to use different Hostnames, it cannot be placed in the > localhost? Just using different host names is a DNS issue; it does not require multiple elements in Tomcat. You only need multiple s if you want separate sets of webapps for each domain. > AD: Some Websites (Applications) should be hosted on this Tomcat e.g. > applicationA.domain.de, applicationB.domain.de and every Website has it > own directory on HDD. But it is not inside the Tomcat Folders. You still seem to be confusing webapps with domains. You can have multiple webapps for one domain, a single default webapp for each domain, or multiple webapps for each domain; all combinations are possible. What do you want? Can you provide a set of example URLs and the webapps you expect those URLs to reference? If you want a single default webapp for each domain, you'll need one element for each, with a separate appBase setting for each. Inside each appBase directory should be a ROOT subdirectory (or ROOT.war file) containing the webapp for that domain. The element for each should be in ROOT/META-INF/context.xml. You will also need to deploy a separate copy of the manager app for each . You definitely should read the link Hassan provided. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Multiple Context and Websites
On Thu, May 7, 2009 at 5:56 AM, Alexander Diedler wrote: > Tomcat1.de and tomcat2.de point to the same Tomcat 6.0.18 server (edit > Windows hosts-File). http://tomcat.apache.org/tomcat-6.0-doc/virtual-hosting-howto.html HTH, -- Hassan Schroeder hassan.schroe...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Multiple Context and Websites
> From: Martin Gainty [mailto:mgai...@hotmail.com] > Subject: RE: Multiple Context and Websites > > Inetpub is the default folder for IIS > try re-installing tomcat to a new folder and point the docBase to be > based off of catalina.home (which is your new Tomcat folder) > > privileged="true" antiResourceLocking="false" > antiJARLocking="false"> > Ignore all of the above - it's completely irrelevant to the issue being discussed. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Multiple Context and Websites
-Ursprüngliche Nachricht- Von: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Gesendet: Donnerstag, 7. Mai 2009 15:20 An: Tomcat Users List Betreff: RE: Multiple Context and Websites > From: Alexander Diedler [mailto:adied...@tecracer.de] > Subject: Multiple Context and Websites > > In the /conf/Catalina/localhost/ there are tomcat1.xml with this code: > > docBase="C:\Inetpub\tomcat\Webseite1" distributable="true"> Take out the path attribute; it's not allowed. AD : Done > and tomcat2.xml : > > docBase="C:\Inetpub\tomcat\Webseite2" distributable="true"> Take out the path attribute, it's not allowed. AD : Done > In the server.xml I add this lines: > , depending on what you're really trying to achieve (which is not at all clear). AD : But we want to use different Hostnames, it cannot be placed in the localhost? > But a http://tomcat1.de:8080/ results a 400 Error Which it should - you have no default application for that . > http://localhost:8080/tomcat1/ show me the content of the Application. As it should, given your configuration. > What´s wrong? Nothing so far. > I target is to have multiple Applications, that can be restarted with > Tomcat Manager and will be opened by the URL http://tomcat1.de/ > (without the /tomcat1 Prefix) How do you expect to have multiple webapps opened by a single URL (that's what the above statement says)? What are you really trying to achieve? Do you want multiple hosts, each with a default webapp, or do you want multiple webapps for a single host? AD: Some Websites (Applications) should be hosted on this Tomcat e.g. applicationA.domain.de, applicationB.domain.de and every Website has it own directory on HDD. But it is not inside the Tomcat Folders. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org smime.p7s Description: S/MIME cryptographic signature
RE: tomcat6 configuration best practice?
