Re: JVM config for tomcat7.0.19

[Pid]

On 10/11/2011 22:45, Igor Cicimov wrote:
>>
>> JAVA_OPTS=-Xms2048M -Xmx2048M -XX:Permsize=512m -XX:MaxPermsize=512m
>>
> 
> You are allocating here 2.5GB of memory to tomcat ... how do you expect it
> to start on a box with 2GB in total of which only 500MB are available?

+1  It's the perfect way to achieve shockingly bad performance.


p


> On Fri, Nov 11, 2011 at 8:25 AM, Christopher Schultz <
> ch...@christopherschultz.net> wrote:
> 
> Celtic,
> 
> On 11/10/11 12:02 PM, celtic man wrote:
 So i have updated the setenv.sh with   -Xms2048M -Xmx2048M
 -XX:Permsize=512m -XX:MaxPermsize=512m  and  restarted tomcat..
> 
> Where is setenv.sh located? Can you give us the full contents of that
> file?
> 
 but when i grep for tomcat process i don't see it ..

 ps -ef | grep tomcat root 10959 1 19 14:57 pts/4
 00:00:29 /appl/java/bin/java -Dnop
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
 -Djava.endorsed.dirs=/appl/tomcat/endorsed -classpath
 /appl/tomcat/bin/bootstrap.jar:/appl/tomcat/bin/tomcat-juli.jar
 -Dcatalina.base=/appl/tomcat -Dcatalina.home=/appl/tomcat
 -Djava.io.tmpdir=/appl/tomcat/temp
 org.apache.catalina.startup.Bootstrap start
> 
> How are you starting Tomcat? Give us the exact command you are running.
> 
> -chris
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
> 

-- 

[key:62590808]



signature.asc
Description: OpenPGP digital signature

Re: JVM config for tomcat7.0.19

[Igor Cicimov]

>
> JAVA_OPTS=-Xms2048M -Xmx2048M -XX:Permsize=512m -XX:MaxPermsize=512m
>

You are allocating here 2.5GB of memory to tomcat ... how do you expect it
to start on a box with 2GB in total of which only 500MB are available?


On Fri, Nov 11, 2011 at 8:25 AM, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Celtic,
>
> On 11/10/11 12:02 PM, celtic man wrote:
> > So i have updated the setenv.sh with   -Xms2048M -Xmx2048M
> > -XX:Permsize=512m -XX:MaxPermsize=512m  and  restarted tomcat..
>
> Where is setenv.sh located? Can you give us the full contents of that
> file?
>
> > but when i grep for tomcat process i don't see it ..
> >
> > ps -ef | grep tomcat root 10959 1 19 14:57 pts/4
> > 00:00:29 /appl/java/bin/java -Dnop
> > -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
> > -Djava.endorsed.dirs=/appl/tomcat/endorsed -classpath
> > /appl/tomcat/bin/bootstrap.jar:/appl/tomcat/bin/tomcat-juli.jar
> > -Dcatalina.base=/appl/tomcat -Dcatalina.home=/appl/tomcat
> > -Djava.io.tmpdir=/appl/tomcat/temp
> > org.apache.catalina.startup.Bootstrap start
>
> How are you starting Tomcat? Give us the exact command you are running.
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk68QVoACgkQ9CaO5/Lv0PAvHwCfditQGu0AsA5NxZD0eV1mjD1d
> hc8Anil55svBR7vxCJKxG1v4psEAA7Uw
> =zMFY
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Programmatically updating the keystore Tomcat uses

[Konstantin Kolinko]

2011/11/10 Shawn Deer :
> I have a setup in which an instance of Tomcat 6 is running on a given 
> machine, and another application on the same machine generates or updates the 
> SSL credentials that Tomcat should present.  The credentials are not in JKS 
> format, and so currently I'm exporting them to PKCS#12 and writing them out 
> to a location previously specified in server.xml.  The problem is that since 
> Tomcat only seems to load its credentials at startup, the only way to get the 
> new SSL certificate to be used is to restart Tomcat.
>
>                Is there a programmatic way to change Tomcat's keystore 
> dynamically so that when I want to update the SSL credentials, I can do so 
> without having to restart the service?  I looked at the HTTP11Connector 
> class, and possibly wrapping/replacing that in my setup, but I couldn't see 
> anything that would allow me to override the current keystore.  Even if I 
> could just override the certificate/key used, that'd be fantastic.

It might worth to try to stop and then start a connector, e.g. through JMX.
You may try with jconsole first without any programming.

(I do not remember whether they are restartable, but it is worth trying).


JMX support is better in Tomcat 7, up to allowing you to create and
configure Tomcat components through JMX.

Also IIRC there might be some hooks in the connector, like using
custom key store provider. YMMV

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: JVM config for tomcat7.0.19

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Celtic,

On 11/10/11 12:02 PM, celtic man wrote:
> So i have updated the setenv.sh with   -Xms2048M -Xmx2048M
> -XX:Permsize=512m -XX:MaxPermsize=512m  and  restarted tomcat..

