XSS vulnerability in Tomcat Host Header
Hello, I am using Tomcat 6.0.18 and have hit XSS issue, where in tweaked Host header containing XSS is processed by the server. I suppose some validation check should be done on the Host value to prevent such an attack. Appreciate any inputs are to whether this issue has been fixed ?. regards Pankaj - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
implement dynamic filter
hello, I have a web app in tomcat ,where exists some .jsp,.vm files, these files are saved using different encoding(I think).when requested,some of them display urgly,garbled. so I think maybe I can implement such a filter:first read the content of the file,and* *decide which charset it's saved,and set the ServletResponse's character encoding accordingly. Is that possible ? If possible ,how to decide the charset quickly ,without slowing down the server? thanks lanxiazhi
Tomcat6 CentOS runlevel startup issue
Hi list, I'm running an fresh tomcat 6.0.20 from tomcat.apache.org under /opt/tomcat. Currently, I'm firing up tomcat with the supplied [startup|shutdown].sh scripts manually. Now, tomcat shall start automatically. For this purpose I created a small script under /etc/init.d/tomcat5: #!/bin/bash # # tomcat5 This shell script takes care of starting and stopping #Tomcat # function start() { echo -n Starting ${TOMCAT_PROG}: /opt/tomcat/bin/startup.sh return $? } function stop() { echo -n Stopping $TOMCAT_PROG: /opt/tomcat/bin/shutdown.sh } # See how we were called. case $1 in start) start ;; stop) stop ;; restart) stop sleep 2 start ;; *) echo Usage: $TOMCAT_PROG {start|stop|restart} exit 1 esac Symlink'd it to [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc3.d/S99tomcat5 [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc3.d/K99tomcat5 [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc6.d/K99tomcat5 My script runs with service tomcat5 [start|stop] perfectly. However, after a reboot tomcat is not reachable through HTTP. Here is the machine state after a reboot: [r...@int01 ~]# lsof -i:8080 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME java2139 root 34u IPv6 6215 TCP *:webcache (LISTEN) (I should considering not to run tomcat under root) [r...@int01 ~]# ps waux | grep 2139 root 2139 1.0 4.5 222744 46860 ?Sl 10:11 0:05 /usr/bin/java -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dappserver.home=/opt/tomcat -Dappserver.base=/opt/tomcat -Djava.endorsed.dirs=/opt/tomcat/endorsed -classpath :/opt/tomcat/bin/bootstrap.jar -Dcatalina.base=/opt/tomcat -Dcatalina.home=/opt/tomcat -Djava.io.tmpdir=/opt/tomcat/temp org.apache.catalina.startup.Bootstrap start [r...@int01 ~]# service tomcat5 stop Stopping : Using CATALINA_BASE: /opt/tomcat Using CATALINA_HOME: /opt/tomcat Using CATALINA_TMPDIR: /opt/tomcat/temp Using JRE_HOME: /usr Jul 22, 2009 10:20:14 AM org.apache.catalina.startup.Catalina stopServer SEVERE: Catalina.stop: java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333) at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366) at java.net.Socket.connect(Socket.java:519) at java.net.Socket.connect(Socket.java:469) at java.net.Socket.init(Socket.java:366) at java.net.Socket.init(Socket.java:180) at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:422) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:337) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:415) [r...@int01 ~]# java -version java version 1.6.0_06 Java(TM) SE Runtime Environment (build 1.6.0_06-b02) Java HotSpot(TM) Client VM (build 10.0-b22, mixed mode, sharing) After a kill -9 pid and a service tomcat5 start tomcat is running as usual. Something went wrong. Do I need some additional environment variables for tomcat in my script? Or is it something else? Thanks in advance. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Can a Realm communicate with a web application?
On 21/7/09 23:23, Mitch Claborn wrote: I am toying with the idea of writing my own Realm for authentication. Much of the code and structures that I need are already present in the web application. Is there any way for the Realm to access Java objects from the web application? They don't appear to share the same class loader. As an alternative is there a mechanism for providing the functionality of a Realm, but within the web application structure? You can define the Realm in your context.xml, (which of course you'll be configuring in the META-INF dir of your web-app, hint hint). I think this will load classes from your web-app classloader. N.B. Check out the localDataSource attribute, if you're also using a web-app specific DataSource. http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#DataSourceRealm p Mitch - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
On 22/7/09 04:37, Varuna Seneviratna wrote: Please read the whole story behind and reply without bulling.I am trying to figure out what is the cause for not being able to install Tomcat as a service when JRun can be .My guess was is Kaspersky blocking Tomcat setup since Kaspersky prompted for user's approval after clicking Retry several times, that too was only for a single step as depicted in the installation progress bar.I stopped Kaspersky and tried to install But that too was failed. Thanks for your Help! Are multiple explanation marks in the README.please-don't? p Varuna 2009/7/22 André Warniera...@ice-sa.com Varuna Seneviratna wrote: ... Can it be because of Kaspersky setting that I am unable to install Tomcat service? Let me paraphrase this : During the Tomcat installation, I repeatedly hit my head to the desk. Can this be the reason that I have a headache ? Come on, as they say in Minnesota... :-) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Wrong SessionID
Hi Uwe I've seen something very similar when a SAP server was incorrectly configured to produce a JSESSIONID cookie that was global to the organisation, rather than scoped to the server that produced it. The (J2EE13679500) and End parts of the session ID look suspiciously like what I saw. The only fix was to correctly configure the offending server - there is nothing Tomcat can do. When a browser has two cookies with the same name in scope, the outcome is indeterminate. We found that the wider scoped cookie took precedence. I've often thought the name of the JSESSIONID cookie should be configurable, but to my knowledge it is hard-coded. If this is the problem, then it is your client's problem (unless you are seeing it from inside your intranet). Regards Ron - Original Message - From: Poehner, Uwe uwe.poeh...@siemens.com To: users@tomcat.apache.org Sent: Wednesday, July 22, 2009 3:26 AM Subject: Wrong SessionID Hello, our tomcat servers seem to produce very sporadically a wrong JsessionID - instead of 58EB1F9C39278DBB72528A13EF026EFB.bsp01 we get (J2EE13679500)ID0574993050DB11991779031281660559End (without a dot-jvmroute) so we lose stickyness and our session. Our environment (Hardware Loadbalancer - 2 Apache Servers - 2 Tomcat Servers): Solaris 10 8/07 Apache/2.2.6 with mod_proxy_ajp, mod_proxy_balancer, ... Tomcat 5.5.23 with JDK 1.5.0_12-b04 Does anybody have an idea? Thanks and Regards Uwe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
Are multiple explanation marks in the README.please-don't? I don't understand can you please explain Varuna 2009/7/22 Pid p...@pidster.com On 22/7/09 04:37, Varuna Seneviratna wrote: Please read the whole story behind and reply without bulling.I am trying to figure out what is the cause for not being able to install Tomcat as a service when JRun can be .My guess was is Kaspersky blocking Tomcat setup since Kaspersky prompted for user's approval after clicking Retry several times, that too was only for a single step as depicted in the installation progress bar.I stopped Kaspersky and tried to install But that too was failed. Thanks for your Help! Are multiple explanation marks in the README.please-don't? p Varuna 2009/7/22 André Warniera...@ice-sa.com Varuna Seneviratna wrote: ... Can it be because of Kaspersky setting that I am unable to install Tomcat service? Let me paraphrase this : During the Tomcat installation, I repeatedly hit my head to the desk. Can this be the reason that I have a headache ? Come on, as they say in Minnesota... :-) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Kind Regards Varuna Varuna Seneviratna No 514 Udumulla Road Battaramulla Sri Lanka Tel : 011-2888620 Mobile:0715617141
Re: Configuring worker MPM for Tomcat
MPM multi processing modules are features of apache webserver not of Apache-Tomcat. There are differnent MPM modules default Prefork in Linux/unix, but for more simultaneous connectionsyou need to recompile apache webserver with Worker MPM its not a feature of Tomcat . On Tue, Jul 21, 2009 at 3:15 PM, Anand Kumar Prabhakar anand2...@gmail.comwrote: I'm trying to configure worker MPM for the first time. So i need the steps to configure them. Can't we implement worker MPM in tomcat server? -- View this message in context: http://www.nabble.com/Configuring-worker-MPM-for-Tomcat-tp24582105p24584637.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Application Period for Travel Assistance to ApacheCon US 2009 Opens Soon
The Travel Assistance Committee is taking in applications for those wanting to attend ApacheCon US 2009 (Oakland) which takes place between the 2nd and 6th November 2009. The Travel Assistance Committee is looking for people who would like to be able to attend ApacheCon US 2009 who may need some financial support in order to get there. There are limited places available, and all applications will be scored on their individual merit. Applications are open to all open source developers who feel that their attendance would benefit themselves, their project(s), the ASF and open source in general. Financial assistance is available for flights, accommodation, subsistence and Conference fees either in full or in part, depending on circumstances. It is intended that all our ApacheCon events are covered, so it may be prudent for those in Europe and/or Asia to wait until an event closer to them comes up - you are all welcome to apply for ApacheCon US of course, but there should be compelling reasons for you to attend an event further away that your home location for your application to be considered above those closer to the event location. More information can be found on the main Apache website at http://www.apache.org/travel/index.html - where you will also find a link to the online application and details for submitting. Applications for applying for travel assistance will open on 27th July 2009 and close of the 17th August 2009. Good luck to all those that will apply. Regards, The Travel Assistance Committee - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat process not closing from operating system level
Hi The problem is that when tomcat starts this process exists but after shutting down the tomcat still this process is existing at operating system level and in this way after many times tomcat startup and shutdown many processes as same below showing and due to that JDBC sessions from Oracle database level is not closing. Manually when we use to kill those sessions, immediately JDBC sessions closed. tomcat 24453 1 2 16:11 pts/400:00:23 /opt/java1.5/jdk1.5.0_10/bin/java -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/opt/jakarta-tomcat-5.5.9/common/endorsed -classpath :/opt/jakarta-tomcat-5.5.9/bin/bootstrap.jar:/opt/jakarta-tomcat-5.5.9/b in/commons-logging-api.jar -Dcatalina.base=/opt/jakarta-tomcat-5.5.9 -Dcatalina.home=/opt/jakarta-tomcat-5.5.9 -Djava.io.tmpdir=/opt/jakarta-tomcat-5.5.9/temp org.apache.catalina.startup.Bootstrap start tomcat 24454 1 0 16:11 pts/400:00:00 /usr/local/sbin/cronolog /opt/jakarta-tomcat-5.5.9/logs/catalina.out.%Y-%m-%d Operating System --- RHEL 4 Default web server with OS --- jakarta-tomcat-5.5.9 Default Java--- JAVA 1.5 Database--- Oracle 10.2.0.4.0 Regards Santosh ** This message and any attachments are solely for the intended recipient and may contain Birlasoft confidential or privileged information. If you are not the intended recipient,any disclosure,copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail(administra...@birlasoft.com) immediately and permanently delete this message and any attachments. Thank you. **
Editing startup.sh - help
I am trying to add the following option for tomcat startup in startup.sh file JAVA_OPTS=$JAVA_OPTS: -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false It's added at line # 36 of startup.sh and then i run the tomcat from terminal by issuing ./startup.sh command. and it gives me error -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false Command not found The same thing i did in startup.bat under windows environment and it worked fine. Is there any other way to edit startup.sh file? or what i am doing wrong? Thanks ..alee http://techboard.wordpress.com
some processes are not closing from operating system level even after shutting down the tomcat.