> From: Kevin Jackson [mailto:foamd...@gmail.com] > Subject: tomcat6 configuration best practice? > > - apache httpd 2.0.2 Why are you using httpd? If everything is being forwarded to Tomcat, adding httpd just slows things down and makes your life more complicated. > Currently we have the following > $CATALINA_HOME/webapps/ > - app > - ROOT -> app Bad practice - your app will be deployed twice. Just call it ROOT and be done with it. > $CATALINA_HOME/conf/Catalina/localhost/ > - app.xml > - ROOT.xml -> app.xml More bad practice; just use ROOT.xml and get rid of the silly symlinks. > I suspect we may be causing the container to attempt to load the > application twice - but I'd like some confirmation. Yes, that's what's happening. Don't use the symlinks. > I think the following structure would be more managable and probably > better for tomcat too: > > $CATALINA_HOME/conf/Catalina/localhost/ > - ROOT.xml -> /deployments/app.xml This is better, but I still wouldn't use the symlink. Just put the ROOT.xml file where it belongs. > /deployments/ > - app.xml > - app Why are you insisting on making things more complicated? Just use a ROOT.xml in the proper place. Stop confusing things with the symlinks. > given the requirement to allow us to hot deploy jsp files (but not > jars or classes), can we change reloadable to false? Yes, you can set reloadable to false; the monitoring of .jsp changes is controlled by the jsp servlet settings in conf/web.xml, not by the reloadable attribute of the element. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Multiple Context and Websites
Inetpub is the default folder for IIS try re-installing tomcat to a new folder and point the docBase to be based off of catalina.home (which is your new Tomcat folder) Martin __ Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité This message is confidential. If you should not be the intended receiver, then we ask politely to report. Each unauthorized forwarding or manufacturing of a copy is inadmissible. This message serves only for the exchange of information and has no legal binding effect. Due to the easy manipulation of emails we cannot take responsibility over the the contents. Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: adied...@tecracer.de To: users@tomcat.apache.org Date: Thu, 7 May 2009 14:56:24 +0200 Subject: Multiple Context and Websites Hello, Something stupid to me, but it will not works. I want to have several webapps managed by Manager. Tomcat1.de and tomcat2.de point to the same Tomcat 6.0.18 server (edit Windows hosts-File). In the /conf/Catalina/localhost/ there are tomcat1.xml with this code: and tomcat2.xml : In the server.xml I add this lines: But a http://tomcat1.de:8080/ results a 400 Error but a http://localhost:8080/tomcat1/ show me the content of the Application. What´s wrong? I target is to have multiple Applications, that can be restarted with Tomcat Manager and will be opened by the URL http://tomcat1.de/ (without the /tomcat1 Prefix) Greetings Alexander _ Insert movie times and more without leaving Hotmail®. http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd1_052009
RE: Multiple Context and Websites
> From: Alexander Diedler [mailto:adied...@tecracer.de] > Subject: Multiple Context and Websites > > In the /conf/Catalina/localhost/ there are tomcat1.xml with this code: > > docBase="C:\Inetpub\tomcat\Webseite1" distributable="true"> Take out the path attribute; it's not allowed. > and tomcat2.xml : > > docBase="C:\Inetpub\tomcat\Webseite2" distributable="true"> Take out the path attribute, it's not allowed. > In the server.xml I add this lines: > , depending on what you're really trying to achieve (which is not at all clear). > But a http://tomcat1.de:8080/ results a 400 Error Which it should - you have no default application for that . > http://localhost:8080/tomcat1/ show me the content of the Application. As it should, given your configuration. > What´s wrong? Nothing so far. > I target is to have multiple Applications, that can be restarted with > Tomcat Manager and will be opened by the URL http://tomcat1.de/ > (without the /tomcat1 Prefix) How do you expect to have multiple webapps opened by a single URL (that's what the above statement says)? What are you really trying to achieve? Do you want multiple hosts, each with a default webapp, or do you want multiple webapps for a single host? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Weekly restart of Tomcat service
It looks like the version of Java is 1.5.0_11 Brandy Jack I/S Dept Database Management ofc: (918) 615-7743 cel: (918) 527-4027 -Original Message- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Wednesday, May 06, 2009 4:45 PM To: Tomcat Users List Subject: RE: Weekly restart of Tomcat service > From: Jack, Brandy [mailto:bj...@quiktrip.com] > Subject: RE: Weekly restart of Tomcat service > > The tomcat version seems to be 5.5.26. > It is running on Windows Server 2003 SP2. JVM version? > Can I get a thread dump from the command line on the server? Yes, if you're running on a 1.5 or newer JVM, and have a JDK installed. Use jps to find the process id Tomcat is using, then jstack to take a thread dump. Taking a thread dump in a normally running situation will give you an idea of what things should look like, so you can compare it to what you get when the server becomes unresponsive. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org The information in this e-mail from QuikTrip Corporation is confidential and may be legally privileged. It is intended solely for the addressee. Access to this e-mail by anyone else is unauthorized. If you are not the intended recipient, be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing or copying is strictly prohibited. If you receive this e-mail in error, please immediately notify the sender via reply e-mail and delete this communication. QuikTrip Corporation - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Multiple Context and Websites
Hello, Something stupid to me, but it will not works. I want to have several webapps managed by Manager. Tomcat1.de and tomcat2.de point to the same Tomcat 6.0.18 server (edit Windows hosts-File). In the /conf/Catalina/localhost/ there are tomcat1.xml with this code: and tomcat2.xml : In the server.xml I add this lines: But a http://tomcat1.de:8080/ results a 400 Error but a http://localhost:8080/tomcat1/ show me the content of the Application. What´s wrong? I target is to have multiple Applications, that can be restarted with Tomcat Manager and will be opened by the URL http://tomcat1.de/ (without the /tomcat1 Prefix) Greetings Alexander smime.p7s Description: S/MIME cryptographic signature
Re: How to make request parameters available to a login.jsp?