Where is setenv.sh located? Can you give us the full contents of that
file?

> but when i grep for tomcat process i don't see it ..
> 
> ps -ef | grep tomcat root 10959 1 19 14:57 pts/4
> 00:00:29 /appl/java/bin/java -Dnop 
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Djava.endorsed.dirs=/appl/tomcat/endorsed -classpath 
> /appl/tomcat/bin/bootstrap.jar:/appl/tomcat/bin/tomcat-juli.jar 
> -Dcatalina.base=/appl/tomcat -Dcatalina.home=/appl/tomcat 
> -Djava.io.tmpdir=/appl/tomcat/temp
> org.apache.catalina.startup.Bootstrap start

How are you starting Tomcat? Give us the exact command you are running.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk68QVoACgkQ9CaO5/Lv0PAvHwCfditQGu0AsA5NxZD0eV1mjD1d
hc8Anil55svBR7vxCJKxG1v4psEAA7Uw
=zMFY
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: JVM config for tomcat7.0.19

[celtic man]

Thanks a lot for the quick response..

So i have updated the setenv.sh with   -Xms2048M -Xmx2048M -XX:Permsize=512m
-XX:MaxPermsize=512m  and  restarted tomcat..

but when i grep for tomcat process i don't see it ..

ps -ef | grep tomcat
root 10959 1 19 14:57 pts/400:00:29 /appl/java/bin/java -Dnop
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.endorsed.dirs=/appl/tomcat/endorsed -classpath
/appl/tomcat/bin/bootstrap.jar:/appl/tomcat/bin/tomcat-juli.jar
-Dcatalina.base=/appl/tomcat -Dcatalina.home=/appl/tomcat
-Djava.io.tmpdir=/appl/tomcat/temp org.apache.catalina.startup.Bootstrap
start

do you know why ??


Christopher Schultz-2 wrote:
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Celtic,
> 
> On 11/10/11 8:01 AM, celtic man wrote:
>> Can i set the below parameters on the setenv.sh?
> 
> Sure.
> 
>> application running on tomcat7.0.19 on linux 64 bit with 2GB total
>> memory and 0.5 GB available memory on the machine.
>> 
>> JAVA_OPTS=-Xms2048M -Xmx2048M -XX:Permsize=512m
>> -XX:MaxPermsize=512m
> 
> If you only have 0.5GiB available, perhaps requesting a 2GiB heap
> isn't wise.
> 
>> The current setting on the setenv.sh file is :
>> CATALINA_OPTS=-Xmx4000M
> 
> Well, lowering it from 4GiB to 2 GiB will certainly help free up some
> of your RAM.
> 
> If you only have a 2GiB machine, why bother running 64-bit?
> 
> - -chris
> -BEGIN PGP SIGNATURE-
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iEYEARECAAYFAk68AJEACgkQ9CaO5/Lv0PBL6wCfR7KU0u5uYtX57GBJOZd6oI49
> hzYAoLOjPtnLyZjQ7bSoOVI/ti+LO9rC
> =qUbu
> -END PGP SIGNATURE-
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: 
http://old.nabble.com/JVM-config-for-tomcat7.0.19-tp32819635p32821446.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Programmatically updating the keystore Tomcat uses

[Shawn Deer]

I have a setup in which an instance of Tomcat 6 is running on a given machine, 
and another application on the same machine generates or updates the SSL 
credentials that Tomcat should present.  The credentials are not in JKS format, 
and so currently I'm exporting them to PKCS#12 and writing them out to a 
location previously specified in server.xml.  The problem is that since Tomcat 
only seems to load its credentials at startup, the only way to get the new SSL 
certificate to be used is to restart Tomcat.

Is there a programmatic way to change Tomcat's keystore 
dynamically so that when I want to update the SSL credentials, I can do so 
without having to restart the service?  I looked at the HTTP11Connector class, 
and possibly wrapping/replacing that in my setup, but I couldn't see anything 
that would allow me to override the current keystore.  Even if I could just 
override the certificate/key used, that'd be fantastic.

Thanks.

Re: ContextInitialization fails, but app starts anyway

[Daniel Mikusa]

Marc,

Yep, think you're right.  My fault for not paying closer attention to
your version.

Other options that come to mind...

- fetch one of the URL's for your application, check for a 404 status

- connect via JMX, look at "Catalina:type=Deployer,host=localhost"
(substitute your host name for localhost).  That object exposes a
"isDeploy" operation which will show a true / false value indicating if
the app is deployed.

