Re: Best practice to upgrade (redeploy) .war files
On Monday 30 August 2010 12:55:19 Rainer Frey wrote: > Hi, It's not normally my style, but is there really no feedback on this topic? Does anyone use explicit hot deployment with Tomcat Manager in production? How do you actually upgrade deployed applications? And if you use cold deployment only, how do you avoid downtime for other apps? Do you really use one Tomcat instance per app? I'd really like to hear some input / experiences about production use with several applications with independent release/deploy cycles. Thanks again Rainer > what is the best practice to replace a webapp with a newer version in > production? > > I'm using Tomcat 6.0.29, with unpackWARs="true" autoDeploy="false". All > Webapps reside in appBase, some have a machine-specific context descriptor, > that I manually copy to conf/Catalina/localhost. > > I use the Tomcat Manager (via HTML-Interface) to deploy applications. What > is the recommended way to upgrade a webapp to a newer version (same war > name, same desired context path)? > > The HTML manager has no "redeploy" option. "deploy" is not possible as the > context already exists. I tried to put the new war file into appBase, and > use reload, but that won't update the expanded directory to the new war > file. > > What I did is: > * undeploy > * copy new war file > * deploy > > This is cumbersome as I have to switch forth and back between manager and > file operations. > > Is there a better way? > > Thanks > Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Web App - Strange Issue - Need 2 restarts for SSO mode to work
Tomcat ver 5.0.19 JVM 1.5 Linux platform No exceptions in logs Single SIgn On mode works through a load balancer Normal mode URL hits the individual server directly In below mail, the jsp name was put incorrectly. It is always invoking myapp.jsp >From the web.xml I infer that if listings or 404 error will be displayed based on settings in defaultServlet settings, if the welcome files are missing. Now the question is welcome file (myapp.jsp) is present in webapps/WEB-INF/jsp diretcory of application. Why does it not find the same first time and why will it find it after one mroe restart -- n828cl wrote: > >> From: Sunil A V [mailto:sunil...@infosys.com] >> Subject: Tomcat Web App - Strange Issue - Need 2 restarts for SSO mode to >> work > > Tomcat version? JVM level? Platform? Anything of interest in the Tomcat > logs? > >> The web application is available through 2 modes of links - >> one is regular without load balacer and other is Single Sign >> On based through load balancer. > > Please explain how that is configured. Are they completely separate > Tomcat instances on different boxes? > >> Deployment Procedure: >> Stop the server >> Copy the new war to webapps replacing the old one >> remove the complete diretcory of MyApp recursively (rm -rf MyApp) >> start the server > > Should be ok, although it's a bit heavy-handed. > >> We try both the links of application. > > What is a "link"? > >> Please note the web.xml in Tomcat/webapps/MyApp/WEB-INF directory has >> below >> >> myapp.jsp >> > > Which leaves directory listings enabled for the webapp. > >> The application has only myapp.jsp and none of index.* files > >> Tomcat might not be finding xcard.jsp > > Why would it? Based on your description of the file contents, there is no > xcard.jsp, just a myapp.jsp. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you > received this in error, please contact the sender and delete the e-mail > and its attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/Tomcat-Web-App---Strange-Issue---Need-2-restarts-for-SSO-mode-to-work-tp29605152p29611508.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat dies after starting
On Thu, Sep 2, 2010 at 10:52 PM, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Jan, > > On 9/2/2010 2:42 AM, jan gestre wrote: >> I'm the only user of this dedicated machine, it's not yet in >> production that's why I'm quite sure :). Even the init scripts logs >> tells that Tomcat is started only to find out that it's not actually >> running because of sudden death. > > You may still have started Tomcat more than once, or something else > might be running on the machine taking those ports. > > Try these: > > $ ps aux | grep java > > (See if there are any java processes running) > > $ netstat -an | grep 8080 > > You may need to be root in order to read all processes and port usages. > > - -chris Hi Chris, That's the odd thing about it, both ps and netstat did not return any result, also only heartbeat does the starting (this is an HA cluster using DRBD and Heartbeat), the only issue I've noticed in the ha logs is that it's not unmounting the drbd partition cleanly i.e. it has to send SIGTERM to kill the process. Regards, Jan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
[email] Dynamic attachments in mailer taglib 2 using JavaBean
I've written a javabean that connects to a database, downloads a file, and one of the getter methods returns the complete file path to the file. The problem I have is: when the JSP runs and gets to the part where it gets the file path to pass to the taglib, I get an error message that is typical of a reference to a nonstatic variable. This concerns me as I thout getter methods in javabeans would inherently returns values that are valid instance variables in a JSP. I will paste my getter method below, the JSP call to that method and the error message below: any guidance is welcome. Thank you: Getter method in jsvabean (javabean compiles fine): public String getTempFilePath() { this.downloadedfilename= tempFilePath; return this.downloadedfilename; } JSP call to getter method above: <%-- /RadTicketsFileDownloadForEmailAttachment?attachmentId=${ all_attachments_for_this_ticket_row.id}&fileName=${all_attachments_for_this_ticket_row.attachment_name} --%> ... And the error message: org.apache.jasper.JasperException: Unable to compile class for JSP: An error occurred at line: 97 in the jsp file: /web/radtickets/ticket_email_response/ticket_email_response_dispatcher_page.jsp Cannot make a static reference to the non-static method getTempFilePath() from the type RadTicketsFileDownloadForEmailAttachmentBean 94: 95: 96: <%-- /RadTicketsFileDownloadForEmailAttachment?attachmentId=${all_attachments_for_this_ticket_row.id}&fileName=${all_attachments_for_this_ticket_row.attachment_name} --%> 97: 100: Stacktrace: org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:92) org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330) org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:439) org.apache.jasper.compiler.Compiler.compile(Compiler.java:334) org.apache.jasper.compiler.Compiler.compile(Compiler.java:312) org.apache.jasper.compiler.Compiler.compile(Compiler.java:299) org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:589) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:317) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) Ferindo
Re: Host Manager.
Looked at that before not really convinced reworking that is easier than adding in an xml line or two via an xml writer. Willing to be convinced though. Wes On 9/3/10, Pid wrote: > On 02/09/2010 21:06, Caldarale, Charles R wrote: >>> From: Wesley Acheson [mailto:wesley.ache...@gmail.com] >>> Subject: Host Manager. >> >>> Is there is no documentation for the host-manager? >> >> Very little that I've found. You can learn a bit about it by looking at >> its WEB-INF/web.xml file. >> >>> If I remember correctly from this list it doesn't persist >>> its settings is that correct? >> >> Correct. >> >>> How many people would be interested in it persisting its >>> settings, by editing the appropriate files. >> >> I would be interested. Note that there's only one file to edit: >> conf/server.xml. >> >>> Is that in theory possible? >> >> It's all software... >> >>> to add the folder structure and the appropiate >>> context.xml files. >> >> That's not necessary - the conf/Catalina/[host]/... files are already >> created automatically as webapps are deployed under the new . Only >> conf/server.xml needs to be updated. >> >>> Would it interfere too badly with tomcat while >>> it was running? >> >> No, Tomcat only reads server.xml during startup. Whatever update >> mechanism is used must insure that the file is never in an unparsable >> state (e.g., don't update in place, instead create a new file and then >> rename it). > > May I gently steer you in the direction of the JMX API and the > Catalina:type=Server.Operations.storeConfig() command? > > Not sure it works very well at the moment, but if it did... > > p > >> - Chuck >> >> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY >> MATERIAL and is thus for use only by the intended recipient. If you >> received this in error, please contact the sender and delete the e-mail >> and its attachments from all computers. >> >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > -- Sent from my mobile device - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Host Manager.
