Using the bin/daemon.sh script on ubuntu.
Hi, could someone point me to a good source how to use that (with ubuntu and Tomcat 7)? The internet is full of selfmade /etc/init.d/ scripts, but mostly it isn't used it as a real service (jsvc). Keyword: bin/*daemon.sh* Even the books Apache Tomcat 7 and Tomcat 7 Essentials are not talking about it. On the docs I've found this [0]: cd $CATALINA_HOME/bin tar xvfz commons-daemon-native.tar.gz cd commons-daemon-1.0.x-native-src/unix ./configure make cp jsvc ../.. cd ../.. But what about: * set env. variables (maybe: catalina.sh?, /etc/profiles?) * adjust the heap size * logging to the right directory (like: /var/log/tomcat/...) * specifying the User: tomcat Best Regards, Christian. [0]: http://tomcat.apache.org/tomcat-7.0-doc/setup.html#Unix_daemon
Re: mod deflate compressions not working with loadbalancer
it was a loadbalanced configuration with 3 workers after loadbalancing i was still unmounting the workers instead of loadbalancer its working now when i unmounted on loadbalancer so compressions are working :) On Mon, Jul 29, 2013 at 9:50 PM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Visioner, On 7/29/13 10:18 AM, Visioner Sadak wrote: I have an apache http server and 3 tomcat servers connected in cluster i used to do mod deflate when i had no cluster with just one worker1 like JkMount /test/* worker1 all gzip compressions were working fine but when i loadbalance with 3 workers compressions dont work JkMount /test/* loadbalancer any idea friends what i am doing wrong here Can you please give more of your configuration? For instance, what is your worker configuration, and what is your mod_deflate configuration? When you say compressions dont work, what do you mean? Does the client get an uncompressed response? An error? Garbage? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR9pY3AAoJEBzwKT+lPKRYfYMP/RpFpyHtxpGDdlC4mgJfrAzG 6jzJW+Tfv0M8WAyBd8UU3pMTyRGVVQqFG4bwFo4YGgoeBH+gorT1m+G8tQ+6LnwG hzxA+tD0WqTS1ITOuJOxBnZdMccN6E+c691rG5EiaEy8wPilnYPCdhZAwwZ93L2l 90u+/Rdz9eLQu+Ky8AZrHZnYB3GYZ7JP4+rXdeFen7xAkjUJT4Gkg3LL790HueVl Lg0nryLxL5NTpd7ZPPGXWvEkpshIUDtV32LiVG03IzbUSfUmBJOxmv3xL59QlFno TsIdr060XvDqtrZZ2FalhA78VWmqu18VL6iAsfzZbvZKaGH4E9YXTRgcWHaZ/9OC X8v3Sn7RIBwRSA3Tbh6ldajQzQYkewSPFapzh024sBrMUwYJGs5dzy5YcKBK6wFD q3nQe/HGhV9zKjpg2PzBLsoLZWW6SYi+Y04ehXFjUZvXNFpSIuRozsnr6oVEzrRY t26OnKJymI3Qi9mkA8bgoAoNwW6NcL0xh2+45kXdtyMGvb0Kc0h6rVgs6qcdNozN 7qVTKEgga+z+OfTJEDkhjVsAP8sAg8/9uF7n/MPBHo7WfcdJSbUjb/y/sOIbk7Rk 0v7tAi7AsE3BNSw2S19dyFcop5JYb6lIvUMcTfdMyXn34Ps86LBEifR/O+gfibf9 edvfdBNVR7zcX9OqIL2i =9Toy -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: secure cookies
On Tue, Jul 30, 2013 at 6:51 AM, Christopher Schultz ch...@christopherschultz.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jeffrey, On 7/29/13 4:09 PM, Jeffrey Janner wrote: Thanks for the verification, Mark. I was under the impression you'd only want to [set secure=true] if you were already front-ending the site with something that was doing the SSL for you (e.g. httpd or a proxy), and the server spoke HTTP between each other. We use secure=true for loopback-only connectors to avoid the overhead of SSL when we know the requests are going to come from localhost (we have Apache Cocoon running in a separate JVM calling-back