Dan


On Thu, 2011-11-10 at 08:57 -0800, Marc Limotte wrote:
> Thanks for the suggestion, Dan.
> 
> Sound like that option would be perfect, but I do not see it for
> Tomcat 5.5 (https://tomcat.apache.org/tomcat-5.5-doc/config/systemprops.html).
>  Is there a work-around or alternative for users of older Tomcat
> versions?
> 
> Marc
> 
> On Thu, Nov 10, 2011 at 11:43 AM, Daniel Mikusa  wrote:
> > Marc,
> >
> > Take a look at "org.apache.catalina.startup.EXIT_ON_INIT_FAILURE".
> >
> > >From the docs...
> >
> > "If true, the server will exit if an exception happens during the server
> > initialization phase. If not specified, the default value of false will
> > be used."
> >
> > https://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html
> >
> > Dan
> >
> >
> > On Thu, 2011-11-10 at 08:32 -0800, Marc Limotte wrote:
> >> Hi.
> >>
> >> For reference, my set up is Tomcat 5.5.27, Java 1.6.0_22 , Ubuntu 10.04.3.
> >>
> >> Once in a while when starting Tomcat; ContextInitialization fails for
> >> my app (specifically, Spring DI fails), but the app still comes up in
> >> a broken state.  Is there a way to make this a hard fail-- Ideally
> >> tomcat wouldn't start at all and would exit with a non-zero exit code?
> >>
> >> I'm separately investigating why Initialization fails, but at this
> >> time I'm looking for an easier way for our automated tools to know
> >> immediately that there is a problem (regardless of what the problem
> >> is).
> >>
> >> thanks,
> >> Marc
> >>
> >> -
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>
> >
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 

Re: sessionCookieDomain and sessionCookiePath

[Pid *]

On 10 Nov 2011, at 13:06, Ionut Stoian  wrote:

> It was a typo, i meant "/".
>
> They are available also on tomcat > 6.0.27:
> http://tomcat.apache.org/tomcat-6.0-doc/config/context.html
>
> -- Forwarded message --
> From: Pid 
> To: Tomcat Users List 
> Date: Thu, 10 Nov 2011 09:28:15 +
> Subject: Re: sessionCookieDomain and sessionCookiePath
> On 10/11/2011 08:39, Ionut Stoian wrote:
>> Hello,
>>
>> I have an application serving several subdomains (a1.domain.com,
>> a2.domain.com etc.) and i want to be able to have a single session cookie
>> shared between subdomains (registered on domain ".domain.com").
>>
>> However, when using Tomcat's sessionCookieDomain (tried on versions
> 6.0.33,
>> 7.0.22) i don't get the expected behaviour:
>> 1. If i set the sessionCookiePath to "\test" for example i get only one
>> JSESSIONID cookie with domain ".domain.com", but the path obviously is set
>> to "/test".
>> 2. If i set the sessionCookiePath to "\", "" or if i don't set it at all,
> i
>> get a JSESSIONID cookie with domain ".domain.com" and a JSESSIONID cookie
>> with domain "a1.domain.com", which is not what i expect.
>
> Why would you set it to '\' or anything that starts with '\'?
>
> sessionCookieDomain, sessionCookiePath are Servlet 3.0 (ie Tomcat 7.0)
> configuration directives.  They won't work in Tomcat 6.0.
>
> Where did you set them?  In tomcat/conf/context.xml or somewhere else?
>
>
> p

Please don't top post.

I missed that addition to 6.0. (must read release notes to see what
else I missed).

Can you confirm which file you set the config in?


p

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: ContextInitialization fails, but app starts anyway

[Marc Limotte]

Thanks for the suggestion, Dan.

Sound like that option would be perfect, but I do not see it for
Tomcat 5.5 (https://tomcat.apache.org/tomcat-5.5-doc/config/systemprops.html).
 Is there a work-around or alternative for users of older Tomcat
versions?

Marc

On Thu, Nov 10, 2011 at 11:43 AM, Daniel Mikusa  wrote:
> Marc,
>
> Take a look at "org.apache.catalina.startup.EXIT_ON_INIT_FAILURE".
>
> >From the docs...
>
> "If true, the server will exit if an exception happens during the server
> initialization phase. If not specified, the default value of false will
> be used."
>
> https://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html
>
> Dan
>
>
> On Thu, 2011-11-10 at 08:32 -0800, Marc Limotte wrote:
>> Hi.
>>
>> For reference, my set up is Tomcat 5.5.27, Java 1.6.0_22 , Ubuntu 10.04.3.
>>
>> Once in a while when starting Tomcat; ContextInitialization fails for
>> my app (specifically, Spring DI fails), but the app still comes up in
>> a broken state.  Is there a way to make this a hard fail-- Ideally
>> tomcat wouldn't start at all and would exit with a non-zero exit code?
>>
>> I'm separately investigating why Initialization fails, but at this
>> time I'm looking for an easier way for our automated tools to know
>> immediately that there is a problem (regardless of what the problem
>> is).
>>
>> thanks,
>> Marc
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: JVM config for tomcat7.0.19

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Celtic,

On 11/10/11 8:01 AM, celtic man wrote:
> Can i set the below parameters on the setenv.sh?

Sure.

