from:"Justin"

Re: TLSCertificateReloadListener Detects Expiration But Never Reads New Cert & Key Files

2024-03-18 Thread Justin Y


Hi Mark --

  Ha!  I just ran a test (while you were responding) and made the same 
confirmation:  TLSCertificateReloadListener in 10.1.18 works, 
TLSCertificateReloadListener in 10.1.19 doesn't.


  Thank you!  Happy to confirm 10.1.20 for you; just ask.  And, by the 
way, I've seen 'markt' showing up in those Changelogs for quite some 
time and it's a genuine pleasure to have a conversation with you.  
You've contributed so much to the Tomcat world, and I appreciate what 
you do.


-- Justin

On 3/18/24 3:20 PM, Mark Thomas wrote:

On 18/03/2024 08:21, Mark Thomas wrote:

On 17/03/2024 15:26, Justin Y wrote:

Hi Everyone --

   I've spent a few hours scratching my head and then diving into 
the source code of 10.1.19 to figure out what's going on.


Could you test with 10.1.18? I'm wondering if the user provided 
SSLContext changes in 10.1.19 have triggered a regression.


Never mind. I've just confirmed that those changes did trigger a 
regression. I'll commit a fix shortly and it will be in the next round 
of releases.


Mark




Mark



   I'm using the /TLSCertificateReloadListener/ 
<https://github.com/apache/tomcat/commit/144cb84e1a9777ef63c30f6021b562cc04aa708d> 
to reload files that will be (eventually) managed by Let's Encrypt.


   Although it does detect the expiration and log that things were 
reloaded, the new files are never read and the old cert & key are 
used forever, causing the trigger to reoccur again and again.


   The only way I can get the system to function correctly is if I, 
during debugging in Eclipse with the matching Tomcat source, null 
out the "sslContext" on line 102 of AbstractJsseEndpoint.


   From what I can tell, the SSLHostConfigCertificate objects keep a 
copy of an SSLContext and during the JMX unregister and register the 
same SSLContext is transferred, which never takes in the same files.


   From my limited knowledge, it appears the files will never be 
loaded unless a new instance of SSLContext is created.


   I've tried both APR (OpenSSL) and native JSSE configurations. One 
thing of note - during testing, I'm only using PEM-based cert and 
key files (no CA).


   I have tried writing my own /TLSCertificateReloadListener/ 
<https://github.com/apache/tomcat/commit/144cb84e1a9777ef63c30f6021b562cc04aa708d> 
implementation but have found no clear way to null the SSLContext of 
the (determined expired) SSLHostConfigCertificate objects to allow a 
reload.


   I appreciate any suggestions!

-- Justin



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


--
--

Justin Y 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

TLSCertificateReloadListener Detects Expiration But Never Reads New Cert & Key Files

2024-03-17 Thread Justin Y


Hi Everyone --

  I've spent a few hours scratching my head and then diving into the 
source code of 10.1.19 to figure out what's going on.


  I'm using the /TLSCertificateReloadListener/ 
<https://github.com/apache/tomcat/commit/144cb84e1a9777ef63c30f6021b562cc04aa708d> 
to reload files that will be (eventually) managed by Let's Encrypt.


  Although it does detect the expiration and log that things were 
reloaded, the new files are never read and the old cert & key are used 
forever, causing the trigger to reoccur again and again.


  The only way I can get the system to function correctly is if I, 
during debugging in Eclipse with the matching Tomcat source, null out 
the "sslContext" on line 102 of AbstractJsseEndpoint.


  From what I can tell, the SSLHostConfigCertificate objects keep a 
copy of an SSLContext and during the JMX unregister and register the 
same SSLContext is transferred, which never takes in the same files.


  From my limited knowledge, it appears the files will never be loaded 
unless a new instance of SSLContext is created.


  I've tried both APR (OpenSSL) and native JSSE configurations. One 
thing of note - during testing, I'm only using PEM-based cert and key 
files (no CA).


  I have tried writing my own /TLSCertificateReloadListener/ 
<https://github.com/apache/tomcat/commit/144cb84e1a9777ef63c30f6021b562cc04aa708d> 
implementation but have found no clear way to null the SSLContext of the 
(determined expired) SSLHostConfigCertificate objects to allow a reload.


  I appreciate any suggestions!

-- Justin

--
Justin Yunke

Java 11 - Tomcat 8 - SSL

2018-12-05 Thread Justin Wilke

reNio2Channel.processSNI(SecureNio2Channel.java:381)
at 
org.apache.tomcat.util.net.SecureNio2Channel.handshakeInternal(SecureNio2Channel.java:213)
at 
org.apache.tomcat.util.net.SecureNio2Channel.handshake(SecureNio2Channel.java:204)
at 
org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1605)
at 
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at 
org.apache.tomcat.util.net.AbstractEndpoint.processSocket(AbstractEndpoint.java:803)
at 
org.apache.tomcat.util.net.SecureNio2Channel$HandshakeReadCompletionHandler.completed(SecureNio2Channel.java:98)
at 
org.apache.tomcat.util.net.SecureNio2Channel$HandshakeReadCompletionHandler.completed(SecureNio2Channel.java:91)
at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:127)
at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:219)
at 
java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
at 
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at 
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at 
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)

Chrome displays:

This site can’t provide a secure connection
Unknown macro: {myhost name}

sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

With no code changes – and running on 9.0.13 – with the same SSL config in 
server.xml – I am able to log in fine.

Are there known issues with with tomcat 8, Java 11 and SSL? Is upgrading to 
tomcat 9 necessary?

Please let me know if I can provide any more information

Thanks!
-Justin

Re: Severity of CVE-2016-6816

2017-10-06 Thread Justin

 Great, thank you for answers Mark. Much appreciated!

On Thursday, October 5, 2017, 3:29:04 PM CDT, Mark Thomas 
<ma...@apache.org> wrote:  

 On 05/10/17 20:35, Justin wrote:
> Hi all,
> I'm curious about the severity of CVE-2016-6816 fixed last November.
> http://svn.apache.org/viewvc?view=revision=1767653
> 
> I see that vendors backported this fix (over time).
> http://www.securitytracker.com/id/1037332
> Severity is described as Important, Moderate, CVSS v2 Medium, and CVSS v3 
> High.
> "A remote user can exploit this to spoof content on the target server, 
> attempt to poison any intermediate web caches, or conduct cross-site 
> scripting attacks."
> This sounds pretty serious. If my server is running a vulnerable version of 
> Tomcat, how easy is it to exploit?

I'm not going to go into the details of exactly how to exploit this
issue but the answer to your question is pretty difficult.

1. You need to be running Tomcat behind a reverse proxy of some form.

2. That reverse proxy needs to accept the same invalid requests as
  Tomcat (it should reject them with a 400 response).

3. The attacker needs to be able to either upload arbitrary static
  content which they can then request or formulate a request in such a
  way that arbitrary content is injected into the response.

1 is very common. 2 is possible but I haven't seen any evidence of it
for these particular invalid requests. 3 is (very) unlikely.

Overall, I'd judge the chances of all of these lining up on any given
system as low to very low. It is one of those where the chances of it
happening are low but the impact if it does happen is high. You could
argue rating of Low, Moderate or High for this on Tomcat's scale. It is
very much a judgement call. Where there is uncertainty over the
likelihood then we tend to err on the side of caution.

> Must webapps use cookies as some example exploits have shown?

No.

> "By manipulating the HTTP response the attacker could... obtain sensitive 
> information from requests other then their own." So if trusted users are 
> logging in, untrusted users could obtain passwords? Path or query parameters?

Untrusted users could obtain anything from the response intended for a
trusted user. Passwords are therefore unlikely, as is anything on the
request side unless the application is echoing that data back to the
client. Session cookies are probably the most likely target.

HTH,

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Severity of CVE-2016-6816

2017-10-05 Thread Justin

Hi all,
I'm curious about the severity of CVE-2016-6816 fixed last November.
http://svn.apache.org/viewvc?view=revision=1767653

I see that vendors backported this fix (over time).
http://www.securitytracker.com/id/1037332
Severity is described as Important, Moderate, CVSS v2 Medium, and CVSS v3 High.
"A remote user can exploit this to spoof content on the target server, attempt 
to poison any intermediate web caches, or conduct cross-site scripting attacks."
This sounds pretty serious. If my server is running a vulnerable version of 
Tomcat, how easy is it to exploit? Must webapps use cookies as some example 
exploits have shown? "By manipulating the HTTP response the attacker could... 
obtain sensitive information from requests other then their own." So if trusted 
users are logging in, untrusted users could obtain passwords? Path or query 
parameters?
Thanks, Justin

Character encoding issue in URL

2017-01-24 Thread Justin Dang

Hi, I have a clean install of an older version of Tomcat (8.0.24).  I have
noticed when a character is encoded in the URL, Tomcat fails to return the
URL requested.  I've noted this same request performed in IIS works fine.