On 02/09/2010 21:06, Caldarale, Charles R wrote: >> From: Wesley Acheson [mailto:wesley.ache...@gmail.com] >> Subject: Host Manager. > >> Is there is no documentation for the host-manager? > > Very little that I've found. You can learn a bit about it by looking at its > WEB-INF/web.xml file. > >> If I remember correctly from this list it doesn't persist >> its settings is that correct? > > Correct. > >> How many people would be interested in it persisting its >> settings, by editing the appropriate files. > > I would be interested. Note that there's only one file to edit: > conf/server.xml. > >> Is that in theory possible? > > It's all software... > >> to add the folder structure and the appropiate >> context.xml files. > > That's not necessary - the conf/Catalina/[host]/... files are already created > automatically as webapps are deployed under the new . Only > conf/server.xml needs to be updated. > >> Would it interfere too badly with tomcat while >> it was running? > > No, Tomcat only reads server.xml during startup. Whatever update mechanism > is used must insure that the file is never in an unparsable state (e.g., > don't update in place, instead create a new file and then rename it). May I gently steer you in the direction of the JMX API and the Catalina:type=Server.Operations.storeConfig() command? Not sure it works very well at the moment, but if it did... p > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > 0x62590808.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: Phantom Sessions
Hey, Pid, A few a day. Seems fairly random, which would support the bot theory. But the sessions don't show up in batches, which is the behavior I typically see from bots. Paul On 9/2/10 7:27 PM, Pid wrote: On 02/09/2010 23:20, Paul Szynol wrote: Hi, Chris, Thanks for your response. I do get those requests, but it seems they always generate standard user agent information, which I then store in the associated session object. These session objects don't have any user agent information--that's why I am wondering if they're generated internally. Not all bots are well behaved. How many are being created? p Best, Paul On 9/2/10 6:07 PM, Christopher Schultz wrote: Paul, On 9/2/2010 5:10 PM, Paul Szynol wrote: I don't have the minor version information, but it's Tomcat 6. Each session object is added to a ConcurrentHashMap when SessionListener's sessionCreated() is invoked. You likely have a default page (responds to requests for "/") that is a JSP without a session="false" header. That means that the session is, by default, created. That means anyone visiting your website and then wandering away -- including robots, screen-scrapers, and search indexers -- gets a session that sticks around for a long time and does nothing. -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Phantom Sessions
On 02/09/2010 23:20, Paul Szynol wrote: > > Hi, Chris, > > Thanks for your response. I do get those requests, but it seems they > always generate standard user agent information, which I then store in > the associated session object. These session objects don't have any > user agent information--that's why I am wondering if they're generated > internally. Not all bots are well behaved. How many are being created? p > Best, > Paul > > > On 9/2/10 6:07 PM, Christopher Schultz wrote: > Paul, > > On 9/2/2010 5:10 PM, Paul Szynol wrote: I don't have the minor version information, but it's Tomcat 6. Each session object is added to a ConcurrentHashMap when SessionListener's sessionCreated() is invoked. > You likely have a default page (responds to requests for "/") that is a > JSP without a session="false" header. That means that the session is, by > default, created. > > That means anyone visiting your website and then wandering away -- > including robots, screen-scrapers, and search indexers -- gets a session > that sticks around for a long time and does nothing. > > -chris >> - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org 0x62590808.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: Phantom Sessions
Hi, Chris, Thanks for your response. I do get those requests, but it seems they always generate standard user agent information, which I then store in the associated session object. These session objects don't have any user agent information--that's why I am wondering if they're generated internally. Best, Paul On 9/2/10 6:07 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul, On 9/2/2010 5:10 PM, Paul Szynol wrote: I don't have the minor version information, but it's Tomcat 6. Each session object is added to a ConcurrentHashMap when SessionListener's sessionCreated() is invoked. You likely have a default page (responds to requests for "/") that is a JSP without a session="false" header. That means that the session is, by default, created. That means anyone visiting your website and then wandering away -- including robots, screen-scrapers, and search indexers -- gets a session that sticks around for a long time and does nothing. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyAIB0ACgkQ9CaO5/Lv0PCJ7gCghs2t7oG73AT5AsOu9BmqhweT DI0An3/aSTrqL+btt9fBHSOZnC2kfLsy =1k2w -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Host Manager.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeffrey, On 9/2/2010 5:40 PM, Jeffrey Janner wrote: > I'd be happy if it just wrote out a new file based on the settings at > the time I said save -- damn the comments. > At least then, it's a pretty straight-forward bit of save code. > But, if you're one of those who has to save the commentary that's > already there, then have fun. It doesn't seem unreasonable to persist the comments: they're XML elements, too. If you can write code to parse and insert elements into an XML tree, you can afford to keep the comments in there, too. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyAIbUACgkQ9CaO5/Lv0PCh0ACdFLsEc5231/hM8bD1Ajx9AOq7 +hcAoIkwLr+vFJ0+sO6SYa67bAfvv1qc =amdL -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Phantom Sessions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul, On 9/2/2010 5:10 PM, Paul Szynol wrote: > I don't have the minor version information, but it's Tomcat 6. Each > session object is added to a ConcurrentHashMap when SessionListener's > sessionCreated() is invoked. You likely have a default page (responds to requests for "/") that is a JSP without a session="false" header. That means that the session is, by default, created. That means anyone visiting your website and then wandering away -- including robots, screen-scrapers, and search indexers -- gets a session that sticks around for a long time and does nothing. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyAIB0ACgkQ9CaO5/Lv0PCJ7gCghs2t7oG73AT5AsOu9BmqhweT DI0An3/aSTrqL+btt9fBHSOZnC2kfLsy =1k2w -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: java.net.BindException: Address already in use
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul, On 9/2/2010 2:41 PM, Paul Bourget wrote: > I am not clear on the question as I inserted the log file in the early > emails. I meant: what does your system /perform/ on boot... not what are the effects. For example: what startup script launches Tomcat? What does it look like? Where did you get it? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyAH7MACgkQ9CaO5/Lv0PAACwCgg1Wumn2Up2YwMYdmvAG84To/ fKEAn1IPim2Ri4ffimyxhURQPPA/JoUF =ciVL -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Question on SSI
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wesley, On 9/2/2010 3:30 PM, Wesley Acheson wrote: > On Thu, Sep 2, 2010 at 9:22 PM, Wesley Acheson > wrote: > Far too much. :) You're very kind to explain everything in detail. > Anyway I'm also interested in the ; mime types if anyone has any better > reference. http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7 (and 3.7.1) The stuff after the ";" is called a "parameter" and for text/* types, the character encoding should be specified using the "charset" parameter. Without the "charset" parameter, the default is supposed to be "ISO-8859-1". > Also what does tomcat do if serving a static file with an unlisted > extension? The default appears to be "text/plain", though I can't find that in the HTTP spec, the servlet specification, or the Tomcat source code. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyAHxkACgkQ9CaO5/Lv0PDDAgCeI+fHDmQEAVokWU+yVvm0bo7y awEAn2SPrZa5EjNgL0snep9MAvLiJXXS =AnkW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Host Manager.
> From: Wesley Acheson [mailto:wesley.ache...@gmail.com] > Subject: Re: Host Manager. > Honestly I thought there was more than one going from this > http://tomcat.apache.org/tomcat-6.0-doc/virtual-hosting-howto.html The files should be created automatically - but only when needed. > I've just created a host using the host manager. > And deployed a war. I don't see such a file. See what such file? > just the manager.xml Where is that located? When I tried it (6.0.29), the host-manager copied its manager.xml template to conf/Catalina/[newHost]/manager.xml, and put this in it: It also automatically created the new appBase directory for the new host. I did click the _Start_ button on the line for the new ; don't know if that was needed or not. > Understood for server.xml is the same true of the context files though? Since they've never been seen before (brand new ), it won't matter. But there really aren't any for the host-manager to create, other than the one for the manager app, so webapps can be deployed under the new . - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Host Manager.
I'd be happy if it just wrote out a new file based on the settings at the time I said save -- damn the comments. At least then, it's a pretty straight-forward bit of save code. But, if you're one of those who has to save the commentary that's already there, then have fun. Jeff > -Original Message- > From: Wesley Acheson [mailto:wesley.ache...@gmail.com] > Sent: Thursday, September 02, 2010 2:40 PM > To: Tomcat Users List > Subject: Host Manager. > > Few Questions > > Is there is no documentation for the host-manager? > > If I remember correctly from this list it doesn't persist its settings > is > that correct? > > How many people would be interested in it persisting its settings, by > editing the appropriate files. > > Final question. > > Is that in theory possible? to add the folder structure and the > appropiate > context.xml files. Would it interfere too badly with tomcat while it > was > running? > > I really like the idea of the host manager. If it persisted its > features I > may actually have used it. > > Regards, > > Wes __ Confidentiality Notice: This Transmission (including any attachments) may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this transmission in error, please immediately reply to the sender or telephone (512) 343-9100 and delete this transmission from your system. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: pick load
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexandre, On 9/2/2010 1:49 PM, Alexandre Chapellon wrote: > Yes to me too, but what's weired is that thoose errors enver appears > under normal load... this really drives me crazy! I would bet that there's an exception being caught and re-thrown without the original exception being logged. Check the code around where that exception is being thrown (Client.java:676) and see if it's in a catch block. If so, try logging the original exception, or chaining the root cause to the new exception like this: throw new Exception("Erreur: impossible de recuperer la partie CHAP0712A : " + whatever, originalException); This will help you figure out what's really happening. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyAGMcACgkQ9CaO5/Lv0PBMqgCgove+TKLYTcsd9JWQy3gTff4b qgMAn0F7jknSIJ1+xrtseRkRZtpMmKKp =9CDH -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Host Manager.
On Thu, Sep 2, 2010 at 10:06 PM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Wesley Acheson [mailto:wesley.ache...@gmail.com] > > > How many people would be interested in it persisting its > > settings, by editing the appropriate files. > > I would be interested. Note that there's only one file to edit: > conf/server.xml. > Honestly I thought there was more than one going from this http://tomcat.apache.org/tomcat-6.0-doc/virtual-hosting-howto.html > > > Is that in theory possible? > > It's all software... > > > to add the folder structure and the appropiate > > context.xml files. > > That's not necessary - the conf/Catalina/[host]/... files are already > created automatically as webapps are deployed under the new . Only > conf/server.xml needs to be updated. > > > I've just created a host using the host manager. And deployed a war. I don't see such a file. just the manager.xml > > Would it interfere too badly with tomcat while > > it was running? > > No, Tomcat only reads server.xml during startup. Whatever update mechanism > is used must insure that the file is never in an unparsable state (e.g., > don't update in place, instead create a new file and then rename it). > > Understood for server.xml is the same true of the context files though?
Re: Phantom Sessions
I don't have the minor version information, but it's Tomcat 6. Each session object is added to a ConcurrentHashMap when SessionListener's sessionCreated() is invoked. Best, Paul On 9/2/10 5:01 PM, Caldarale, Charles R wrote: From: Paul Szynol [mailto:paul.szy...@gmail.com] On Behalf Of Paul Szynol Subject: Phantom Sessions I've recently noticed "phantom" session objects on one of my Tomcat webapps. Tomcat version? What are you using to observe these sessions? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Phantom Sessions
> From: Paul Szynol [mailto:paul.szy...@gmail.com] On Behalf Of Paul Szynol > Subject: Phantom Sessions > I've recently noticed "phantom" session objects on one of > my Tomcat webapps. Tomcat version? What are you using to observe these sessions? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Phantom Sessions
I've recently noticed "phantom" session objects on one of my Tomcat webapps. These sessions have no IP addresses and their sole URI request is always for "/". I am not sure if this is a sign of a problem, or how to trace it--has anyone else encountered something similar? Best wishes, Paul - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Host Manager.