Hi tomcat 24453 1 2 16:11 pts/400:00:23 /opt/java1.5/jdk1.5.0_10/bin/java -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/opt/jakarta-tomcat-5.5.9/common/endorsed -classpath :/opt/jakarta-tomcat-5.5.9/bin/bootstrap.jar:/opt/jakarta-tomcat-5.5.9/b in/commons-logging-api.jar -Dcatalina.base=/opt/jakarta-tomcat-5.5.9 -Dcatalina.home=/opt/jakarta-tomcat-5.5.9 -Djava.io.tmpdir=/opt/jakarta-tomcat-5.5.9/temp org.apache.catalina.startup.Bootstrap start tomcat 24454 1 0 16:11 pts/400:00:00 /usr/local/sbin/cronolog /opt/jakarta-tomcat-5.5.9/logs/catalina.out.%Y-%m-%d Above 2 processes are not closing from operating system level even after shutting down the tomcat. Operating System --- RHEL 4 Default web server with OS --- jakarta-tomcat-5.5.9 Default Java --- JAVA 1.5 Database --- Oracle 10.2.0.4.0 Regards Santosh ** This message and any attachments are solely for the intended recipient and may contain Birlasoft confidential or privileged information. If you are not the intended recipient,any disclosure,copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail(administra...@birlasoft.com) immediately and permanently delete this message and any attachments. Thank you. **
RE: Configuring worker MPM for Tomcat
if your long range goal is to use a performant multi-thread based configuration with the proviso that once set on the path you need to ensure all of Apache modules and binaries use multi-threaded libraries assuming you have apache-2.2.11 the --with-mpm=worker will deliver the worker based apache binaries you seek ./configure --enable-mods-shared=all --prefix=$HOME/webapps/(Application Name)/apache2 --with-mpm=worker make make install a good tutorial is located here http://forum.webfaction.com/viewtopic.php?id=1113 Martin Gainty __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Date: Wed, 22 Jul 2009 15:41:10 +0530 Subject: Re: Configuring worker MPM for Tomcat From: kkchn...@gmail.com To: users@tomcat.apache.org MPM multi processing modules are features of apache webserver not of Apache-Tomcat. There are differnent MPM modules default Prefork in Linux/unix, but for more simultaneous connectionsyou need to recompile apache webserver with Worker MPM its not a feature of Tomcat . On Tue, Jul 21, 2009 at 3:15 PM, Anand Kumar Prabhakar anand2...@gmail.comwrote: I'm trying to configure worker MPM for the first time. So i need the steps to configure them. Can't we implement worker MPM in tomcat server? -- View this message in context: http://www.nabble.com/Configuring-worker-MPM-for-Tomcat-tp24582105p24584637.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org _ Windows Live™ SkyDrive™: Store, access, and share your photos. See how. http://windowslive.com/Online/SkyDrive?ocid=TXT_TAGLM_WL_CS_SD_photos_072009
Re: some processes are not closing from operating system level even after shutting down the tomcat.
The default answer is to check your webapps for non-daemon threads not properly closed by the webapp. Some webapp has created it's own non-daemon threads without a ServletContextListener to close them down. Let ups know if that's not the case. --David santosh.si...@birlasoft.com wrote: Hi tomcat 24453 1 2 16:11 pts/400:00:23 /opt/java1.5/jdk1.5.0_10/bin/java -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/opt/jakarta-tomcat-5.5.9/common/endorsed -classpath :/opt/jakarta-tomcat-5.5.9/bin/bootstrap.jar:/opt/jakarta-tomcat-5.5.9/b in/commons-logging-api.jar -Dcatalina.base=/opt/jakarta-tomcat-5.5.9 -Dcatalina.home=/opt/jakarta-tomcat-5.5.9 -Djava.io.tmpdir=/opt/jakarta-tomcat-5.5.9/temp org.apache.catalina.startup.Bootstrap start tomcat 24454 1 0 16:11 pts/400:00:00 /usr/local/sbin/cronolog /opt/jakarta-tomcat-5.5.9/logs/catalina.out.%Y-%m-%d Above 2 processes are not closing from operating system level even after shutting down the tomcat. Operating System --- RHEL 4 Default web server with OS --- jakarta-tomcat-5.5.9 Default Java --- JAVA 1.5 Database --- Oracle 10.2.0.4.0 Regards Santosh - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
Varuna, I am not trying to bully you or anything of the kind. I have been watching this thread as a spectator, and I was just trying to convey to you the following : There are people here trying to help you, for free. To be able to do that, they need, at least : - that you provide all relevant information - that when they ask a question, you answer the question This anti-virus thing was valuable information, and it may be at the bottom of your problems. But it took about 10 posts before you mentioned these messages, thus leading several would-be helpers into probably bad directions. Similarly, it looks a bit like every item of information has to be pulled out of you bit by bit. In other words, much of your pain looks self-inflicted. That was the sense of my comment. Which, I admit, was made in a rather sarcastic way, for which I apologise if it shocked you. Now, to redeem myself, here are my suggestions : - turn off any anti-virus or similar software that might be running - de-install whatever Tomcat software you have installed, using the installer/deinstaller package - verify that you do not have any remainders anywhere of these installations (in the Windows Services display, in the disk directory where you installed Tomcat, and in the Start.. Settings.. System ..Software dialog). When everything is clean : - download the zip version of Tomcat for Windows, from the Tomcat website. - unzip it in a directory. I suggest a sensible directory name, without spaces in the name, like c:\tomcat6. This is now your CATALINA_HOME directory (and also, by default, your CATALINA_BASE directory). Remember this, it is important. - in the directory CATALINA_HOME/bin, you will then find a script called startup.bat. Open a command window, navigate to that directory, and run that script. This should start Tomcat, interactively, in that command window. This is only to verify that nothing else is wrong on your system to run Tomcat (like available ports, etc..). - you should now be able to access Tomcat with a browser, at http://localhost:8080; - to stop Tomcat, type CTRL-C in the command window. Once you have done the above, then you can try to install Tomcat as a service. For that, run the script CATALINA_HOME/bin/service.bat install (you can also edit this script, to see what it is doing) When you have run this script, you will have essentially done the same as what the exe installer package for Tomcat is doing. But you will have much more control and understanding of what is going on, and where things may get stuck. You should now be able to start and stop Tomcat using the commands net start tomcat6 net stop tomcat6 (the name tomcat6 above to be replaced by the correct Windows Service name for Tomcat) or by using My Computer..Manage..Services and Applications) If you want, you can then remove the Tomcat service again, by running service.bat remove, and try again to install the whole thing from the exe installer version. Additional information, harder to find in the on-line documentation : - the tomcat6.exe program that comes with the Windows version of Tomcat, is a Windows Service wrapper for Tomcat. It is there because the JVM, on its own, does not handle very well the requirements of Windows Services. So, when later you run Tomcat, you are really running tomcat6.exe, which in turn starts the JVM, which in turn runs Tomcat. This tomcat6.exe wrapper, in order to know which JVM to use with which parameters, takes these parameters from the Windows Registry. How do they get there ? that is the next section. - There is another program in the CATALINA_HOME/bin directory, named tomcat6w.exe (the same name as before, with a w at the end). The tomcat6w.exe is a GUI setup program, whose role is to set up the appropriate parameters in the Windows Registry, so that tomcat6.exe can later find them. You can run tomcat6w.exe by clicking on it, and you will get a window that shows you how to proceed. Basically, the service.bat script, invokes this tomcat6w.exe in command-line mode, and tells it what to do. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Editing startup.sh - help
Probably there needed to be a \ line continuation above the line you added. Additionally I believe this stuff should find it's way into a separate setenv.sh file instead of editing startup.sh. --David alee amin wrote: I am trying to add the following option for tomcat startup in startup.sh file JAVA_OPTS=$JAVA_OPTS: -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false It's added at line # 36 of startup.sh and then i run the tomcat from terminal by issuing ./startup.sh command. and it gives me error -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false Command not found The same thing i did in startup.bat under windows environment and it worked fine. Is there any other way to edit startup.sh file? or what i am doing wrong? Thanks ..alee http://techboard.wordpress.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: implement dynamic filter
From: lanxiazhi [mailto:lanxia...@gmail.com] Subject: implement dynamic filter I have a web app in tomcat ,where exists some .jsp,.vm files, these files are saved using different encoding(I think). Why don't you simply fix the encoding the files are stored in? Use UTF-8 to avoid never-ending problems. Your idea of using a filter at run-time to correct sloppy deployments is akin to the kludges in Internet Explorer - a continual source of trouble. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
Re: Tomcat6 CentOS runlevel startup issue