Apache Tomcat tests:

Works (No escape) –  http://localhost:8080/examples/delme/íj.pdf

Works (URL encoded) –  http://localhost:8080/examples/delme/%C3%ADj.pdf

Failed (Char encoded) – http://localhost:8080/examples/delme/%EDj.pdf



IIS tests:

Works (No escape)  –  http://localhost:8080/examples/delme/íj.pdf

Works (URL encoded) –  http://localhost:8080/examples/delme/%C3%ADj.pdf

Works (Char encoded) – http://localhost:8080/examples/delme/%EDj.pdf


I've reviewed this wiki page:


https://wiki.apache.org/tomcat/FAQ/CharacterEncoding


And it seems to imply that I shouldn't have to do anything, and the URL
request should return properly.


So my question is, what do I need to configure in Apache Tomcat to handle
the character encoding request like IIS does?

Re: Frequency of Tomcat Native releases

2015-10-04 Thread Justin


| > Did you read the how to build tc-native page?

Your link requires login to Confluence, so I'm not familiar with any of the 
Windows build process other than what I read about APR and what I read in 
native/BUILDING. Seems a login shouldn't be required to read this info.

> do not have a dependency on a specific msvc runtime
I believe MSYS2 MingW64 GCC and clang compilers should both work without 
specific msvcrt:
$ which gcc
/mingw64/bin/gcc
$ gcc --version
gcc.exe (Rev3, Built by MSYS2 project) 5.2.0
$ gcc -m64 main.c
$ ldd a.exe
    ntdll.dll => /c/Windows/SYSTEM32/ntdll.dll (0x7ff8167a)
    KERNEL32.DLL => /c/Windows/system32/KERNEL32.DLL (0x7ff8143f)
    KERNELBASE.dll => /c/Windows/system32/KERNELBASE.dll (0x7ff813c6)
    msvcrt.dll => /c/Windows/system32/msvcrt.dll (0x7ff813f0)
$ clang --version
clang version 3.7.0 (tags/RELEASE_370/final)
$ clang -m64 main.c
$ ldd a.exe
    ntdll.dll => /c/Windows/SYSTEM32/ntdll.dll (0x7ff8167a)
    KERNEL32.DLL => /c/Windows/system32/KERNEL32.DLL (0x7ff8143f)
    KERNELBASE.dll => /c/Windows/system32/KERNELBASE.dll (0x7ff813c6)
    msvcrt.dll => /c/Windows/system32/msvcrt.dll (0x7ff813f0)

> Python is not - and hasnever been as far as I am aware - a dependency
See line 76 of native/buildconf. When I try to 'sh buildconf 
--with-apr=$HOME/apr' per BUILDING: Building from the svn tree, in MSYS2 
(probably not in the documented build process that I can't read), I get:
ImportError: No module named 'ConfigParser'
If all patches have to go through devs, I'm sure one of the devs who has 
updated before can do this in minutes. I don't understand why user mailing list 
should document developer commits and submit patches. 




On Oct 4, 2015, 5:20:19 AM, Mark Thomas wrote:On 03/10/2015 23:51, Justin wrote:
>> - ensure the changelog is up to date
> Looks like r1681506 could be logged.

Patch please.

>> - versions all correct in source
> $ find . -type f -exec grep '-H' '1\.1\.' '{}' \;...
> ./1.1.x/xdocs/index.xml:...TC-Native-1.1.33 released
> ./1.1.x/xdocs/index.xml:... availability of Tomcat Native 1.1.33 Stable.
> ./1.1.x/xdocs/news/2015.xml:... TC-Native-1.1.33 released">

Looks good.

>> - select and document APR & OpenSSL versions
> Please update APR from 1.5.1 to 1.5.2.

Patch please.

> Please update OpenSSL from 1.0.1m to 1.0.2d.

The last release we did we decided it was to early for 1.0.2. I'd be
prepared to move to 1.0.2 now but that needs confirmation on the dev
list. A separate patch for this should be enough to start that discussion.

>> - check everything builds correctly
> You'd get more volunteers if building APR didn't require MSVC 6.0 or however 
> you build .dsw.

Did you read the how to build tc-native page? MSVC is not required.

> In fact, it'd be nice to see many of these projects adopt Gradle and do away 
> with many of these old build tools.

The toolchain used is driven by the desire to produce Windows binaries
that do not have a dependency on a specific msvc runtime. In the past we
have had all sorts of difficulties when the JVM depended on a different
version to Tomcat.

I certainly would not object to anything that made the build process
easier for new people to figure out as long as that does not mean
sacrificing the msvc runtime requirement.

> I tried to build Tomcat Native once from repository and found my version of 
> Python was too new.

I have no idea what you were trying to build but Python is not - and has
never been as far as I am aware - a dependency for any Tomcat build.

> Gradle allows the flexibility of MSVC, GCC, clang.

I have no strong opinion on which build tool is used to simplify the
current process. If you known Gradle and want to produce a patch then go
for it.

Mark


> 
> 
> 
> 
> On Friday, October 2, 2015 5:15 PM, Mark Thomas ma...@apache.org> wrote:
> 
> 
> On 02/10/2015 19:01, Justin wrote:
>> Can we see more frequent releases of Tomcat Native, especially since
>> it statically links OpenSSL on Windows? I was hoping to see a new
>> release included in Tomcat 8.0.27. There have been a number of
>> changes to both Tomcat Native 1.1.x and OpenSSL 1.0.2. 
>> http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/?view=log 
>> https://github.com/openssl/openssl/commits/OpenSSL_1_0_2-stable
> 
> I've done the last few tc-native releases because they reached the point
> where they really needed to happen. tc-native isn't my area of expertise
> so I'd be more than happy to see someone else take this on.
> 
> More frequent releases are certainly possible and very much the way we
> should be aiming to do things as an Apache project. "Release early and
> release often" is the goal.
> 
> What contribution are you (or anyone else

Re: Frequency of Tomcat Native releases

2015-10-03 Thread Justin

> - ensure the changelog is up to date
Looks like r1681506 could be logged.
> - versions all correct in source
$ find . -type f -exec grep '-H' '1\.1\.' '{}' \;...
./1.1.x/xdocs/index.xml:...TC-Native-1.1.33 released
./1.1.x/xdocs/index.xml:... availability of Tomcat Native 1.1.33 Stable.
./1.1.x/xdocs/news/2015.xml:... TC-Native-1.1.33 released">

> - select and document APR & OpenSSL versions
Please update APR from 1.5.1 to 1.5.2. Please update OpenSSL from 1.0.1m to 
1.0.2d.

> - check everything builds correctly
You'd get more volunteers if building APR didn't require MSVC 6.0 or however 
you build .dsw. In fact, it'd be nice to see many of these projects adopt 
Gradle and do away with many of these old build tools. I tried to build Tomcat 
Native once from repository and found my version of Python was too new. Gradle 
allows the flexibility of MSVC, GCC, clang.

 On Friday, October 2, 2015 5:15 PM, Mark Thomas <ma...@apache.org> wrote:

 On 02/10/2015 19:01, Justin wrote:
> Can we see more frequent releases of Tomcat Native, especially since
> it statically links OpenSSL on Windows? I was hoping to see a new
> release included in Tomcat 8.0.27. There have been a number of
> changes to both Tomcat Native 1.1.x and OpenSSL 1.0.2. 
> http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/?view=log 
> https://github.com/openssl/openssl/commits/OpenSSL_1_0_2-stable

I've done the last few tc-native releases because they reached the point
where they really needed to happen. tc-native isn't my area of expertise
so I'd be more than happy to see someone else take this on.

More frequent releases are certainly possible and very much the way we
should be aiming to do things as an Apache project. "Release early and
release often" is the goal.

What contribution are you (or anyone else reading this) willing/able to
make to help this process along?

The tc-native release process is documented (ish) here:
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/jnirelease.sh?view=annotate

and

https://cwiki.apache.org/confluence/display/TOMCAT/Building+the+Tomcat+Native+Connector+binaries+for+Windows

Off the top of my head things that need to be done / checked:

- ensure the changelog is up to date
- versions all correct in source
- select and document APR & OpenSSL versions
- check everything builds correctly

Confirmation that any of the above is ready to go or patches to fix
things if there are gaps will move a release forward.

I can find the time to apply patches and turn the handle on the release
if others can do the work to ensure that svn is in a good state to release.