On Thu, Sep 2, 2010 at 10:42 PM, Jordan Michaels wrote: > I'd be interested as well. I've actually been meaning to get to this myself > and submit a patch to make the changes persist, but my schedule has been too > hectic for any extra-curricular work recently. If you don't (and I'm hoping > you will)... I will get to it eventually. ;) > > -Jordan > > > On 09/02/2010 01:06 PM, Caldarale, Charles R wrote: > >> From: Wesley Acheson [mailto:wesley.ache...@gmail.com] >>> Subject: Host Manager. >>> >> >> Is there is no documentation for the host-manager? >>> >> >> Very little that I've found. You can learn a bit about it by looking at >> its WEB-INF/web.xml file. >> >> If I remember correctly from this list it doesn't persist >>> its settings is that correct? >>> >> >> Correct. >> >> How many people would be interested in it persisting its >>> settings, by editing the appropriate files. >>> >> >> I would be interested. Note that there's only one file to edit: >> conf/server.xml. >> >> Is that in theory possible? >>> >> >> It's all software... >> >> to add the folder structure and the appropiate >>> context.xml files. >>> >> >> That's not necessary - the conf/Catalina/[host]/... files are already >> created automatically as webapps are deployed under the new. Only >> conf/server.xml needs to be updated. >> >> Would it interfere too badly with tomcat while >>> it was running? >>> >> >> No, Tomcat only reads server.xml during startup. Whatever update >> mechanism is used must insure that the file is never in an unparsable state >> (e.g., don't update in place, instead create a new file and then rename it). >> >> - Chuck >> >> I don't have a huge amount of time right now but yeah as far as I understand it, it shouldn't be tooo difficult. I do have another side project (in php) which Is probably more urgent to me. However I was thinking about doing this. Really I'm not sure what way the community is supposed to feed in its desires at the moment. So I thought maybe the best way was to ensure there was some interest here before committing myself. Wes
Re: Host Manager.
I'd be interested as well. I've actually been meaning to get to this myself and submit a patch to make the changes persist, but my schedule has been too hectic for any extra-curricular work recently. If you don't (and I'm hoping you will)... I will get to it eventually. ;) -Jordan On 09/02/2010 01:06 PM, Caldarale, Charles R wrote: From: Wesley Acheson [mailto:wesley.ache...@gmail.com] Subject: Host Manager. Is there is no documentation for the host-manager? Very little that I've found. You can learn a bit about it by looking at its WEB-INF/web.xml file. If I remember correctly from this list it doesn't persist its settings is that correct? Correct. How many people would be interested in it persisting its settings, by editing the appropriate files. I would be interested. Note that there's only one file to edit: conf/server.xml. Is that in theory possible? It's all software... to add the folder structure and the appropiate context.xml files. That's not necessary - the conf/Catalina/[host]/... files are already created automatically as webapps are deployed under the new. Only conf/server.xml needs to be updated. Would it interfere too badly with tomcat while it was running? No, Tomcat only reads server.xml during startup. Whatever update mechanism is used must insure that the file is never in an unparsable state (e.g., don't update in place, instead create a new file and then rename it). - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FileUploadBase$IOFileUploadException
Hey, André, Thanks for your note. After his second email, I understood better Konstantin's point (there are subsequent exchanges, after the one you're quoting), and I agree with you and him that the exception seems related to a file system permission issue. - when it starts doing this (writing to disk), it is going to create this temporary file in the directory indicated by .setRepository(). If this is not explicitly set, it will default to "/". So what happened on your first iteration, was that when the size exceeded the default of 1 MB, it tried to create a temporary file in "/", and failed because Tomcat does not have permission to write there. From there came the (accurate) error message. So, interestingly, I actually tried the opposite and simply removed the setRepository() call altogether, to let fileupload use its default value (which I had avoided doing for the reasons you list). I am no longer getting the exception. I think that means the default value for setRepository is not "/", but javax.servlet.context.tempdir or java.io.tmpdir or another temp directory. I still don't quite understand why setting the temp directory expressly failed (as Tomcat had permission to write to it), and I haven't checked the default temp directories yet to see if that is in fact where the temp file is now being written (it should be written somewhere, since the images have exceeded the threshold size). But this seems to confirm that, as you both suggested, the exception results from a file system permission. Best wishes, Paul - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Host Manager.
> From: Wesley Acheson [mailto:wesley.ache...@gmail.com] > Subject: Host Manager. > Is there is no documentation for the host-manager? Very little that I've found. You can learn a bit about it by looking at its WEB-INF/web.xml file. > If I remember correctly from this list it doesn't persist > its settings is that correct? Correct. > How many people would be interested in it persisting its > settings, by editing the appropriate files. I would be interested. Note that there's only one file to edit: conf/server.xml. > Is that in theory possible? It's all software... > to add the folder structure and the appropiate > context.xml files. That's not necessary - the conf/Catalina/[host]/... files are already created automatically as webapps are deployed under the new . Only conf/server.xml needs to be updated. > Would it interfere too badly with tomcat while > it was running? No, Tomcat only reads server.xml during startup. Whatever update mechanism is used must insure that the file is never in an unparsable state (e.g., don't update in place, instead create a new file and then rename it). - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FileUploadBase$IOFileUploadException
Paul Szynol wrote: Chris, I agree. "Exceeds threshold size" or something along those lines would be a lot more helpful. Paul I believe that you missed Konstantin's message, and that consequently you may have a false sense of security and a false sense of having found the correct solution and a false sense that the error message was inaccurate. In http://commons.apache.org/fileupload/using.html, they show these settings : // Set factory constraints factory.setSizeThreshold(yourMaxMemorySize); factory.setRepository(yourTempDirectory); ... // Set overall request size constraint upload.setSizeMax(yourMaxRequestSize); From this, and from your original message, I gather that the way it works is : - FileUpload will first try to upload the whole request in memory (for performance). But if the request size exceeds the value set by .setSizeThreshold() (or 1 MB by default), it will instead create a temporary file on disk to store the request. - when it starts doing this (writing to disk), it is going to create this temporary file in the directory indicated by .setRepository(). If this is not explicitly set, it will default to "/". So what happened on your first iteration, was that when the size exceeded the default of 1 MB, it tried to create a temporary file in "/", and failed because Tomcat does not have permission to write there. From there came the (accurate) error message. Now that you have increased the .setSizeThreshold() size, it does not reach it anymore, so it does not create a temporary file, so you do not see the message anymore. But it is a false solution, because now you have potentially very large files being loaded in memory, and when that limit will some day be exceeded, you will get the permissions message again. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Host Manager.
Few Questions Is there is no documentation for the host-manager? If I remember correctly from this list it doesn't persist its settings is that correct? How many people would be interested in it persisting its settings, by editing the appropriate files. Final question. Is that in theory possible? to add the folder structure and the appropiate context.xml files. Would it interfere too badly with tomcat while it was running? I really like the idea of the host manager. If it persisted its features I may actually have used it. Regards, Wes
Re: Question on SSI
On Thu, Sep 2, 2010 at 9:22 PM, Wesley Acheson wrote: Far too much. Anyway I'm also interested in the ; mime types if anyone has any better reference. Also what does tomcat do if serving a static file with an unlisted extension?
Re: Question on SSI
On Thu, Sep 2, 2010 at 6:45 AM, Marc Chamberlin wrote: > > Perhaps this does say it, Wesley, but I am going to argue that, like a lot of > documentation, too much is assumed about the readers level of background > understanding. Maybe if you could come up with some concrete suggestions then I think the project owners may be intrested. I'm not talking for them though whatever I say is just what I think. > > In this instance, as an outsider, I do not understand the model inside the > Tomcat server about just how the contentType parameter is going to be used, > or what "text/x-server-parsed-html(;.*)?" is, does, or will do. Take the following jsp as an example <%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> http://www.w3.org/TR/html4/loose.dtd";> Insert title here The content type is defined in the above jsp as text/html. Thats the mime type that will be sent back to a browser. Not all jsp's however need to return text/html this is equally valid. And has a very different response in a browser. <%@ page language="java" contentType="text/xml; charset=UTF-8" pageEncoding="UTF-8"%> Hello from an xml file Or in the case of a servlet the contentType may be defined by response.setContentType(). http://tomcat.apache.org/tomcat-5.5-doc/servletapi/javax/servlet/ServletResponse.html#setContentType%28java.lang.String%29 The final piece of the puzzle is understanding what tomcat does when you don't set a content type such as serving a static file. Firstly it looks in the web.xml of your application to see if it should match a mime type to a file extension. Then it looks in its web.xml in its conf directory. If you read the web.xml in its conf directory you should see: This indicates that (when uncommented) the mime type returned to the browser for a request to *.shtml will have the mime type of text/x-server-parsed-html now I've no idea if thats standard or not but it was used back in the apache httpd server 1.3 days. http://httpd.apache.org/docs/1.3/mod/mod_include.html > > Internet searches resulted in nothing informative, so to me this is a black > box using a magic incantation and I do not have a way to grok how to > manipulate it. Same applies to your answer of using "text/html(;.*)?" for > the content type. This is the standard mime type of most webpages are in. The only reason I added the (;.*)? is it was in the initial expression and it had to do something. ?? Right!?? > > This is perhaps a very unusual form of a reg expression, if I were to > interpret it, I would guess it is trying to match a string "text/html; > followed by an arbitrary set of characters, but I cannot be certain, and > perhaps the semi-colon is being used in a way that I am unfamiliar with... TBH me either, I've just looked it up though. It appears that mime type can have a ; symbol after them followed by the name of the applications that should handle them. I never knew that, So the example I see at http://sylpheeddoc.sourceforge.net/en/manual/manual-14.html is application/pdf; xpdf so it appears that the expression is text/html followed by a ; followed by 1 or more characters where the expression group a ; followed by 1 character may occur at zero or more times. > > And if I am correct, I still do not understand what string is being matched > against, though I might take a wild guess and guess that it is matching the > content declaration in the meta tag of an html document... but then I got no > clue what "test/x-server-parsed-html(;.*)?" is going to match against, and I > cannot find any information about such a document type, so I remain lost... Whats being matched is what would be served to the browser if the included file was served. For example jsp's often begin. > > Some mime types are more intuitive than others, but not entirely. While I can > understand the need to associate simpler concepts, like a jpeg image with > something to handle .jpeg files, I really cannot say I understand the mapping > fully to understand just how that mapping is done. Many sites are willing to > list these mime types and repeat the same sort of list that is found in the > web.xml file, but they do not reveal just what is going to happen or how the > mapping gets modeled/translated into an action. > > So, IMHO what is needed is some additional links in the documentation, to > places where concepts such as these are better defined... >> >> Also as a side note you can have multiple mappings for one filter.So in >> production based on your requirements I'd do the following >> >> >> ssi >> *.html> pattern> >> >> >> >> ssi >> *.htm> pattern> >> >> >> >> ssi >> *.jsp> pattern> >> >> >> >> That should fix it. In case your wondering what mime types that are used in >> tomcat they are all listed in the web.xml in the conf subfolder of tomcat. > > Again thanks for your taking the time to help me, and I know I got a lot of > learning to do yet...