You need to add lines like this to the init script. http://www.linuxjournal.com/article/4445 # chkconfig: 345 80 20 # description: Tomcat 6.0 so it knows to start on reboot. You also may want to use jsvc to start and stop tomcat instead of [startup|shutdown].sh http://tomcat.apache.org/tomcat-6.0-doc/setup.html this allows you to run tomcat as another user. Example scripts are included in TOMCAT_HOME/bin/jsvc.tar.gz mas Peter Lokus wrote: Hi list, I'm running an fresh tomcat 6.0.20 from tomcat.apache.org under /opt/tomcat. Currently, I'm firing up tomcat with the supplied [startup|shutdown].sh scripts manually. Now, tomcat shall start automatically. For this purpose I created a small script under /etc/init.d/tomcat5: #!/bin/bash # # tomcat5 This shell script takes care of starting and stopping #Tomcat # function start() { echo -n Starting ${TOMCAT_PROG}: /opt/tomcat/bin/startup.sh return $? } function stop() { echo -n Stopping $TOMCAT_PROG: /opt/tomcat/bin/shutdown.sh } # See how we were called. case $1 in start) start ;; stop) stop ;; restart) stop sleep 2 start ;; *) echo Usage: $TOMCAT_PROG {start|stop|restart} exit 1 esac Symlink'd it to [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc3.d/S99tomcat5 [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc3.d/K99tomcat5 [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc6.d/K99tomcat5 My script runs with service tomcat5 [start|stop] perfectly. However, after a reboot tomcat is not reachable through HTTP. Here is the machine state after a reboot: [r...@int01 ~]# lsof -i:8080 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME java2139 root 34u IPv6 6215 TCP *:webcache (LISTEN) (I should considering not to run tomcat under root) [r...@int01 ~]# ps waux | grep 2139 root 2139 1.0 4.5 222744 46860 ?Sl 10:11 0:05 /usr/bin/java -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dappserver.home=/opt/tomcat -Dappserver.base=/opt/tomcat -Djava.endorsed.dirs=/opt/tomcat/endorsed -classpath :/opt/tomcat/bin/bootstrap.jar -Dcatalina.base=/opt/tomcat -Dcatalina.home=/opt/tomcat -Djava.io.tmpdir=/opt/tomcat/temp org.apache.catalina.startup.Bootstrap start [r...@int01 ~]# service tomcat5 stop Stopping : Using CATALINA_BASE: /opt/tomcat Using CATALINA_HOME: /opt/tomcat Using CATALINA_TMPDIR: /opt/tomcat/temp Using JRE_HOME: /usr Jul 22, 2009 10:20:14 AM org.apache.catalina.startup.Catalina stopServer SEVERE: Catalina.stop: java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333) at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366) at java.net.Socket.connect(Socket.java:519) at java.net.Socket.connect(Socket.java:469) at java.net.Socket.init(Socket.java:366) at java.net.Socket.init(Socket.java:180) at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:422) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:337) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:415) [r...@int01 ~]# java -version java version 1.6.0_06 Java(TM) SE Runtime Environment (build 1.6.0_06-b02) Java HotSpot(TM) Client VM (build 10.0-b22, mixed mode, sharing) After a kill -9 pid and a service tomcat5 start tomcat is running as usual. Something went wrong. Do I need some additional environment variables for tomcat in my script? Or is it something else? Thanks in advance. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Mark Shifman MD. Ph.D. Yale Center for Medical Informatics Phone (203)737-5219 mark.shif...@yale.edu - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat6 CentOS runlevel startup issue
My first thought is it's starting too early but that doesn't make a lot of sense when it's symlinked to S99tomcat5, making it one of the last services to start. What's in tomcat's logs/catalina.out from the attempted start? --David Peter Lokus wrote: Hi list, I'm running an fresh tomcat 6.0.20 from tomcat.apache.org under /opt/tomcat. Currently, I'm firing up tomcat with the supplied [startup|shutdown].sh scripts manually. Now, tomcat shall start automatically. For this purpose I created a small script under /etc/init.d/tomcat5: #!/bin/bash # # tomcat5 This shell script takes care of starting and stopping #Tomcat # function start() { echo -n Starting ${TOMCAT_PROG}: /opt/tomcat/bin/startup.sh return $? } function stop() { echo -n Stopping $TOMCAT_PROG: /opt/tomcat/bin/shutdown.sh } # See how we were called. case $1 in start) start ;; stop) stop ;; restart) stop sleep 2 start ;; *) echo Usage: $TOMCAT_PROG {start|stop|restart} exit 1 esac Symlink'd it to [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc3.d/S99tomcat5 [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc3.d/K99tomcat5 [r...@int01 init.d]# ln -s /etc/init.d/tomcat5 /etc/rc6.d/K99tomcat5 My script runs with service tomcat5 [start|stop] perfectly. However, after a reboot tomcat is not reachable through HTTP. Here is the machine state after a reboot: [r...@int01 ~]# lsof -i:8080 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME java2139 root 34u IPv6 6215 TCP *:webcache (LISTEN) (I should considering not to run tomcat under root) [r...@int01 ~]# ps waux | grep 2139 root 2139 1.0 4.5 222744 46860 ?Sl 10:11 0:05 /usr/bin/java -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dappserver.home=/opt/tomcat -Dappserver.base=/opt/tomcat -Djava.endorsed.dirs=/opt/tomcat/endorsed -classpath :/opt/tomcat/bin/bootstrap.jar -Dcatalina.base=/opt/tomcat -Dcatalina.home=/opt/tomcat -Djava.io.tmpdir=/opt/tomcat/temp org.apache.catalina.startup.Bootstrap start [r...@int01 ~]# service tomcat5 stop Stopping : Using CATALINA_BASE: /opt/tomcat Using CATALINA_HOME: /opt/tomcat Using CATALINA_TMPDIR: /opt/tomcat/temp Using JRE_HOME: /usr Jul 22, 2009 10:20:14 AM org.apache.catalina.startup.Catalina stopServer SEVERE: Catalina.stop: java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333) at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366) at java.net.Socket.connect(Socket.java:519) at java.net.Socket.connect(Socket.java:469) at java.net.Socket.init(Socket.java:366) at java.net.Socket.init(Socket.java:180) at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:422) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:337) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:415) [r...@int01 ~]# java -version java version 1.6.0_06 Java(TM) SE Runtime Environment (build 1.6.0_06-b02) Java HotSpot(TM) Client VM (build 10.0-b22, mixed mode, sharing) After a kill -9 pid and a service tomcat5 start tomcat is running as usual. Something went wrong. Do I need some additional environment variables for tomcat in my script? Or is it something else? Thanks in advance. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: XSS vulnerability in Tomcat Host Header
pankaj jairath wrote: Hello, I am using Tomcat 6.0.18 and have hit XSS issue, where in tweaked Host header containing XSS is processed by the server. I suppose some validation check should be done on the Host value to prevent such an attack. Appreciate any inputs are to whether this issue has been fixed ?. You'll need to provide more details. Nothing stands out from the security pages. Please provide step by step instructions to reproduce from a clean Tomcat installation. Please also note that potential security vulnerabilities should be reported privately (see http://tomcat.apache.org/security.html), rather than to a public list. Since you have posted to a public list, there is no point continuing in private. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
André Warnier wrote: ... Now, to redeem myself, here are my suggestions : - turn off any anti-virus or similar software that might be running - de-install whatever Tomcat software you have installed, using the installer/deinstaller package - verify that you do not have any remainders anywhere of these installations (in the Windows Services display, in the disk directory where you installed Tomcat, and in the Start.. Settings.. System ..Software dialog). When everything is clean : - download the zip version of Tomcat for Windows, from the Tomcat website. - unzip it in a directory. I suggest a sensible directory name, without spaces in the name, like c:\tomcat6. This is now your CATALINA_HOME directory (and also, by default, your CATALINA_BASE directory). Remember this, it is important. - in the directory CATALINA_HOME/bin, you will then find a script called startup.bat. Open a command window, navigate to that directory, and run that script. This should start Tomcat, interactively, in that command window. This is only to verify that nothing else is wrong on your system to run Tomcat (like available ports, etc..). - you should now be able to access Tomcat with a browser, at http://localhost:8080; - to stop Tomcat, type CTRL-C in the command window. Once you have done the above, then you can try to install Tomcat as a service. For that, run the script CATALINA_HOME/bin/service.bat install (you can also edit this script, to see what it is doing) When you have run this script, you will have essentially done the same as what the exe installer package for Tomcat is doing. But you will have much more control and understanding of what is going on, and where things may get stuck. You should now be able to start and stop Tomcat using the commands net start tomcat6 net stop tomcat6 (the name tomcat6 above to be replaced by the correct Windows Service name for Tomcat) or by using My Computer..Manage..Services and Applications) If you want, you can then remove the Tomcat service again, by running service.bat remove, and try again to install the whole thing