It is a fairly safe bet that anyone helping out substantially on the
release is going to find themselves with an invitation to become a
Tomcat committer and the RM for the next release.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Frequency of Tomcat Native releases

2015-10-02 Thread Justin

Can we see more frequent releases of Tomcat Native, especially since it 
statically links OpenSSL on Windows? I was hoping to see a new release included 
in Tomcat 8.0.27. There have been a number of changes to both Tomcat Native 
1.1.x and OpenSSL 1.0.2.
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/?view=log
https://github.com/openssl/openssl/commits/OpenSSL_1_0_2-stable

Re: Tomcat 8 reliability/performance on Windows 2008 R2 Server vs. RHEL/CentOS

2015-10-02 Thread Justin

> how one can check logs under win
I'm late to the conversation but can recommend tools that I use: MSYS2 
(msys2.github.io) and WinTail (tailforwindows.org). The former uses pacman as a 
package manager to manage grep, sed, curl, ssh, gcc, clang, and much more and 
does not have the GPL restrictions that Cygwin has. If you're behind a proxy, 
set http_proxy, https_proxy. The latter is a small Windows GUI designed for 
viewing logs. 


 On Friday, October 2, 2015 3:12 PM, Frederik Nosi 
 wrote:
   

 On 10/02/2015 10:10 PM, Frederik Nosi wrote:
> Christopher,
>
> On 10/02/2015 09:40 PM, Christopher Schultz wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>>
>> Frederik,
>>
>> On 10/2/15 12:29 PM, Frederik Nosi wrote:
>>> On 10/02/2015 01:05 PM, David kerber wrote:
 On 10/2/2015 3:47 AM, Mark Thomas wrote:
> On 02/10/2015 00:39, Jason Britton wrote:
>
> 
>
>> And if Mark says there shouldn't be problems, I think that is
>> some implicit guarantee of free support from him ;)
> :)
>
> Bugs with reproducible tests cases are always welcome.
>
>> I have a lot of convenience shell scripts here and there but
>> nothing I couldn't replicate in powershell I imagine.  I
>> would miss grep and find and all the other super useful Linux
>> command line operations.  I'm not sure I've ever been able to
>> successfully search for text in files on a windows machine
>> server or otherwise (except when using notepad++).
> I've had similar problems using the OS provided tools on
> Windows. I've long since switched to this:
>
> http://www.wingrep.com/
>
> and never looked back.
 AstroGrep!  http://astrogrep.sourceforge.net/
>>> Actually tail and other shell commands would be another heavy miss
>>> for me, it was at the times i had to manage stuff on Windows years
>>> ago. I got used to install Cygwin as first step in those times:
>>>
>>> https://www.cygwin.com/
>> There are also the win32 builds of GNU tools, but they all seem to run
>> terribly slowly. I think it's because the standard C API is probably
>> implemented using the win32 API so there's a layer of indirection
>> around a lot of things.
>
> I know i know ... horror stories ...
>>
>> Cygwin is an option, but it's always ... just not the same. It also
>> seems sluggish and things get really bizarre with path names and
>> stuff. Some tools work well with the path insanity and others fail
>> horribly.
>
> I do have to support java applications on unix where you can find inside:
>
> C:\...\Documents\... \Someone
>
> ..
>
> So i know.
>
> Anyway, although slow at least make you actually grep / tail and such. 
> I really cant understand how one can check logs under win, but maybe 
> that's me.

Sorry, i was talking about Cygwin or win32 builds in case it wasn't clear

>
> All this though, has little to do with Window's kernel, it's the 
> userspace that IMHO is not adequate.
>
>
>
>>
>> - -chris
>> -BEGIN PGP SIGNATURE-
>> Comment: GPGTools - http://gpgtools.org
>>
>> iQIcBAEBCAAGBQJWDt2jAAoJEBzwKT+lPKRYJecP/RWW8Al03MskdIKgjNmOgYB2
>> xic7xS+QYHYVeqw9tAdLflxZnkJuCEanU1vuC3vgRhi4MgLYQFmEhY7oH0h55fvT
>> WEtrIQNhLMlbIF1V2NTGMJQwnK+zREWJTIBTbAfoPBfft3+jHlOGFz75qydqYn72
>> EoS2jPQvb9mmMbbf57q0mCAHfeuUSke68tuuzRyBvbo5GjOffwp/7wgAyZuo+KRE
>> 86WFPkrJZ47QirUxJh8D2FxpQE1rBcX5qy41cY2bYhQt/qqOSnzGr08iefBj2+db
>> cBROH3Bc8NGyBsclD3sC5qDlMphthpdEjhYCdFcXUdee4zTbURXWcmmHN74pmWGP
>> AasjPrMArX7OsXn74wX3Q8xwm45JAXFZwqCjar/HUsXp96tPe2lW179NM9QVA2nV
>> wub3dQflJhX80g4ppWH//Hw28Pbr4K3CETcsmsDQHjR0MOinjfbBQQj7ZiWwPEGw
>> Ziub6P73rNQaVdt/OY8DzrcPxfTUIyObH8qGLKoY2CX8/q/FTWiu0FtpuTMOS/Q/
>> L+QUnS6KUCVeJY1jPx+9qu3WcgAuXYa66dbxuqzpiuh+eJ4YA1N3AWX3Hw1lAm9B
>> 5rPH43332hXcu7iJf3c5gZKNdPFq9/2XTGP2Dsjp2w8Lmpn+nBO/fv6+hm12DLac
>> uZdQVFGzkdln3uDuIhKM
>> =amjv
>> -END PGP SIGNATURE-
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Tomcat6+webapps+log4j

2013-01-24 Thread Justin Rosenberg

You might try putting the log4j properties file (or xml) in a shared
loader location.

In catalina.properties add something like this:

shared.loader=${catalina.base}/conf/properties

and then put the properties file there.

~Justin


-Original Message-
From: Tiago Sousa [mailto:tiago-a-so...@ext.ptinovacao.pt] 
Sent: Thursday, January 24, 2013 10:01 AM
To: users@tomcat.apache.org
Subject: Tomcat6+webapps+log4j

Hello to all.

I have tomcat 6 using JULI for logging (logging.properties in conf dir)
plus several webapps using its own log4j.properties.

I need to centralized all the logs so i thought to put a global/shared
log4j.properties in $CATALINA_BASE\lib so that tomcat and each webapp
can be controlled through this file.

The problem i'm facing is that no logs are produced.

At this time i'm trying to configure just TOMCAT, no webapps, to log
through log4j but still no logs are produced. I've folowed the tutorial
in Apache logging webpage with the standard log4j.properties. No logs in
$CATALINA_BASE\logs.

Can you help me saying what mistakes i am doing in this basic
configuration (tomcat and no apps)?

Thanks.

Tiago

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


CONFIDENTIALITY NOTICE:
The information in this message, and any attachment, is intended for the 
sole use of the individual and entity to whom it is addressed. This 
information may be privileged, confidential, and protected from 
disclosure. If you are not the intended recipient you are hereby notified 
that you have received this communication in error and that any review, 
disclosure, dissemination, distribution or copying of it, or its contents, 
is strictly prohibited. If you think that you have received this message 
in error please notify the sender and destroy all copies of this 
communication and any attachments. Thank you.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: JAAS Module Tomcat 7 (Bundling and JNDI Datasource access)

2013-01-24 Thread Justin Rosenberg

I was loading the datasource using Spring

jee:jndi-lookup id=websecurDataSource jndi-name=foo/bar /

In order for it to work it must be

jee:jndi-lookup id=websecurDataSource
jndi-name=java:comp/env/foo/bar /

Also the Realm definition was not correct.  The name of the JAAS class
should be in a jaas.conf file, not in the Realm definition.

Hope that helps someone else running into similar issues.  Thanks
whartung for the help.

~Justin


-Original Message-
From: Justin Rosenberg [mailto:rosenbe...@crlcorp.com] 
Sent: Wednesday, January 23, 2013 7:06 PM
To: users@tomcat.apache.org
Subject: JAAS Module Tomcat 7 (Bundling and JNDI Datasource access)

I'm running into issues accessing a JNDI datasource in a JAAS module.

 

Can I bundle a JAAS module in my war file?  When I try to do this by
defining the Realm in the context.xml of the web application I get a
java.lang.ClassNotFoundException.  The documentation specifies I must
put the module in the lib directory.  Can someone confirm this?

 

When I deploy all the JAAS module and all required dependencies in a
directory listed under common.loader, I run into the following two
issue.

The JAAS module cannot seem to load the JNDI datasource
javax.naming.NameNotFoundException: Name [foo/bar] is not bound in this
Context. Unable to find [foo].

