Re: Embedded Tomcat 6 7 logging to file
2012/7/16 Benjamin Muschko benjamin.musc...@gmail.com: Hi, I'd like to redirect the embedded Tomcat's startup logging messages to a file. What I am looking for is something like this: ... Initializing ProtocolHandler [http-bio-8080] Initializing ProtocolHandler [http-bio-8091] Starting service Tomcat Starting Servlet Engine: Apache Tomcat/7.0.11 ... So far I haven't found a way of making this work. My first approach was to add a FileHandler to the context's logger: Handler fh = new FileHandler(output.log, true); fh.formatter = new SimpleFormatter(); fh.level = Level.ALL; fh.encoding = UTF-8; context.getLogger().logger.addHandler(fh); It works fine for the context in Tomcat 7 but doesn't give me the result I am looking for. context.getLogger() returns logger for certain named log category only. As a coincidence, it is the same one as used by log methods in Servlet API. Other Tomcat components use other log categories (aka logger names). Also trying to capture System.out and System.err and writing it to a file doesn't solve my problem: System.setOut(new PrintStream(new File(output-file.txt))); System.setErr(new PrintStream(new File(output-file.txt))); If java.util.logging starts before you run the above code, it can create a ConsoleHandler using original stderr and stdout. Your setOut() and setErr() will have no influence on it. I guess I am not clear on how the embedded Tomcat implementation logs the messages to the console and how I can change it. java.util.logging.ConsoleHandler for the default log category writes messages to the console. If none were configured, nothing were printed there. See java.util.logging documentation in JDK. Essentially its bootstrap is controlled via certain system properties when your java application (the one that embeds Tomcat) starts. Could somebody clarify this for me. It would be great to see and example that would work for embedded Tomcat 6 7. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat session id
2012/7/15 Elias Kopsiaftis yemi...@gmail.com: thank you, and it wasnt working thats why i asked. there must be something else wrong in my code Session is recognized by sessionid sent either via a Cookie header in HTTP request, or as a path parameter in URL of HTTP request. You can inspect what is actually sent to Tomcat by your client either by using network traffic inspection with a tool like Wireshark, or via configuration of an AccessLogValve in Tomcat. Some references should be in the FAQ. If neither info are sent by your client program, the session cannot not be associated with your request and a new session will be created if a session is needed. (When that happens, a Set-Cookie header will be included in the HTTP response). Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Solved - Connecting Tmcat and IIS
Vijaya wrote: Andre Warnier, thanks very much pointing the shortfall in my message. I myself have been using isapi_redirector for more than 3 years without any problem and suddenly for unexplainable reasons (I am sure it was not the isapi_redirector problem but some other problem in our server that was driving me crazy) from my server end, I could not make the isapi_redirector work in our server and this new software helped me solve the problem. Vijaya, NO, you have /NOT/ been using isapi_redirector for 3 years. You have been using isapi_redirector2 -- emphasis on 2. isapi_redirector2 was a parallel development to mod_jk2 -- emphasis on 2, which is a different thing than isapi_redirector and mod_jk (both without 2). And much of the confusion and loss of time has been that, all along, you have been talking about isapi_redirector, when really you meant isapi_redirector_2_. isapi_redirector2, despite its name, is not just a version of isapi_redirector. It is a different thing altogether. isapi_reirector2/mod_jk2 are software that was developed at some point as a possible alternative to isapi_redirector/mod_jk, but was then (9 years ago) abandoned. And the fact that it is called isapi_redirector2, which somehow implies that it may be more recent than isapi_redirector - which is not the case - is unfortunate, but it is so. That what I and other people on this list have been trying to tell you, but that somehow did not come through clearly enough. And we also do not know why, 3 years ago, you or someone else chose to install and use the abandoned isapi_redirector2 on that server, instead of the developed/maintained/supported isapi_redirector. That was a mistake. But it is now history anyway. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
7.0.29 Multi-threaded deployment
When upgrading from 7.0.26 to 7.0.29, MyEclipse cannot start the Tomcat instance without reaching an OutOfMemoryError exception that results from a GC overhead limit exceeded when Tomcat begins it's multi-threaded deployment process. MyEclipse is running with 1GB of maximum memory and still errors with this exception where-as reverting back to 7.0.26 and using only 512MB of memory, the instance starts without any issues with plenty of memory to spare. Have any others experienced this issue using Tomcat 7.0.29's Multi-Thread deployment in UserConfig? Is there anyway to disable this feature globally? Chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28