from the exe installer version. Additional information, harder to find in the on-line documentation : - the tomcat6.exe program that comes with the Windows version of Tomcat, is a Windows Service wrapper for Tomcat. It is there because the JVM, on its own, does not handle very well the requirements of Windows Services. So, when later you run Tomcat, you are really running tomcat6.exe, which in turn starts the JVM, which in turn runs Tomcat. This tomcat6.exe wrapper, in order to know which JVM to use with which parameters, takes these parameters from the Windows Registry. How do they get there ? that is the next section. - There is another program in the CATALINA_HOME/bin directory, named tomcat6w.exe (the same name as before, with a w at the end). The tomcat6w.exe is a GUI setup program, whose role is to set up the appropriate parameters in the Windows Registry, so that tomcat6.exe can later find them. You can run tomcat6w.exe by clicking on it, and you will get a window that shows you how to proceed. Basically, the service.bat script, invokes this tomcat6w.exe in command-line mode, and tells it what to do. And that, friends, is the best quick start summary for setting up tomcat I've ever seen. It took me weeks to put together in my mind all the pieces that Andre' just presented to you on a platter!! How about putting it into the docs or some other very visible location... D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: implement dynamic filter
lanxiazhi wrote: hello, I have a web app in tomcat ,where exists some .jsp,.vm files, these files are saved using different encoding(I think).when requested,some of them display urgly,garbled. so I think maybe I can implement such a filter:first read the content of the file,and* *decide which charset it's saved,and set the ServletResponse's character encoding accordingly. Is that possible ? If possible ,how to decide the charset quickly ,without slowing down the server? thanks lanxiazhi Answering your last question first : that is close to impossible. It is not even the question of slowing down the server, it is really that detecting the charset is not possible in a number of cases. Very shortly : - it is is usually possible to detect if a given file is valid UTF-8 or not. - but it is not possible to decide if a file encoded in an 8-bit alphabet (such as iso-8859-1) is iso-8859-1 or iso-8859-2 or any other 8-bit character set (because they all use bytes with a value between \x00 and \xFF, so how can you decide ?). Given this, your best bet is to correct the problem at the source : Any text file, in any original encoding, can be converted to UTF-8/Unicode. So clean up the original files, and always send them back as UTF-8. All reasonably recent browsers support that. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: XSS vulnerability in Tomcat Host Header
On Wed, Jul 22, 2009 at 2:37 PM, Mark Thomasma...@apache.org wrote: You'll need to provide more details. Nothing stands out from the security pages. Please provide step by step instructions to reproduce from a clean Tomcat installation. Please also note that potential security vulnerabilities should be reported privately (see http://tomcat.apache.org/security.html), rather than to a public list. Since you have posted to a public list, there is no point continuing in private. I don't think the host is used in HTML generated by Tomcat. OTOH, like the other strings returned by the API, ServletRequest.getServerName is not XSS filtered. Rémy - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Editing startup.sh - help
I agree with what David writes below, and in addition 1. There should be no : after $JAVA_OPTS. It is not a classpath. 2. The preferred way is create a setenv.sh file, either in $CATALINA_BASE\bin or in $CATALINA_HOME\bin 3. For setting these properties there is an easier way: add the following line org.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false to the catalina.properties file Best regards, Konstantin Kolinko 2009/7/22 David Smith d...@cornell.edu: Probably there needed to be a \ line continuation above the line you added. Additionally I believe this stuff should find it's way into a separate setenv.sh file instead of editing startup.sh. --David alee amin wrote: I am trying to add the following option for tomcat startup in startup.sh file JAVA_OPTS=$JAVA_OPTS: -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false It's added at line # 36 of startup.sh and then i run the tomcat from terminal by issuing ./startup.sh command. and it gives me error -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false Command not found The same thing i did in startup.bat under windows environment and it worked fine. Is there any other way to edit startup.sh file? or what i am doing wrong? Thanks ..alee http://techboard.wordpress.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Editing startup.sh - help
thanks guys. it worked like charm :) ..alee http://techboard.wordpress.com On Wed, Jul 22, 2009 at 6:53 PM, Konstantin Kolinko knst.koli...@gmail.comwrote: org.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false
Application Context (and/or) SERVICE element load orders when starting Tomcat 5/6.
Hi I have two application contexts, /RAM and /UO. OU needs to have RAM running before it can do anything as I have startup code (Fired during init of my servlet) in UO that needs to access RAM. The problem I have is that when I do startup the Tomcat container, the minute my 'init code' get's executed in UO, it locks the whole container mainly because it's using HTTP calls to RAM to access it's information (which hasn't started up yet). Classic (as I see it) chicken and the egg scenario, UO can't start because RAM isn't started and the whole container is locking HTTP connections because all the app contexts aren't started. Is there any way that I can have these two application contexts exist peacefully without causing this condition? Can I force the load order of app contexts (though using multiple service setups in the server.xml? Or am I looking at having (and due to business reasons this is 'almost' not a solution) two installations of tomcat each managing one of the apps. Note: I have tried the following. 1. Ping servlet in UO that pings RAM And sleeps for X seconds until RAM is running. After 5 tries and 2 mintues (10x more than RAM needs in a normal situation to start) I call destroy on the servlet and kill the startup process. Running on the same container / servlet actually causes the LOCK on the very first HTTP ping to RAM and a subsequent stopping of Tomcat load altogether (system.exit call) 2. Two Service configuration elements in the server.xml each managing it's own resources. This option worked better as UO would ping / sleep successfully for its' configured iterations, but RAM would never be started until UO was finished it's tries. If I left the 'die' code in UO then of course nothing loaded (as mentioned abovein point #1), but if I took out the die code, RAM loaded AFTER UO no problem. I would LOVE UO to be last if possible. It seems I can never get RAM to load before UO. (or at least let it keep loading while UO sleeps on it's ping requests. Thanks. -- View this message in context: http://www.nabble.com/Application-Context-%28and-or%29-%3CSERVICE%3E-element-load-orders-when-starting-Tomcat-5-6.-tp24606540p24606540.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Wrong SessionID
Ron McNulty wrote: The only fix was to correctly configure the offending server - there is nothing Tomcat can do. When a browser has two cookies with the same name in scope, the outcome is indeterminate. We found that the wider scoped cookie took precedence. I've often thought the name of the JSESSIONID cookie should be configurable, but to my knowledge it is hard-coded. As of 6.0.19 it is configurable. http://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
David kerber wrote: And that, friends, is the best quick start summary for setting up tomcat I've ever seen. It took me weeks to put together in my mind all the pieces that Andre' just presented to you on a platter!! How about putting it into the docs or some other very visible location... Patches to the docs are always welcome. There is also the wiki that anyone can edit. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: XSS vulnerability in Tomcat Host Header
2009/7/22 Rémy Maucherat remy.mauche...@gmail.com: On Wed, Jul 22, 2009 at 2:37 PM, Mark Thomasma...@apache.org wrote: You'll need to provide more details. Nothing stands out from the security pages. Please provide step by step instructions to reproduce from a clean Tomcat installation. Please also note that potential security vulnerabilities should be reported privately (see http://tomcat.apache.org/security.html), rather than to a public list. Since you have posted to a public list, there is no point continuing in private. I don't think the host is used in HTML generated by Tomcat. OTOH, like the other strings returned by the API, ServletRequest.getServerName is not XSS filtered. At least, if there are concerns about that, there is a workaround: you can specify proxyName attribute on a Connector element in server.xml In that case the one that is in request will be ignored. Documentation is here: http://tomcat.apache.org/tomcat-6.0-doc/config/http.html http://tomcat.apache.org/tomcat-6.0-doc/config/ajp.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Application Context (and/or) SERVICE element load orders when starting Tomcat 5/6.