RE: java.net.BindException: Address already in use
I am not clear on the question as I inserted the log file in the early emails. Paul Paul Bourget Isabella Products -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, August 31, 2010 3:21 PM To: Tomcat Users List Subject: Re: java.net.BindException: Address already in use -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul, On 8/31/2010 3:07 PM, Paul Bourget wrote: > I compared the server.xml file to the one used on the production servers > and it was the same except for the ip addresses. During bootup I get > the failure but when I run the "Catalina.sh start" command, tomcat > starts up fine. So, it only fails on system boot? Okay, what happens at system boot, then? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx9VjUACgkQ9CaO5/Lv0PCNSgCgoUQF9ZAbv79Zavy/PAyIqPuV fswAoJ/n4ysGbLyaZQz1HkCdIIOfSGtC =lHMM -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] FileUploadBase$IOFileUploadException
Hey, Chris, Thanks for your note. java.io.tmpdir has the same value as the temp dir set up in catalina.sh, which is a subdirectory of Tomcat, and which Tomcat is permitted to access (r and w). Your point about writing to disk twice is well taken. As far as I can tell, fileupload doesn't give you a handle to the tmp file, but I'll take a closer look to see if there is a way to utilize the stored data before it's deleted--that would speed things up indeed. Thanks for the suggestion. Best wishes, Paul On 9/2/10 10:43 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul, On 9/1/2010 11:27 PM, Paul Szynol wrote: I checked the temp directory in catalina.sh and also by adding this line to the the ContextListener class: System.out.println("Temp dir: " + (event.getServletContext() .getAttribute("javax.servlet.context.tempdir")) .toString()); The latter is a subdirectory of the former; Tomcat has read/write access to both places. You didn't mention what the former and latter are ;) Again, unless you configure commons-fileupload to use Tomcat's tempdir, it'll default to java.io.tmpdir, which you didn't report. What is that set to? I do create a temporary local copy of the image on disk (by using native Java IO classes), so I am able to access the file system without a problem (ultimately, the images are stored in a database). If commons-fileupload is willing to store the file on the disk for you, why not let it do that and provide an InputStream to your db-writing code? Otherwise, you might end up writing the same file to the disk /twice/ before putting it into the database (and back to the disk a third time). It looks like fileupload is meant to store a temporary version of the image during the upload, presumably to minimize memory usage. I believe so. Under a certain size, it will just use memory and leave the disk alone. This is where the fail is happening, if the image exceeds the threshold size. I've monitored both temporary directories during the upload, and indeed nothing is being written to them. Can you post your code for commons-fileupload usage? That might help. I guess I can increase the threshold size to a higher value to prevent the exception by avoiding the file system write altogether, but I worry that if the application has many users uploading large images concurrently, this set up will quickly lead to fatal out of memory errors. :( Exactly why this feature exists. ;) You could also limit the number of simultaneous uploads, and then make sure your upload concurrency limit * maximum image size is affordable under your memory constraints. I've sent an inquiry to the apache commons user mailing list. I will follow up here when I hear back. Sound good. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/uBMACgkQ9CaO5/Lv0PDCEwCfUJ0S+oTiLCujI5NLIxk1Awel iAYAn08cN5LCkmshK4AseeEPPKg+4/gG =hgED -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: pick load
Le jeudi 02 septembre 2010 à 11:22 -0400, Christopher Schultz a écrit : > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Alexandre, > > On 9/2/2010 12:08 AM, Alexandre Chapellon wrote: > > Forget about it this doesn't seems to be related to the jk connector. > > Right: the jk connector can be tweaked separately. You appear to have > other problems. > > > I have the same problems when direct sending requests to tomcat (errors > > which do not appear under nomal load): > > > > 2010-09-01 18:06:53.459 - FAILURE - [tracing] - MANA - Exception dans > > [Authentification::doAuthentification(String,String)] : > > [Search::searchPartyByAddInfo(String,object)] Erreur : impossible de > > recuperer les parties avec l'info additionnel accessCode = CHAP0712A : > > null > > 2010-09-01 18:06:53.459 - FAILURE - [tracing] - MANA - > > [Authentification::performTask(HttpServletRequest,HttpServletResponse)] > > Exception rencontr?e pendant l'authentification de CHAP0712A. > > 2010-09-01 18:06:53.467 - FAILURE - [tracing] - MANA - Exception dans > > [Search::searchParty(String)] : null > > 2010-09-01 18:06:53.471 - FAILURE - [tracing] - MANA - Exception dans > > [Client.fetchInformation(String)] :[Search::searchParty(String)] > > Erreur : impossible de recuperer la partie CHAP0712A : null > > java.lang.Exception: [Search::searchParty(String)] Erreur : impossible > > de recuperer la partie CHAP0712A : null > > at com.mana.om.Client.fetchInformation(Client.java:676) > > at com.mana.selfcare.Authenticate.performTask(Authenticate.java:207) > > at com.mana.selfcare.Authenticate.doPost(Authenticate.java:84) > > That looks like an application error to me. Yes to me too, but what's weired is that thoose errors enver appears under normal load... this really drives me crazy! > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkx/wTMACgkQ9CaO5/Lv0PDXFgCgrMYix3jPszsSdOotB2qyZ9+i > DBIAnjm44KkSTGLwRtl6GswN/njUC5bD > =ZDt3 > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
Re: URL rewrite
Am Donnerstag, den 02.09.2010, 09:49 -0700 schrieb Mohit Anchlia: > On Thu, Sep 2, 2010 at 9:35 AM, michel wrote: > > > > - Original Message - From: "Mohit Anchlia" > > To: "Tomcat Users List" > > Sent: Thursday, September 02, 2010 12:25 PM > > Subject: Re: URL rewrite > > > > > >> On Wed, Sep 1, 2010 at 6:21 PM, Hassan Schroeder > >> wrote: > > Is there a way to change the URL for eg: > > http://abc.com/a > to > http://abc.com/b/a > >>> > >>> http://lmgtfy.com/?q=tomcat+url+rewrite > >>> > >> Is URL rewrite module inbuilt or is there something that need to get > >> loaded > > > > > > > > > > > > http://code.google.com/p/urlrewritefilter/ > > > Looks like it needs a servlet for tomcat. Is there something like > mod_rewrite where any request coming in tomcat and without having to > have servlet can be changed? You could configure your webapps as multi-level contexts as described on http://tomcat.apache.org/tomcat-6.0-doc/config/context.html. So if your context file was named a.xml you could rename it to "b#a.xml". Bye Felix > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: unusual mod_jk 1.2.30 log messages
On Thu, 2010-09-02 at 12:39 +0100, Brett Delle Grazie wrote: > Hi, > > We're having some strange errors being reported in the 1.2.30 version of > mod_jk. We think they might be related to the performance issues we're > experiencing under load. > > OS: RHEL 5.5 (fully patched) > Apache HTTPD: 2.2.3 (from OS vendor) > mod_jk: 1.2.30 (downloaded from Tomcat site and compiled locally) > Tomcat: 6.0.29 (binary distribution from apache.org) > JVM: 1.6.0_21 (Sun, 64-bit). > > A sample is below. I'm mostly concerned about the 'awaited reply cpong > recieved 3 instead' and the subsequenct close and failure to send > request. > > Has anyone seen this before? > > [Thu Sep 02 07:22:47.508 2010] [31759:47279871456000] [info] > init_jk::mod_jk.c (3189): mod_jk/1.2.30 initialized > [Thu Sep 02 07:22:47.588 2010] [31763:47279871456000] [info] > init_jk::mod_jk.c (3189): mod_jk/1.2.30 initialized > [Thu Sep 02 07:22:52.896 2010] [31781:1237244224] [warn] > ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, > received 3 instead. Closing connection > [Thu Sep 02 07:22:52.896 2010] [31781:1237244224] [info] > ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, > socket -1 prepost cping/cpong failure (errno=0) > [Thu Sep 02 07:22:59.647 2010] [31781:1258223936] [warn] > ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, > received 3 instead. Closing connection > [Thu Sep 02 07:22:59.647 2010] [31781:1258223936] [info] > ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, > socket -1 prepost cping/cpong failure (errno=0) > [Thu Sep 02 07:23:02.042 2010] [32082:1253792064] [warn] > ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, > received 3 instead. Closing connection > [Thu Sep 02 07:23:02.042 2010] [32082:1253792064] [info] > ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, > socket -1 prepost cping/cpong failure (errno=0) > [Thu Sep 02 07:23:06.142 2010] [32049:1325504832] [warn] > ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, > received 3 instead. Closing connection > [Thu Sep 02 07:23:06.142 2010] [32049:1325504832] [info] > ajp_send_request::jk_ajp_common.c (1518): (jvm1) failed sending request, > socket -1 prepost cping/cpong failure (errno=0) > [Thu Sep 02 07:23:11.231 2010] [32082:1211832640] [info] > ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted > or client network problems > [Thu Sep 02 07:23:11.231 2010] [32082:1211832640] [info] > ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat > failed (unrecoverable), because of client write error (attempt=1) > [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] > service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local > error state > [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] > service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. > Client failed in the middle of request, we can't recover to another > instance. > [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] > jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer > [Thu Sep 02 07:23:11.444 2010] [32049:1315014976] [info] > ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted > or client network problems > [Thu Sep 02 07:23:11.444 2010] [32049:1315014976] [info] > ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat > failed (unrecoverable), because of client write error (attempt=1) > [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] > service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local > error state > [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] > service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. > Client failed in the middle of request, we can't recover to another > instance. > [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] > jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer > [Thu Sep 02 07:23:11.645 2010] [32082:1232812352] [info] > ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted > or client network problems > [Thu Sep 02 07:23:11.645 2010] [32082:1232812352] [info] > ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat > failed (unrecoverable), because of client write error (attempt=1) > [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] > service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local > error state > [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] > service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. > Client failed in the middle of request, we can't recover to another > instance. > [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] > jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer > [Thu Sep 02 07:23:17.902 2010] [31927:1298282816] [warn] > ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply
Re: Question on SSI
On 9/1/2010 7:01 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marc, On 9/1/2010 6:52 PM, Marc Chamberlin wrote: On 9/1/2010 1:49 PM, Christopher Schultz wrote: You will have to use filter mapping in order to post-process your .jsp and other dynamic pages: a servlet can't be wrapped around another servlet (such as the JSPServlet, which you don't have to map yourself) for this kind of thing. So, stick with the filter. OK, I kinda gathered that a filter is applied to everything served up by the server, before servlets are invoked... So it makes sense that a filter has to be used (if I am understanding this correctly) for JSP Servlets Technically speaking, the filter "wraps" the call to the actual servlet (or, even, other filters that get called before the servlet). They can act either before or after the servlet, or both. The SSI filter wraps the request handed-off to the "filter chain" (which ultimately ends by calling a servlet) and buffers the response. After the rest of the filter chain has run (and presumably produced output), the SSI filter completes its task by actually running that buffered-output through the SSI processor to actually *do* all of the SSI stuff. The result is then sent to the client. Honestly, I'm not sure why the SSI Servlet is even included: the DefaultServlet handles files on the disk, etc. quite nicely and the SSI Filter can be used to filter them, too. See my related post on the SSI Filter implementation if you're interested. Aww THANKS for the explanation Christopher! That helps a lot... And I think I follow you on the SSI Servlet, I was unsuccessful in getting SSI to work with it, and have not gone back and retried... The Filter approach seems more intuitive to me.. Note that you should be able to set up SSI in a single webapp instead of modifying the conf/web.xml file as described in the SSI documentation. I find this cleaner, as you will only end up making SSI available in a specific webapp instead of across all webapps deployed onto the server. The itself should definitely only be included in your webapp's META-INF/web.xml file. Not sure I fully understand you here, so please forgive my lack of understanding... I do want this SSI feature to be available across all the webapps deployed on our server. As I mentioned previously, we want to provide some services that users can access, by simply including a server side include statement that will effectively include these features on their web pages. Gotcha. Feel free to enable this site-wide, then (using conf/web.xml). Evidently, you'll also have to make all contexts that want to use SSI "privileged". I'm not entirely sure that's true if you enable it at the top-level as you are doing. Please let us know. I changed to Context tag declaration in the Context.xml file to and that enables SSI for all my webapps (so far as I have tested it) Again thanks for your time and help! A little bit of the fog has lifted for me! ;-) Marc... - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: URL rewrite
This sounds bad... :( There are options like: - you could set up apache in front of tomcat and url rewrite there - you could use filters - you could have an app that actually uses any servlets.. But maybe you want to consider a forum or discussion list about servlet/jsp development? From: Mohit Anchlia [mohitanch...@gmail.com] Sent: September 2, 2010 12:49 PM To: Tomcat Users List Subject: Re: URL rewrite On Thu, Sep 2, 2010 at 9:35 AM, michel wrote: > > - Original Message - From: "Mohit Anchlia" > To: "Tomcat Users List" > Sent: Thursday, September 02, 2010 12:25 PM > Subject: Re: URL rewrite > > >> On Wed, Sep 1, 2010 at 6:21 PM, Hassan Schroeder >> wrote: Is there a way to change the URL for eg: http://abc.com/a to http://abc.com/b/a >>> >>> http://lmgtfy.com/?q=tomcat+url+rewrite >>> >> Is URL rewrite module inbuilt or is there something that need to get >> loaded > > > > > > http://code.google.com/p/urlrewritefilter/ > Looks like it needs a servlet for tomcat. Is there something like mod_rewrite where any request coming in tomcat and without having to have servlet can be changed? > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] clear text keystore password in server.xml
On 02/09/2010 17:31, Christopher Schultz wrote: > Pid, > > On 9/2/2010 11:51 AM, Pid wrote: >>> On 9/2/2010 11:28 AM, Christopher Schultz wrote: 1. Use a password entered on the console during start-up (the "Apache httpd strategy") > >> java.io.Console makes this easy in Java 6, but... > > Right: before Java 6, you'd have to enter the password clear-text on the > console. :( > All other strategies simply move the problem to some other component. Protecting one password requires another password which requires protecting which ... you get the idea. > >> ..lots of info is available by JMX, once the server is up. In Java 6 >> you can attach to the process locally, without having to configure the >> JMX ports because it injects the management agent into the virtual machine. > > I hadn't considered that, never having used JMX. Are you saying that > anyone with local access can snoop a JVM? What are the strategies > available to prohibit that? Can you disable local JMX altogether? How > about some kind of authentication? Pretty much. I'm not sure how to disable it, I've only just got the hang of enabling it. http://download.oracle.com/javase/6/docs/jdk/api/attach/spec/com/sun/tools/attach/VirtualMachine.html Also: sun.management.ConnectorAddressLink, but I can't find a javadoc for that. p >> Worse, if they're already on your server they've probably got a much >> bigger surface area to attack, than just Tomcat. And if they get root, >> it's all over. > > +1 > > -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org 0x62590808.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
RE: URL rewrite
Mohit, Have you really not heard of servlet mapping before? Are you sure you are using Tomcat and not just Apache webserver? Max Stocker|Director of Technology|TalentOyster|O) 416.342.1145 x 297 www.TalentOyster.com TalentOyster.com: talent for the New Mainstream From: Mohit Anchlia [mohitanch...@gmail.com] Sent: September 2, 2010 12:26 PM To: Tomcat Users List Subject: Re: URL rewrite On Wed, Sep 1, 2010 at 7:04 PM, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Mohit, > > On 9/1/2010 9:10 PM, Mohit Anchlia wrote: >> Tomcat 6: >> >> Is there a way to change the URL for eg: >> >> http://abc.com/a >> >> to >> >> http://abc.com/b/a > > Sure: > > CTRL-L, END, LEFT, 'b', then '/' > > Voile! Thanks have you used this before :) I was looking for some module in tomcat that will do it for me. I am looking at URL rewrite now. > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkx/BjUACgkQ9CaO5/Lv0PAy1ACgrn27f5l0EmVV+ogHJcRPfOfn > hbwAnAunqGVIFcuxJudmMZaaWpCfDfbK > =NpF0 > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL rewrite
On Thu, Sep 2, 2010 at 9:35 AM, michel wrote: > > - Original Message - From: "Mohit Anchlia" > To: "Tomcat Users List" > Sent: Thursday, September 02, 2010 12:25 PM > Subject: Re: URL rewrite > > >> On Wed, Sep 1, 2010 at 6:21 PM, Hassan Schroeder >> wrote: Is there a way to change the URL for eg: http://abc.com/a to http://abc.com/b/a >>> >>> http://lmgtfy.com/?q=tomcat+url+rewrite >>> >> Is URL rewrite module inbuilt or is there something that need to get >> loaded > > > > > > http://code.google.com/p/urlrewritefilter/ > Looks like it needs a servlet for tomcat. Is there something like mod_rewrite where any request coming in tomcat and without having to have servlet can be changed? > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: clear text keystore password in server.xml
> -Original Message- > From: David kerber [mailto:dcker...@verizon.net] > Sent: Thursday, September 02, 2010 9:37 AM > To: Tomcat Users List > Subject: Re: clear text keystore password in server.xml > > On 9/2/2010 11:28 AM, Christopher Schultz wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > > > Luca, > > > > On 8/30/2010 2:42 AM, Luca Gervasi wrote: > >> I'm working to secure this, but...it's not too easy (and i'm surely > not > >> a skilled programmer...). > >> > >> But I hope this topic will be kept up! > > > > There is virtually nothing you can do about this. The only solutions > > here are: > > > > 1. Use a password entered on the console during start-up (the "Apache > > httpd strategy") > > Or a minor variant of this, such as entering the pwd on a secure web > page just after startup, though this has other disadvantages. And how would this page be secured since you wouldn't have SSL capability at that point? > > > > 2. Remove the password from the keystore > > > > Removing the password from the keystore is just about as (in)secure > as > > having the password in server.xml in plain-text. > > > > All other strategies simply move the problem to some other component. > > Protecting one password requires another password which requires > > protecting which ... you get the idea. George Sexton MH Software, Inc. 303 438-9585 www.mhsoftware.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL rewrite
- Original Message - From: "Mohit Anchlia" To: "Tomcat Users List" Sent: Thursday, September 02, 2010 12:25 PM Subject: Re: URL rewrite On Wed, Sep 1, 2010 at 6:21 PM, Hassan Schroeder wrote: Is there a way to change the URL for eg: http://abc.com/a to http://abc.com/b/a http://lmgtfy.com/?q=tomcat+url+rewrite Is URL rewrite module inbuilt or is there something that need to get loaded http://code.google.com/p/urlrewritefilter/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] clear text keystore password in server.xml