> application running on tomcat7.0.19 on linux 64 bit with 2GB total
> memory and 0.5 GB available memory on the machine.
> 
> JAVA_OPTS=-Xms2048M -Xmx2048M -XX:Permsize=512m
> -XX:MaxPermsize=512m

If you only have 0.5GiB available, perhaps requesting a 2GiB heap
isn't wise.

> The current setting on the setenv.sh file is :
> CATALINA_OPTS=-Xmx4000M

Well, lowering it from 4GiB to 2 GiB will certainly help free up some
of your RAM.

If you only have a 2GiB machine, why bother running 64-bit?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk68AJEACgkQ9CaO5/Lv0PBL6wCfR7KU0u5uYtX57GBJOZd6oI49
hzYAoLOjPtnLyZjQ7bSoOVI/ti+LO9rC
=qUbu
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: ContextInitialization fails, but app starts anyway

[Daniel Mikusa]

Marc,

Take a look at "org.apache.catalina.startup.EXIT_ON_INIT_FAILURE".

>From the docs...

"If true, the server will exit if an exception happens during the server
initialization phase. If not specified, the default value of false will
be used."

https://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html

Dan


On Thu, 2011-11-10 at 08:32 -0800, Marc Limotte wrote:
> Hi.
> 
> For reference, my set up is Tomcat 5.5.27, Java 1.6.0_22 , Ubuntu 10.04.3.
> 
> Once in a while when starting Tomcat; ContextInitialization fails for
> my app (specifically, Spring DI fails), but the app still comes up in
> a broken state.  Is there a way to make this a hard fail-- Ideally
> tomcat wouldn't start at all and would exit with a non-zero exit code?
> 
> I'm separately investigating why Initialization fails, but at this
> time I'm looking for an easier way for our automated tools to know
> immediately that there is a problem (regardless of what the problem
> is).
> 
> thanks,
> Marc
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 

ContextInitialization fails, but app starts anyway

[Marc Limotte]

Hi.

For reference, my set up is Tomcat 5.5.27, Java 1.6.0_22 , Ubuntu 10.04.3.

Once in a while when starting Tomcat; ContextInitialization fails for
my app (specifically, Spring DI fails), but the app still comes up in
a broken state.  Is there a way to make this a hard fail-- Ideally
tomcat wouldn't start at all and would exit with a non-zero exit code?

I'm separately investigating why Initialization fails, but at this
time I'm looking for an easier way for our automated tools to know
immediately that there is a problem (regardless of what the problem
is).

thanks,
Marc

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

JVM config for tomcat7.0.19

[celtic man]

Hello,

Can i set the below parameters on the setenv.sh? application running on
tomcat7.0.19 on linux 64 bit with 2GB total memory and 0.5 GB available
memory on the machine.

JAVA_OPTS=-Xms2048M -Xmx2048M -XX:Permsize=512m -XX:MaxPermsize=512m

The current setting on the setenv.sh file is :  CATALINA_OPTS=-Xmx4000M

Appreciated all the thoughts!!
-- 
View this message in context: 
http://old.nabble.com/JVM-config-for-tomcat7.0.19-tp32819635p32819635.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Parallel deployment - can we use JMX to monitor old and new versions of a webapp?

[Mark Thomas]

On 10/11/2011 06:31, Ellecer Valencia wrote:
> Would using JMX allow us to view this information for the two webapp
> versions without being dependent on user sessions?
Yes.

> How would we
> distinguish between status info coming from the old and new webapp
> versions?
Include the full application version in the MBean name(s) you register.
Take a look (e.g. with JConsole) how Tomcat does this for multiple
versions at the moment.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Re: sessionCookieDomain and sessionCookiePath

[Ionut Stoian]

It was a typo, i meant "/".

They are available also on tomcat > 6.0.27:
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

-- Forwarded message --
From: Pid 
To: Tomcat Users List 
Date: Thu, 10 Nov 2011 09:28:15 +
Subject: Re: sessionCookieDomain and sessionCookiePath
On 10/11/2011 08:39, Ionut Stoian wrote:
> Hello,
>
> I have an application serving several subdomains (a1.domain.com,
> a2.domain.com etc.) and i want to be able to have a single session cookie
> shared between subdomains (registered on domain ".domain.com").
>
> However, when using Tomcat's sessionCookieDomain (tried on versions
6.0.33,
> 7.0.22) i don't get the expected behaviour:
> 1. If i set the sessionCookiePath to "\test" for example i get only one
> JSESSIONID cookie with domain ".domain.com", but the path obviously is set
> to "/test".
> 2. If i set the sessionCookiePath to "\", "" or if i don't set it at all,
i
> get a JSESSIONID cookie with domain ".domain.com" and a JSESSIONID cookie
> with domain "a1.domain.com", which is not what i expect.

Why would you set it to '\' or anything that starts with '\'?

sessionCookieDomain, sessionCookiePath are Servlet 3.0 (ie Tomcat 7.0)
configuration directives.  They won't work in Tomcat 6.0.

Where did you set them?  In tomcat/conf/context.xml or somewhere else?


p

Re: How to run tomcat 5.5.9 as a service in 64-bit OS?