JeanNiBee wrote: Hi I have two application contexts, /RAM and /UO. Context initialization is serial. If you try starting in the wrong order you will be out of luck. Tomcat won't start serving requests until all the contexts have started. You can't control the order the apps start in. It will be arbitrary. You could try the following: Add a filter to OU that is mapped to /*. It checks for RAM, it RAM isn't running the requests are blocked. Once RAM is running it lets requests through and then your Servlet inits. You could write your filter such that once it detects RAM is running, it doesn't check RAM again. Mark OU needs to have RAM running before it can do anything as I have startup code (Fired during init of my servlet) in UO that needs to access RAM. The problem I have is that when I do startup the Tomcat container, the minute my 'init code' get's executed in UO, it locks the whole container mainly because it's using HTTP calls to RAM to access it's information (which hasn't started up yet). Classic (as I see it) chicken and the egg scenario, UO can't start because RAM isn't started and the whole container is locking HTTP connections because all the app contexts aren't started. Is there any way that I can have these two application contexts exist peacefully without causing this condition? Can I force the load order of app contexts (though using multiple service setups in the server.xml? Or am I looking at having (and due to business reasons this is 'almost' not a solution) two installations of tomcat each managing one of the apps. Note: I have tried the following. 1. Ping servlet in UO that pings RAM And sleeps for X seconds until RAM is running. After 5 tries and 2 mintues (10x more than RAM needs in a normal situation to start) I call destroy on the servlet and kill the startup process. Running on the same container / servlet actually causes the LOCK on the very first HTTP ping to RAM and a subsequent stopping of Tomcat load altogether (system.exit call) 2. Two Service configuration elements in the server.xml each managing it's own resources. This option worked better as UO would ping / sleep successfully for its' configured iterations, but RAM would never be started until UO was finished it's tries. If I left the 'die' code in UO then of course nothing loaded (as mentioned abovein point #1), but if I took out the die code, RAM loaded AFTER UO no problem. I would LOVE UO to be last if possible. It seems I can never get RAM to load before UO. (or at least let it keep loading while UO sleeps on it's ping requests. Thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Wrong SessionID
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ron, On 7/22/2009 5:09 AM, Ron McNulty wrote: The only fix was to correctly configure the offending server - there is nothing Tomcat can do. When a browser has two cookies with the same name in scope, the outcome is indeterminate. We found that the wider scoped cookie took precedence. I've often thought the name of the JSESSIONID cookie should be configurable, but to my knowledge it is hard-coded. As Mark points out, this is configurable in 6.0.19. When multiple JSESSIONID cookies exist, Tomcat will try them, one at a time, until it finds one that matches a valid session in the container, so multiple JSESSIONID cookies shouldn't be a problem. If you call request.getRequestedSessionId() and it did not produce a valid session, then the session id will appear to be wonky. It would be better to call request.getSession().getId() to be sure you're really using the right session id. Uwe, are you seeing this strange JSESSIONID in the request headers (via an HTTP sniffer) or are you accessing this id through the API? I'm wondering if you are drawing an improper conclusion. You weren't specific about the circumstances so it's tough to diagnose. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpnHbgACgkQ9CaO5/Lv0PCHCgCggHT5n24kbfwJ9hQyWFu577j6 eTMAoKefxgqhEWaLl08+yfvFxZrGXz4p =BsM8 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Application Context (and/or) SERVICE element load orders when starting Tomcat 5/6.
So in effect I'm deferring all interaction w/ RAM to be at request time and not startup time correct? I guess I could even take it one step further (and easier to implement I think) where I build some static singleton initializer that manages an am I loaded properly flag and if not, loads its data (This is the RAM interaction) otherwise just handle the request normally. It adds an extra check but checking if( ApplicationStatus.IS_LOADED ) isn't such a big deal in the long run. That is unless we're not talking the same thing here. :) markt-2 wrote: JeanNiBee wrote: Hi I have two application contexts, /RAM and /UO. Context initialization is serial. If you try starting in the wrong order you will be out of luck. Tomcat won't start serving requests until all the contexts have started. You can't control the order the apps start in. It will be arbitrary. You could try the following: Add a filter to OU that is mapped to /*. It checks for RAM, it RAM isn't running the requests are blocked. Once RAM is running it lets requests through and then your Servlet inits. You could write your filter such that once it detects RAM is running, it doesn't check RAM again. Mark -- View this message in context: http://www.nabble.com/Application-Context-%28and-or%29-%3CSERVICE%3E-element-load-orders-when-starting-Tomcat-5-6.-tp24606540p24607746.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Monitoring Tomcat
Hello everyone. What would be the best way or a good way to monitor topcat, so i could see when and where any errors are originating from, say if 10 people an hour are getting a certain http error code then I can work out why and enable me to see how much load tomcat is under and how it's performing? I found Lambaprobe but it dosent seem to have been updated in 3 years and im not sure about it supporting tomcat 6. To paraphrase, how do you know when it's time (or nearly time) to upgrade your Tomcat set up (vertical, horizontal, whatever) Thanks for any (much needed) advice... Dori -- View this message in context: http://www.nabble.com/Monitoring-Tomcat-tp24609118p24609118.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Monitoring Tomcat
dori wrote: Hello everyone. What would be the best way or a good way to monitor topcat, so i could see when and where any errors are originating from, say if 10 people an hour are getting a certain http error code then I can work out why and enable me to see how much load tomcat is under and how it's performing? I found Lambaprobe but it dosent seem to have been updated in 3 years and im not sure about it supporting tomcat 6. To paraphrase, how do you know when it's time (or nearly time) to upgrade your Tomcat set up (vertical, horizontal, whatever) Thanks for any (much needed) advice... Dori Tomcat monitoring for the Poor Man... Here's my approach: The Tomcat application generates counter/gauge information about the JVM state as well about business values, possibly using a separate thread. These are written to the database or exported through a servlet which can be queried by HTTP. I then use a homemade script to fetch and preprocess and RRDtool to graph the state of the JVM or the other values of interest. This involves some tedious setup work, but can give results of interest (e.g. I see when it is time to restart Tomcat because of a memory leak etc) - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Wrong SessionID
Hi Ron, thanks a lot! I'm pretty sure that's our problem and I already found some SAP J2EE Application Servers on our intranet with such a JSESSIONID (J2EE...)ID...End and (Cookie) Domain instead of Host configured (still right configured). So I will continue to search for the evil one ... Best Regards Uwe -Ursprüngliche Nachricht- Von: Ron McNulty [mailto:rmcnu...@xtra.co.nz] Gesendet: Mittwoch, 22. Juli 2009 11:09 An: Tomcat Users List Betreff: Re: Wrong SessionID Hi Uwe I've seen something very similar when a SAP server was incorrectly configured to produce a JSESSIONID cookie that was global to the organisation, rather than scoped to the server that produced it. The (J2EE13679500) and End parts of the session ID look suspiciously like what I saw. The only fix was to correctly configure the offending server - there is nothing Tomcat can do. When a browser has two cookies with the same name in scope, the outcome is indeterminate. We found that the wider scoped cookie took precedence. I've often thought the name of the JSESSIONID cookie should be configurable, but to my knowledge it is hard-coded. If this is the problem, then it is your client's problem (unless you are seeing it from inside your intranet). Regards Ron - Original Message - From: Poehner, Uwe uwe.poeh...@siemens.com To: users@tomcat.apache.org Sent: Wednesday, July 22, 2009 3:26 AM Subject: Wrong SessionID Hello, our tomcat servers seem to produce very sporadically a wrong JsessionID - instead of 58EB1F9C39278DBB72528A13EF026EFB.bsp01 we get (J2EE13679500)ID0574993050DB11991779031281660559End (without a dot-jvmroute) so we lose stickyness and our session. Our environment (Hardware Loadbalancer - 2 Apache Servers - 2 Tomcat Servers): Solaris 10 8/07 Apache/2.2.6 with mod_proxy_ajp, mod_proxy_balancer, ... Tomcat 5.5.23 with JDK 1.5.0_12-b04 Does anybody have an idea? Thanks and Regards Uwe - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Monitoring Tomcat
thanks for the reply. Does this also give you information about how many errors users may have received, and posiible the time and load (at the time of) of those errors? dori wrote: Hello everyone. What would be the best way or a good way to monitor topcat, so i could see when and where any errors are originating from, say if 10 people an hour are getting a certain http error code then I can work out why and enable me to see how much load tomcat is under and how it's performing? I found Lambaprobe but it dosent seem to have been updated in 3 years and im not sure about it supporting tomcat 6. To paraphrase, how do you know when it's time (or nearly time) to upgrade your Tomcat set up (vertical, horizontal, whatever) Thanks for any (much needed) advice... Dori -- View this message in context: http://www.nabble.com/Monitoring-Tomcat-tp24609118p24609611.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Monitoring Tomcat
On Wed, Jul 22, 2009 at 8:51 AM, doridorian.cus...@googlemail.com wrote: I found Lambaprobe but it dosent seem to have been updated in 3 years and im not sure about it supporting tomcat 6. It works fine with Tomcat 6.0.x. Try it. -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Monitoring Tomcat
thanks, will do. Hassan Schroeder-2 wrote: On Wed, Jul 22, 2009 at 8:51 AM, doridorian.cus...@googlemail.com wrote: I found Lambaprobe but it dosent seem to have been updated in 3 years and im not sure about it supporting tomcat 6. It works fine with Tomcat 6.0.x. Try it. -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/Monitoring-Tomcat-tp24609118p24609818.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Monitoring Tomcat
dori wrote: thanks for the reply. Does this also give you information about how many errors users may have received, and posiible the time and load (at the time of) of those errors? Hi, If you can identify that an error occurred, yes. For example, if an Exception is thrown, you would catch it at the top servlet, then update a counter value accordingly. This value can then be graphed. The Tomcat load would be the number of servlets currently running, also a graphable gauge etc. But it's all manual work, nothing general. Plus, RRDtool has its nasty quirks and I had to embed it into lots of Perl to automate tasks. If you are interested, I can upload it, but it does not exactly have the smoothness of an RPM installation. Still, the results can be nice: http://public.m-plify.net/examples/RRDTOOL.png I haven't looked at Lambda Probe though. As I am being pushed to JBoss now, this might be a good occasion. Best regards, -- David - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Can a Realm communicate with a web application?
