回复: 回复: getServerPort always return 80
>> Hi chris, >> >>> I use httpServletRequest.getServerPort() to get the port in my jsp. >>> When the tomcat listen 8080 and nginx listen 80. >>> Nginx has set ‘proxy_set_header Host $http_host’. >> >>> What is the value of $http_host? >> >> The $http_host is ‘externalIP:10001’ (I print it in access_log of >> nginx to make sure that it is a correct valve.) >> I use httpServletRequest.getHeader(“Host”) in java and it can print >> the right value too. But as I know the getServerPort should print the number >> after ‘:’ of ‘Host’ Header. >> So I don’t know what’s the wrong. >> >> And today I found another similar situation. >> The server has a Internet IP and Tomcat listening 8080 and nginx >> listening 81. So there are no port mapping. >> At this time getServerPort() still return 80. >> >>> Then the port 80 mapping to Internet via 10001. >>> Use httpServletRequest.getHeader(“Host”) I can get the correct value of >>> Host header �C “InternetIP:10001”. >>> But httpServletRequest.getServerPort() did not return 10001 and return 80. >>> How could I solve it? >>> Btw, to set proxyPort in connector can not take effect. But proxyName work. >> >>> Have you read about the RemoteIPValve? >> The RemoteIPValve seems to be used for get the real client IP, but I >> just need to get the correct port which client use to visit my website. >> >> Forgive my poor English and I hope you can understand what I say. (^-^) > >Something does not make sense: > >1. You have nginx listening on port 80, proxying to port 11 > >2. You have a Tomcat on port 8080: > connectionTimeout="2" >redirectPort="8443" maxHttpHeaderSize="8192" >maxThreads="4000" minSpareThreads="1000" maxSpareThreads="2000" >enableLookups="false" acceptCount="2000" URIEncoding="UTF-8" >maxPostSize="4194304" /> > >If Tomcat is listening on port 8080, how is nginx reaching it on port 10001? Sorry for my poor English. I re-explain the problem: I mean the nginx listening on port 80 and tomcat listening on 8080. So the visitors in the LAN can use 80 to visit my website. Then the port 80 make a port mapping to port 10001. So the visitors use 10001 to visit my website via internet. At this time the browser send the Host header with value ‘domain:10001’. The nginx print the correct value ‘domain:10001’ in nginx access log. The jsp print the correct value ‘domain:10001’ when I use httpServletRequest.getHeader(“Host”). According to the definition of ‘getServerPort()’, it should return 10001 but now it return 80. What’s more, the port 80 not relate to nginx, just bcz I am using the http protocol. In another server I found one more situation. The server has an internet IP and Tomcat listening 8080 and nginx listening 81. So there are no port mapping. The visitors use ‘http://domain:81’ to visit the website. At this time getServerPort() still return 80. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Jdbc drivers not found on Tomcat 10
I finally resolved this issue. Exclude the pg driver from war, and copy it to tomcat/lib, it works. I remember in the past years, I preferred tomcat for Java Web applications because I did not need to register a Jdbc driver but it is tedious work in Java EE application servers, such as Glassfish, etc. But since Java EE 7, it supports packaging Jdbc drivers into war and register it automatically when deploying the application to the application servers. What happened in the tomcat classloader and war application classloader of Tomcat 10? *Hantsy Bai* Self-employed consultant, fullstack developer, agile coach GitHub: https://github.com/hantsy Twitter: https://twitter.com/@hantsy Medium: https://medium.com/@hantsy On Mon, Jan 3, 2022 at 12:02 PM hantsy bai wrote: > I have tried to update myself Spring 6/Jakarta EE9/Java 17, etc, and > created a simple war application, when deployed to Tomcat 10, failed, due > to the famous *no suitable drivers*. > > I have created a detailed post on stackoverflow: > > > https://stackoverflow.com/questions/70554119/no-suitable-drivers-available-when-deploying-a-spring-6-war-to-tomcat-10 > > Any suggestion is welcome. > Thanks. > > *Hantsy Bai* > > Self-employed consultant, fullstack developer, agile coach > > GitHub: https://github.com/hantsy > > Twitter: https://twitter.com/@hantsy > Medium: https://medium.com/@hantsy >
RE: How to do a catch-all Host?
Christopher: > What is the defaultHost for the ? It is localhost. > ... which means it should already be the default (catch-all) host. > 403 means "unauthorized" which could mean something other than "I can't > find the host". Ahh. Got it. > What are the contents of the pare returned to the web > browser when you get that 403? Pare? I am not sure what you mean, please give me more details on how to get what you want. > With a domain name like "propfinancing", please also make sure to get > the TLS working properly ;) Yes, eventually! Thank you, Neil -- Neil Aggarwal, (972) 834-1565, http://www.propfinancing.com We offer 30 year loans on single family houses! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to do a catch-all Host?
Neil, On 1/5/22 17:27, Neil Aggarwal wrote: Hello all: If I access a simple html file from the command line using lynx: lynx http://127.0.0.1:8080/www/ I get the page and this entry in the localhost_access_log: 0:0:0:0:0:0:0:1 - - [05/Jan/2022:16:21:22 -0600] "GET /www/index.html HTTP/1.0" 200 19 But if I try to do that through the web by visiting http://dev.propfinancing.com/www/index.html I get a Forbidden page. I see this in the localhost_access_log: nn.nnn.nnn.nnn - - [05/Jan/2022:16:21:46 -0600] "GET /www/index.html HTTP/1.1" 403 619 I tried to set my Host tag in server.xml to capture everything: * Any idea what I did wrong? What is the defaultHost for the ? It's usually: ... which means it should already be the default (catch-all) host. 403 means "unauthorized" which could mean something other than "I can't find the host". Note that your (successful) curl command is connecting to host:8080 and your "through the web" URL doesn't have a port number, so it will be using port 80. What are the contents of the pare returned to the web browser when you get that 403? With a domain name like "propfinancing", please also make sure to get the TLS working properly ;) -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to do a catch-all Host?
Hello all: If I access a simple html file from the command line using lynx: lynx http://127.0.0.1:8080/www/ I get the page and this entry in the localhost_access_log: 0:0:0:0:0:0:0:1 - - [05/Jan/2022:16:21:22 -0600] "GET /www/index.html HTTP/1.0" 200 19 But if I try to do that through the web by visiting http://dev.propfinancing.com/www/index.html I get a Forbidden page. I see this in the localhost_access_log: nn.nnn.nnn.nnn - - [05/Jan/2022:16:21:46 -0600] "GET /www/index.html HTTP/1.1" 403 619 I tried to set my Host tag in server.xml to capture everything: * Any idea what I did wrong? Thank you, Neil -- Neil Aggarwal, (972) 834-1565, http://www.propfinancing.com We offer 30 year loans on single family houses! - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: 回复: getServerPort always return 80
王 静凯, On 1/5/22 01:55, 王 静凯 wrote: Hi chris, I use httpServletRequest.getServerPort() to get the port in my jsp. When the tomcat listen 8080 and nginx listen 80. Nginx has set ‘proxy_set_header Host $http_host’. What is the value of $http_host? The $http_host is ‘externalIP:10001’ (I print it in access_log of nginx to make sure that it is a correct valve.) I use httpServletRequest.getHeader(“Host”) in java and it can print the right value too. But as I know the getServerPort should print the number after ‘:’ of ‘Host’ Header. So I don’t know what’s the wrong. And today I found another similar situation. The server has a Internet IP and Tomcat listening 8080 and nginx listening 81. So there are no port mapping. At this time getServerPort() still return 80. Then the port 80 mapping to Internet via 10001. Use httpServletRequest.getHeader(“Host”) I can get the correct value of Host header – “InternetIP:10001”. But httpServletRequest.getServerPort() did not return 10001 and return 80. How could I solve it? Btw, to set proxyPort in connector can not take effect. But proxyName work. Have you read about the RemoteIPValve? The RemoteIPValve seems to be used for get the real client IP, but I just need to get the correct port which client use to visit my website. Forgive my poor English and I hope you can understand what I say. (^-^) Something does not make sense: 1. You have nginx listening on port 80, proxying to port 11 2. You have a Tomcat on port 8080: redirectPort="8443" maxHttpHeaderSize="8192" maxThreads="4000" minSpareThreads="1000" maxSpareThreads="2000" enableLookups="false" acceptCount="2000" URIEncoding="UTF-8" maxPostSize="4194304" /> If Tomcat is listening on port 8080, how is nginx reaching it on port 10001? -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: tomcat 7 slow to deploy web applications on m1 mac
Mark, On 1/4/22 17:50, Mark Thomas wrote: On 04/01/2022 19:23, Robert J. Carr wrote: I've been using tomcat for many years but unfortunately I'm stuck on version 7 (long story). I recently picked up a new workstation, an Apple M1 MacBook (M1 Max - macOS 12.1), and I installed the ARM version of Azul Zulu (1.8.0_312), and by all accounts everything is really fast, as you'd expect. A compile that took about 3.5 minutes on a 2016 x86 MacBook now takes about 50 seconds on ARM. However, deploying web applications (context deploy via web service) is much slower compared to x86. One app used to take about 3-4 seconds and the other near instantaneous are now taking 42 and 11 seconds, respectively, and very consistently. The same is true for tomcat restarts when the custom apps are registered. Without any custom apps tomcat starts in under one second. App reloads are a bit faster than deploy, but still very slow compared to x86. The only thing different I can tell is the workstation (and thus, architecture). I started on Tomcat version 7.0.109 (newest at the time), but reverted to a known working 7.0.76 thinking it might be the issue, but nothing changed, i.e., still noticing the huge delay during deployment, down to the same amount of delay time. The only noticeable issue in the logs is this line: At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. This was also in the x86 logs that I never addressed, so I think it's a red herring; however, when monitoring the logs after a deploy, that is the last line printed before it idles for 10-40 seconds. Also, the application with more jar files is the one that takes longer to start, so I thought I'd investigate. I started by adding this to 'logging.properties' org.apache.jasper.compiler.TldLocationsCache.level = FINE But nothing new was printed, even when setting to FINEST. Researching around, and reading 'catalina.properties', I added all of the jars from the web application to this property: org.apache.catalina.startup.TldConfig.jarsToSkip=... And the TLD warning went away, but the long multi-second pause persisted. Searching around more, I came across this document: https://cwiki.apache.org/confluence/display/TOMCAT/HowTo+FasterStartUp I had already added the entropy fix to my startup script (and I don't see any SecureRandom warnings in the logs): -Djava.security.egd=file:/dev/./urandom So that doesn't appear to be related to my issue. As I said, my config is now exactly the same as it was on x86, so anything new I try from here is just completely guessing. I'm hoping somebody has an idea so I can stop guessing. Please let me know if there's any information that would help, but I tried to provide all of the relevant details I know of. My usual advice is to get a profiler and see what is going on. I use YourKit - primarily because they give me a free license to use for Tomcat development. Other profilers are available. Or, in this case, a few thread dumps would probably provide lots of insight. -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: HTTP2 : WINDOW_UPDATE not sent on stream level
On 05/01/2022 06:14, Arshiya Shariff wrote: Hi Team, On sending 3 requests of around 3KB size , we see that only the first request has processed fine. The other 2 requests are waiting for more Data as tomcat has not responded with WINDOW_UPDATE on stream level . Please help us understand this behavior . Embedded tomcat version : 9.0.56 The initial window size is set to 500, all other params are the tomcat defaults . HTTP2 port : 1080 Client : JMeter I have placed the reproducer , debug logs ,PCAP and JMX where we have tested with version 9.0.56 here : https://drive.google.com/file/d/1u4Sc_7oSB9tdJN8ls9xTMrRqP8IFoACM/view?usp=sharing The same JMX works fine with the overhead values changed to zero. Which indicates the requests you are sending are triggering the excessive overhead protection code. Will we have any side effects on changing the overhead parameters to zero? For Tomcat, generally not since it wasn't vulnerable to the various HTTP/2 DoS attacks that were popular a few years ago. The overhead protection was added primarily as a way to detect and reject clients exhibiting abusive behaviour. Looking at your source code you have set the HTTP/2 initial window size to 500. That is far too low. Since it is lower than the default overhead threshold for data (1024) it means every single DATA frame is going to be classed as abusive. No wonder the connection gets closed down so quickly. If you set the default window size to something sensible - or just leave it as the default - do you still see the issue? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org