to our main webapp for some XML). So there are some non-fronting use cases, too. (Note that mod_jk already sets the secure flag with each request if the original request to httpd came over HTTPS.) Our app accepts an initial request to the login page on HTTP, but should be automatically routed to the HTTPS connector due to transport-guarantee before the page is actually sent back. Then we actually invalidate the session and create a new on successful login, and that session/cookie is used for the rest of the user's time on the site. So all I really need to do to implement at 6.x is the context change. Tomcat changes the session id (without actually destroying the session) after authentication, so if you are using Tomcat's authentication, then there is no need for the invalidation you describe above. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR9xURAAoJEBzwKT+lPKRYVdIQAIrWoSOO3bSCTb0Ot6B7r9xy mGGlc3AwAImitS/FvWB2Rjx60doth8MqTD8A31abK+Ec9Gd1cbsWqTgea3VddYO7 HYJfFrC4Nn7hcnsBXKkCjfJ/fnDzcodQrfg1aw/fbQpxVFzuEFI0JkIHdT1XE196 zz6yy/hIo0X32HMRVK4rQYVdxDtDbgMyWbHB62PilxiLXvSzX3X2BN5F6qECy3+N BsVKeuG5SYITOySQ5lfCxSY47e9tzjmYcvfoEh+PqZoLl28SjRuv8j8zUqLVUBzf n+w3GFK7qdEt7QJdOA2uMmNS8NV5B18NjckVI5xyKtHmGrLlLBSSSVNHaQbZbYK/ KzpBDdCv77UMS+RMgl7v1SfoNhRjiE+TYaDevwKrKs59+vXiv7TxyTcSuwDyB9zh zx9vxK/OGA667FesOUkTC4NFewl/5HWpulJvhhs2jj61E54EqzemQO789mZykhyZ COujCJXYqcpvas4gp+UGviacrjFTbQ7DWi0dzGhTzrlexLyK/5TjMsurUaK/lBYv GsDXxkQVGGZoP0ZKfoi+bYJKFTb3nUqHEGc17BXjlFT+nSB0Otb5QbpumtBpoOmQ dyltiro4acsP5fxSpJnHYXVr7i+UQg+c+RiHeJRPFKBLWKcwLYf/Dcu1AD9Crfw0 eCjLf9tOerjoA+PeKGFr =ZKug -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Hi Christopher, When you say after successful authentication tomcat re-creates a new session, what do you mean by that? Can you explain it in bit more details? -- BR, Prafull
Re: secure cookies
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Prafull, On 7/30/13 9:44 AM, Prafull wrote: On Tue, Jul 30, 2013 at 6:51 AM, Christopher Schultz ch...@christopherschultz.net wrote: Jeffrey, On 7/29/13 4:09 PM, Jeffrey Janner wrote: Thanks for the verification, Mark. I was under the impression you'd only want to [set secure=true] if you were already front-ending the site with something that was doing the SSL for you (e.g. httpd or a proxy), and the server spoke HTTP between each other. We use secure=true for loopback-only connectors to avoid the overhead of SSL when we know the requests are going to come from localhost (we have Apache Cocoon running in a separate JVM calling-back to our main webapp for some XML). So there are some non-fronting use cases, too. (Note that mod_jk already sets the secure flag with each request if the original request to httpd came over HTTPS.) Our app accepts an initial request to the login page on HTTP, but should be automatically routed to the HTTPS connector due to transport-guarantee before the page is actually sent back. Then we actually invalidate the session and create a new on successful login, and that session/cookie is used for the rest of the user's time on the site. So all I really need to do to implement at 6.x is the context change. Tomcat changes the session id (without actually destroying the session) after authentication, so if you are using Tomcat's authentication, then there is no need