Pid wrote: On 21/7/09 23:23, Mitch Claborn wrote: I am toying with the idea of writing my own Realm for authentication. Much of the code and structures that I need are already present in the web application. Is there any way for the Realm to access Java objects from the web application? They don't appear to share the same class loader. As an alternative is there a mechanism for providing the functionality of a Realm, but within the web application structure? You can define the Realm in your context.xml, (which of course you'll be configuring in the META-INF dir of your web-app, hint hint). I think this will load classes from your web-app classloader. N.B. Check out the localDataSource attribute, if you're also using a web-app specific DataSource. http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#DataSourceRealm p I found that I can define the Realm in the conext.xml in my WEB-INF, but it is not being located - getting java.lang.ClassNotFoundException when the web app deploys/starts. I've triple checked that the class files are there in WEB-INF/classes. I also tried putting in a jar in WEB-INF/ilb. I'm guessing that the Realm is still being loaded in a different class loader. I would guess the Realm is loaded in the common class loader, as defined at http://tomcat.apache.org/tomcat-6.0-doc/class-loader-howto.html. Any other ideas? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Can a Realm communicate with a web application?
From: Mitch Claborn [mailto:mi...@claborn.net] Subject: Re: Can a Realm communicate with a web application? I found that I can define the Realm in the conext.xml in my WEB-INF, The context.xml file (not conext.xml) goes into META-INF, not WEB-INF. Start again. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
Re: Monitoring Tomcat
On Wed, Jul 22, 2009 at 6:15 PM, El Tonnoel.to...@m-plify.net wrote: Tomcat monitoring for the Poor Man... Here's my approach: The Tomcat application generates counter/gauge information about the JVM state as well about business values, possibly using a separate thread. These are written to the database or exported through a servlet which can be queried by HTTP. I then use a homemade script to fetch and preprocess and RRDtool to graph the state of the JVM or the other values of interest. and here's the version for the rich man: http://moskito.anotheria.net/moskitodemo/mui/mskShowAllProducers :-) regards Leon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Can a Realm communicate with a web application?
Caldarale, Charles R wrote: From: Mitch Claborn [mailto:mi...@claborn.net] Subject: Re: Can a Realm communicate with a web application? I found that I can define the Realm in the conext.xml in my WEB-INF, The context.xml file (not conext.xml) goes into META-INF, not WEB-INF. Start again. - Chuck My typos. I have/had context.xml in META-INF. Fingers faster than brain today. mitch - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Trouble setting up virtual host
I am hoping you can help me. I am trying to get a DNS entry that we set up www.websitename.edu (alias websitename.edu) to point to another page on our Crystal Reports Server (Infoview). We are running Tomcat 5.5.20. I was told I need to set up a virtual host, I need to point the DNS entries to the logon.jsp page that is located in the Tomcat55\webapps\InfoViewApp\ directory. When I type in the above website from the server however, I get the default Tomcat home page. So essentially I need to set it up so that the URL to the logon page is redirected to http://websitename.edu/logon.jsp or http://www.websitename.edu/logon.jsp and not the current - http://myserver:/InfoViewApp/logon.jsp. Any suggestions, this is all new to me. THANKS! Server port=8005 shutdown=SHUTDOWN GlobalNamingResources !-- Used by Manager webapp -- Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml / /GlobalNamingResources Service name=Catalina Connector port=80 / Connector URIEncoding=UTF-8 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true enableLookups=false maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150 minSpareThreads=25 port=8080 redirectPort=8443/ !-- This is here for compatibility only, not required -- Connector port=8009 protocol=AJP/1.3 / Engine name=Catalina defaultHost=localhost Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase / Host name=localhost appBase=webapps / /Engine Host name=www.websitename.edu appBase=\webapps\InfoViewApp\logon.jsp unpackWARs=false autoDeploy=true xmlValidation=false xmlNamespaceAware=false Context path= docBase=./ Aliaswebsitename.edu/Alias /Host /Service /Server _ Change is the essence of life. Be willing to surrender what you are, for what you could become. Lisa D. Beggs Information Technology Specialist Business Application Services Phone: 804 828-2098 Fax: 804 828-0322 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html
Re: Monitoring Tomcat
Leon Rosenberg wrote: On Wed, Jul 22, 2009 at 6:15 PM, El Tonnoel.to...@m-plify.net wrote: Tomcat monitoring for the Poor Man... and here's the version for the rich man: http://moskito.anotheria.net/moskitodemo/mui/mskShowAllProducers :-) regards Leon Hah, nice! I got to ask my boss for a sabattical to check that.
Re: Trouble setting up virtual host
On Wed, Jul 22, 2009 at 12:10 PM, Lisa D Beggs/AC/VCUldbe...@vcu.edu wrote: I am hoping you can help me. I am trying to get a DNS entry that we set up www.websitename.edu (alias websitename.edu) to point to another page on our Crystal Reports Server (Infoview). DNS entries associate host (and domain) names with IP addresses. They do not point to pages. When I type in the above website from the server however, I get the default Tomcat home page. So essentially I need to set it up so that the URL to the logon page is redirected to http://websitename.edu/logon.jsp or http://www.websitename.edu/logon.jsp and not the current - http://myserver:/InfoViewApp/logon.jsp. Then you could replace the default home page with one that will forward or redirect requests to / to your own app. ~or~ You can make your own app the default Context by removing the existing ROOT Context and renaming yours to ROOT, and define login.jsp as a welcome page (see the default welcome pages and explanatory note in the global $CATALINA_HOME/conf/web.xml). HTH, -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Trouble setting up virtual host
The default Tomcat page is what I get if I try to enter that on the server hosting Tomcat Crystal Reports Server.so my configuration in the server.xml file must be incorrect. If I try to type in the webpage from another computer it can not find the page. _ Change is the essence of life. Be willing to surrender what you are, for what you could become. Lisa D. Beggs Information Technology Specialist Business Application Services Phone: 804 828-2098 Fax: 804 828-0322 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html From: Hassan Schroeder hassan.schroe...@gmail.com To: Tomcat Users List users@tomcat.apache.org Date: 07/22/2009 03:42 PM Subject: Re: Trouble setting up virtual host On Wed, Jul 22, 2009 at 12:10 PM, Lisa D Beggs/AC/VCUldbe...@vcu.edu wrote: I am hoping you can help me. I am trying to get a DNS entry that we set up www.websitename.edu (alias websitename.edu) to point to another page on our Crystal Reports Server (Infoview). DNS entries associate host (and domain) names with IP addresses. They do not point to pages. When I type in the above website from the server however, I get the default Tomcat home page. So essentially I need to set it up so that the URL to the logon page is redirected to http://websitename.edu/logon.jsp or http://www.websitename.edu/logon.jsp and not the current - http://myserver:/InfoViewApp/logon.jsp. Then you could replace the default home page with one that will forward or redirect requests to / to your own app. ~or~ You can make your own app the default Context by removing the existing ROOT Context and renaming yours to ROOT, and define login.jsp as a welcome page (see the default welcome pages and explanatory note in the global $CATALINA_HOME/conf/web.xml). HTH, -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat manager menu, problems
I am in a LAN installed with tomcat 6 with an ip 192.168.20.20 The problem I have is that this departure is the ip address next http://sitio.pagina.com/misitio/ my question is that the entire menu on the left side (and any), fails to take / mysite /. for example. to enter the menu Administration Status - Tomcat Manager This gives me http://sitio.mipagina.com/manager/html and should appear http://sitio.pagina.com/misitio/manager/html Thank you. -- View this message in context: http://www.nabble.com/tomcat-manager-menu%2C-problems-tp24613858p24613858.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: tomcat manager menu, problems
From: cokecc [mailto:coke.contre...@gmail.com] Subject: tomcat manager menu, problems The problem I have is that this departure is the ip address next http://sitio.pagina.com/misitio/ You are mistaken; DNS names do not include slashes, so it's sitio.pagina.com that resolves to the IP address 192.168.20.20. This gives me http://sitio.mipagina.com/manager/html and should appear http://sitio.pagina.com/misitio/manager/html No, it shouldn't. What you're seeing is correct behavior. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Trouble setting up virtual host
On Wed, Jul 22, 2009 at 12:10 PM, Lisa D Beggs/AC/VCUldbe...@vcu.edu wrote: Sorry, didn't even look at this before: Host name=www.websitename.edu appBase=\webapps\InfoViewApp\logon.jsp Totally wrong -- change to appBase=/webapps Context path= docBase=./ Remove the Context element totally from server.xml. Then remove the existing ROOT context and rename yours to ROOT (or ROOT.war, depending on how you're deploying). -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat manager menu, problems
On Wed, Jul 22, 2009 at 1:19 PM, cokecccoke.contre...@gmail.com wrote: This gives me http://sitio.mipagina.com/manager/html and should appear http://sitio.pagina.com/misitio/manager/html No it shouldn't; the behavior you see is correct (the manager app is associated with the host, not the context). -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat manager menu, problems
thanks for your reply now How do I configure tomcat? to work under the context / mysite /, http://sitio.pagina.com/misitio/manager/html Hassan Schroeder-2 wrote: On Wed, Jul 22, 2009 at 1:19 PM, cokecccoke.contre...@gmail.com wrote: This gives me http://sitio.mipagina.com/manager/html and should appear http://sitio.pagina.com/misitio/manager/html No it shouldn't; the behavior you see is correct (the manager app is associated with the host, not the context). -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/tomcat-manager-menu%2C-problems-tp24613858p24614613.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat manager menu, problems
On Wed, Jul 22, 2009 at 2:05 PM, cokecccoke.contre...@gmail.com wrote: thanks for your reply now How do I configure tomcat? to work under the context / mysite /, Again, the manager app will work fine, but it is associated with the host, not the context. You can certainly use the context /mysite/ at the same time, though. And if that's not the answer, restate your question :-) -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat 5.5.28
Hi, I was wondering when Tomcat 5.5.28 will be released? We would like to upgrade to address vulnerability documented in CVE-2009-0580. Thanks for great product!