[Florin]

I've downloaded the zip archive and i've replaced the files from x64 and now it 
works!!!

Thank you!


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Unable to receive message through TCP channel

[Pid]

On 10/11/2011 10:20, uwe.hellm...@t-systems.com wrote:
> Hello together,
> 
> I am using to Tomcat 5.5.26 Servers. I took over the responsibility for this 
> system some time ago.
> Since then we already got the following error message.
> 
> SEVERE: Manager [/mywebapp]: Unable to receive message through TCP channel
> java.lang.ClassNotFoundException:
> 
> After questioning what this error is about I got no response but the comment 
> that everything is running fine.
> So I haven't searhc after it. But now after having a rollout of new servlet 
> version we have some serious
> performance issues. And now I have to check for every severe error message I 
> can find.
> But unfornatly I haven't found a solution or cause for this.
> The only thing which I have found is a posting that this might be a problem 
> of the tomcats version and
> that this might be a bug which was solved in 5.5.28. Is this correct?

How can we judge whether the posting is accurate if you don't post a
link to it?

Do you have exactly the same versions of the application deployed on
each node of the cluster?

Is there a reason why you aren't upgrading to the latest version of 5.5
(5.5.34)?


p


> The cluster configuration part in server.xml looks like a standard 
> configuration:
> 
> unpackWARs="true" autoDeploy="true"
>xmlValidation="false" xmlNamespaceAware="false">
> 
>   
> managerClassName="org.apache.catalina.cluster.session.DeltaManager"
>  expireSessionsOnShutdown="false"
>  useDirtyFlag="true"
>  notifyListenersOnReplication="true">
> 
>   className="org.apache.catalina.cluster.mcast.McastService"
>  mcastAddr="228.0.0.4"
>  mcastPort="45564"
>  mcastFrequency="500"
>  mcastDropTime="3000"/>
> 
>  
> className="org.apache.catalina.cluster.tcp.ReplicationListener"
> tcpListenAddress="auto"
> tcpListenPort="4002"
> tcpSelectorTimeout="100"
> tcpThreadCount="6"/>
> 
>  
> className="org.apache.catalina.cluster.tcp.ReplicationTransmitter"
> replicationMode="pooled"
> ackTimeout="15000"/>
> 
>  className="org.apache.catalina.cluster.tcp.ReplicationValve"
> filter=".*\.gif;.*\.js;.*\.jpg;.*\.png;.*\.css;.*\.txt;"/>
> 
>  className="org.apache.catalina.cluster.deploy.FarmWarDeployer"
> tempDir="/tmp/war-temp/"
> deployDir="/tmp/war-deploy/"
> watchDir="/tmp/war-listen/"
> watchEnabled="false"/>
> 
>  
> className="org.apache.catalina.cluster.session.ClusterSessionListener"/>
> 
> 
> 
> I found out thatwe are not using the Deployer context. It is just configured, 
> but both Tomcats servers use a
> deployment path on its local storage.
> 
> Has somebody an idea?
> 
> 
> Mit freundlichen Grüßen / Yours sincerely
> 
> Uwe Hellmann
> 
> T-Systems International GmbH
> Production CSS
> GCU Large Accounts
> AC Express & Logistics LT1
> 
> Gradestr. 20, 30163 Hannover
> +49 511 333 - 1233 (Tel.)
> +49 511 333 - 1287 (Fax)
> Email: uwe.hellm...@t-systems.com
> Internet: http://www.t-systems.com
> 
> T-Systems International GmbH
> Aufsichtsrat: René Obermann (Vorsitzender)
> Geschäftsführung: Reinhard Clemens (Vorsitzender), Dr. Ferri Abolhassan, 
> Ulrich Meister, Georg Pepping, Hagen Rickmann, Dietmar Wendt, Klaus Werner
> Handelsregister: Amtsgericht Frankfurt am Main HRB 55933
> Sitz der Gesellschaft: Frankfurt am Main
> 
> 
> Notice: This transmittal and/or attachments may be privileged or 
> confidential. If you are not the intended recipient, you are hereby notified 
> that you have received this transmittal in error; any review, dissemination, 
> or copying is strictly prohibited. If you received this transmittal in error, 
> please notify us immediately by reply and immediately delete this message and 
> all its attachments. Thank you.
> 
> 
> 


-- 

[key:62590808]



signature.asc
Description: OpenPGP digital signature

Unable to receive message through TCP channel

[Uwe . Hellmann]

Hello together,

I am using to Tomcat 5.5.26 Servers. I took over the responsibility for this 
system some time ago.
Since then we already got the following error message.

SEVERE: Manager [/mywebapp]: Unable to receive message through TCP channel
java.lang.ClassNotFoundException:

After questioning what this error is about I got no response but the comment 
that everything is running fine.
So I haven't searhc after it. But now after having a rollout of new servlet 
version we have some serious
performance issues. And now I have to check for every severe error message I 
can find.
But unfornatly I haven't found a solution or cause for this.
The only thing which I have found is a posting that this might be a problem of 
the tomcats version and
that this might be a bug which was solved in 5.5.28. Is this correct?