 

Is there a way to expose a JNDI datasource to a JAAS module?

 

Tomcat Version: 7.0.34

 

Datasource is defined in conf/server.xml as:

GlobalNamingResources

Resource auth=Container
name=foo/bar type=javax.sql.DataSource
driverClassName=oracle.jdbc.OracleDriver

 
url=jdbc:oracle:thin:@... username=user password=password /

/GlobalNamingResources

 

The datasource is exposed in conf/context.xml as:

ResourceLink name=foo/bar global=foo/bar
type=javax.sql.DataSource/

 

The JAAS module is defined at either the server.xml or context.xml of
the web application as:

Realm className=com.example.JAASModule
appName=auth-login userClassNames=com.example.SimplePrincipal
roleClassNames=com.example.SimplePrincipal /

 

If defined in the server.xml the server fails to start.  If it's in the
application context.xml it fails when the application tries to load. 

 

Thank you,

Justin

 


CONFIDENTIALITY NOTICE:
The information in this message, and any attachment, is intended for the
sole use of the individual and entity to whom it is addressed. This
information may be privileged, confidential, and protected from
disclosure. If you are not the intended recipient you are hereby
notified that you have received this communication in error and that any
review, disclosure, dissemination, distribution or copying of it, or its
contents, is strictly prohibited. If you think that you have received
this message in error please notify the sender and destroy all copies of
this communication and any attachments. Thank you.

CONFIDENTIALITY NOTICE:
The information in this message, and any attachment, is intended for the 
sole use of the individual and entity to whom it is addressed. This 
information may be privileged, confidential, and protected from 
disclosure. If you are not the intended recipient you are hereby notified 
that you have received this communication in error and that any review, 
disclosure, dissemination, distribution or copying of it, or its contents, 
is strictly prohibited. If you think that you have received this message 
in error please notify the sender and destroy all copies of this 
communication and any attachments. Thank you.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Load properties file from Tomcat directory

2013-01-24 Thread Justin Rosenberg

Is there a to load a properties file that is dropped in the
${catalina.base}/lib directory?

 

When I try the following it returns null:

MyClass.class.getResourceAsStream(PROPERTY_FILE_NAME) 

 

I realize I can do the following, but I don't want the code to be server
specific:

props.load(new File(System.getProperty(catalina.base) + /lib/ +
PROPERTY_FILE_NAME).toURL().openStream());

 

Thanks for the help,

Justin 

 


CONFIDENTIALITY NOTICE:
The information in this message, and any attachment, is intended for the 
sole use of the individual and entity to whom it is addressed. This 
information may be privileged, confidential, and protected from 
disclosure. If you are not the intended recipient you are hereby notified 
that you have received this communication in error and that any review, 
disclosure, dissemination, distribution or copying of it, or its contents, 
is strictly prohibited. If you think that you have received this message 
in error please notify the sender and destroy all copies of this 
communication and any attachments. Thank you.

JAAS Module Tomcat 7 (Bundling and JNDI Datasource access)

2013-01-23 Thread Justin Rosenberg

I'm running into issues accessing a JNDI datasource in a JAAS module.

 

Can I bundle a JAAS module in my war file?  When I try to do this by
defining the Realm in the context.xml of the web application I get a
java.lang.ClassNotFoundException.  The documentation specifies I must
put the module in the lib directory.  Can someone confirm this?

 

When I deploy all the JAAS module and all required dependencies in a
directory listed under common.loader, I run into the following two
issue.

The JAAS module cannot seem to load the JNDI datasource
javax.naming.NameNotFoundException: Name [foo/bar] is not bound in this
Context. Unable to find [foo].

 

Is there a way to expose a JNDI datasource to a JAAS module?

 

Tomcat Version: 7.0.34

 

Datasource is defined in conf/server.xml as:

GlobalNamingResources

Resource auth=Container
name=foo/bar type=javax.sql.DataSource
driverClassName=oracle.jdbc.OracleDriver

 
url=jdbc:oracle:thin:@... username=user password=password /

/GlobalNamingResources

 

The datasource is exposed in conf/context.xml as:

ResourceLink name=foo/bar global=foo/bar
type=javax.sql.DataSource/

 

The JAAS module is defined at either the server.xml or context.xml of
the web application as:

Realm className=com.example.JAASModule
appName=auth-login userClassNames=com.example.SimplePrincipal
roleClassNames=com.example.SimplePrincipal /

 

If defined in the server.xml the server fails to start.  If it's in the
application context.xml it fails when the application tries to load. 

 

Thank you,

Justin

 


CONFIDENTIALITY NOTICE:
The information in this message, and any attachment, is intended for the 
sole use of the individual and entity to whom it is addressed. This 
information may be privileged, confidential, and protected from 
disclosure. If you are not the intended recipient you are hereby notified 
that you have received this communication in error and that any review, 
disclosure, dissemination, distribution or copying of it, or its contents, 
is strictly prohibited. If you think that you have received this message 
in error please notify the sender and destroy all copies of this 
communication and any attachments. Thank you.

Re: Tomcat 7.33 update on Windows

2012-12-12 Thread Justin Larose

Konstantin Kolinko knst.koli...@gmail.com wrote on 12/11/2012 09:12:16 
AM:

 From: Konstantin Kolinko knst.koli...@gmail.com
 To: Tomcat Users List users@tomcat.apache.org
 Date: 12/11/2012 09:12 AM
 Subject: Re: Tomcat 7.33 update on Windows

 2012/12/11 Justin Larose justin.lar...@nexweb.org:
  I just updated Tomcat 7 from version 7.11 to 7.33 on my windows server 
but
  when I goto the URL I am seeing 500 error, Cannot load JDBC driver 
class
  'com.microsoft.sqlserver.jdbc.SQLServerDriver'
  Not sure why. I made a copy of all config directories prior to install 
and
  copied them all to the new Tomcat home. Below is the full stack.

  (...)

  root cause

  java.lang.ClassNotFoundException:
  com.microsoft.sqlserver.jdbc.SQLServerDriver

 What jar contains the above class and whether it is present in your
 installation? I guess you forgot to copy it.

 (It should be placed into Tomcat's lib/ directory).

Thanks for your help Konstantin.
It was missing a sql file in the lib directory. It wasn't there when I 
copied the old Tomcat directory so I had to copy it from another server.

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Tomcat 7.33 update on Windows

2012-12-11 Thread Justin Larose

I just updated Tomcat 7 from version 7.11 to 7.33 on my windows server but 
when I goto the URL I am seeing 500 error, Cannot load JDBC driver class 
'com.microsoft.sqlserver.jdbc.SQLServerDriver'
Not sure why. I made a copy of all config directories prior to install and 
copied them all to the new Tomcat home. Below is the full stack.

_

HTTP Status 500 - javax.servlet.ServletException: 
org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot load JDBC driver 
class 'com.microsoft.sqlserver.jdbc.SQLServerDriver'



type Exception report

message javax.servlet.ServletException: 
org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot load JDBC driver 
class 'com.microsoft.sqlserver.jdbc.SQLServerDriver'

description The server encountered an internal error that prevented it 
from fulfilling this request.

exception 

org.apache.jasper.JasperException: javax.servlet.ServletException: 
org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot load JDBC driver 
class 'com.microsoft.sqlserver.jdbc.SQLServerDriver'
 
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:549)
 
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:455)
 org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)


root cause 

javax.servlet.ServletException: 
org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot load JDBC driver 
class 'com.microsoft.sqlserver.jdbc.SQLServerDriver'
 
org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:912)
 
org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:841)
org.apache.jsp.index_jsp._jspService(index_jsp.java:286)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
 
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
 org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)


root cause 

org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot load JDBC driver 
class 'com.microsoft.sqlserver.jdbc.SQLServerDriver'
 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createConnectionFactory(BasicDataSource.java:1429)
 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1371)
 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
 com.compasseng.jsp.client.cors.Scanner.getScanners(Scanner.java:156)
org.apache.jsp.index_jsp._jspService(index_jsp.java:151)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
 
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
 org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)


root cause 

java.lang.ClassNotFoundException: 
com.microsoft.sqlserver.jdbc.SQLServerDriver
 
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1714)
 
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1559)
 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createConnectionFactory(BasicDataSource.java:1420)
 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1371)
 
org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
 com.compasseng.jsp.client.cors.Scanner.getScanners(Scanner.java:156)
org.apache.jsp.index_jsp._jspService(index_jsp.java:151)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
 
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
 org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)


note The full stack trace of the root cause is available in the Apache 
Tomcat/7.0.33 logs.