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pid, On 9/2/2010 11:51 AM, Pid wrote: >> On 9/2/2010 11:28 AM, Christopher Schultz wrote: >>> 1. Use a password entered on the console during start-up (the "Apache >>> httpd strategy") > > java.io.Console makes this easy in Java 6, but... Right: before Java 6, you'd have to enter the password clear-text on the console. :( >>> All other strategies simply move the problem to some other component. >>> Protecting one password requires another password which requires >>> protecting which ... you get the idea. > > ..lots of info is available by JMX, once the server is up. In Java 6 > you can attach to the process locally, without having to configure the > JMX ports because it injects the management agent into the virtual machine. I hadn't considered that, never having used JMX. Are you saying that anyone with local access can snoop a JVM? What are the strategies available to prohibit that? Can you disable local JMX altogether? How about some kind of authentication? > Worse, if they're already on your server they've probably got a much > bigger surface area to attack, than just Tomcat. And if they get root, > it's all over. +1 - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/0UQACgkQ9CaO5/Lv0PAtVgCaA0q97gYTRPrqB9FfiKCFhzPW cFUAnRrKtuYAp7Ee5xTTDc66CEuU8AQM =a7// -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: URL rewrite
On Wed, Sep 1, 2010 at 7:04 PM, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Mohit, > > On 9/1/2010 9:10 PM, Mohit Anchlia wrote: >> Tomcat 6: >> >> Is there a way to change the URL for eg: >> >> http://abc.com/a >> >> to >> >> http://abc.com/b/a > > Sure: > > CTRL-L, END, LEFT, 'b', then '/' > > Voile! Thanks have you used this before :) I was looking for some module in tomcat that will do it for me. I am looking at URL rewrite now. > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkx/BjUACgkQ9CaO5/Lv0PAy1ACgrn27f5l0EmVV+ogHJcRPfOfn > hbwAnAunqGVIFcuxJudmMZaaWpCfDfbK > =NpF0 > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: unusual mod_jk 1.2.30 log messages
On 02.09.2010 13:39, Brett Delle Grazie wrote: Hi, We're having some strange errors being reported in the 1.2.30 version of mod_jk. We think they might be related to the performance issues we're experiencing under load. OS: RHEL 5.5 (fully patched) Apache HTTPD: 2.2.3 (from OS vendor) mod_jk: 1.2.30 (downloaded from Tomcat site and compiled locally) Tomcat: 6.0.29 (binary distribution from apache.org) JVM: 1.6.0_21 (Sun, 64-bit). Thanks for the info (and for keeping most of it up-to-date) :) A sample is below. I'm mostly concerned about the 'awaited reply cpong recieved 3 instead' and the subsequenct close and failure to send request. Has anyone seen this before? [Thu Sep 02 07:22:47.508 2010] [31759:47279871456000] [info] init_jk::mod_jk.c (3189): mod_jk/1.2.30 initialized [Thu Sep 02 07:22:47.588 2010] [31763:47279871456000] [info] init_jk::mod_jk.c (3189): mod_jk/1.2.30 initialized [Thu Sep 02 07:22:52.896 2010] [31781:1237244224] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:22:52.896 2010] [31781:1237244224] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:22:59.647 2010] [31781:1258223936] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:22:59.647 2010] [31781:1258223936] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:02.042 2010] [32082:1253792064] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:23:02.042 2010] [32082:1253792064] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:06.142 2010] [32049:1325504832] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:23:06.142 2010] [32049:1325504832] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm1) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:11.231 2010] [32082:1211832640] [info] ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted or client network problems [Thu Sep 02 07:23:11.231 2010] [32082:1211832640] [info] ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1) [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local error state [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance. [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer [Thu Sep 02 07:23:11.444 2010] [32049:1315014976] [info] ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted or client network problems [Thu Sep 02 07:23:11.444 2010] [32049:1315014976] [info] ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1) [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local error state [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance. [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer [Thu Sep 02 07:23:11.645 2010] [32082:1232812352] [info] ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted or client network problems [Thu Sep 02 07:23:11.645 2010] [32082:1232812352] [info] ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1) [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local error state [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance. [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer [Thu Sep 02 07:23:17.902 2010] [31927:1298282816] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:23:17.902 2010] [31927:1298282816] [info] ajp_send_request::jk_ajp_com
Re: URL rewrite
On Wed, Sep 1, 2010 at 6:21 PM, Hassan Schroeder wrote: >> Is there a way to change the URL for eg: >> >> http://abc.com/a >> to >> http://abc.com/b/a > > http://lmgtfy.com/?q=tomcat+url+rewrite > Is URL rewrite module inbuilt or is there something that need to get loaded > -- > Hassan Schroeder hassan.schroe...@gmail.com > twitter: @hassan > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: clear text keystore password in server.xml
On 02/09/2010 16:37, David kerber wrote: > On 9/2/2010 11:28 AM, Christopher Schultz wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> Luca, >> >> On 8/30/2010 2:42 AM, Luca Gervasi wrote: >>> I'm working to secure this, but...it's not too easy (and i'm surely not >>> a skilled programmer...). >>> >>> But I hope this topic will be kept up! >> >> There is virtually nothing you can do about this. The only solutions >> here are: >> >> 1. Use a password entered on the console during start-up (the "Apache >> httpd strategy") java.io.Console makes this easy in Java 6, but... > Or a minor variant of this, such as entering the pwd on a secure web > page just after startup, though this has other disadvantages. > > >> 2. Remove the password from the keystore >> >> Removing the password from the keystore is just about as (in)secure as >> having the password in server.xml in plain-text. >> >> All other strategies simply move the problem to some other component. >> Protecting one password requires another password which requires >> protecting which ... you get the idea. ..lots of info is available by JMX, once the server is up. In Java 6 you can attach to the process locally, without having to configure the JMX ports because it injects the management agent into the virtual machine. Worse, if they're already on your server they've probably got a much bigger surface area to attack, than just Tomcat. And if they get root, it's all over. p 0x62590808.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
RE: Tomcat dies after starting
> From: jan gestre [mailto:ipcopper...@gmail.com] > Subject: Re: Tomcat dies after starting > I'm the only user of this dedicated machine, it's not yet in > production that's why I'm quite sure :). Even the init scripts logs > tells that Tomcat is started only to find out that it's not actually > running because of sudden death. What you're saying doesn't match what's visible in the logs. It's very evident that you have at least two Tomcats running - perhaps your startup script is accidentally kicking off the Tomcat process twice. To reduce confusion, clear out the Tomcat logs and try starting Tomcat, and then repost the log. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Slow "network" with additional Connector (Port) in tomcat
> From: Yoav Naveh [mailto:yoavna...@gmail.com] > Subject: Re: Slow "network" with additional Connector (Port) in tomcat > Some more information: > Tomcat is using OpenJdk6, on Ubuntu 8.04 You still haven't told us the Tomcat version you're using. > I have attached my server.xml file. There are no elements for the specified redirect port, but that shouldn't affect this testing. You should not be putting elements in server.xml; doing so will likely result in double deployment of webapps and confusion in where requests are routed. You should remove both elements, rename your myDoc to ROOT (case sensitive), and place just the following in webapps/ROOT/META-INF/context.xml: If you need to access the webapp with the http:///myDoc URL, either create a dummy myDoc webapp that redirects to ROOT, or use a filter in webapps/ROOT/WEB-INF/web.xml to redirect. Clean up those obvious problems, then retest. It likely won't make a difference, but it will eliminate variables that shouldn't be there. Also, try enabling the AccessLogValve to see Tomcat's view of request/response timing. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: clear text keystore password in server.xml
On 9/2/2010 11:28 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Luca, On 8/30/2010 2:42 AM, Luca Gervasi wrote: I'm working to secure this, but...it's not too easy (and i'm surely not a skilled programmer...). But I hope this topic will be kept up! There is virtually nothing you can do about this. The only solutions here are: 1. Use a password entered on the console during start-up (the "Apache httpd strategy") Or a minor variant of this, such as entering the pwd on a secure web page just after startup, though this has other disadvantages. 2. Remove the password from the keystore Removing the password from the keystore is just about as (in)secure as having the password in server.xml in plain-text. All other strategies simply move the problem to some other component. Protecting one password requires another password which requires protecting which ... you get the idea. D - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: A little trouble with SSL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrea, On 8/29/2010 10:39 PM, Andrea Freire wrote: > There are the configuration files. Your attachments were stripped by the list. Please paste them inline and try again. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/wxMACgkQ9CaO5/Lv0PBP8ACgh2V46cdChpwJ6lLRVkUYTLOi y/QAn0M3y56LfbygPkO4By3cMX7kQXC7 =8RNS -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: clear text keystore password in server.xml