The OOME I am getting is coming from Heap, and that's even giving Tomcat 1GB of maximum heap. The instance seems to start successfully outside of the MyEclipse environment; however inside MyEclipse it fails miserably. The surprising part of this is that the instance has ran with half that amount of maximum Heap Memory prior to 7.0.29 without any problems or issues with memory errors. As far as number of jars in the LIB folder, we only have just over 100 jars totaling a max of 50mb. -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Saturday, July 14, 2012 12:13 PM To: Tomcat Users List Subject: Re: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28 Alberto, On Jul 14, 2012, at 8:42, Alberto Aresca alberto.are...@gmail.com wrote: I've just upgraded my tomcat from version 7.0.28 to the newly released 7.0.29 but while before my webapp was being expanded without any problem, now it is causing an OOME. Of course this can be easily fixed by increasing the heap size but before going forward in the upgrade i'd like to know if anyone else have been experiencing something similar or if something in the expansion implementation changed recently (i couldn't find anything in the release note) Can you provide any other information? Stack trace or heap dump? Is this regular heap or permgen? What are your heap settings? Is there anything else we should know about your web app? Do you have 500 jar files in your lib directory? Do you cache a large dataset on startup? -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Client Authentication using SSL
Thanks Chris, I'd seen a lot of traffic on the topic over the years, so knew someone had real-world experience on the subject. I'll check out what you did a little further. Of course, thinking on my proposed plan, a really uptight security admin might not think it all that more secure that basic-auth over server-only SSL. You know the type: the guy that insists the SSLPassword value in server.xml be encrypted. Jeff -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Friday, July 13, 2012 9:30 PM To: Tomcat Users List Subject: Re: Client Authentication using SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeffrey, On 7/12/12 9:44 AM, Jeffrey Janner wrote: Is there anyone who's implemented true-client SSL auth over APR that would be willing to share hints/tips on how they handled certificate distributions, etc.? I wasn't using APR -- though it shouldn't be too terrible to switch from JSK configuration to openssl ; openssl is a *lot* more straightforward IMO -- and I wasn't actually using CLIENT-AUTH, but I did some playing-around a few years ago and posted a bunch to the list about it. Here's on of the threads: http://markmail.org/thread/vxwwli5nzt4itfr2 You could also look around the archives in the same general time period (fall 2009) for other semi-related posts by me. I wasn't able to find a post that said Here's what I actually got working though I'm reasonably certain I actually did do that. Finally, there is a (relatively) new Realm configuration attribute that you might want to check out if you want to use CLIENT-CERT: X509UsernameRetrieverClassName http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html - -chris -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAA2acACgkQ9CaO5/Lv0PApAwCgrbYroL5Ywjh2MvBZ1qzcBCAS wtMAni9T0f9K17xG3AN7IsdCxZZtPurr =N6zS -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org __ Confidentiality Notice: This Transmission (including any attachments) may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this transmission in error, please immediately reply to the sender or telephone (512) 343-9100 and delete this transmission from your system.
RE: Speeding up RMI calls
-Original Message- From: Pid [mailto:p...@pidster.com] Sent: Thursday, July 12, 2012 5:22 PM To: Tomcat Users List Subject: Re: Speeding up RMI calls On 09/07/2012 16:55, Andrew Kujtan wrote: Tomcat Version: 7.0.27 OS: Windows XP/7 I'm fixing an issue we are having with a webapp that does some communication over RMI with a remote server. Calls that would be instant in similar applications not inside the tomcat container are taking more than 30 seconds when called from tomcat. After debugging I've found that when an RMI call is made, the classlist containing all the jars in the webapp lib folders is being serialized with the data. Which wouldn't be a problem normally, except the webapp has 300 jars in its lib folder. In the other similar applications, are there 300+ jars on the classpath too? p Yes they are there as well, but the RMI calls don't include them, or any urls for that matter. The only solution I have found is to create a custom WebAppClassloader that returns a zero length URL array on the getURLs() call. We don't do any dynamic class loading so breaking that is not a problem. My question is, is there any other way to resolve this, like a configuration property? If not, are there any problems that I am going to introduce by overriding this method? Can I override the classloader for just this webapp or am I stuck doing it for the entire tomcat instance? Thanks, Andrew Kujtan -- [key:62590808] - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28
CRANFORD, CHRIS chris.cranf...@setech.com wrote: The OOME I am getting is coming from Heap, and that's even giving Tomcat 1GB of maximum heap. The instance seems to start successfully outside of the MyEclipse environment; however inside MyEclipse it fails miserably. The surprising part of this is that the instance has ran with half that amount of maximum Heap Memory prior to 7.0.29 without any problems or issues with memory errors. As far as number of jars in the LIB folder, we only have just over 100 jars totaling a max of 50mb. -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Saturday, July 14, 2012 12:13 PM To: Tomcat Users List Subject: Re: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28 Alberto, On Jul 14, 2012, at 8:42, Alberto Aresca alberto.are...@gmail.com wrote: I've just upgraded my tomcat from version 7.0.28 to the newly released 7.0.29 but while before my webapp was being expanded without any problem, now it is causing an OOME. Of course this can be easily fixed by increasing the heap size but before going forward in the upgrade i'd like to know if anyone else have been experiencing something similar or if something in the expansion implementation changed recently (i couldn't find anything in the release note) Can you provide any other information? Stack trace or heap dump? Is this regular heap or permgen? What are your heap settings? Is there anything else we should know about your web app? Do you have 500 jar files in your lib directory? Do you cache a large dataset on startup? -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Most likely the Jar scanning (which caches a lot of data during startup) is the cause. There is a patch to reduce the volume of cached data significantly in bugzilla at the moment. In the meantime, setting metadata-complete may help. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28
Thanks Mark! -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Monday, July 16, 2012 12:35 PM To: Tomcat Users List Subject: RE: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28 CRANFORD, CHRIS chris.cranf...@setech.com wrote: The OOME I am getting is coming from Heap, and that's even giving Tomcat 1GB of maximum heap. The instance seems to start successfully outside of the MyEclipse environment; however inside MyEclipse it fails miserably. The surprising part of this is that the instance has ran with half that amount of maximum Heap Memory prior to 7.0.29 without any problems or issues with memory errors. As far as number of jars in the LIB folder, we only have just over 100 jars totaling a max of 50mb. -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Saturday, July 14, 2012 12:13 PM To: Tomcat Users List Subject: Re: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28 Alberto, On Jul 14, 2012, at 8:42, Alberto Aresca alberto.are...@gmail.com wrote: I've just upgraded my tomcat from version 7.0.28 to the newly released 7.0.29 but while before my webapp was being expanded without any problem, now it is causing an OOME. Of course this can be easily fixed by increasing the heap size but before going forward in the upgrade i'd like to know if anyone else have been experiencing something similar or if something in the expansion implementation changed recently (i couldn't find anything in the release note) Can you provide any other information? Stack trace or heap dump? Is this regular heap or permgen? What are your heap settings? Is there anything else we should know about your web app? Do you have 500 jar files in your lib directory? Do you cache a large dataset on startup? -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Most likely the Jar scanning (which caches a lot of data during startup) is the cause. There is a patch to reduce the volume of cached data significantly in bugzilla at the moment. In the meantime, setting metadata-complete may help. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28
On 16.07.2012 19:35, Mark Thomas wrote: CRANFORD, CHRIS chris.cranf...@setech.com wrote: The OOME I am getting is coming from Heap, and that's even giving Tomcat 1GB of maximum heap. The instance seems to start successfully outside of the MyEclipse environment; however inside MyEclipse it fails miserably. The surprising part of this is that the instance has ran with half that amount of maximum Heap Memory prior to 7.0.29 without any problems or issues with memory errors. As far as number of jars in the LIB folder, we only have just over 100 jars totaling a max of 50mb. -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Saturday, July 14, 2012 12:13 PM To: Tomcat Users List Subject: Re: OOME while expanding a war with tomcat 7.0.29 but not with tomcat 7.0.28 Alberto, On Jul 14, 2012, at 8:42, Alberto Aresca alberto.are...@gmail.com wrote: I've just upgraded my tomcat from version 7.0.28 to the newly released 7.0.29 but while before my webapp was being expanded without any problem, now it is causing an OOME. Of course this can be easily fixed by increasing the heap size but before going forward in the upgrade i'd like to know if anyone else have been experiencing something similar or if something in the expansion implementation changed recently (i couldn't find anything in the release note) Can you provide any other information? Stack trace or heap dump? Is this regular heap or permgen? What are your heap settings? Is there anything else we should know about your web app? Do you have 500 jar files in your lib directory? Do you cache a large dataset on startup? -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Most likely the Jar scanning (which caches a lot of data during startup) is the cause. There is a patch to reduce the volume of cached data significantly in bugzilla at the moment. In the meantime, setting metadata-complete may help. Bugzilla link: https://issues.apache.org/bugzilla/show_bug.cgi?id=53535 Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
service() failed with http error 413 - error log message from isapi_redirect.log file
Hi, We are using HP Service Manager 9.2 system. The web client tier was set up using Windows 2008 R2 64-bit, IIS 7.5, Tomcat 6 and Isapi Redirector 1.2.30. The client is accessing the site by https because we had created a certificate and binded it to the IIS. Here are the steps that I used: 1. Go to IIS. 2. Go to Server Certificate. 3. Choose complete certificate request. 4. Upload the certificate file with the cer extension. 5. Go to Default Website. 6. Bind it to HTTPS and point it to the certificate that you just uploaded in #4. Everything is working fine. User can access the system through web. I noticed the following messages (attached fle ) from the isapi_redirect.log file. Would appreciate it if someone can provide additional information about the message and some ways/ideas on stopping them from occurring. My apologies if the information that I have provided is not complete. Let me know so I can add some more details. Thanks and regards! Ann[Sun Jul 15 21:12:23.658 2012] [696:2864] [error] ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value [Sun Jul 15 21:12:23.705 2012] [696:2864] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Sun Jul 15 21:12:23.861 2012] [696:2864] [error] ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value [Sun Jul 15 21:12:23.877 2012] [696:2864] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Sun Jul 15 21:12:27.543 2012] [696:2864] [error] ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value [Sun Jul 15 21:12:27.558 2012] [696:2864] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Sun Jul 15 21:12:27.621 2012] [696:2864] [error] ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value [Sun Jul 15 21:12:27.668 2012] [696:2864] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Sun Jul 15 21:12:33.081 2012] [696:2864] [error] ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value [Sun Jul 15 21:12:33.128 2012] [696:2864] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Sun Jul 15 21:12:33.221 2012] [696:2864] [error] ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value [Sun Jul 15 21:12:33.237 2012] [696:2864] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 12:50:51.388 2012] [3420:6708] [error] ajp_marshal_into_msgb::jk_ajp_common.c (588): failed appending attribute HTTPS_SERVER_ISSUER=C=AU, S=This Location, L=X, O=This Company, OU=Corporate IT, CN=Y, E=a...@z.com.au [Mon Jul 16 12:50:51.435 2012] [3420:6708] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 13:00:55.576 2012] [3420:6632] [error] ajp_marshal_into_msgb::jk_ajp_common.c (588): failed appending attribute HTTPS_SERVER_ISSUER=C=AU, S=This Location, L=X, O=This Company, OU=Corporate IT, CN=Y, E=a...@z.com.au [Mon Jul 16 13:00:55.623 2012] [3420:6632] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 13:02:55.587 2012] [3420:5152] [error] ajp_marshal_into_msgb::jk_ajp_common.c (588): failed appending attribute HTTPS_SERVER_ISSUER=C=AU, S=This Location, L=X, O=This Company, OU=Corporate IT, CN=Y, E=a...@z.com.au [Mon Jul 16 13:02:55.634 2012] [3420:5152] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 13:03:15.477 2012] [3420:3164] [error] ajp_marshal_into_msgb::jk_ajp_common.c (588): failed appending attribute HTTPS_SERVER_ISSUER=C=AU, S=This Location, L=X, O=This Company, OU=Corporate IT, CN=Y, E=a...@z.com.au [Mon Jul 16 13:03:15.524 2012] [3420:3164] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 13:03:16.585 2012] [3420:6708] [error] ajp_marshal_into_msgb::jk_ajp_common.c (588): failed appending attribute HTTPS_KEYSIZE=128 [Mon Jul 16 13:03:16.585 2012] [3420:3124] [error] ajp_marshal_into_msgb::jk_ajp_common.c (598): failed appending the message end [Mon Jul 16 13:03:16.616 2012] [3420:6708] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 13:03:16.647 2012] [3420:3124] [error] HttpExtensionProc::jk_isapi_plugin.c (2195): service() failed with http error 413 [Mon Jul 16 15:19:37.365 2012] [3420:6708] [emerg] HttpFilterProc::jk_isapi_plugin.c (1921): [/sm9/dv/META-INF/services/javax.xml.transform.TransformerFactory] points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!! [Mon Jul 16 16:23:27.508 2012] [3420:292] [error]
Re: service() failed with http error 413 - error log message from isapi_redirect.log file
Hi Ann, On Mon, 2012-07-16 at 19:18 -0700, ann ramos wrote: Hi, We are using HP Service Manager 9.2 system. The web client tier was set up using Windows 2008 R2 64-bit, IIS 7.5, Tomcat 6 and Isapi Redirector 1.2.30. The client is accessing the site by https because we had created a certificate and binded it to the IIS. Here are the steps that I used: 1. Go to IIS. 2. Go to Server Certificate. 3. Choose complete certificate request. 4. Upload the certificate file with the cer extension. 5. Go to Default Website. 6. Bind it to HTTPS and point it to the certificate that you just uploaded in #4. Everything is working fine. User can access the system through web. I noticed the following messages (attached fle ) from the isapi_redirect.log file. Would appreciate it if someone can provide additional information about the message and some ways/ideas on stopping them from occurring. As the log message suggests, 413 is a standard HTTP error code. Quote from http://www.faqs.org/rfcs/rfc2616.html: 10.4.14 413 Request Entity Too Large The server is refusing to process a request because the request entity is larger than the server is willing or able to process. The server MAY close the connection to prevent the client from continuing the request. If the condition is temporary, the server SHOULD include a Retry- After header field to indicate that it is temporary and after what time the client MAY try again. Based on messages like this from the log you attached: ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value it sounds like you might need to bump 'max_packet_size' in your workers.properties. See http://tomcat.apache.org/connectors-doc/reference/workers.html for details. HOWEVER, did you notice this in the log? [Mon Jul 16 15:19:37.365 2012] [3420:6708] [emerg] HttpFilterProc::jk_isapi_plugin.c (1921): [/sm9/dv/META-INF/services/javax.xml.transform.TransformerFactory] points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!! Someone may be trying to exploit buffer overruns on your site. My apologies if the information that I have provided is not complete. Let me know so I can add some more details. Thanks and regards! Ann - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org signature.asc Description: This is a digitally signed message part
Re: service() failed with http error 413 - error log message from isapi_redirect.log file
Thanks Tim for your quick reply. I have already increased the max_packet_size to the maximum allowable value way way before and it still comes up: worker.wlb.max_packet_size=65536 Yeah, I noticed the message about the hacking thing. The website only runs internally. I found a good explanation of that message on the net, something about the HP SM software trying to access a file(s) directly under the WEB-INF folder. So I don't worry about that message for now. Just the Request Entity Too Large error is the one that I want to concentrate on at the moment. From: Tim Watts t...@cliftonfarm.org To: users@tomcat.apache.org Sent: Tuesday, 17 July 2012 2:06 PM Subject: Re: service() failed with http error 413 - error log message from isapi_redirect.log file Hi Ann, On Mon, 2012-07-16 at 19:18 -0700, ann ramos wrote: Hi, We are using HP Service Manager 9.2 system. The web client tier was set up using Windows 2008 R2 64-bit, IIS 7.5, Tomcat 6 and Isapi Redirector 1.2.30. The client is accessing the site by https because we had created a certificate and binded it to the IIS. Here are the steps that I used: 1. Go to IIS. 2. Go to Server Certificate. 3. Choose complete certificate request. 4. Upload the certificate file with the cer extension. 5. Go to Default Website. 6. Bind it to HTTPS and point it to the certificate that you just uploaded in #4. Everything is working fine. User can access the system through web. I noticed the following messages (attached fle ) from the isapi_redirect.log file. Would appreciate it if someone can provide additional information about the message and some ways/ideas on stopping them from occurring. As the log message suggests, 413 is a standard HTTP error code. Quote from http://www.faqs.org/rfcs/rfc2616.html: 10.4.14 413 Request Entity Too Large The server is refusing to process a request because the request entity is larger than the server is willing or able to process. The server MAY close the connection to prevent the client from continuing the request. If the condition is temporary, the server SHOULD include a Retry- After header field to indicate that it is temporary and after what time the client MAY try again. Based on messages like this from the log you attached: ajp_marshal_into_msgb::jk_ajp_common.c (469): failed appending the header value it sounds like you might need to bump 'max_packet_size' in your workers.properties. See http://tomcat.apache.org/connectors-doc/reference/workers.html for details. HOWEVER, did you notice this in the log? [Mon Jul 16 15:19:37.365 2012] [3420:6708] [emerg] HttpFilterProc::jk_isapi_plugin.c (1921): [/sm9/dv/META-INF/services/javax.xml.transform.TransformerFactory] points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!! Someone may be trying to exploit buffer overruns on your site. My apologies if the information that I have provided is not complete. Let me know so I can add some more details. Thanks and regards! Ann - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