Apache Tomcat/7.0.33

Thanks,
Justin
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service

RE: Configure SSL under Tomcat 7

2012-03-19 Thread Justin Larose

ayouB __ ayb-2...@hotmail.fr wrote on 03/19/2012 01:00:59 PM:

 From: ayouB __ ayb-2...@hotmail.fr
 To: users@tomcat.apache.org
 Date: 03/19/2012 01:01 PM
 Subject: RE: Configure SSL under Tomcat 7
 
 Still not working !!
 I downloaded Apache Tomcat 7.0.26 (again), i added the 
 tcnative-1.dll in my : apache-tomcat-7.0.26\bin, i created a 
 keystore file with this command :
 keytool -genkeypair -alias tomcat -keyalg RSA -keystore C:\mykeystore
 i put the file named mykeystore in my : apache-tomcat-7.0.26\conf
 i modified my Tomcat's server.xml to be able to support HTTPS as it 
 has been said in apache tomcat's documentation from the official 
 website and as it had been said in the e-book : Apache Tomcat 7 
 (Aleska Vukotic and James Goodwill) in the chapter 7 : Securing 
 tomcat with SSL ! (Step by step)
 Here's my conf/server.xml :
 
===server.xml=
 ?xml version='1.0' encoding='utf-8'?
 !--
 Licensed to the Apache Software Foundation (ASF) under one or more
 contributor license agreements.  See the NOTICE file distributed with
 this work for additional information regarding copyright ownership.
 The ASF licenses this file to You under the Apache License, Version 2.0
 (the License); you may not use this file except in compliance with
 the License.  You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an AS IS BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 --
 !-- Note:  A Server is not itself a Container, so you may not
 define subcomponents such as Valves at this level.
 Documentation at /docs/config/server.html
 --
 Server port=8005 shutdown=SHUTDOWN
 !-- Security listener. Documentation at /docs/config/listeners.html
 Listener className=org.apache.catalina.security.SecurityListener /
 --
 !--APR library loader. Documentation at /docs/apr.html --
 Listener className=org.apache.catalina.core.AprLifecycleListener 
 SSLEngine=on /
 !--Initialize Jasper prior to webapps are loaded. Documentation at 
 /docs/jasper-howto.html --
 Listener className=org.apache.catalina.core.JasperListener /
 !-- Prevent memory leaks due to use of particular java/javax APIs--
 Listener 
 className=org.apache.catalina.core.JreMemoryLeakPreventionListener /
 Listener 
 className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener 
/
 Listener 
 className=org.apache.catalina.core.ThreadLocalLeakPreventionListener 
/
 !-- Global JNDI resources
 Documentation at /docs/jndi-resources-howto.html
 --
 GlobalNamingResources
 !-- Editable user database that can also be used by
 UserDatabaseRealm to authenticate users
 --
 Resource name=UserDatabase auth=Container
 type=org.apache.catalina.UserDatabase
 description=User database that can be updated and saved
 factory=org.apache.catalina.users.MemoryUserDatabaseFactory
 pathname=conf/tomcat-users.xml /
 /GlobalNamingResources
 !-- A Service is a collection of one or more Connectors that share
 a single Container Note:  A Service is not itself a Container,
 so you may not define subcomponents such as Valves at this level.
 Documentation at /docs/config/service.html
 --
 Service name=Catalina
 !--The connectors can use a shared executor, you can define one or 
 more named thread pools--
 !--
 Executor name=tomcatThreadPool namePrefix=catalina-exec-
 maxThreads=150 minSpareThreads=4/
 --
 
 !-- A Connector represents an endpoint by which requests are received
 and responses are returned. Documentation at :
 Java HTTP Connector: /docs/config/http.html (blocking  non-blocking)
 Java AJP  Connector: /docs/config/ajp.html
 APR (HTTP/AJP) Connector: /docs/apr.html
 Define a non-SSL HTTP/1.1 Connector on port 8080
 --
 Connector port=8080 protocol=HTTP/1.1
 connectionTimeout=2
 redirectPort=8443 /
 !-- A Connector using the shared thread pool--
 !--
 Connector executor=tomcatThreadPool
 port=8080 protocol=HTTP/1.1
 connectionTimeout=2
 redirectPort=8443 /
 --
 !-- Define a SSL HTTP/1.1 Connector on port 8443
 This connector uses the JSSE configuration, when using APR, the
 connector should be using the OpenSSL style configuration
 described in the APR documentation --
 
 Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
 scheme=https secure=true clientAuth=false
 sslProtocol=TLS keystoreFile=mykeystore keystorePass=changeit
 keyAlias=tomcat keyPass=changeit/

This part looks wrong to me. Is your keystore under /conf or in the tomcat 
home?
If its under /conf try this:

Connector SSLEnabled=true clientAuth=false keyAlias=tomcat 
keystoreFile=conf/mykeystore.jks keystorePass=changeit port=8443 
scheme=https secure=true sslProtocol=TLS/

 !-- Define an AJP 1.3 Connector on port 8009 --
 Connector port=8009 protocol=AJP/1.3

RE: Cannot rid of expired Certificate ...

2012-01-20 Thread Justin Larose

 From: Andrew Erskine a.ersk...@darasoft.com
 To: Tomcat Users List users@tomcat.apache.org
 Date: 01/20/2012 06:05 AM
 Subject: RE: Cannot rid of expired Certificate ...

 -Original Message-
 From: Pid [mailto:p...@pidster.com]
 Sent: 20 January 2012 11:00
 To: Tomcat Users List
 Subject: Re: Cannot rid of expired Certificate ...
 On 20/01/2012 10:52, Andrew Erskine wrote:
  So how do I do that .. I'm only replying to questions ..
 S0, scroll down a bit...
  On 20 Jan 2012, at 10:51, André Warnier a...@ice-sa.com wrote:
 ... and reply below
  Top post is like this : when I reply to a message, at the top 
 of the message.
  It makes it much harder to follow the logic flow of a conversation.

  Andrew Erskine wrote:
  Top post ?
 ... each point.

 p

  Win2003svr

  Yes correct store .. the only one I've been using .. did try and
 clear the cache on firefox will try ie

  Answering below the question is much clearer.

  like this ? .. aha

Andrew,

When you hit the reply button use the option that says Reply with 
Internet-Style history. That will add the 's to all the previous 
comments and then you comment under each relevant one. =)

- Justin

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Error: Unable to compile class for JSP

2012-01-11 Thread Justin Larose

Well now that I got the certificate setup and users login to the 
application they are not seeing all content...
When they login to the application (Tomcat version 7.0.23) they get the 
error below in the initial splash window. (there should be a menu instead)

If I switch back to the Tomcat 6.0 version it runs fine. I checked the 
.jps files and are identical between the version 6 and version 7 
application.

___

Jan 11, 2012 8:28:23 AM org.apache.catalina.core.ApplicationDispatcher 
invoke
SEVERE: Servlet.service() for servlet jsp threw exception
org.apache.jasper.JasperException: Unable to compile class for JSP: 

An error occurred at line: 230 in the jsp file: /object_table.jsp
The type Part is ambiguous
227:{
228: //do nothing here - we don't want the filter to be displayed 
for lifecycles
229: }
230: else if (objType.equals(Part.class))
231: {
232:ObjectTablePagelet.addButton(Pagelet.EDIT_BUTTON, 
edit_design_part_master, BarAdapterItem.MODE_ENABLE_ON_ONE, Edit Design 
Part, 530, 550);
233: }

Thanks,
Justin LaRose
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: Error: Unable to compile class for JSP

2012-01-11 Thread Justin Larose

  An error occurred at line: 230 in the jsp file: /object_table.jsp
  The type Part is ambiguous
  227:{
  228: //do nothing here - we don't want the filter to be 
displayed
  for lifecycles
  229: }
  230: else if (objType.equals(Part.class))
  231: {

 Have you imported more than one Part.class by accident, via a wildcard
 import perhaps?

I did not import any classes. I installed Tomcat 7 in a different 
directory and copied all the webapp directories to the new location.

- Justin
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: Error: Unable to compile class for JSP

2012-01-11 Thread Justin Larose

ma...@apache.org wrote on 01/11/2012 01:19:17 PM:

 From: ma...@apache.org
 To: Tomcat Users List users@tomcat.apache.org
 Date: 01/11/2012 01:20 PM
 Subject: Re: Error: Unable to compile class for JSP

 Justin Larose justin.lar...@nexweb.org wrote:

   An error occurred at line: 230 in the jsp file: /object_table.jsp
   The type Part is ambiguous
   227:{
   228: //do nothing here - we don't want the filter to be
 displayed
   for lifecycles
   229: }
   230: else if (objType.equals(Part.class))
   231: {

  Have you imported more than one Part.class by accident, via a
 wildcard
  import perhaps?