Gregor Schneider wrote: > Pid, > > On Thu, May 7, 2009 at 2:01 PM, Pid wrote: >> Alternative: >> >> I don't have this to hand anymore since the original site was changed >> and I'm not the dev for it anymore, but we put a frame-busting >> javascript on the login page instead, it loaded our preferred start URL >> instead of just busting the frame. >> >> Not ideal if you want to do it all server-side, but it worked for us. >> > > doesn't work for us for several reasons: > > - few thoused html-pages, meaning you'll have to put the > frame-breakout into /every/ page We only put it into the login page, but maybe I'm misunderstanding your setup. Not to worry. > - although most pages are generated by a "tool" *sic*, the > -sections are mostly different to each other so that we also > can't generate such a frame-breakout for every page. > Doing so by hand is way too much effort > > Other than that, your solution is fine, however, due to the above that > doesn't work for us. Fair enough. p > Cheers > > Gregor - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to make request parameters available to a login.jsp?
Pid, On Thu, May 7, 2009 at 2:01 PM, Pid wrote: > Alternative: > > I don't have this to hand anymore since the original site was changed > and I'm not the dev for it anymore, but we put a frame-busting > javascript on the login page instead, it loaded our preferred start URL > instead of just busting the frame. > > Not ideal if you want to do it all server-side, but it worked for us. > doesn't work for us for several reasons: - few thoused html-pages, meaning you'll have to put the frame-breakout into /every/ page - although most pages are generated by a "tool" *sic*, the -sections are mostly different to each other so that we also can't generate such a frame-breakout for every page. Doing so by hand is way too much effort Other than that, your solution is fine, however, due to the above that doesn't work for us. Cheers Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 @ http://pgp.mit.edu:11371/ skype:rc46fi - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to make request parameters available to a login.jsp?
Gregor Schneider wrote:
> Chris,
>
> On Thu, May 7, 2009 at 4:07 AM, Christopher Schultz
> wrote:
>> A few questions:
>>
> Chris, maybe you'll get the hang of this Valve if I explain the
> business-requirement I had:
>
> My primary target was to cirumvent the problem having a framed
> web-app, where some content is requested after the session has timed
> out.
>
> let's say we have the following website-structure:
>
> ++
> | menue1| |
> | menue2| some_content|
> | menue3| |
> | menue4| |
> | menue5| |
> +-+
>
> (hope the formatting is ok )
>
> "some_content" is an iframe, and the content of this iframe is changed
> by selecting one of the left menue-items.
> The iframe is specified in "index.html such as:
>
>
>
>
> Some iframe-error-message
>
>
>
>
> Now let's assume, session is timing out, and after that timeout the
> user selects one of the menue-entries on the left side.
> What's happening?
>
> The url requested will look like "http://mysite/protected/some_stuff";
>
> The HTML in that case looks like
>
> http://mysite/protected/some_stuff.html";
> target="some_content">menue4
>
> No this triggers j_security_check, but unfortunately j_security_check
> just stores the last request, and after passing the credentials,
> you'll won't see your "index.html" but "/protected/some_stuff.html" -
> without the iframe and aboviously without the menue.
Alternative:
I don't have this to hand anymore since the original site was changed
and I'm not the dev for it anymore, but we put a frame-busting
javascript on the login page instead, it loaded our preferred start URL
instead of just busting the frame.
Not ideal if you want to do it all server-side, but it worked for us.
p
> So the purpose of this Valve is to provide a mechanism which makes
> sure, that if a non-authorized request comes in requesting anything
> else but your "/protected/index.html", that the original request (i.e.
> "/protected/some_stuff") is replaced by
> "/protected/index.html" (or any other url being specified in the
> Valve-descriptor).