Re: tomcat manager menu, problems
ok, I understand. but how can I do to when you click on those links, the context appears / mysite / For example: Administration Status Tomcat Manager --- http://sitio.pagina.com/misitio/manager/html Is this possible? Hassan Schroeder-2 wrote: On Wed, Jul 22, 2009 at 2:05 PM, cokecccoke.contre...@gmail.com wrote: thanks for your reply now How do I configure tomcat? to work under the context / mysite /, Again, the manager app will work fine, but it is associated with the host, not the context. You can certainly use the context /mysite/ at the same time, though. And if that's not the answer, restate your question :-) -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://www.nabble.com/tomcat-manager-menu%2C-problems-tp24613858p24614928.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Force recompile of JSP in Tomcat 6
In a production environment in which JSPs do not change frequently, I'd like to reduce the overhead of checking for JSP recompiles, assuming that such checks are in fact costly, and instruct Tomcat to recompile a given JSP should it change. In our environment, the JSP is written out by our web app. I noted the page.jsp?jsp_precompile=true type of option, but this seems to have no effect if Tomcat's web.xml sets the JspServlet param development=false. Thanks, David - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat manager menu, problems
On Wed, Jul 22, 2009 at 2:25 PM, cokecccoke.contre...@gmail.com wrote: ok, I understand. Uh, well, then. Tomcat Manager --- http://sitio.pagina.com/misitio/manager/html Is this possible? No. Unless you absolutely must have it and are willing to put httpd with mod_rewrite (or equiv) in front, and even then I wouldn't 100% bet it would work. -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Digested passwords stored in tomcat-users.xml by admin application?
Hi all, I know this is probably a common question, but i can't find an answer that is satisfactory. If i configure tomcat to use digested passwords in server.xml, is there a way to make the admin application write them digested in the event a password is changed or a new user is created?? Each new user created gets put in the file with a cleartext password. Thanks This email and any attachments thereto may contain private, confidential, and privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments) by others is strictly prohibited. If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: tomcat manager menu, problems
From: cokecc [mailto:coke.contre...@gmail.com] Subject: Re: tomcat manager menu, problems ok, I understand. Apparently not. but how can I do to when you click on those links, the context appears / mysite / You can't. http://sitio.pagina.com/misitio/manager/html Is this possible? No. The site is sitio.pagina.com; misitio is *not* the site, it is simply a URL reference under the site. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Digested passwords stored in tomcat-users.xml by admin application?
From: Kurt Heberlein [mailto:ku...@3pardata.com] Subject: Digested passwords stored in tomcat-users.xml by admin application? is there a way to make the admin application If you're referring to the admin application that comes with older versions of Tomcat, that's a dead end. (Note that you didn't bother to tell us what version of Tomcat you're using.) Each new user created gets put in the file with a cleartext password. What file? If you're referring to conf/tomcat-users.xml, you should not be using that in production. Better to configure a proper Realm with some sort of database or LDAP server behind it: http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Programmatically reload webapp in Tomcat 6
Manually, the Tomcat Manager web app allows me to easily restart a web app. So, assuming I have the tomcat manager username and password, I can make a program invoke the same URL that probably would cause the web app to reload, using something like: https://myhost.com/manager/html/reload?path=/THISONE Is there a programmatic way to do this directly instead to make it easier to detect any errors or the like? I basically would like a web app to be able to reload itself, without stopping Tomcat itself, such as after an automated download that installed some new versions of JARs and JSPs for the web app (allowing the web app to download upgrades, install them, then restart the web app so it's put into use). Thanks, David - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Digested passwords stored in tomcat-users.xml by admin application?
Thanks Chuck - Sorry - yes v5.5, and i am referring to the admin webapp that came with it. I have to allow for end-users that don't want to use LDAP, nor another DB (I know it is stupid). So i was hoping there was a way to make the admin app write the passwords in digest form. Thanks -Kurt On Wed, 2009-07-22 at 15:05 -0700, Caldarale, Charles R wrote: From: Kurt Heberlein [mailto:ku...@3pardata.com] Subject: Digested passwords stored in tomcat-users.xml by admin application? is there a way to make the admin application If you're referring to the admin application that comes with older versions of Tomcat, that's a dead end. (Note that you didn't bother to tell us what version of Tomcat you're using.) Each new user created gets put in the file with a cleartext password. What file? If you're referring to conf/tomcat-users.xml, you should not be using that in production. Better to configure a proper Realm with some sort of database or LDAP server behind it: http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org This email and any attachments thereto may contain private, confidential, and privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments) by others is strictly prohibited. If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat manager menu, problems
Caldarale, Charles R wrote: From: cokecc [mailto:coke.contre...@gmail.com] Subject: Re: tomcat manager menu, problems ok, I understand. Apparently not. Ah good ! I thought it was only me.. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Trouble setting up virtual host
Lisa D Beggs/AC/VCU wrote: The default Tomcat page is what I get if I try to enter that on the server hosting Tomcat Crystal Reports Server.so my configuration in the server.xml file must be incorrect. If I try to type in the webpage from another computer it can not find the page. ... Mmm. Ok, Lisa, we're here to serve, no matter what comes... Can you tell us first under what kind of host this Tomcat is running ? Is it a Unix system, a Linux system, a Windows system ? And if it is a Unix or Linux system, which kind ? (if you don't know, either ask around or enter uname -a in a console window on the server and tell us the result). Second : I am going to ask some pretty basic questions. Can you answer them, even if you think that they are stupid, or that you have already answered them ? That will give us some insight into the situation, to help you quicker. Q1 : I presume that this, until now, is a working server. Yes/No ? Q2: If yes, how do the users access it now ? What exact URL do they type in the browser location bar, to access the homepage of this server ? Q3: Still if yes, does that same URL work from all workstations, and do they all get the same page for the same URL ? And which page is that ? Q4: Have you ever configured a webserver before (Tomcat or other) ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Preventing access to directories?
Hi, If I create a folder in the base of my web application, for example: webapp/mydir can I prevent access to it? What I am wanting to do it create modules within my web application that contain the associated components: webapp/ module/ js/ css/ jsp/ img/ The JSPs will be accessed via struts2, so I want to ensure that someone typing: http://../webapp/module/jsp/abc.jsp won't be able to access the resource. I know I could put the JSPs in WEB-INF (it is what I do now), though I am wanting to explore another way of organising and grouping related resource, for easier management. André-John - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Preventing access to directories?
From: Andre-John Mas [mailto:andrejohn@gmail.com] Subject: Preventing access to directories? I know I could put the JSPs in WEB-INF (it is what I do now), though I am wanting to explore another way of organising and grouping related resource, for easier management. Since protection from direct access is one of the spec-defined uses of WEB-INF, why do you want to reinvent this already very round wheel? You could try writing a filter that traps direct access. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Preventing access to directories?
On Wed, Jul 22, 2009 at 5:23 PM, Andre-John Masandrejohn@gmail.com wrote: I want to ensure that someone typing: http://../webapp/module/jsp/abc.jsp won't be able to access the resource. I know I could put the JSPs in WEB-INF (it is what I do now), though I am wanting to explore another way of organising and grouping related resource, for easier management. Uh, say what? It's easier to manage put stuff in directory A versus put stuff in directory B? Why not make your life easy and leave it in WEB-INF??? -- Hassan Schroeder hassan.schroe...@gmail.com twitter: @hassan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Preventing access to directories?
On 22-Jul-2009, at 22:36, Hassan Schroeder wrote: On Wed, Jul 22, 2009 at 5:23 PM, Andre-John Masandrejohn@gmail.com wrote: I want to ensure that someone typing: http://../webapp/module/jsp/abc.jsp won't be able to access the resource. I know I could put the JSPs in WEB-INF (it is what I do now), though I am wanting to explore another way of organising and grouping related resource, for easier management. Uh, say what? It's easier to manage put stuff in directory A versus put stuff in directory B? Why not make your life easy and leave it in WEB-INF??? I probably will, though I was wanting to examine the alternatives. Andre - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Preventing access to directories?
Here is one alternative: use a servlet that will handle all the illegal accessed files by define corresponding servlet-mapping in web.xml. eg.mapping ErrorServlet to /code dir,and return error code SC_FORBIDDEN (403). 2009/7/23 Andre-John Mas aj...@sympatico.ca On 22-Jul-2009, at 22:36, Hassan Schroeder wrote: On Wed, Jul 22, 2009 at 5:23 PM, Andre-John Masandrejohn@gmail.com wrote: I want to ensure that someone typing: http://../webapp/module/jsp/abc.jsp won't be able to access the resource. I know I could put the JSPs in WEB-INF (it is what I do now), though I am wanting to explore another way of organising and grouping related resource, for easier management. Uh, say what? It's easier to manage put stuff in directory A versus put stuff in directory B? Why not make your life easy and leave it in WEB-INF??? I probably will, though I was wanting to examine the alternatives. Andre - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Preventing access to directories?