for the invalidation you describe above. -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Hi Christopher, When you say after successful authentication tomcat re-creates a new session, what do you mean by that? Can you explain it in bit more details? I didn't say that Tomcat re-created a new session. In fact, I said the opposite: Tomcat does not destroy the session. Instead, it changes the session identifier associated with the existing session. This is done to prevent session-fixation attacks. You can read all about it here: http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR98zLAAoJEBzwKT+lPKRYgUYP/1NOvgOUEP7Oe74J36pTEzeH ixUJrV2B9Iiju9XLrkhwRwEXALcVyUoDPeXMfGnsoJY5o26XnXLApXDwoNCIGnPu NbbLNOs7syHJsd1ClptU3V8ySQ39X00BRF/qiT+32HmMoSb9gIoMyU7Wj/+Eytpi QJ8a1G2IwyUlCfmfcZSXGbfOTNIO8bwJeeZtRamioCuSrZjVhguB7XK+IL2llhUP sgp5tpc5LXiJaTF/C81i1dJjfffae2/lY/zNWTv7uxBQ+bgQWMG53yR0GRaWVtuo EtM4N79eM/2b5kWCcOHBn7DNmhwITTvsOJGh0TRIMwdVT/AsiKXw4w+REHA9xB6r 0gpGR2Zdpf63IktWwfG/ZnFqmEgbABasV6O4/Vv0Idwxx1D00IyLm1KStvv8sOha 78eQ5RZM+iQ22L3KvBKn+o3spmQ66m7QPr/I9nkbipsTHxDK0MObM8ei6SAhBQec RT7vHk+WoUomaLJUQFnyuIVkiOdPtefsGQM9m8Q5TtQ7hyPRLydUwnSd7yRnUenO nMKfQT/zImhrcXjy8jKH9fVQWBlOmKJNcU/WZogJ7s23PS8/Ei1PLMNiXh60N/Ok xZxQ9LP4O/60EYHE4zRToj95qILnBxqwIhWM9h8lpv/YeqrF9/yltfql0BDXs5XO z+cdjl7S/BFf7ZUNKVmO =B93k -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Using the bin/daemon.sh script on ubuntu.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Christian, On 7/30/13 5:58 AM, Christian Schneider wrote: could someone point me to a good source how to use [bin/daemon.sh with ubuntu and Tomcat 7]? The script can be used directly. Maybe you can clarify your question? The internet is full of selfmade /etc/init.d/ scripts, but mostly it isn't used it as a real service (jsvc). Keyword: bin/*daemon.sh* Even the books Apache Tomcat 7 and Tomcat 7 Essentials are not talking about it. On the docs I've found this [0]: cd $CATALINA_HOME/bin tar xvfz commons-daemon-native.tar.gz cd commons-daemon-1.0.x-native-src/unix ./configure make cp jsvc ../.. cd ../.. Good, you've built jsvc. But what about: * set env. variables (maybe: catalina.sh?, /etc/profiles?) * adjust the heap size * logging to the right directory (like: /var/log/tomcat/...) * specifying the User: tomcat The script is fairly readable, though less-well documented than bin/catalina.sh. Most of the environment variables recognized by bin/catalina.sh are also recognized by bin/daemon.sh. For instance: CATALINA_HOME CATALINA_BASE CATALINA_OPTS CATALINA_PID CATALINA_OUT CATALINA_TMP (note: catalina.sh uses CATALINA_TMPDIR) JAVA_ENDORSED_DIRS JAVA_HOME JAVA_OPTS TOMCAT_USER It also accepts these (undocumented, other than by reading the script itself) command-line arguments with fairly obvious behavior: --java-home --catalina-home --catalina-base --catalina-pid --tomcat-user --service-start-wait-time (sets the wait time for jsvc) Feel free to log an enhancement request for documenting daemon.sh: it really should be documented as well as catalina.sh is (e.g. with comments at the top of the script). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR988tAAoJEBzwKT+lPKRYmCAQAL38IlpgYTFPTPyKX/p4HycH 4OtbpzBHsK3o/rB4gRfjjm7ClWIt36WEPv2Wrceo+fBXHI5dC7V+2IA+BGp4leux iUIHeVRGR+FFoqLWr+iDmUs0v9dSZtB2tAffbL437iA7V5cdc7sPkbCVuHxjw+tU O6VOUbfxYGSyFg0B4POcyyH+sDC804Jz6Uu7PnWO9OyeQLHGB9MMbYwUoH/DEW+r YAMsECgmhi8yrlHxz6Zj38QdyAZtMnuxeoVSuo2r/CDfIyXtdHF4xR21H6W8jV6c mRCYRduJkBx/JPvP1X9batfofGgOBPqZ2JKeUcIu68Hjn9mLfCm9QXKpELesMSKp lZkc9HxqeFV7PJjAyYxtMsYLhj0fVHBOzY6GSfPSF5DZwjHNUCeDttObHvmY4PEn V0FjcZYDAcGwFoni+IZ0eEHqq3wL7AwZ2FJm0ohkdqfmdly7gaOIHGnFxs/hk+yw LeXlKp9qRZeJDIfcnehtNvHwyFqUeFCODXPYe0tUYP6SoPWCVnt+XjiXk4utNYx3 o87tmC4KCt04EGu77sE3nBXb5ED0fXBiYb3LVNP6PpEsF1KhWjI3L2N6aEUZ8Zmm K5UvwQsqKjuL994ZFMr7rWeXbUk65/j4SrjmRd0VkFSb8yVyWFA8bTs5HLzsIGSp NMBXhS570Bw/eohCf3G2 =i2WL -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Authentication from a REST service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Martin, On 7/29/13 12:30 PM, Martin O'Shea wrote: Sorry Chris, I'm not sure what I'm looking for here. Can you elaborate? Just read the whole page: Container-provided authentication can be done without writing any code at all: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html If you don't understand, come back and ask more specific questions. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR989xAAoJEBzwKT+lPKRY8VUP/1DQKKTOcQCfMOBjg408Ow5T aryNprNv6d6FoOfgYkc1NSkjzhkEp9JTkcplHT+EpIAL1m7VSrP+3zWZYvdhypEN 2lOCbYO6QYnYJVkX2NUuKwU4f7jpQbiPkSC0Hl2BSz4JKJaC2OMUsPe38hsedGLY 8exZ8VntTUmmvYhKBB3On0Gm2ckSnsWwsLWlOEDFPXgA9856c6Bgy8EFlF7Cws3d 0FxIUBA3YP2SZ2Iz9n4bxSA96Bu1geh2+/lHav01I6+GSXVPDXyYk0o7N40arPQ3 88jBghVR4Z6GoqeMlj+1cDC1W/2BiAatRhzQrBIt38pv4xEkM4E/njxnDxEm/VMI RHp57d2NHm39C/Qymrs4hWtn4llHvs5TIkFzk6cTV0bIWJIbPLyjU+6m4J6zSYto qaw/t5qeXziElZBCY/W3RkPmenEPdgVFyaZisretiCcTmaM3M3LHGU4K8XFfJWC5 R0xsf+smPNJn7dl/BvI+9sugGTfznraJnUJTUc11O2u9HAjy7RIH4GxEcsOqgfqp IJnCktp4lGJxA2icM4i+jYtqYOeHz8bKatkqy+TESrbZI0DdVi/cadHNky0DcMO2 5MdMKkUU/LaKNRaUmgRl94v2jdEbXlry22ZW0kltdkj3iahxH4hHfMCp69kVqmH8 3scrp+O5WeSMaUIuFrLc =8GgT -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Controlling permissions when creating directories
Hi Scott, Try following 1. Stop the services 2. Set the umask to 002. Command for the same is umask 022 3. Start the services Remember you need to perform all above in a single shell/terminal. Above umask will give permissions are as follows Directory 775 File 664 Regards, Vidyadhar Sent on my BlackBerry® from Vodafone -Original Message- From: Christopher Schultz ch...@christopherschultz.net Date: Mon, 29 Jul 2013 21:16:57 To: Tomcat Users Listusers@tomcat.apache.org Reply-To: Tomcat Users List users@tomcat.apache.org Subject: Re: Controlling permissions when creating directories -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Scott, On 7/29/13 8:36 PM, Scott Derrick wrote: I am using tomcat7, on centOS6 The app crates a folder, uploads a file to the folder, processes the file and then provides a download link to the resulting file. All this works fine on a tomcat7 server running on my desktop machine. Running tomcat7 on the server, its broke. I create the folder, OK. I upload the file, OK I run the first process, NOT! I've tracked it down the permissions on the created folders. They don't have write access on the group, so the write fails. If I manually change the permission to 0760 it works fine. I specify write permissions when I create the folder but it doesn't get set. Pesky Java 7 API. I'll have to read-up on that some time. Its always drwxr-x--- My code in the servlet is */ Path imagePath = Paths.get(baseDir, user, Accession, Accession); SetPosixFilePermission perms = PosixFilePermissions.fromString(rwxrwxr--); FileAttributeSetlt;PosixFilePermission attr = PosixFilePermissions.asFileAttribute(perms); Files.createDirectory(imagePath.toAbsolutePath(), attr);/ * The permissions must be overridden somewhere. If I apply a more restrictive permission, say 0600, that gets set correctly., I can't seem to set the group permission to writable. Any ideas! I've been banging on this for hours! Any idea how PosixFilePermissions works with the process's umask? What kind of filesystem is it? What is the umask of the process? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR9xQGAAoJEBzwKT+lPKRY8UwP/RAvdvFPWwSb5W3OsOf1Veh0 hDLXTz3vV6gTDhPwiWMnuoAZEKLEz+kcJqMeeJxt1w1+pzcnm2JOnHETr95SpXuC X9LT2Qi3w686E2BrHjm+5ad1KN4KqXmcU0Eyh8HLPudyZwiNBMkhY8o3pLLDTEZF 4TxTzQoNSFSXsX1UcCQQM0bUYsURuvamhs8xytSa1VrTKLJUxaGFicZ+g+OVR5In Zg5Fg/BfjWDKGYW1ILWDaVG8dwCZ+CCwOOq6kBNZaU9zaPY2TSfkC8XAiY7xvah9 noLYUsSi2yEThqcPkn9QFZcKZFw24Vu7wQwhp2NihsKWu+WqAYOhFwRXegER6lnL k7JAuE/35+Y5V2Kxei34Ov/UW8tsuMi8c9G3B3lhBeaCT1MFMnjcpZn2LWeoXzBE 5of6TFQYmMjVhj0NJXBpThluomSkhOh9XmyWyzLcT+HmOjsAD+U30z5GrNBqFjN7 Sh4Xywrdolg8qS75mc4D6tf1vXkKYlHCM1/TOchB+8xdQPOQ+O97pDxzthKdpij7 5KuoNT/n2Zfdsuu5DVS3xjROeyst5Elwb6DNsSnAgzCjBxf8GFNniURcsoXA074t M6IXIMnen4lA/ipvRrV0iKQz+DNkiriDi8HA4Ze2ecE9LY6ETCW5ax4x518xeFty e8YrrK03AKUtpe9y5oWC =OOCi -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: secure cookies
-Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Monday, July 29, 2013 8:21 PM To: Tomcat Users List Subject: Re: secure cookies -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jeffrey, On 7/29/13 4:09 PM, Jeffrey Janner wrote: Thanks for the verification, Mark. I was under the impression you'd only want to [set secure=true] if you were already front-ending the site with something that was doing the SSL for you (e.g. httpd or a proxy), and the server spoke HTTP between each other. We use secure=true for loopback-only connectors to avoid the overhead of SSL when we know the requests are going to come from localhost (we have Apache Cocoon running in a separate JVM calling-back to our main webapp for some XML). So there are some non-fronting use cases, too. (Note that mod_jk already sets the secure flag with each request if the original request to httpd came over HTTPS.) Our app accepts an initial request to the login page on HTTP, but should be automatically routed to the HTTPS connector due to transport-guarantee before the page is actually sent back. Then we actually invalidate the session and create a new on successful login, and that session/cookie is used for the rest of the user's time on the site. So all I really need to do to implement at 6.x is the context change. Tomcat changes the session id (without actually destroying the session) after authentication, so if you are using Tomcat's authentication, then there is no need for the invalidation you describe above. We don't use Tomcat Auth, though I'm arguing for changing to Tomcat w/Form Auth so it's easier to support 2-factor auth for those customers who insist on it. I'm not sure of the exact methodology employed, but I'm sure it's similar.
Re: Controlling permissions when creating directories
Vidyadhar, thanks for the tip! The host we use, uses the java service wrapper to launch tomcat so I added wrapper.java.umask=0002 to the .conf file. Now I can ratchet the the permissions down with PosixFilePermisions All is well now. thanks again, Scott Original Message Subject: Re: Controlling permissions when creating directories From: Techienote com [via Tomcat] lt;ml-node+s10n500236...@n6.nabble.comgt; To: sderrick lt;sc...@tnstaafl.netgt; Date: 07/30/2013 08:52 AM Hi Scott, Try following 1. Stop the services 2. Set the umask to 002. Command for the same is umask 022 3. Start the services Remember you need to perform all above in a single shell/terminal. Above umask will give permissions are as follows Directory 775 File 664 Regards, Vidyadhar Sent on my BlackBerry® from Vodafone -Original Message- From: Christopher Schultz lt; [hidden email] gt; Date: Mon, 29 Jul 2013 21:16:57 To: Tomcat Users Listlt; [hidden email] gt; Reply-To: Tomcat Users List lt; [hidden email] gt; Subject: Re: Controlling permissions when creating directories -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Scott, On 7/29/13 8:36 PM, Scott Derrick wrote: gt; I am using tomcat7, on centOS6 gt; gt; The app crates a folder, uploads a file to the folder, processes gt; the file and then provides a download link to the resulting file. gt; All this works fine on a tomcat7 server running on my desktop gt; machine. Running tomcat7 on the server, its broke. gt; gt; I create the folder, OK. I upload the file, OK I run the first gt; process, NOT! gt; gt; I've tracked it down the permissions on the created folders. They gt; don't have write access on the group, so the write fails. If I gt; manually change the permission to 0760 it works fine. I specify gt; write permissions when I create the folder but it doesn't get set. Pesky Java 7 API. I'll have to read-up on that some time. gt; Its always drwxr-x--- My code in the servlet is gt; gt; */ Path imagePath = Paths.get(baseDir, user, Accession, gt; Accession); Setlt;PosixFilePermissiongt; perms = gt; PosixFilePermissions.fromString(rwxrwxr--); gt; FileAttributelt;Setamp;lt;PosixFilePermissiongt;gt; attr = gt; PosixFilePermissions.asFileAttribute(perms); gt; Files.createDirectory(imagePath.toAbsolutePath(), attr);/ * gt; gt; The permissions must be overridden somewhere. If I apply a more gt; restrictive permission, say 0600, that gets set correctly., I can't gt; seem to set the group permission to writable. gt; gt; Any ideas! I've been banging on this for hours! Any idea how PosixFilePermissions works with the process's umask? What kind of filesystem is it? What is the umask of the process? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJR9xQGAAoJEBzwKT+lPKRY8UwP/RAvdvFPWwSb5W3OsOf1Veh0 hDLXTz3vV6gTDhPwiWMnuoAZEKLEz+kcJqMeeJxt1w1+pzcnm2JOnHETr95SpXuC X9LT2Qi3w686E2BrHjm+5ad1KN4KqXmcU0Eyh8HLPudyZwiNBMkhY8o3pLLDTEZF 4TxTzQoNSFSXsX1UcCQQM0bUYsURuvamhs8xytSa1VrTKLJUxaGFicZ+g+OVR5In Zg5Fg/BfjWDKGYW1ILWDaVG8dwCZ+CCwOOq6kBNZaU9zaPY2TSfkC8XAiY7xvah9 noLYUsSi2yEThqcPkn9QFZcKZFw24Vu7wQwhp2NihsKWu+WqAYOhFwRXegER6lnL k7JAuE/35+Y5V2Kxei34Ov/UW8tsuMi8c9G3B3lhBeaCT1MFMnjcpZn2LWeoXzBE 5of6TFQYmMjVhj0NJXBpThluomSkhOh9XmyWyzLcT+HmOjsAD+U30z5GrNBqFjN7 Sh4Xywrdolg8qS75mc4D6tf1vXkKYlHCM1/TOchB+8xdQPOQ+O97pDxzthKdpij7 5KuoNT/n2Zfdsuu5DVS3xjROeyst5Elwb6DNsSnAgzCjBxf8GFNniURcsoXA074t M6IXIMnen4lA/ipvRrV0iKQz+DNkiriDi8HA4Ze2ecE9LY6ETCW5ax4x518xeFty e8YrrK03AKUtpe9y5oWC =OOCi -END PGP SIGNATURE-
Configuration question for 2500 simultaneous users.
The project I'm working on has 5000 simultaneous users average. I have two physical servers both running an instance of Tomcat 7.0. They're behind a physical load balancer with sticky, least connections balancing. Nothing in front of the Tomcats. Port 80 to is routed to them by iptables. Anyone out there willing to offer some tips (or point me to them) on configuration for this amount of traffic? Environment is: DELL PowerEdge R720 - 32 GB DELL RAM, GB Memory: 32 Single Socket Six Core Intel Xeon E5-2640 2.5GHz, #Processors: 1, #Cores per Proc: 6 RHEL 6 TIA, Alec
Re: Configuration question for 2500 simultaneous users.
On 7/30/2013 12:42 PM, Tomcat Random wrote: The project I'm working on has 5000 simultaneous users average. I have two physical servers both running an instance of Tomcat 7.0. They're behind a physical load balancer with sticky, least connections balancing. Nothing in front of the Tomcats. Port 80 to is routed to them by iptables. Anyone out there willing to offer some tips (or point me to them) on configuration for this amount of traffic? Environment is: DELL PowerEdge R720 - 32 GB DELL RAM, GB Memory: 32 Single Socket Six Core Intel Xeon E5-2640 2.5GHz, #Processors: 1, #Cores per Proc: 6 RHEL 6 TIA, Alec A great overview, and a solid outline of the process you should follow: http://people.apache.org/~markt/presentations/2009-04-01-TomcatTuning.pdf That, plus profiling your application with real-world traffic to understand bottlenecks and use cases . . . . . . just my two cents. /mde/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configuration question for 2500 simultaneous users.
Thanks Mark, I will give it a close read. As far as profiling, are you using any tools that are worth mentioning? Best, A On Tue, Jul 30, 2013 at 4:02 PM, Mark Eggers its_toas...@yahoo.com wrote: On 7/30/2013 12:42 PM, Tomcat Random wrote: The project I'm working on has 5000 simultaneous users average. I have two physical servers both running an instance of Tomcat 7.0. They're behind a physical load balancer with sticky, least connections balancing. Nothing in front of the Tomcats. Port 80 to is routed to them by iptables. Anyone out there willing to offer some tips (or point me to them) on configuration for this amount of traffic? Environment is: DELL PowerEdge R720 - 32 GB DELL RAM, GB Memory: 32 Single Socket Six Core Intel Xeon E5-2640 2.5GHz, #Processors: 1, #Cores per Proc: 6 RHEL 6 TIA, Alec A great overview, and a solid outline of the process you should follow: http://people.apache.org/~**markt/presentations/2009-04-** 01-TomcatTuning.pdfhttp://people.apache.org/~markt/presentations/2009-04-01-TomcatTuning.pdf That, plus profiling your application with real-world traffic to understand bottlenecks and use cases . . . . . . just my two cents. /mde/ --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Configuration question for 2500 simultaneous users.
On 7/30/2013 1:17 PM, Tomcat Random wrote: Thanks Mark, I will give it a close read. As far as profiling, are you using any tools that are worth mentioning? Nothing outstanding, since currently all of our applications are pretty lightweight. That may change if we redo the architecture. JMeter / Selenium in combination can generate a lot of traffic. Generate a selenium test script, export to JUnit, couple with HTMLUnit, and hammer away. There are several ways to watch what goes on with your application: JConsole VisualVM The Tomcat Wiki page has more: http://wiki.apache.org/tomcat/FAQ/Monitoring For lighter weight profiling (usually to figure out where the application bottlenecks are), I run the project under NetBeans and instrument the project. Access logs are usually a good first source for generating JMeter tests. In general, people can only give you guidelines concerning sizing, profiling, and benchmarking. The particulars depend on your particular application. . . . . just my two cents. /mde/ PS - Please don't top post. Best, A On Tue, Jul 30, 2013 at 4:02 PM, Mark Eggers its_toas...@yahoo.com wrote: On 7/30/2013 12:42 PM, Tomcat Random wrote: The project I'm working on has 5000 simultaneous users average. I have two physical servers both running an instance of Tomcat 7.0. They're behind a physical load balancer with sticky, least connections balancing. Nothing in front of the Tomcats. Port 80 to is routed to them by iptables. Anyone out there willing to offer some tips (or point me to them) on configuration for this amount of traffic? Environment is: DELL PowerEdge R720 - 32 GB DELL RAM, GB Memory: 32 Single Socket Six Core Intel Xeon E5-2640 2.5GHz, #Processors: 1, #Cores per Proc: 6 RHEL 6 TIA, Alec A great overview, and a solid outline of the process you should follow: http://people.apache.org/~**markt/presentations/2009-04-** 01-TomcatTuning.pdfhttp://people.apache.org/~markt/presentations/2009-04-01-TomcatTuning.pdf That, plus profiling your application with real-world traffic to understand bottlenecks and use cases . . . . . . just my two cents. /mde/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Cannot start apache tomcat 7.0 if server path contains two consecutive spaces.
Hi all, I am newbie here. Today, I tried to start apache tomcat 7.0.42 in Linux environment. Server path contains two consecutive spaces. When I run ./catalina.sh run, server cannot start and there is the following exception in console ./catalina.sh run Using CATALINA_BASE: /home/example/twoconsecutive spaces Using CATALINA_HOME: /home/example/twoconsecutive spaces Using CATALINA_TMPDIR: /home/example/twoconsecutive spaces/temp Using JRE_HOME:/home/example/java/jdk1.6 Using CLASSPATH: /home/example/twoconsecutive spaces/bin/bootstrap.jar:/home/example/twoconsecutive spaces/bin/tomcat-juli.jar Exception in thread main java.lang.NoClassDefFoundError: org/apache/catalina/startup/Bootstrap Caused by: java.lang.ClassNotFoundException: org.apache.catalina.startup.Bootstrap at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) Could not find the main class: org.apache.catalina.startup.Bootstrap. Program will exit. Tomcat server can start if server path does not contain consecutive space. Do anyone face to the same issue with me in this case? Have you any suggestion to fix this issue? It is quite important for my deployment. Thanks in advance and best regards, -- TRAN Trung-Thanh - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org