 I did not import any classes.

 You must have at least one import to resolve the class Part. Since 
 I'm pretty sure a class with that name was added in servlet 3, 
 wildcard imports are very likely the problem.

I downgraded the Tomcat to Version 6.0.35 and looks to be working 
correctly now.
Maybe Serena Dimensions cannot work with that higher version of Tomcat 
(version 7.0.23)? 

The only files I copied over from the 6.0 version to the 6.0.35 version 
were the webapps directory the web.xml file and the server.xml file.
The only difference in the server.xml file between the 2 versions is this:

Listener className=org.apache.catalina.mbeans.ServerLifecycleListener 
/
 Listener className=org.apache.catalina.core.AprLifecycleListener 
SSLEngine=on /

- Thanks, Justin
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: SSL Configuration Errors

2012-01-10 Thread Justin Larose

Ognjen,

 You must use the same keystore and same alias when you:

 1. generate key,
 2. generate csr,
 3. import certificate.
 
 Example:
 keytool -genkey ... -keystore xxx.jks -alias yyy
 keytool -certreq ... -keystore xxx.jks -alias yyy
 and later
 keytool -import -trustcacerts ... -keystore xxx.jks -alias yyy
 
 Same keystore, same alias in all three invocations of keytool.

I took screenshots of my actions in doing these steps above. The only 
problem I see is when I created the keystore at first I named it 
wcmdev.keystore and now it seems to be named wcmdev.jks . So I have 
deleted all keystores and will start from scratch again.

Here is what I have entered for creating keystore and CSR request:

C:\Program Filescd %JAVA_HOME%

C:\Program Files\Java\jre6cd bin

C:\Program Files\Java\jre6\binkeytool -genkey -alias tomcat -keyalg RSA 
-keysize 2048 -keystore wcmdev.jks
(I deleted this section)
Enter key password for tomcat
(RETURN if same as keystore password):
Re-enter new password:
C:\Program Files\Java\jre6\binkeytool -certreq -keyalg RSA -alias tomcat 
-file wcmdev.csr -keystore wcmdev.jks
Enter keystore password:

When I get the new certificate should I only import the certificate? Or do 
I need to import the intermediate and root certificate first?

Thanks,
Justin

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: SSL Configuration Errors -- Resolved

2012-01-10 Thread Justin Larose

All,

  This seems to be the problem. How do I set my imported cert as a key
  entry or get Tomcat to read it as a CertEntry?
 You must use the same keystore and same alias when you:
 1. generate key,
 2. generate csr,
 3. import certificate.
 
 Example:
 keytool -genkey ... -keystore xxx.jks -alias yyy
 keytool -certreq ... -keystore xxx.jks -alias yyy
 and later
 keytool -import -trustcacerts ... -keystore xxx.jks -alias yyy
 
 Same keystore, same alias in all three invocations of keytool.
 

Thanks for the help everyone. After recreating the .jks and resubmitting 
the csr all with alias tomcat then importing the root, intermediate and 
new certificate
I was able to access the application.

-- Justin

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: SSL Configuration Errors

2012-01-09 Thread Justin Larose

Christopher Schultz ch...@christopherschultz.net wrote on 01/06/2012 
05:20:12 PM:

 From: Christopher Schultz ch...@christopherschultz.net
 To: Tomcat Users List users@tomcat.apache.org
 Date: 01/06/2012 05:20 PM
 Subject: Re: SSL Configuration Errors

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Justin,

 On 1/6/12 2:56 PM, Justin Larose wrote:
  This Tomcat environment was setup long before I worked here, so I
  am just upgrading from an older version to 7.0.23 and trying to not
  use a self signed certificate.

 It's important for you to know if your app actually requires client
 authentication. Since your Connector says clientAuth=true, it
 means that all clients must present a valid certificate in order to
 connect.

I actually removed the clientAuth=true statement and I can still access 
the application with the self signed cert.
I have asked the application developers if this is required.

  I can get the sample-ssl.jks to work with the below connector port
  information. But when I edit the connector ports to add the new
  wcmdev-ssl.jks and imported Certificate(s) I received from the
  CSR I get the error, java.io.IOException: Alias name tomcat does
  not identify a key entry

 What do you get if you run this command:

 $ keytool -list -keystore conf/sample-ssl.jks

I cannot run the keytool command from the Tomcat home directory. What I 
have been doing is making a copy of the .jks and dropping them into the 
java home/bin directory and running the keytool -list from there. But here 
is what it looks like from java_home

  Weird because it is an alias. Is it looking for tomcat as the
  actual entry name or alias?

 Your certificate needs to have the alias tomcat.

I did import my cert with the alias tomcat. You can see that in the 
screenshot here:

  It seems like it is not reading the keystore properly. Should I
  just create a new CSR from the sample-ssl.jks keystore?

 That shouldn't be necessary. You may have to re-import your
 certificate, though.

I have used the keytool to delete all 3 certs (root, intermediate and 
primary) and readd them many times. I even just tried only the Primary 
cert with the alias tomcat as the only cert. But the log shows same error:

SEVERE: Failed to initialize end point associated with ProtocolHandler 
[http-bio-8443]
java.io.IOException: Alias name tomcat does not identify a key entry

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
 Comment: GPGTools - http://gpgtools.org
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAk8Hc5wACgkQ9CaO5/Lv0PC9LwCcDOxPQ9G8PY6WQAcUq/6zDvjR
 CU4AoLsvEq++7v0Ml5+A+XjRPilsKA9p
 =6XzB
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: SSL Configuration Errors

2012-01-09 Thread Justin Larose

Chris,

 This list strips non-text attachments.

I will sent it in text format next time.

  I have used the keytool to delete all 3 certs (root, intermediate
  and primary) and readd them many times. I even just tried only the
  Primary cert with the alias tomcat as the only cert. But the log
  shows same error:
 
  SEVERE: Failed to initialize end point associated with
  ProtocolHandler [http-bio-8443] java.io.IOException: Alias name
  tomcat does not identify a key entry

 When you created your key to create the CSR, did you use tomcat as
 the alias for *that* as well?

 Looks like it can't find a *key*, not a *cert*.

I was just looking at that. When I had the 2 list entries and the error 
log side by side I noticed the error says, Alias name tomcat does not 
identify a key entry
And when I look at the self signed cert it is listed as a 
PrivateKeyEntry but on my imported cert it is listed as a 
trustedCertEntry

This seems to be the problem. How do I set my imported cert as a key 
entry or get Tomcat to read it as a CertEntry?

Thanks,
Justin
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: SSL Configuration Errors

2012-01-06 Thread Justin Larose

Pid p...@pidster.com wrote on 01/06/2012 04:30:30 AM:

 From: Pid p...@pidster.com
 To: Tomcat Users List users@tomcat.apache.org
 Date: 01/06/2012 04:31 AM
 Subject: Re: SSL Configuration Errors

   Connector port=18080 protocol=HTTP/1.1
  connectionTimeout=2
  redirectPort=8443 /

Connector

 Are you actually using Client auth?

This Tomcat environment was setup long before I worked here, so I am just 
upgrading from an older version to 7.0.23 and trying to not use a self 
signed certificate.

  clientAuth=true port=8443 minSpareThreads=5 
maxSpareThreads=75
  enableLookups=true disableUploadTimeout=true
  acceptCount=100 maxThreads=200
  scheme=https secure=true SSLEnabled=true
  keystoreFile=F:\Serena\Dimensions 2009 R2\Common Tools\Tomcat
  7.0\conf\wcmdev-ssl.jks
  keystoreType=JKS keystorePass=**

 keystoreType has the default, you can remove it.
 I don't like the look of those paths, this is neater:
 keystoreFile=${catalina.base}\conf\wcmdev-ssl.jks

  truststoreFile=F:\Serena\Dimensions 2009 R2\Common Tools\Tomcat
  7.0\conf\wcmdev-ssl.jks

 truststoreType has the default, you can remove it.

  truststoreType=JKS truststorePass=**
  SSLVerifyClient=require SSLEngine=on SSLVerifyDepth=2
  sslProtocol=TLS /

 sslProtocol is also the default, you can remove it.

Removed.

  Connector port=8409 protocol=AJP/1.3 redirectPort=8443 /

 Are you actually using the AJP connector?

Removed.

 Can you remove all of the client auth config and just configure the
 keystore alone, first to try to get the SSL working?

Removed.

 Did you follow the steps here?

 http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html

Yes.
I can get the sample-ssl.jks to work with the below connector port 
information. But when I edit the connector ports to add the new 
wcmdev-ssl.jks and imported
Certificate(s) I received from the CSR I get the error, 
java.io.IOException: Alias name tomcat does not identify a key entry

Weird because it is an alias. Is it looking for tomcat as the actual entry 
name or alias?