>
> Now take a look at some example-Valve-descriptor:
>
>
> protectedPath="/protected"
> redirectAfterAuth="/protected/index.html"/>
>
>
> This basically says, that all /non-authorized/ requests to the
> protected content will be re-routed to "/protected/index.html"
> (redirectAfterAuth).
>
>> 1. Why can't the "redirectAfterAuth" path be within the protected space?
>>
>
> Actually I do not see why this shouldn't be possible: Actually the
> idea is, that redirectAfterAuth /must/ be in the protected area
>
> If you take a look at the first condition:
>
> + if (aRequest.getRequestURI().startsWith(protectedPath)
> + &&
> !aRequest.getRequestURI().startsWith(redirectAfterAuth)
> + && !aRequest.getRequestURI().startsWith(
> + "/j_security_check",
> 10)) {
>
> Basically it says:
>
> - Only URLs are handled being in my protected area
> - the URL must /not/ be equal my default protected starting-URL
> - the URL requested must /not/ be j_security_check
>
> The two latter conditions are necessary to avoid an infinite loop when
> accessing protected content
>
>> 2. Why do you check to see if the request URI /startsWith/ the
>> redirectAfterAuth instead of being equal to it?
>
> Because there might be some parameters after the adress in the URL -
> i.e., if Cookies are not possible so that the session-information is
> stored within the URL
>
>> 3. Why are you checking to see if characters 10 - 16 of the request URI
>> are "y_check". Why not check for the whole "j_security_check" string?
>> Why not check the /end/ of the request URI for j_security_check,
>> since the URI for j_security_check is not required to be
>> /j_security_check but pretty much */j_security_check?
>
> You are right with this:
>
> Actually I made a mistake here:
>
> When "j_security_check" is triggered, the URL will look like
>
> /protected/j_security_check
>
> As you can see, in this example it works since "/protected" is exactly
> 10 characters long.
>
> Therefore, the correct code would be
>
> + && !aRequest.getRequestURI().startsWith(
> + "/j_security_check",
> protectedPath.length())) {
>
> I'll correct that with a new patch during the weekend.
>
> Why do I not ask for the String ending with "j_security_check"?
> I was not sure how that URL looks like if session-info is encoded
> within the URL - therefore I'm using startsWith()
>
>> 4. Why are killing the session if the authtype is null
Re: How to make request parameters available to a login.jsp?
Chris,
On Thu, May 7, 2009 at 4:07 AM, Christopher Schultz
wrote:
>
> A few questions:
>
Chris, maybe you'll get the hang of this Valve if I explain the
business-requirement I had:
My primary target was to cirumvent the problem having a framed
web-app, where some content is requested after the session has timed
out.
let's say we have the following website-structure:
++
| menue1| |
| menue2| some_content|
| menue3| |
| menue4| |
| menue5| |
+-+
(hope the formatting is ok )
"some_content" is an iframe, and the content of this iframe is changed
by selecting one of the left menue-items.
The iframe is specified in "index.html such as:
Some iframe-error-message
Now let's assume, session is timing out, and after that timeout the
user selects one of the menue-entries on the left side.
What's happening?
The url requested will look like "http://mysite/protected/some_stuff";
The HTML in that case looks like
http://mysite/protected/some_stuff.html";
target="some_content">menue4
No this triggers j_security_check, but unfortunately j_security_check
just stores the last request, and after passing the credentials,
you'll won't see your "index.html" but "/protected/some_stuff.html" -
without the iframe and aboviously without the menue.
So the purpose of this Valve is to provide a mechanism which makes
sure, that if a non-authorized request comes in requesting anything
else but your "/protected/index.html", that the original request (i.e.
"/protected/some_stuff") is replaced by
"/protected/index.html" (or any other url being specified in the
Valve-descriptor).
Now take a look at some example-Valve-descriptor:
This basically says, that all /non-authorized/ requests to the
protected content will be re-routed to "/protected/index.html"
(redirectAfterAuth).
> 1. Why can't the "redirectAfterAuth" path be within the protected space?
>
Actually I do not see why this shouldn't be possible: Actually the
idea is, that redirectAfterAuth /must/ be in the protected area
If you take a look at the first condition:
+ if (aRequest.getRequestURI().startsWith(protectedPath)
+ &&
!aRequest.getRequestURI().startsWith(redirectAfterAuth)
+ && !aRequest.getRequestURI().startsWith(
+ "/j_security_check",
10)) {
Basically it says:
- Only URLs are handled being in my protected area
- the URL must /not/ be equal my default protected starting-URL
- the URL requested must /not/ be j_security_check
The two latter conditions are necessary to avoid an infinite loop when
accessing protected content
> 2. Why do you check to see if the request URI /startsWith/ the
> redirectAfterAuth instead of being equal to it?