The cluster configuration part in server.xml looks like a standard 
configuration:



















I found out thatwe are not using the Deployer context. It is just configured, 
but both Tomcats servers use a
deployment path on its local storage.

Has somebody an idea?


Mit freundlichen Grüßen / Yours sincerely

Uwe Hellmann

T-Systems International GmbH
Production CSS
GCU Large Accounts
AC Express & Logistics LT1

Gradestr. 20, 30163 Hannover
+49 511 333 - 1233 (Tel.)
+49 511 333 - 1287 (Fax)
Email: uwe.hellm...@t-systems.com
Internet: http://www.t-systems.com

T-Systems International GmbH
Aufsichtsrat: René Obermann (Vorsitzender)
Geschäftsführung: Reinhard Clemens (Vorsitzender), Dr. Ferri Abolhassan, Ulrich 
Meister, Georg Pepping, Hagen Rickmann, Dietmar Wendt, Klaus Werner
Handelsregister: Amtsgericht Frankfurt am Main HRB 55933
Sitz der Gesellschaft: Frankfurt am Main


Notice: This transmittal and/or attachments may be privileged or confidential. 
If you are not the intended recipient, you are hereby notified that you have 
received this transmittal in error; any review, dissemination, or copying is 
strictly prohibited. If you received this transmittal in error, please notify 
us immediately by reply and immediately delete this message and all its 
attachments. Thank you.

Re: sessionCookieDomain and sessionCookiePath

[Pid]

On 10/11/2011 08:39, Ionut Stoian wrote:
> Hello,
> 
> I have an application serving several subdomains (a1.domain.com,
> a2.domain.com etc.) and i want to be able to have a single session cookie
> shared between subdomains (registered on domain ".domain.com").
> 
> However, when using Tomcat's sessionCookieDomain (tried on versions 6.0.33,
> 7.0.22) i don't get the expected behaviour:
> 1. If i set the sessionCookiePath to "\test" for example i get only one
> JSESSIONID cookie with domain ".domain.com", but the path obviously is set
> to "/test".
> 2. If i set the sessionCookiePath to "\", "" or if i don't set it at all, i
> get a JSESSIONID cookie with domain ".domain.com" and a JSESSIONID cookie
> with domain "a1.domain.com", which is not what i expect.

Why would you set it to '\' or anything that starts with '\'?

sessionCookieDomain, sessionCookiePath are Servlet 3.0 (ie Tomcat 7.0)
configuration directives.  They won't work in Tomcat 6.0.

Where did you set them?  In tomcat/conf/context.xml or somewhere else?


p


> As a side note, on Tomcat 6.0.33 i also tried using the emptySessionPath
> attribute for the connector, but that did not help either.
> 
> Can you please spot the error in my logic and guide me through the right
> steps to achieve this single JSESSIONID cookie?
> 
> Thanks,
> Ionut
> 


-- 

[key:62590808]



signature.asc
Description: OpenPGP digital signature

Re: graceful restart tomcat

[Kaushal Shriyan]

On Thu, Nov 10, 2011 at 2:42 PM, Pid  wrote:
> On 10/11/2011 08:28, Kaushal Shriyan wrote:
>> Hi,
>>
>> Is there a way to forcefully graceful restart tomcat server using bash
>> script via cron.Any sample bash script ?
>
> Which is it: forceful or graceful?  The two are not usually compatible.
>
> 'graceful' is found in Apache HTTPD: [the] signal causes the parent
> process to advise the children to exit after their current request (or
> to exit immediately if they're not serving anything). The parent
> re-reads its configuration files and re-opens its log files. As each
> child dies off the parent replaces it with a child from the new
> generation of the configuration, which begins serving new requests
> immediately.
>
> There is no equivalent for Tomcat.
>
> The Commons Daemon found in tomcat/bin/commons-daemon-native.tar.gz
> provides a service wrapper and /etc/init.d/ type sample script which may
> be useful.

Hi pid

I dont see commons-daemon-native.tar.gz under /opt/test/apache-tomcat-5.5.27/bin

catalina.shcommons-logging-api-1.1.1.jar  digest.sh
jsvc.tar.gzsetclasspath.sh   startup.bat   tomcat5w.exe
tool-wrapper.bat  version.sh
[root@bin]# pwd
/opt/test/apache-tomcat-5.5.27/bin
[root@bin]# ls
bootstrap.jar  catalina-tasks.xml cpappend.bat
jkstatus-tasks.xml service.bat   shutdown.bat  startup.sh
tomcat-juli.jar   tool-wrapper.sh
catalina.bat   commons-daemon.jar digest.bat
jmxaccessor-tasks.xml  setclasspath.bat  shutdown.sh   tomcat5.exe
tomcat-native.tar.gz  version.bat
catalina.shcommons-logging-api-1.1.1.jar  digest.sh
jsvc.tar.gzsetclasspath.sh   startup.bat   tomcat5w.exe
tool-wrapper.bat  version.sh
[root@bin]#

Please suggest further.