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Luca, On 8/30/2010 2:42 AM, Luca Gervasi wrote: > I'm working to secure this, but...it's not too easy (and i'm surely not > a skilled programmer...). > > But I hope this topic will be kept up! There is virtually nothing you can do about this. The only solutions here are: 1. Use a password entered on the console during start-up (the "Apache httpd strategy") 2. Remove the password from the keystore Removing the password from the keystore is just about as (in)secure as having the password in server.xml in plain-text. All other strategies simply move the problem to some other component. Protecting one password requires another password which requires protecting which ... you get the idea. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/wqoACgkQ9CaO5/Lv0PBcrACfUVih9nF6BorLy5KCAQ8Gk2xe k2IAni9IqXoI4TOTN6AN1qToY3ypyiTK =DMfB -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: pick load
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexandre, On 9/2/2010 12:08 AM, Alexandre Chapellon wrote: > Forget about it this doesn't seems to be related to the jk connector. Right: the jk connector can be tweaked separately. You appear to have other problems. > I have the same problems when direct sending requests to tomcat (errors > which do not appear under nomal load): > > 2010-09-01 18:06:53.459 - FAILURE - [tracing] - MANA - Exception dans > [Authentification::doAuthentification(String,String)] : > [Search::searchPartyByAddInfo(String,object)] Erreur : impossible de > recuperer les parties avec l'info additionnel accessCode = CHAP0712A : > null > 2010-09-01 18:06:53.459 - FAILURE - [tracing] - MANA - > [Authentification::performTask(HttpServletRequest,HttpServletResponse)] > Exception rencontr?e pendant l'authentification de CHAP0712A. > 2010-09-01 18:06:53.467 - FAILURE - [tracing] - MANA - Exception dans > [Search::searchParty(String)] : null > 2010-09-01 18:06:53.471 - FAILURE - [tracing] - MANA - Exception dans > [Client.fetchInformation(String)] :[Search::searchParty(String)] > Erreur : impossible de recuperer la partie CHAP0712A : null > java.lang.Exception: [Search::searchParty(String)] Erreur : impossible > de recuperer la partie CHAP0712A : null > at com.mana.om.Client.fetchInformation(Client.java:676) > at com.mana.selfcare.Authenticate.performTask(Authenticate.java:207) > at com.mana.selfcare.Authenticate.doPost(Authenticate.java:84) That looks like an application error to me. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/wTMACgkQ9CaO5/Lv0PDXFgCgrMYix3jPszsSdOotB2qyZ9+i DBIAnjm44KkSTGLwRtl6GswN/njUC5bD =ZDt3 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat Web App - Strange Issue - Need 2 restarts for SSO mode to work
> From: Sunil A V [mailto:sunil...@infosys.com] > Subject: Tomcat Web App - Strange Issue - Need 2 restarts for SSO mode to work Tomcat version? JVM level? Platform? Anything of interest in the Tomcat logs? > The web application is available through 2 modes of links - > one is regular without load balacer and other is Single Sign > On based through load balancer. Please explain how that is configured. Are they completely separate Tomcat instances on different boxes? > Deployment Procedure: > Stop the server > Copy the new war to webapps replacing the old one > remove the complete diretcory of MyApp recursively (rm -rf MyApp) > start the server Should be ok, although it's a bit heavy-handed. > We try both the links of application. What is a "link"? > Please note the web.xml in Tomcat/webapps/MyApp/WEB-INF directory has below > > myapp.jsp > Which leaves directory listings enabled for the webapp. > The application has only myapp.jsp and none of index.* files > Tomcat might not be finding xcard.jsp Why would it? Based on your description of the file contents, there is no xcard.jsp, just a myapp.jsp. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Slow "network" with additional Connector (Port) in tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yoav, On 9/2/2010 2:22 AM, Yoav Naveh wrote: > Tomcat is using OpenJdk6, on Ubuntu 8.04 I have attached my > server.xml file. The only thing that comes to mind is that I set a > relatively low accept-count for the other port. I think we tested > without that parameter and did not getter better results. Let me know > if there is a high chance this is the issue The acceptCount just sets the socket's connection backlog size... unless you are putting a huge amount of load on your server, you shouldn't notice any slowness of the interface. > For the second set of questions: I ran the test on EC2, and verified > on a different environment that problem occurs there as well. ports > are open, nothing in iptables, I used direct IP address in my test > and test client is always the same browser from the same host. The only things I can think of are: 1. Reverse DNS is taking a long time (try disabling reverse DNS lookups) 2. Your tests are flawed - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/v6QACgkQ9CaO5/Lv0PBYCACgt+c+xlszW7gtOq1EbyVjwhjm 3FEAoKVomm/y/SyHbT0VwsqTwO49hMqZ =r007 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat dies after starting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jan, On 9/2/2010 2:42 AM, jan gestre wrote: > I'm the only user of this dedicated machine, it's not yet in > production that's why I'm quite sure :). Even the init scripts logs > tells that Tomcat is started only to find out that it's not actually > running because of sudden death. You may still have started Tomcat more than once, or something else might be running on the machine taking those ports. Try these: $ ps aux | grep java (See if there are any java processes running) $ netstat -an | grep 8080 You may need to be root in order to read all processes and port usages. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/uisACgkQ9CaO5/Lv0PCObACeKJXQnRdwba+x60PGcS8PRDU6 qMAAn3+93i2uNJaQWAmsx3T6kCewbCB2 =ZpbR -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: [OT] FileUploadBase$IOFileUploadException
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul, On 9/1/2010 11:27 PM, Paul Szynol wrote: > I checked the temp directory in catalina.sh and also by adding this line > to the the ContextListener class: > > System.out.println("Temp dir: " > + (event.getServletContext() > .getAttribute("javax.servlet.context.tempdir")) > .toString()); > > The latter is a subdirectory of the former; Tomcat has read/write access > to both places. You didn't mention what the former and latter are ;) Again, unless you configure commons-fileupload to use Tomcat's tempdir, it'll default to java.io.tmpdir, which you didn't report. What is that set to? > I do create a temporary local copy of the image on disk (by using > native Java IO classes), so I am able to access the file system > without a problem (ultimately, the images are stored in a database). If commons-fileupload is willing to store the file on the disk for you, why not let it do that and provide an InputStream to your db-writing code? Otherwise, you might end up writing the same file to the disk /twice/ before putting it into the database (and back to the disk a third time). > It looks like fileupload is meant to store a temporary version of the > image during the upload, presumably to minimize memory usage. I believe so. Under a certain size, it will just use memory and leave the disk alone. > This is where the fail is happening, if the image exceeds the > threshold size. I've monitored both temporary directories during the > upload, and indeed nothing is being written to them. Can you post your code for commons-fileupload usage? That might help. > I guess I can increase the threshold size to a higher value to prevent > the exception by avoiding the file system write altogether, but I worry > that if the application has many users uploading large images > concurrently, this set up will quickly lead to fatal out of memory > errors. :( Exactly why this feature exists. ;) You could also limit the number of simultaneous uploads, and then make sure your upload concurrency limit * maximum image size is affordable under your memory constraints. > I've sent an inquiry to the apache commons user mailing list. I will > follow up here when I hear back. Sound good. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkx/uBMACgkQ9CaO5/Lv0PDCEwCfUJ0S+oTiLCujI5NLIxk1Awel iAYAn08cN5LCkmshK4AseeEPPKg+4/gG =hgED -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat Web App - Strange Issue - Need 2 restarts for SSO mode to work
Hi, We have a web application deployed on Tomcat server and is working pretty fine, except in one mode. The web application is available through 2 modes of links - one is regular without load balacer and other is Single Sign On based through load balancer. The normal mode works fine with one start after new war deployment. However SSO link through load balancer does not work fine. When stooped and started again, it works just fine. Here is the sample directory structure: Tomcat webapps MyApp WEB-INF web.xml jsp myapp.jsp MyApp.war bin logs conf web.xml Deployment Procedure: Stop the server Copy the new war to webapps replacing the old one remove the complete diretcory of MyApp recursively (rm -rf MyApp) start the server Issue: We try both the links of application. The normal one works just fine first time itself. The SSO link shows up the directory listings page of webapps directory showing the MyApp.war and MyApp directory link. Now all we need to workaround this is just stop the server again and then start it. Surprisingly both SSO mode link and normal works totally fine. This is recurring problem. Is there a proper permanent fix to this? Please note the web.xml in Tomcat/conf directory has below default listings true index.html index.htm index.jsp Please note the web.xml in Tomcat/webapps/MyApp/WEB-INF directory has below myapp.jsp The application has only myapp.jsp and none of index.* files myapp.jsp is as below /who.do"> Somehow first time when new war is deployed, old exploded directory is deleted and server is started, the Tomcat might not be finding xcard.jsp or the application specific web.xml and hence it is listings the directory based on settings in Tomcat/conf/web.xml. No exceptions in log file. Second time however it finds the web.xml and xcard.jsp and hence works. We even tried changing deployment procedure not to delete the exploded directory and rest of steps same. But it does not help either. If we drop the new war while the server is running, it does not take the changes in new war. ~Sunil
RE: What is default value of CATALINA_OPTS at apache-tomcat-6.0.29?