Because there might be some parameters after the adress in the URL -
i.e., if Cookies are not possible so that the session-information is
stored within the URL
> 3. Why are you checking to see if characters 10 - 16 of the request URI
> are "y_check". Why not check for the whole "j_security_check" string?
> Why not check the /end/ of the request URI for j_security_check,
> since the URI for j_security_check is not required to be
> /j_security_check but pretty much */j_security_check?
You are right with this:
Actually I made a mistake here:
When "j_security_check" is triggered, the URL will look like
/protected/j_security_check
As you can see, in this example it works since "/protected" is exactly
10 characters long.
Therefore, the correct code would be
+ && !aRequest.getRequestURI().startsWith(
+ "/j_security_check",
protectedPath.length())) {
I'll correct that with a new patch during the weekend.
Why do I not ask for the String ending with "j_security_check"?
I was not sure how that URL looks like if session-info is encoded
within the URL - therefore I'm using startsWith()
> 4. Why are killing the session if the authtype is null?
Because we experienced with some users, esp. behind company-proxies,
that situations may occur where a session still exists, but the
Principal was null.
Therefore, if Principal is null, better be safe than sorry and make
sure you definately have a new session
> 5. Why does your valve pass-through any requests before the component
> has "started"? Is there a valid use case where NOT performing these
> checks and redirects is appropriate?
Nope. I took this code from AccessLogValve (I believe it was that
one), and my assumption was those checks don't make sense /before/ the
Valve is completely set (started).
If you feel that a different approach does make more sense here, I
After deployment to tomcat: entity class not found
Hello, I've successfully created all hbm,POJO and DAO files using Hibernate tool which is great!!! Once deploy to Tomcat I got the exception: nested exception is org.hibernate.MappingException: entity class not found: MyClass the full stack is: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionFactory' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Invocation of init method failed; nested exception is org.hibernate.MappingException: entity class not found: MyClass at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1362) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:540) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:485) at java.security.AccessController.doPrivileged(Native Method) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:455) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:251) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:169) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:248) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:170) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:407) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:735) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:369) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:251) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:190) at org.springframework.web.context.ContextLoaderServlet.init(ContextLoaderServlet.java:81) at javax.servlet.GenericServlet.init(GenericServlet.java:212) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1139) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:966) at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3956) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4230) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825) at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) at org.apache.catalina.core.StandardHost.start(StandardHost.java:736) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:448) at org.apache.catalina.core.StandardServer.start(StandardServer.java:700) at org.apache.catalina.startup.Catalina.start(Catalina.java:552) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) Caused by: org.hibernate.MappingException: entity class not found: Regional at org.hibernate.mapping.PersistentClass.getMappedClass(PersistentClass.java:99) at org.hibernate.tuple.PropertyFactory.getGetter(PropertyFactory.java:168) at org.hibernate.tuple.PropertyFactory.buildIdentifierProperty(PropertyFactory.java:44) at org.hibernate.tuple.entity.EntityMetamodel.(EntityMetamodel.java:123) at org.hibernate.persister.entity.AbstractEntityPersister.(AbstractEntityPersister.java:434) at org.hibernate.persister.entity.SingleTableEntityPersister.(SingleTableEntityPersister.java:109) at org.hibernate.persister.PersisterFactory.createClassPersister(PersisterFactory.java:55) at org.hibernate.impl.SessionFactoryImpl.(SessionFactoryImpl.java:226
Re: Requesting a SSL client certificate using ACTION_REQ_SSL_CERTIFICATE
On May 7, 2009, at 9:18 , Mark Thomas wrote: André Cruz wrote: Hello. I have a specific page in my site that uses ssl client certificates for authentication and the application itself does the cert validation. As the rest of the site does not use them I have clientAuth="false" in my connector otherwise the browsers keep asking for client certificates. I installed a custom security provider to accept all certificates and built a Valve that requests a SSL renegotiation to try and get a certificate: Why not just set appropriate security constraints and get Tomcat to handle this for you (as per my example in bug 46950)? Well, for several reasons: - I want to display customized error messages in my application. If I let tomcat handle the certificate validation then, if there's an error, the request doesn't reach the application at all. Or am I wrong? - I have some custom certificate validation based on the CA of the certificate. - I don't have all the certificates that will be presented to me, just the CA that signs them, so I'm not sure I could configure users and roles in tomcat to deal with this. Is there a better way to do this? The only thing missing right now is tomcat not closing the connection immediately when no certificate is sent by the browser. André - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat Cluster issue
List,
I am trying a transparent failover cluster with 2 separate TC-6.0.8
nodes with a apache2.2 node as LoadBalancer with mod_proxy_ajp
JDK 1.5.0_15 and platform Debian.
I used224.0.0.1 as the multicast addresss is it okay ?
I am seeing these outputs for catalina.out in one tomcat box when I
shutdown the other tomcat box, .
does any one has a hints what wrong here?
Thank you
Dhanesh
r...@boss[conf]#tail -f ../logs/catalina.out
May 7, 2009 2:58:21 PM org.apache.catalina.loader.WebappClassLoader
validateJarFile
INFO:
validateJarFile(/usr/TOMCAT-6-08/apache-tomcat-6.0.8/webapps/PIS/WEB-INF/lib/javaee.jar)
- jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class:
javax/servlet/Servlet.class
May 7, 2009 2:58:21 PM org.apache.catalina.loader.WebappClassLoader
validateJarFile
INFO:
validateJarFile(/usr/TOMCAT-6-08/apache-tomcat-6.0.8/webapps/PIS/WEB-INF/lib/servlet-api.jar)
- jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class:
javax/servlet/Servlet.class
May 7, 2009 2:58:22 PM org.apache.catalina.ha.session.DeltaManager start
INFO: Register manager /PIS to cluster element Engine with name Catalina
May 7, 2009 2:58:22 PM org.apache.catalina.ha.session.DeltaManager start
INFO: Starting clustering manager at /PIS
May 7, 2009 2:58:24 PM org.apache.catalina.ha.tcp.SimpleTcpCluster
memberAdded
INFO: Replication member
added:org.apache.catalina.tribes.membership.MemberImpl[tcp://
192.168.31.138:4000,192.168.31.138,4000, alive=3106650,id={110 -72 -44 -17
-93 -30 72 44 -116 -14 -107 -57 -102 -66 36 -64 }, payload={}, command={},
domain={}, ]
May 7, 2009 2:58:27 PM org.apache.catalina.ha.session.DeltaManager
getAllClusterSessions
WARNING: Manager [localhost#/PIS], requesting session state from
org.apache.catalina.tribes.membership.MemberImpl[tcp://192.168.31.138:4000,192.168.31.138,4000,
alive=3110178,id={110 -72 -44 -17 -93 -30 72 44 -116 -14 -107 -57 -102 -66
36 -64 }, payload={}, command={}, domain={}, ]. This operation will timeout
if no session state has been received within 60 seconds.
May 7, 2009 2:58:27 PM org.apache.catalina.ha.session.DeltaManager
waitForSendAllSessions
INFO: Manager [localhost#/PIS]; session state send at 5/7/09 2:58 PM
received in 5,123 ms.
log4j: Parsing for [root] with value=[INFO,DRHL].
log4j: Level token is [INFO].
log4j: Category root set to INFO
log4j: Parsing appender named "DRHL".
log4j: Parsing layout options for "DRHL".
log4j: Setting property [title] to [POM Logs].
log4j: End of parsing for "DRHL".
log4j: Setting property [datePattern] to [dd-MM-'.html'].
log4j: Setting property [file] to [/root/POMLogs.html].
log4j: setFile called: /root/POMLogs.html, true
log4j: setFile ended
log4j: Appender [DRHL] to be rolled at midnight.
log4j: Parsed "DRHL" options.
log4j: Finished configuring.
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager start
INFO: Register manager /docs to cluster element Engine with name Catalina
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager start
INFO: Starting clustering manager at /docs
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager
getAllClusterSessions
WARNING: Manager [localhost#/docs], requesting session state from
org.apache.catalina.tribes.membership.MemberImpl[tcp://192.168.31.138:4000,192.168.31.138,4000,
alive=3111690,id={110 -72 -44 -17 -93 -30 72 44 -116 -14 -107 -57 -102 -66
36 -64 }, payload={}, command={}, domain={}, ]. This operation will timeout
if no session state has been received within 60 seconds.
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager
waitForSendAllSessions
INFO: Manager [localhost#/docs]; session state send at 5/7/09 2:58 PM
received in 106 ms.
May 7, 2009 2:58:29 PM org.apache.tomcat.util.modeler.Registry
registerComponent
SEVERE: Null component
Catalina:type=JspMonitor,name=jsp,WebModule=//localhost/docs,J2EEApplication=none,J2EEServer=none
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager start
INFO: Register manager to cluster element Engine with name Catalina
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager start
INFO: Starting clustering manager at
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager
getAllClusterSessions
WARNING: Manager [localhost#], requesting session state from
org.apache.catalina.tribes.membership.MemberImpl[tcp://192.168.31.138:4000,192.168.31.138,4000,
alive=3111690,id={110 -72 -44 -17 -93 -30 72 44 -116 -14 -107 -57 -102 -66
36 -64 }, payload={}, command={}, domain={}, ]. This operation will timeout
if no session state has been received within 60 seconds.
May 7, 2009 2:58:29 PM org.apache.catalina.ha.session.DeltaManager
waitForSendAllSessions
INFO: Manager [localhost#]; session state send at 5/7/09 2:58 PM received in
103 ms.
May 7, 2009 2:58:29 PM org.apache.tomcat.util.modeler.Registry
registerComponent
SEVERE: Null component
Catalina:type=JspMonitor,name=jsp,WebModule=//localhost/,J2EEApplication=none,J
Re: Tomcat Configuration in Eclipse
Hi. Please do not copy me of every message you send to the list. I already get the list message, so this makes it an extra identical message each time. Just click "reply", not "reply all". Thanks. ados1...@gmail.com wrote: Interesting Things are happening with my Tomcat. ... - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat6 configuration best practice?
Hi, I'm currently trying to understand the best practices for tomcat6 application deployments given certain restrictions: 1 - We deploy exploded dirs only, not WAR files 2 - We need to be able to hot deploy jsps (but not classes/jars) without restarting tomcat 3 - The application must be the ROOT or base webapp Environment: - RedHat Enterprise 4 - tomcat 6.0.18 - sun jdk 1.6.u012 - apache httpd 2.0.2 (with redhat bug fixes etc - I'm uncertain what the exact version is) - mod_jk (latest) - apr 1.3.3 (built from src) - apr-util 1.3.4 (built from src) - libtcnative (latest) - using tomcat-jdbc connection pool implementation after commons-dbcp failed under high load and c3p0 also failed - recommended by one of the tomcat developers Currently we have the following $CATALINA_HOME/webapps/ - app - ROOT -> app $CATALINA_HOME/conf/Catalina/localhost/ - app.xml - ROOT.xml -> app.xml Where our app is symbolically linked to ROOT.xml and a ROOT dir respectively. In my previous tomcat6 experience, I've deployed war files, either by hand or using a custom maven plugin. So I'm a little unsure if our current configuration is broken. I suspect we may be causing the container to attempt to load the application twice - but I'd like some confirmation. I think the following structure would be more managable and probably better for tomcat too: $CATALINA_HOME/conf/Catalina/localhost/ - ROOT.xml -> /deployments/app.xml /deployments/ - app.xml - app Again where the ROOT.xml is a sumbolic link The Context configuration to achieve this separation of the application from the tomcat directory structure I presume would look something like: One thing I think we can change for sure is the debug="true" parameter, but given the requirement to allow us to hot deploy jsp files (but not jars or classes), can we change reloadable to false? The documentation suggests that this very resource intensive and I would like to remove it "it requires significant runtime overhead and is not recommended for use on deployed production applications" [1] Any other suggestions to the application context, or server xml warmly welcomed :) Thanks, Kev [1] http://tomcat.apache.org/tomcat-6.0-doc/config/context.html - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Requesting a SSL client certificate using ACTION_REQ_SSL_CERTIFICATE
André Cruz wrote: > Hello. > > I have a specific page in my site that uses ssl client certificates for > authentication and the application itself does the cert validation. As > the rest of the site does not use them I have clientAuth="false" in my > connector otherwise the browsers keep asking for client certificates. > > I installed a custom security provider to accept all certificates and > built a Valve that requests a SSL renegotiation to try and get a > certificate: Why not just set appropriate security constraints and get Tomcat to handle this for you (as per my example in bug 46950)? > req.getCoyoteRequest().action(ActionCode.ACTION_REQ_SSL_CERTIFICATE, > null); > > Using APR no certificate is requested from the client (probably because > of bug 46950). Yep. That needs to be fixed. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Connector Issue - Tomcat 6.0/IIS 6.0
Your log snippet indicates, that the request was successfully forwarded to Tomcat and Tomcat returned with 404. Since you left out to much from the log, we can't say for sure, whether thew request in the redirector log is the same, as the 200 request in the IIS log. If you can provide access to more of the log, we can check that. Try to access the same URL that gives you a 404 directly via the HTTP port of Tomcat (usually 8080). If you get the same result there, then you first need to correct your Tomcat installation. If that works, but not via IIS, then provide the full redirector log of the startup and the single request that doesn't work for you. Regards, Rainer On 06.05.2009 23:43, samr wrote: > Following are the versions of software I have installed on Windows2003 Server > SP2 > Tomcat-6.0.18 > Java - Version 6 Update 13 > IIS - 6.0 > Tomcat Connector - 1.2.28 > > I have done the configuration consulting the tomcat site.Here is how > isapi_redirect.properties looks like: > extension_uri=/jakarta/isapi_redirect.dll > log_file=c:\Tomcat\logs\iis_redirect.log > log_level=debug > worker_file=C:\Tomcat\conf\workers.properties > worker_mount_file=C:\Tomcat\conf\uriworkermap.properties > > Workers.properties > > worker.list=ajp13 > worker.ajp13.host=localhost > worker.ajp13.port = 8009 > worker.ajp13.type = ajp13 > > > uriworkermap.properties > /examples/*=ajp13 > > > > When I try to access a jsp page using > IIS(http://localhost/examples/jsp/jsp2/el/basic-arithmetic.jsp) > I get a Http Status 404 eror from Tomcat > > > The IIS_Redirect log with 400 error is here(I am just pasting a few lines > that are relevant, the redirect calls happen fine) > > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_util.c (455): > Pre-processed log time stamp format is '[%a %b %d %H:%M:%S.000 %Y] ' > [Wed May 06 16:31:04.662 2009] [9352:9452] [info] jk_isapi_plugin.c (2398): > Starting Jakarta/ISAPI/isapi_redirector/1.2.28 > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2416): > Detected IIS version 6.0 > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2418): > Using ini file C:\Tomcat\ISAPI\isapi_redirect.properties. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2424): > Using log file c:\Tomcat\logs\iis_redirect.log. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2425): > Using log level 1. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2426): > Using extension uri /jakarta/isapi_redirect.dll. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2427): > Using worker file C:\Tomcat\conf\workers.properties. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2428): > Using worker mount file C:\Tomcat\conf\uriworkermap.properties. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2430): > Using rewrite rule file . > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2432): > Using uri select 3. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2433): > Using no chunked encoding. > ... > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_map.c (490): Adding > property '/examples/*' with value 'ajp13' to map. > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c > (1101): Loading urimaps from C:\Tomcat\conf\uriworkermap.properties with > reload check interval 60 seconds > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c > (719): wildchar rule '/examples/*=ajp13' source 'uriworkermap' was added > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c > (171): > > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_worker.c (242): > creating worker ajp13 > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_worker.c (146): about > to create instance ajp13 of ajp13 > ... > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c > (171): uri map dump after extension stripping: index=0 > file='C:\Tomcat\conf\uriworkermap.properties' reject_unsafe=0 reload=60 > modified=1241645359 checked=1241645464 > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_uri_worker_map.c > (176): generation 0: size=0 nosize=0 capacity=0 > .. > [Wed May 06 16:31:04.677 2009] [9352:9452] [debug] jk_ajp_common.c (2246): > processing ajp13 with 2 retries > [Wed May 06 16:31:04.677 2009] [9352:9452] [debug] jk_ajp_common.c (1461): > (ajp13) all endpoints are disconnected. > ... > [Wed May 06 16:31:04.677 2009] [9352:9452] [debug] jk_ajp_common.c (1217): > received from ajp13 pos=0 len=82 max=8192 > ... > [Wed May 06 16:31:04.662 2009] [9352:9452] [debug] jk_isapi_plugin.c (2060): > [/jakarta/isapi_redirect.dll] is not a servlet url > . > [Wed May 06 16:31:04.677 2009] [9352:9452] [debug] jk_ajp_common.c (660): > status = 404 > > [Wed May 06 16:31:04.677 2009] [9352:9452] [debug] jk_ajp_common.c (1806): > AJP13 protocol: Re