On 22-Jul-2009, at 20:23, Andre-John Mas wrote: Hi, If I create a folder in the base of my web application, for example: webapp/mydir can I prevent access to it? What I am wanting to do it create modules within my web application that contain the associated components: webapp/ module/ js/ css/ jsp/ img/ The JSPs will be accessed via struts2, so I want to ensure that someone typing: http://../webapp/module/jsp/abc.jsp won't be able to access the resource. I know I could put the JSPs in WEB-INF (it is what I do now), though I am wanting to explore another way of organising and grouping related resource, for easier management. Turns out I can do the following: security-constraint web-resource-collection web-resource-nameJSP/web-resource-name descriptionPrevents access to .jsp files/description url-pattern*.jsp/url-pattern /web-resource-collection auth-constraint/ /security-constraint One other source suggested a filter. I have an answer to my question, now to see if it solves anything. André - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: is there any difference?
I'm fairly sure there is no difference between the two. The browser contacts www.google.com on the default port 80 and then sends a GET / request regardless of whether the last '/' is in the address bar. Take a look at one of the many browser plugins like Firebug for Firefox to see it for your self. Now if you mean URLs like http://www.my.page.com/mydir becoming http://www.my.page.com/mydir/, that's a different story. I suspect the first request get's a 30x redirect to the second one. --David lanxiazhi wrote: I discovered that when I made a request to www.google.com the browser will change the address to www.google.com/ (add a slash) what's the mechanism under this? and what is tomcat approach on this? thanks. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: is there any difference?
From: David Smith [mailto:d...@cornell.edu] Subject: Re: is there any difference? I'm fairly sure there is no difference between the two. There's no effective difference, but the HTTP RFC requires the trailing slash when a specific resource is not in the URL. That's why the browser adds the slash automatically to the host name URL, and the server sends a 302 back when the URL does not target a specific resource. As you might expect, Tomcat does follow the HTTP RFC. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
missing content-length header for HEAD request in mod_jk 1.2.28 with tomcat 6.0.18
Hi, We observed that content-length header is missing in response headers for a HEAD request when used along with Apache 2.0.53, mod_jk 1.2.28 and tomcat 6.0.18. The header appears correctly when only mod_jk is rolled back to version 1.2.21 (the previous production version for us). Is this a known issue? Any work-around/solution for this? Thanks, Sameer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
Andre, I am sorry if I got your remark from the wrong end and apologies if it did heart you.I posted things on to the list as they unfolded.This anti virus issue did not happen until a moment ago I made the post.From the beginning of this issue I have not kept back any information that was relevant to the issue and I thought relevant. Well I did as you have instructed me 1. *Stopped the Anti virus * 2. *Downloaded apache-tomcat-6.0.20.zip (core)* 3. *Unzipped it to the directory apache-tomcat-6.0.20* 4. *Opened a console window* 5. *Went to the directory c:\apache-tomcat-6.0.20\bin* 6. *typed the command startup.bat, it started tomcat below is what appeared on the console window* C:\apache-tomcat-6.0.20\binstartup.bat Using CATALINA_BASE: C:\apache-tomcat-6.0.20 Using CATALINA_HOME: C:\apache-tomcat-6.0.20 Using CATALINA_TMPDIR: C:\apache-tomcat-6.0.20\temp Using JRE_HOME:C:\Program Files\Java\jdk1.6.0_14 7* Then typed shutdown.bat, it did stop tomcat* C:\apache-tomcat-6.0.20\binshutdown.bat Using CATALINA_BASE: C:\apache-tomcat-6.0.20 Using CATALINA_HOME: C:\apache-tomcat-6.0.20 Using CATALINA_TMPDIR: C:\apache-tomcat-6.0.20\temp Using JRE_HOME:C:\Program Files\Java\jdk1.6.0_14 *8 Issued the command service.bat install, the display in the console window was* C:\apache-tomcat-6.0.20\binservice.bat install Installing the service 'Tomcat6' ... Using CATALINA_HOME:C:\apache-tomcat-6.0.20 Using CATALINA_BASE:C:\apache-tomcat-6.0.20 Using JAVA_HOME:C:\Program Files\Java\jdk1.6.0_14 Using JVM: C:\Program Files\Java\jdk1.6.0_14\jre\bin\server\jvm.dll Failed installing 'Tomcat6' service *As always the service installation stops when using the JVM *Varuna* *2009/7/22 André Warnier a...@ice-sa.com Varuna, I am not trying to bully you or anything of the kind. I have been watching this thread as a spectator, and I was just trying to convey to you the following : There are people here trying to help you, for free. To be able to do that, they need, at least : - that you provide all relevant information - that when they ask a question, you answer the question This anti-virus thing was valuable information, and it may be at the bottom of your problems. But it took about 10 posts before you mentioned these messages, thus leading several would-be helpers into probably bad directions. Similarly, it looks a bit like every item of information has to be pulled out of you bit by bit. In other words, much of your pain looks self-inflicted. That was the sense of my comment. Which, I admit, was made in a rather sarcastic way, for which I apologise if it shocked you. Now, to redeem myself, here are my suggestions : - turn off any anti-virus or similar software that might be running - de-install whatever Tomcat software you have installed, using the installer/deinstaller package - verify that you do not have any remainders anywhere of these installations (in the Windows Services display, in the disk directory where you installed Tomcat, and in the Start.. Settings.. System ..Software dialog). When everything is clean : - download the zip version of Tomcat for Windows, from the Tomcat website. - unzip it in a directory. I suggest a sensible directory name, without spaces in the name, like c:\tomcat6. This is now your CATALINA_HOME directory (and also, by default, your CATALINA_BASE directory). Remember this, it is important. - in the directory CATALINA_HOME/bin, you will then find a script called startup.bat. Open a command window, navigate to that directory, and run that script. This should start Tomcat, interactively, in that command window. This is only to verify that nothing else is wrong on your system to run Tomcat (like available ports, etc..). - you should now be able to access Tomcat with a browser, at http://localhost:8080; - to stop Tomcat, type CTRL-C in the command window. Once you have done the above, then you can try to install Tomcat as a service. For that, run the script CATALINA_HOME/bin/service.bat install (you can also edit this script, to see what it is doing) When you have run this script, you will have essentially done the same as what the exe installer package for Tomcat is doing. But you will have much more control and understanding of what is going on, and where things may get stuck. You should now be able to start and stop Tomcat using the commands net start tomcat6 net stop tomcat6 (the name tomcat6 above to be replaced by the correct Windows Service name for Tomcat) or by using My Computer..Manage..Services and Applications) If you want, you can then remove the Tomcat service again, by running service.bat remove, and try again to install the whole thing from the exe installer version. Additional information, harder to find in the on-line documentation : - the tomcat6.exe program that comes with the Windows version of Tomcat,
Re: TC 5.5.27 upgrade JSP tag attribute quoting
In the file Tomcat 5.5\conf\catalina.properties I simply added this line: org.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false To get rid of the jasper double quotes error. Thanks for the link Mark.It was useful. -LS -- View this message in context: http://www.nabble.com/TC-5.5.27-upgrade-JSP-tag-attribute-quoting-tp19986031p24619281.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: is there any difference?
hello,I found this in the servlet specification: • The deployment descriptor lists the following welcome files. welcome-file-list welcome-fileindex.html/welcome-file welcome-filedefault.jsp/welcome-file /welcome-file-list • The static content in the WAR is as follows /foo/index.html /foo/default.jsp /foo/orderform.html /foo/home.gif /catalog/default.jsp /catalog/products/shop.jsp /catalog/products/register.jsp • A request URI of /foo will be redirected to a URI of /foo/. • A request URI of /foo/ will be returned as /foo/index.html. • A request URI of /catalog will be redirected to a URI of /catalog/. which matches what David said. 2009/7/23 Caldarale, Charles R chuck.caldar...@unisys.com From: David Smith [mailto:d...@cornell.edu] Subject: Re: is there any difference? I'm fairly sure there is no difference between the two. There's no effective difference, but the HTTP RFC requires the trailing slash when a specific resource is not in the URL. That's why the browser adds the slash automatically to the host name URL, and the server sends a 302 back when the URL does not target a specific resource. As you might expect, Tomcat does follow the HTTP RFC. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
RE: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development
From: Varuna Seneviratna [mailto:varunasenevira...@gmail.com] Subject: Re: Fwd: Is it not possible to install apache-tomcat-6.0.20 with a J2SE 5 JRE: A new development Using JAVA_HOME:C:\Program Files\Java\jdk1.6.0_14 Using JVM: C:\Program Files\Java\jdk1.6.0_14\jre\bin\server\jvm.dll *As always the service installation stops when using the JVM No, your previous posting showed Failed setting process executable - which is tomcat6.exe. Interesting that your subject line says J2SE 5 JRE, when the registered JVM is a JDK 6... I don't think there's any attempt during *installation* of the service to use the JVM. However, the installer might well be verifying that the registered JVM exists and is accessible - along with a myriad of other things. 1) Verify that the above .dll location does exist and is accessible to the Local System account. 2) Verify that the above JVM does work by entering the following at a command prompt (quotes required): C:\Program Files\Java\jdk1.6.0_14\bin\java -server -version 3) Verify that the Local System account has access to the Tomcat installation directory. 4) Double check that there is no Tomcat service of any kind under any name already installed. 5) If you can find another Windows machine that has not been under the influence of Kaspersky, try a Tomcat installation there. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.