It seems like it is not reading the keystore properly. Should I just 
create a new CSR from the sample-ssl.jks keystore?

Here is the connector info for the sample-ssl.jks that works. 

Service name=Catalina

Connector port=18080 protocol=HTTP/1.1 
connectionTimeout=2 redirectPort=8443/

Connector port=8443 SSLEnabled=true scheme=https 
secure=true
maxHttpHeaderSize=8192 maxThreads=150 
minSpareThreads=25 maxSpareThreads=75
enableLookups=false disableUploadTimeout=true 
acceptCount=100 strategy=ms
keystoreFile=conf/sample-ssl.jks keystorePass=*** 
keyAlias=tomcat
truststoreFile=conf/sample-ssl.jks truststorePass=***/

Connector port=8543 SSLEnabled=true scheme=https 
secure=true
maxHttpHeaderSize=8192 maxThreads=150 
minSpareThreads=25 maxSpareThreads=75
enableLookups=false disableUploadTimeout=true 
acceptCount=100 strategy=ms
keystoreFile=conf/sample-ssl.jks keystorePass=*** 
keyAlias=tomcat
truststoreFile=conf/sample-ssl.jks 
truststorePass=***/

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: SSL Configuration Errors

2012-01-05 Thread Justin Larose

Sorry. Comments removed.

___

?xml version='1.0' encoding='utf-8'?
Server port=8405 shutdown=SHUTDOWN
   Listener className=org.apache.catalina.core.JasperListener /
   Listener 
className=org.apache.catalina.core.JreMemoryLeakPreventionListener /
   Listener 
className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener /
   Listener 
className=org.apache.catalina.core.ThreadLocalLeakPreventionListener /

   GlobalNamingResources
 Resource name=UserDatabase auth=Container
   type=org.apache.catalina.UserDatabase
   description=User database that can be updated and saved
  factory=org.apache.catalina.users.MemoryUserDatabaseFactory
   pathname=conf/tomcat-users.xml /
   /GlobalNamingResources

   Service name=Catalina

 Connector port=18080 protocol=HTTP/1.1
connectionTimeout=2
redirectPort=8443 /

  Connector
clientAuth=true port=8443 minSpareThreads=5 maxSpareThreads=75
enableLookups=true disableUploadTimeout=true
acceptCount=100 maxThreads=200
scheme=https secure=true SSLEnabled=true
keystoreFile=F:\Serena\Dimensions 2009 R2\Common Tools\Tomcat 
7.0\conf\wcmdev-ssl.jks
keystoreType=JKS keystorePass=**
truststoreFile=F:\Serena\Dimensions 2009 R2\Common Tools\Tomcat 
7.0\conf\wcmdev-ssl.jks
truststoreType=JKS truststorePass=**
SSLVerifyClient=require SSLEngine=on SSLVerifyDepth=2 
sslProtocol=TLS /

Connector port=8409 protocol=AJP/1.3 redirectPort=8443 /


Engine name=Catalina defaultHost=localhost

Realm className=org.apache.catalina.realm.LockOutRealm
 Realm className=org.apache.catalina.realm.UserDatabaseRealm
resourceName=UserDatabase/
   /Realm

   Host name=localhost  appBase=webapps
 unpackWARs=true autoDeploy=true

 Valve className=org.apache.catalina.valves.AccessLogValve 
directory=logs
prefix=localhost_access_log. suffix=.txt
pattern=%h %l %u %t quot;%rquot; %s %b 
resolveHosts=false/

   /Host
 /Engine
   /Service
 /Server


Thanks,
Justin LaRose




From:   Pid p...@pidster.com
To: Tomcat Users List users@tomcat.apache.org
Date:   01/04/2012 03:29 PM
Subject:Re: SSL Configuration Errors


On 04/01/2012 19:33, Justin Larose wrote:
 Hello Group,

 I am seeing this error when starting Tomcat 7 on Windows.

 SEVERE: Failed to initialize end point associated with ProtocolHandler
 [http-bio-8443]
 java.io.IOException: SSL configuration is invalid due to No available
 certificate or key corresponds to the SSL cipher suites which are 
enabled.

 I have 3 certs in the keystore 1 root, 1 intermediate and the one 
received
 from the csr. I also confirmed they are pointing to the correct place 
and
 I can see them if I do a
 keytool -list -v -keystore keystore.jks -alias mydomain

 I have attached my server.xml below. Anyone know where to start?

By removing the comments?


p

 ___

 ?xml version='1.0' encoding='utf-8'?
 Server port=8405 shutdown=SHUTDOWN
   !-- Security listener. Documentation at /docs/config/listeners.html
   Listener className=org.apache.catalina.security.SecurityListener /
   --
   !--APR library loader. Documentation at /docs/apr.html --
   !-- Listener 
className=org.apache.catalina.core.AprLifecycleListener
 SSLEngine=on / --
   !--Initialize Jasper prior to webapps are loaded. Documentation at
 /docs/jasper-howto.html --
   Listener className=org.apache.catalina.core.JasperListener /
   !-- Prevent memory leaks due to use of particular java/javax APIs--
   Listener
 className=org.apache.catalina.core.JreMemoryLeakPreventionListener /
   Listener
 className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener 
/
   Listener
 className=org.apache.catalina.core.ThreadLocalLeakPreventionListener 
/

   !-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
   --
   GlobalNamingResources
 !-- Editable user database that can also be used by
  UserDatabaseRealm to authenticate users
 --
 Resource name=UserDatabase auth=Container
   type=org.apache.catalina.UserDatabase
   description=User database that can be updated and saved
  factory=org.apache.catalina.users.MemoryUserDatabaseFactory
   pathname=conf/tomcat-users.xml /
   /GlobalNamingResources

   !-- A Service is a collection of one or more Connectors that 
share
a single Container Note:  A Service is not itself a
 Container,
so you may not define subcomponents such as Valves at this 
level.
Documentation at /docs/config/service.html
--
   Service name=Catalina

 !--The connectors can use a shared executor, you can define one or
 more named thread pools--
 !--
 Executor name=tomcatThreadPool namePrefix=catalina-exec-
 maxThreads=150 minSpareThreads=4/
 --


 !-- A Connector represents an endpoint by which requests

SSL Configuration Errors

2012-01-04 Thread Justin Larose

 documentation) --
  !--
  Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster/
  -- 

  !-- Use the LockOutRealm to prevent attempts to guess user 
passwords
   via a brute-force attack --
  Realm className=org.apache.catalina.realm.LockOutRealm
!-- This Realm uses the UserDatabase configured in the global 
JNDI
 resources under the key UserDatabase.  Any edits
 that are performed against this UserDatabase are immediately
 available for use by the Realm.  --
Realm className=org.apache.catalina.realm.UserDatabaseRealm
   resourceName=UserDatabase/
  /Realm

  Host name=localhost  appBase=webapps
unpackWARs=true autoDeploy=true

!-- SingleSignOn valve, share authentication between web 
applications
 Documentation at: /docs/config/valve.html --
!--
Valve className=org.apache.catalina.authenticator.SingleSignOn 
/
--

!-- Access log processes all example.
 Documentation at: /docs/config/valve.html
 Note: The pattern used is equivalent to using 
pattern=common --
Valve className=org.apache.catalina.valves.AccessLogValve 
directory=logs 
   prefix=localhost_access_log. suffix=.txt
   pattern=%h %l %u %t quot;%rquot; %s %b 
resolveHosts=false/

  /Host
/Engine
  /Service
/Server


Thanks,
Justin LaRose
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: Tomcat crashes after startup

2011-12-13 Thread Justin Larose

Chris,

You need to have a key in your keystore with the alias tomcat as well.
If you have been following 
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration,
you have either missed or misinterpreted a step.

I actually followed the document here: 
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
because I am using Tomcat 6.
I also did import the cert with the alias tomcat (see screenshot below). 
Is there an order in which to import the certs? I imported the server cert 
first, then the CA, then the root cert.

I would advise against using the same keystore for both the keystore 
and the truststore. The trust store is only used for validating
client certificates and, IMO, should be kept separate from the 
certificates you use for the web service itself.

These config settings were in place long before I worked here... I was 
just copying the info from the old server.xml and adding in the new 
keystore info. If we do not
Use any client certs can I remove the truststore line?



Thanks,
Justin
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: Tomcat crashes after startup

2011-12-13 Thread Justin Larose

Chris,

Here is the first few lines of the output.. I don't think I want to copy 
my entire cert here.