> From: takanobu watanabe [mailto:rreedd...@gmail.com] > Subject: Re: What is default value of CATALINA_OPTS at apache-tomcat-6.0.29? > But when jconsole try to connect remote target host, JVM down. > # Java VM: OpenJDK Core VM (1.6.0_0-b11 interpreted mode linux-arm) That is a very, very old release of OpenJDK; the current one I have is 1.6.0_18: java version "1.6.0_18" OpenJDK Runtime Environment (IcedTea6 1.8.1) (suse-1.1.5-x86_64) OpenJDK 64-Bit Server VM (build 14.0-b16, mixed mode) I would hope something newer is available for your ARM chip, but you may have to build it yourself. http://mail.openjdk.java.net/pipermail/jdk6-dev/2009-April/000455.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
unusual mod_jk 1.2.30 log messages
Hi, We're having some strange errors being reported in the 1.2.30 version of mod_jk. We think they might be related to the performance issues we're experiencing under load. OS: RHEL 5.5 (fully patched) Apache HTTPD: 2.2.3 (from OS vendor) mod_jk: 1.2.30 (downloaded from Tomcat site and compiled locally) Tomcat: 6.0.29 (binary distribution from apache.org) JVM: 1.6.0_21 (Sun, 64-bit). A sample is below. I'm mostly concerned about the 'awaited reply cpong recieved 3 instead' and the subsequenct close and failure to send request. Has anyone seen this before? [Thu Sep 02 07:22:47.508 2010] [31759:47279871456000] [info] init_jk::mod_jk.c (3189): mod_jk/1.2.30 initialized [Thu Sep 02 07:22:47.588 2010] [31763:47279871456000] [info] init_jk::mod_jk.c (3189): mod_jk/1.2.30 initialized [Thu Sep 02 07:22:52.896 2010] [31781:1237244224] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:22:52.896 2010] [31781:1237244224] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:22:59.647 2010] [31781:1258223936] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:22:59.647 2010] [31781:1258223936] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:02.042 2010] [32082:1253792064] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:23:02.042 2010] [32082:1253792064] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm2) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:06.142 2010] [32049:1325504832] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:23:06.142 2010] [32049:1325504832] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm1) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:11.231 2010] [32082:1211832640] [info] ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted or client network problems [Thu Sep 02 07:23:11.231 2010] [32082:1211832640] [info] ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1) [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local error state [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance. [Thu Sep 02 07:23:11.232 2010] [32082:1211832640] [info] jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer [Thu Sep 02 07:23:11.444 2010] [32049:1315014976] [info] ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted or client network problems [Thu Sep 02 07:23:11.444 2010] [32049:1315014976] [info] ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1) [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local error state [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance. [Thu Sep 02 07:23:11.445 2010] [32049:1315014976] [info] jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer [Thu Sep 02 07:23:11.645 2010] [32082:1232812352] [info] ajp_process_callback::jk_ajp_common.c (1882): Writing to client aborted or client network problems [Thu Sep 02 07:23:11.645 2010] [32082:1232812352] [info] ajp_service::jk_ajp_common.c (2540): (jvm1) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1) [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] service::jk_lb_worker.c (1388): service failed, worker jvm1 is in local error state [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] service::jk_lb_worker.c (1407): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance. [Thu Sep 02 07:23:11.646 2010] [32082:1232812352] [info] jk_handler::mod_jk.c (2611): Aborting connection for worker=balancer [Thu Sep 02 07:23:17.902 2010] [31927:1298282816] [warn] ajp_handle_cping_cpong::jk_ajp_common.c (906): awaited reply cpong, received 3 instead. Closing connection [Thu Sep 02 07:23:17.902 2010] [31927:1298282816] [info] ajp_send_request::jk_ajp_common.c (1518): (jvm1) failed sending request, socket -1 prepost cping/cpong failure (errno=0) [Thu Sep 02 07:23:17.9
Deploy and initialize webapps before listening sockets are created?
Hi! Is it possible to configure Tomcat first to deploy all the webapps and create listening socket after that? The problem is following: after Tomcat prints this line: 2010-09-01 09:07:46,454 INFO [main] (org.apache.coyote.ajp.AjpAprProtocol) Initializing Coyote AJP/1.3 on ajp-foo-1%2F192.168.0.1-8009 it also opens that socket/port and this proxy_ajp tries to send requests that address. Problem is that application takes a few minutes to start and thus isn't available during that time. So, it would be great to be able to open the socket only in this phase, after webapps has been started: 2010-09-01 09:08:50,008 INFO [main] (org.apache.coyote.ajp.AjpAprProtocol) Starting Coyote AJP/1.3 on ajp-foo-1%2F192.168.0.1-8009 With one Tomcat this isn't a big problem, but in clustered environment the other Tomcats might be available, but proxy_ajp may send request for starting node. And yes, I know that it is possible to disable certain member of cluster in Apache's cluster configs, but that is a bit clumsy approach. Regards, Ossi
Re: What is default value of CATALINA_OPTS at apache-tomcat-6.0.29?
On 02.09.2010 07:12, takanobu watanabe wrote: Hello Rainer, Thanks detailed explain. and now I use jconsole to measuring. But when jconsole try to connect remote target host, JVM down. Probably it is not tomcat issue,I think. Yeah, looks like a JVM issue. If you file a bug there, provide the contents of the hotspot error file (/root/hs_err_pid1696.log) to those people. Regards, Rainer I may close this issue. Regard, --catalina.out-- ... # # An unexpected error has been detected by Java Runtime Environment: # # Internal Error (os_linux_zero.cpp:157), pid=1696, tid=1735849104 # Error: caught unhandled signal 11 # # Java VM: OpenJDK Core VM (1.6.0_0-b11 interpreted mode linux-arm) # An error report file with more information is saved as: # /root/hs_err_pid1696.log # # If you would like to submit a bug report, please visit: # http://icedtea.classpath.org/bugzilla # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. --- On 31 August 2010 20:57, Rainer Jung wrote: On 31.08.2010 13:14, takanobu watanabe wrote: Thank you very much Rainer. Tomcat itself doesn't need much memory and you should be able to run it with less than 64MB Heap (plus Perm) I recognized 64MB>= Am + Bm from your advice. Is my recognized correct ? ---example catalina.sh--- -XX:NewSize=Am -XX:MaxNewSize=Am -XX:PermSize=Bm -XX:MaxPermSize=Bm" I don't actually understand the question, but here's the terminology (I hope the picture isn't disturbed by line breaks): <-- Heap ---><- Perm -> <- New ><- Old -> <- Eden -><- Survivor1 -><- Survivor2 -> Sometimes New is also defined as Eden plus one of the two survivors, especially in the verbose GC output. The two survivors are also called "From Space" and "To Space", the roles change during each GC run in New. Xms, Xmx: minimum and maximum heap size XX:NewSize, XX:MaxNewSize: minimum and maximum size of New XX:PermSize and XX:MaxPermSize: minimum and maximum size of Perm Sizes of Survivor spaces (each one) are determined by Size of Survivor = Size of New / (SurvivorRatio + 2) So if SurvivorRatio is some number N, then the Ratios are Eden:Survivor1:Survivor2 = N:1:1 and New = (N+2) * One Survivor Regards, Rainer On 31 August 2010 19:00, Rainer Jungwrote: On 31.08.2010 10:34, takanobu watanabe wrote: Hello, What is default value of CATALINA_OPTS at apache-tomcat-6.0.29 ? It means No configure catalina.sh as same as value of CATALINA_OPTS just expand tomcat. Because I try to run tomcat lean physical memory condition(128Mb only with armv5). When nothing configure to catalina.sh(default),Tomcat works well. But when I configure below,looks like always FullGC running and could not access WEB service. --- CATALINA_OPTS=" -verbose:gc -XX:+PrintGCTimeStamps -Xms64m -Xmx64m -XX:NewSize=32m -XX:MaxNewSize=32m -XX:SurvivorRatio=2 -XX:PermSize=16m -XX:MaxPermSize=16m" --- If anyone has idea or suggest of run tomcat on lean physical memory condition, I would like to know. If you don't add explicit memory options, the default memory sizes of your JVM are used. Those might depend on the exact jvm version and also on the type of system you run it on (total memory, CPUs). The easiest way to find out the sizes for your jvm are running it without explicit settings and then measuring it. Measuring can be done with tools like jstat, jconsole or jvisualvm, or you can add a few verbose gc flags to print out the sizes of the different memory regions during each run of the GC, e.g. -verbose:gc -XX:+PrintGCDetails -XX:+PrintHeapAtGC -XX:+PrintGCTimeStamps Note that the default settings will allow some of the regions to grow and shrink, so you need to make observations for a longer time to find out the values which are effective most of the time. I expect your above settings might not leave enough room in the Old Generation (aka Tenured), because your New Generation is somwhat large relative to the Old Gen. Tomcat itself doesn't need much memory and you should be able to run it with less than 64MB Heap (plus Perm), but what you need in the end depends on the application inside (and the concurrency induced by the load). I never experimented to find a minimum value though. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 7.0 API reference mismatch
On 02/09/2010 03:37, Christopher Schultz wrote: > Tomcat Folks, > > I was looking at the Tomcat 7.0 documentation this evening and I see > that the links to the various Sun/Oracle API documentation are out of > date: they reference the servlet 2.5 APIs and the JSP 2.1 APIs. Those should be fixed in trunk. If they aren't, patches are welcome. > I see that Sun/Oracle doesn't yet have the Servlet 3.0 APIs up on their > site: is that the reason the appropriate APIs aren't posted on the TC 7 > page? Copyright. We can link to the JCP site. > Would it be possible to post the Servlet 3.0 APIs and JSP 2.2 APIs on > the Tomcat site until Sun/Oracle gets theirs posted? No, but the links can be fixed (if they haven't been already). Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: META - Thread Hijacking
On 02/09/2010 01:47, Len Popp wrote: > On Wed, Sep 1, 2010 at 19:08, Konstantin Kolinko > wrote: >> Have you ever searched the list archives? > > Good idea... > http://tomcat.markmail.org/search/?q=hijack#query:hijack%20list%3Aorg.apache.tomcat.users+page:1+state:facets > More than 700 messages! Really, is there a reason they all need to be > sent to everyone?? Konstantin gave a reason: "I appreciate those complaints being on the list, so that I won't waste my time replying (and increasing the mess)." Not all of the regular responders on this list read it in a threaded format, so it's hard for them to see which are THs. I send on and off-list messages - but the latter largely relies on me being the first, prompt responder and I can't guarantee I'll be that every time. I've considered sending a shorthand to mark the list messages as 'leave alone', but it requires foreknowledge of the shorthand and is still spammy. p 0x62590808.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature