Deployment using directory
Hi all, I am curious if there are any cons to deploying a webapp without using a war file. Our web app has just always traditionally been 'unzipped' as a set of folders within the Tomcat/webapps/ROOT directory. However I have been doing some troubleshooting using procmon.exe from Sysinternals and it appears that tomcat is constantly looking for Root.war file. Not sure if I have something misconfigured or this behavior is just normal? The app will start up but does have some issues with loading all features (takes 2+ hours) . Running Tomcat 8.0.43. Thank you, Brandie Regeneron - Internal This e-mail and any attachment hereto, is intended only for use by the addressee(s) named above and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, any dissemination, distribution or copying of this email, or any attachment hereto, is strictly prohibited. If you receive this email in error please immediately notify me by return electronic mail and permanently delete this email and any attachment hereto, any copy of this e-mail and of any such attachment, and any printout thereof. Finally, please note that only authorized representatives of Regeneron Pharmaceuticals, Inc. have the power and authority to enter into business dealings with any third party.
Re: PersistentManager and ClassNotFoundException
On Fri, May 24, 2024 at 11:23 AM Mark Thomas wrote: > Can you provide the simplest web application (with source) that > replications the problem? > > Mark > > > On 23/05/2024 23:45, Jakub Królikowski wrote: > > Hi, > > > > I'm working with Tomcat 10.1. > > > > When a user starts using the store in my web application, I save the > > ShopCart object on the "cart" session attribute. > > I want the "cart" attributes to return to the session after restarting > the > > app. > > > > > > To enable session persistence I added > > > > > > > > to the Context. It loads the StandardManager. > > > > And this works fine - after reload / restart the object "ShopCart" is > back > > in the session. > > > > > > > > I want to experiment with PersistentManager. Tomcat docs says: " > > The persistence across restarts provided by the *StandardManager* is a > > simpler implementation than that provided by the *PersistentManager*. If > > robust, production quality persistence across restarts is required then > the > > *PersistentManager* should be used with an appropriate configuration. > > > > " > > > > I hope for a Listener of deserialization of the session attributes. > > > > The new Manager configuration looks like this: > > > > > maxActiveSessions="2" saveOnRestart="true"> > > > > > "c:\tomcat10\sessionperm"/> > > > > > > > > But it doesn't work. After restart I get this exception: > > > > > > java.lang.ClassNotFoundException: ShopCart > > > > at > > > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1332) > > > > at > > > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1144) > > > > at java.base/java.lang.Class.forName0(Native Method) > > > > at java.base/java.lang.Class.forName(Class.java:534) > > > > at java.base/java.lang.Class.forName(Class.java:513) > > > > at > > > org.apache.catalina.util.CustomObjectInputStream.resolveClass(CustomObjectInputStream.java:158) > > > > at > > java.base/java.io > .ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:2061) > > > > at > > java.base/java.io > .ObjectInputStream.readClassDesc(ObjectInputStream.java:1927) > > > > at > > java.base/java.io > .ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2252) > > > > at > > java.base/java.io > .ObjectInputStream.readObject0(ObjectInputStream.java:1762) > > > > at > > java.base/java.io > .ObjectInputStream.readObject(ObjectInputStream.java:540) > > > > at > > java.base/java.io > .ObjectInputStream.readObject(ObjectInputStream.java:498) > > > > at > > > org.apache.catalina.session.StandardSession.doReadObject(StandardSession.java:1198) > > > > at > > > org.apache.catalina.session.StandardSession.readObjectData(StandardSession.java:831) > > > > at org.apache.catalina.session.FileStore.load(FileStore.java:203) > > > > at > org.apache.catalina.session.StoreBase.processExpires(StoreBase.java:138) > > > > at > > > org.apache.catalina.session.PersistentManagerBase.processExpires(PersistentManagerBase.java:409) > > > > at > > > org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:587) > > > > at > > > org.apache.catalina.core.StandardContext.backgroundProcess(StandardContext.java:4787) > > > > at > > > org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1172) > > > > at > > > org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1176) > > > > at > > > org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1176) > > > > at > > > org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1154) > > > > at > > > java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:572) > > > > > at > > > java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:358) > > > > at > > > java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) > > > > at > > > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > > > > at > > > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > > > > at > > > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) > > > > at java.base/java.lang.Thread.run(Thread.java:1583) > > > > > > I guess this means that the two managers use ClassLoader differently. > > How to get the PersistentManager to work in this case? > > > > Best regards, > > -- > > Jakub Królikowski > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Hi Mark, It seems to me that this can be tested on any application. In Tomcat 10.1, if any session attribute is an instance of a new public class (unknown to Tomcat and to
Re: PersistentManager and ClassNotFoundException
Can you provide the simplest web application (with source) that replications the problem? Mark On 23/05/2024 23:45, Jakub Królikowski wrote: Hi, I'm working with Tomcat 10.1. When a user starts using the store in my web application, I save the ShopCart object on the "cart" session attribute. I want the "cart" attributes to return to the session after restarting the app. To enable session persistence I added to the Context. It loads the StandardManager. And this works fine - after reload / restart the object "ShopCart" is back in the session. I want to experiment with PersistentManager. Tomcat docs says: " The persistence across restarts provided by the *StandardManager* is a simpler implementation than that provided by the *PersistentManager*. If robust, production quality persistence across restarts is required then the *PersistentManager* should be used with an appropriate configuration. " I hope for a Listener of deserialization of the session attributes. The new Manager configuration looks like this: But it doesn't work. After restart I get this exception: java.lang.ClassNotFoundException: ShopCart at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1332) at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1144) at java.base/java.lang.Class.forName0(Native Method) at java.base/java.lang.Class.forName(Class.java:534) at java.base/java.lang.Class.forName(Class.java:513) at org.apache.catalina.util.CustomObjectInputStream.resolveClass(CustomObjectInputStream.java:158) at java.base/java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:2061) at java.base/java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1927) at java.base/java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2252) at java.base/java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1762) at java.base/java.io.ObjectInputStream.readObject(ObjectInputStream.java:540) at java.base/java.io.ObjectInputStream.readObject(ObjectInputStream.java:498) at org.apache.catalina.session.StandardSession.doReadObject(StandardSession.java:1198) at org.apache.catalina.session.StandardSession.readObjectData(StandardSession.java:831) at org.apache.catalina.session.FileStore.load(FileStore.java:203) at org.apache.catalina.session.StoreBase.processExpires(StoreBase.java:138) at org.apache.catalina.session.PersistentManagerBase.processExpires(PersistentManagerBase.java:409) at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:587) at org.apache.catalina.core.StandardContext.backgroundProcess(StandardContext.java:4787) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1172) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1176) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1176) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1154) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:572) at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:358) at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) at java.base/java.lang.Thread.run(Thread.java:1583) I guess this means that the two managers use ClassLoader differently. How to get the PersistentManager to work in this case? Best regards, -- Jakub Królikowski - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Security Constraints and Session Timeout
On 23/05/2024 17:01, Jerry Malcolm wrote: I have some servlets that I can't put security constraints on at the web.xml level. However, deep down in the code there are some places that I need a user to be logged in. My overall UI ensures this all works by having certain JSPs with constraints that force the user to log in before getting to the servlet. But if the user spends too much time interacting with the servlet and not reloading one of the pages that require a login, the session will timeout, and the user is now buried in one of the servlets, and I've lost the session/userprincipal. It appears that interacting with a servlet that has no constraints does not reset the session timer. Is that correct, or am I seeing it wrong? I know the easy answer would be to add a constraint requiring login to access the servlet. But with the current design, that's not going to work. Is there something I can do in the servlet and/or servlet config in web.xml to force servlet access to keep resetting the session timer so it won't expire without having to put role constraints directly on the servlet? Just calling HttpServletRequest.getSession(false) from the Servlet should be sufficient. Note you can monitor the expiration time for sessions using the Manager application. That might be helpful in testing. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org