Regards,

Kaushal

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: graceful restart tomcat

[Pid]

On 10/11/2011 08:28, Kaushal Shriyan wrote:
> Hi,
> 
> Is there a way to forcefully graceful restart tomcat server using bash
> script via cron.Any sample bash script ?

Which is it: forceful or graceful?  The two are not usually compatible.

'graceful' is found in Apache HTTPD: [the] signal causes the parent
process to advise the children to exit after their current request (or
to exit immediately if they're not serving anything). The parent
re-reads its configuration files and re-opens its log files. As each
child dies off the parent replaces it with a child from the new
generation of the configuration, which begins serving new requests
immediately.

There is no equivalent for Tomcat.

The Commons Daemon found in tomcat/bin/commons-daemon-native.tar.gz
provides a service wrapper and /etc/init.d/ type sample script which may
be useful.


Why do you need to schedule Tomcat restarts?  It is often a mitigation
applied instead of resolving the cause of a memory leak.  Better to find
& fix the leak than leave it place.


p


> Regards,
> 
> Kaushal
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-- 

[key:62590808]



signature.asc
Description: OpenPGP digital signature

Re: sessionCookieDomain and sessionCookiePath

[Ionut Stoian]

Hello,

I have an application serving several subdomains (a1.domain.com,
a2.domain.com etc.) and i want to be able to have a single session cookie
shared between subdomains (registered on domain ".domain.com").

However, when using Tomcat's sessionCookieDomain (tried on versions 6.0.33,
7.0.22) i don't get the expected behaviour:
1. If i set the sessionCookiePath to "\test" for example i get only one
JSESSIONID cookie with domain ".domain.com", but the path obviously is set
to "/test".
2. If i set the sessionCookiePath to "\", "" or if i don't set it at all, i
get a JSESSIONID cookie with domain ".domain.com" and a JSESSIONID cookie
with domain "a1.domain.com", which is not what i expect.

As a side note, on Tomcat 6.0.33 i also tried using the emptySessionPath
attribute for the connector, but that did not help either.

Can you please spot the error in my logic and guide me through the right
steps to achieve this single JSESSIONID cookie?

Thanks,
Ionut

Re: SSL for modjk and tomcat

[Harsimranjit singh Kler]

Thanks guys .i will take care while posting in future.

So far i will go for ssl between browser and httpd only.

On Thu, Nov 10, 2011 at 1:40 PM, chris derham  wrote:

> >
> > Simple i have setup httpd,modjk,tomcat .i want to enable SSL(i.e i can
> > handle everything on https).
> >
>
> If you have httpd sending traffic via mod_jk to tomcat, you are nearly
> there. Just configure httpd to listen over ssl.
>
> >
> > > If (instead) you want to encrypt the AJP connection between HTTPD and
> > Tomcat, you'll have to use an SSH tunnel because the AJP protocol is not
> > encrypted.
> >
> >  Now AJP not support SSL fine. i.e AJP protocol is not
> > encrypted.
> > i dont want SSH tunnel.
> >
>
> That's fine if you don't want/need a tunnel
>
> >
> > What other approach i can follow now.i mean other way ?
> >
>
> > i am not sure where to configure those mod jk directive and what
> > configurations at tomcat side?
> >
>
> I don't think you quite understand how this list works. You need to ask a
> specific question, and people will generally try to provide a specific
> answer. In your email you say you have httpd/mod_jk/tomcat communicating.
> You keep saying that you want to "turn on ssl". As 3 people have already
> pointed out, you can have ssl between browser and httpd. You can have ssl
> between httpd and tomcat, but you said you don't want that. If you
> configure httpd for ssl, then you're probably there. IMO you only to worry
> about those mod_jk directives if you need tomcat to know that it is being
> handed a connection that has come from an ssl connection. Perhaps explain
> why you need this ssl information in your app? Perhaps supply a copy of
> web.xml with the security constraints?
>
> In short help us help you -
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> Chris
>

graceful restart tomcat

[Kaushal Shriyan]

Hi,

Is there a way to forcefully graceful restart tomcat server using bash
script via cron.Any sample bash script ?

Regards,

Kaushal

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Session time out never takes place with ajax

[chris derham]

>
> So to recap, and verify my understanding...
> Perhaps I am missing some valve overview.
>
> I understand it is invoked before the filters, but after completion it
> would arrive to the filter/servlet container anyway.
> So what your saying is that if I build a valve and read information from
> IO file or/db or any other cached data which doesn’t trigger a
> request.getSession
> That will work?
> And if so, I will still need to "break" the chain and prevent it from
> continuing deeper into tomcat or else it will update the session access time
>
> Instead of mapping all requests e.g. /* through security*, you could split
you app. So say /public folder contains static resources and requires not
security*. You could put dynamic resources under /dynamic and map to
security*. That way anybody requesting a dynamic resource would need a
session, and this would be touched on every request to /dynamic/*. If you
had this kind of setup, then you could create another top level folder
called say /ajaxPing and not map that to security*. Then as long as the
filter/servlet/jsp page that fulfills that request does not call
request.getSession, you will fulfill your aim to respond without affecting
session expiration

Alternatively you could put a valve in the front of the whole web app, and
have that respond to a given url, and then stop the request, e.g. not pass
the request to tomcat. I beleive that is what Mr Schultz was suggesting

* when I keep saying security, I'm not sure the correct collective term. I
don't just mean container security, but also any filter/servlet/jsp that
calls request.getSession

HTH

Chris

RE: Session time out never takes place with ajax

[Sharon Prober (sprober)]

Christopher,

So to recap, and verify my understanding...
Perhaps I am missing some valve overview.

I understand it is invoked before the filters, but after completion it would 
arrive to the filter/servlet container anyway.
So what your saying is that if I build a valve and read information from IO 
file or/db or any other cached data which doesn’t trigger a request.getSession
That will work?
And if so, I will still need to "break" the chain and prevent it from 
continuing deeper into tomcat or else it will update the session access time

Did I get it right?

Sharon

-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net] 
Sent: Thursday, November 10, 2011 8:04 AM
To: Tomcat Users List 
Subject: Re: Session time out never takes place with ajax

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Sharon,

On 11/9/11 12:56 AM, Sharon Prober (sprober) wrote:
> This is my first post here so wish me luck J

Welcome.

> My question is as follow:
> 
> I have a web based application running on tomcat 6.0.29
> 
> On my main page there is a polling ajax call every 5 seconds.
> 
> Clearly this revalidates the session and by that renders the
> session timeout feature unusable

Yes.

> I read about two main solutions for this issue
> 
> 1.   Coding on the server side (filter) a simple snippet that 
> identifies an ajax call based on a parameter passed and based on
> that knows if this is a valid post or a polling hit that should not
> affect the session expiration date

This is problematic for a few reasons:

1. You usually want a polling request to return something of use, which
   often involves the session. You can't access the session without
   updating its last-accessed-time.

2. Under certain configuration, Tomcat will update the
   last-accessed-time of the session even if you don't call
   request.getSession().

   This may be only the case in Tomcat 7 with the following
   configuration settings:

   See the org.apache.catalina.core. StandardHostValve.ACCESS_SESSION
   and org.apache.catalina.STRICT_SERVLET_COMPLIANCE system properties
   here:
http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html#Sessions

> 2.   Create a stub webapp and redirect the calls of the polling
> to that app

I'm not sure this buys you anything: if you pass-through calls to the
"real" webapp, then you'll still be touching the session.

> So my question is, is there another way for this to be achieved?

It would be best to describe what your "ping" actually does. If it
doesn't require session access, you may have some options.

> Note. I think it might be a cool feature (with the vast ajax use
> these days) to have a configuration in the web.xml the excludes
> various paths/urls from the session validation checkups

This would, by definition, be a violation of the specification.
Instead, something like a Valve placed early in the pipeline could
avoid a session update but still perform some trivial action.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk67aUkACgkQ9CaO5/Lv0PBl2ACdHDKUqQ/zkT0dfc63MFELStLK
+a4An3kuFz39fXKymLVFBqYRMQ9xWUbX
=naid
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: SSL for modjk and tomcat

[chris derham]

>
> Simple i have setup httpd,modjk,tomcat .i want to enable SSL(i.e i can
> handle everything on https).
>

If you have httpd sending traffic via mod_jk to tomcat, you are nearly
there. Just configure httpd to listen over ssl.

>
> > If (instead) you want to encrypt the AJP connection between HTTPD and
> Tomcat, you'll have to use an SSH tunnel because the AJP protocol is not
> encrypted.
>
>  Now AJP not support SSL fine. i.e AJP protocol is not
> encrypted.
> i dont want SSH tunnel.
>

That's fine if you don't want/need a tunnel

>
> What other approach i can follow now.i mean other way ?
>

> i am not sure where to configure those mod jk directive and what
> configurations at tomcat side?
>

I don't think you quite understand how this list works. You need to ask a
specific question, and people will generally try to provide a specific
answer. In your email you say you have httpd/mod_jk/tomcat communicating.
You keep saying that you want to "turn on ssl". As 3 people have already
pointed out, you can have ssl between browser and httpd. You can have ssl
between httpd and tomcat, but you said you don't want that. If you
configure httpd for ssl, then you're probably there. IMO you only to worry
about those mod_jk directives if you need tomcat to know that it is being
handed a connection that has come from an ssl connection. Perhaps explain
why you need this ssl information in your app? Perhaps supply a copy of
web.xml with the security constraints?

In short help us help you -
http://www.catb.org/~esr/faqs/smart-questions.html

Chris