___

F:\Serena\Dimensions 2009 R2\Common Tools\jre\6.0\binkeytool -list -v 
-keystore wcmdev-ssl.jks -alias tomcat
Enter keystore password:
Alias name: tomcat
Creation date: Nov 10, 2011
Entry type: trustedCertEntry

Owner: CN=wcmdev.nexweb.us, OU=USN, OU=PKI, OU=DoD, O=U.S. Government, 
C=US



Thanks,
Justin LaRose
Database  Web Services Administrator
NEXCOM
(757) 631-3443
justin.lar...@nexweb.org



From:   Christopher Schultz ch...@christopherschultz.net
To: Tomcat Users List users@tomcat.apache.org
Date:   12/13/2011 03:08 PM
Subject:Re: Tomcat crashes after startup


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Justin,

On 12/13/11 8:35 AM, Justin Larose wrote:
 I actually followed the document here:
 http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html because I am
 using Tomcat 6.

Okay. You just hadn't mentioned that (version) before.

 I also did import the cert with the alias tomcat (see screenshot
 below). Is there an order in which to import the certs? I imported
 the server cert first, then the CA, then the root cert.

Your screenshot has been suppressed from the list. Instead, can you
post a text copy/paste for a keytool -list?

 I would advise against using the same keystore for both the
 keystore and the truststore. The trust store is only used for
 validating client certificates and, IMO, should be kept separate
 from the certificates you use for the web service itself.

 These config settings were in place long before I worked here... I
 was just copying the info from the old server.xml and adding in the
 new keystore info. If we do not Use any client certs can I remove
 the truststore line?

Almost certainly. You probably want to fix one problem at a time,
though. :)

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7nsIkACgkQ9CaO5/Lv0PD1EgCeNlYJ1udAFvbU4LGOw0lAxrKc
s/0An3XMoGo1WCkYjRe7OhJ9gkdj1GlK
=ANqY
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat crashes after startup

2011-12-12 Thread Justin Larose

/1.0/

Engine defaultHost=localhost name=Catalina
!-- This Realm uses the UserDatabase configured in the global JNDI
   resources under the key UserDatabase.  Any edits
   that are performed against this UserDatabase are immediately
   available for use by the Realm.  --
  Realm className=org.apache.catalina.realm.UserDatabaseRealm
 resourceName=UserDatabase/
  Host appBase=webapps autoDeploy=true name=localhost 
unpackWARs=true xmlNamespaceAware=false xmlValidation=false/
/Engine

/Service
/Server








Thanks,
Justin

**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: Tomcat crashes after startup

2011-12-12 Thread Justin Larose

=true enableLookups=false keyAlias=tomcat 
keystoreFile=conf/wcmdev-ssl.jks keystorePass= 
maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150 
minSpareThreads=25port=8443 scheme=https secure=true 
sslProtocol=TLS strategy=ms truststoreFile=conf/wcmdev-ssl.jks 
truststorePass=/

Connector SSLEnabled=true acceptCount=100 clientAuth=true 
disableUploadTimeout=true enableLookups=false keyAlias=tomcat 
keystoreFile=conf/wcmdev-ssl.jks keystorePass= 
maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150 
minSpareThreads=25port=8543 scheme=https secure=true 
sslProtocol=TLS strategy=ms truststoreFile=conf/wcmdev-ssl.jks 
truststorePass=/

!-- Define an AJP 1.3 Connector on port 8409. --
 
Connector port=8409 protocol=AJP/1.3 redirectPort=8443 
server=Unknown Web Server/1.0/

Engine defaultHost=localhost name=Catalina
!-- This Realm uses the UserDatabase configured in the global 
JNDI
   resources under the key UserDatabase.  Any edits
   that are performed against this UserDatabase are immediately
   available for use by the Realm.  --
  Realm className=org.apache.catalina.realm.UserDatabaseRealm
 resourceName=UserDatabase/
  Host appBase=webapps autoDeploy=true name=localhost 
unpackWARs=true xmlNamespaceAware=false xmlValidation=false/
/Engine

/Service
/Server


Thanks,
Justin



From:   Mark Thomas ma...@apache.org
To: Tomcat Users List users@tomcat.apache.org
Date:   12/12/2011 03:29 PM
Subject:Re: Tomcat crashes after startup


On 12/12/2011 20:20, Justin Larose wrote:
 Group,

 Can anyone help me with this error below from the catalina.log?
 I have attached my server.xml as well. I have done some searches on the
 internet and cannot find much on this error.
 
 SEVERE: Error initializing endpoint
 java.io.IOException: AnyCert TrustManagerFactory not available

Seems pretty clear to me.

 Connector ... port=8543 ... truststoreAlgorithm=AnyCert .../

Fix your broken connector configuration or provide a JSSE implementation
that includes this custom truststoreAlgorithm.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: unpackWARs and antiResourceLocking

2011-12-06 Thread Justin Miller

Thanks for the response.  Both 6.0.35 and 7.0.23 exhibit the same behaviour.  
In 7.0.23, the docBase is changed back to the context path via the ContextName 
now instead of the context.getPath() but the result is the same.  Interestingly 
enough, there is a comment in the 7.0.23 source on line 750 that suggests the 
code to copy the .war file is never reached and that it's possibly a bug.  This 
code is never reached because the docBase is changed to the path without the 
.war extension.  I will submit a bug report.
 
Additionally, I am running in a Windows environment and I use the 
antiResourceLocking on only a few apps so that new application war files may be 
deployed throughout the day (this is a test server) without bringing down 
Tomcat.  I didn't use the JreLeakPreventionListener  because only a few 
applications need to be re-deployed; everything else is pretty much static and 
I didn't want the performance hit with antiResourceLocking to affect every app. 
 Is that reasonable or should I still just use the JreLeakPreventionListener?
 
Thanks again
Justin

 Konstantin Kolinko knst.koli...@gmail.com 12/6/2011 10:21 AM 
2011/12/6 Justin Miller jumil...@utah.gov:
 Windows 2008 64-bit
 Java 1.6.0_16 32-bit
 Tomcat 6.0.33

 Greetings

 I'm having some difficulties with the above environment and setting
 unpackWARs = false antiResourceLocking = true with apps packaged as WAR
 files. It appears that Tomcat is attempting to copy the WAR from the
 $CATALINA_HOME/webapps directory to the $CATALINA_HOME/temp directory
 without the .war extension (e.g., original docBase is
 $CATALINA_HOME/webapps/example.war and a new docBase of
 $CATALINA_HOME/temp/1-example ). Is my understanding that with the
 unpackWARs setting set to false, Tomcat just runs directly from the .war?
 Additionally, with the antiResourceLocking set to true, given the above
 assumption, would it be that Tomcat runs the app from a .war copied
 wholesale to the temp directory? If so, it appears that line 973 in
 ContextConfig.java method antiLocking never evaluates correctly because the
 docBase gets set to the value of path on line 969, which removes the .war
 extension so the file ends up being $CATALINA_HOME/temp/1-example instead of
 1-example.war.

 Additionally, applications with sub-context paths (e.g., foo#bar.war) never
 get deployed to temp correctly with antiResourceLocking=true regardless of
 the unpackWARs setting because of the above scenario and because the docBase
 gets set to the context path in the antiLocking method which converts the #
 separator to /. There appears to be a fix on line 882 of fixDocBase that
 converts the / character to # in the path but that doesn't make it to the
 antiLocking method.

It sounds like a bug. If you can reproduce it, please file a bug report.
I would appreciate though if you can test with recently released
6.0.35  and with 7.0.23.

In 7.0.x the app name-path handling was moved to a well-defined
helper class, so it is unlikely that the issue is present there.


 Please advise if I my understandings/assumptions are incorrect and if so,
 how I might configure Tomcat correctly to run a war without unpacking and
 locking resources. I am also happy to submit a bug report if needed.

1. Even if war itself is not unpacked, Tomcat has to extract jars from
it (otherwise it cannot feed them to class loaders).

2. Regarding whether or not it copies and were - I think it is easier
to run and see. It can copy things to /temp, but IIRC most times it
copies things to /work/Catalina/localhost/appname.

IIRC the TC7 docs were recently a bit clarified on the topic of those
options. I do not remember whether that was backported to 6.0 docs.

3. Usually you do not need those anti* flags. The
JreLeakPreventionListener (if you have it in your server.xml) changes
JRE defaults to keep JARs closed.

You also do not need the flags if you never undeploy the webapp while
Tomcat is running. (E.g. you never undeploy the manager webapp).

4. The anti* flags are needed on Windows only.  On unixes you can
delete files that are kept open so this problem does not exist.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat won't start after Windows Reboot

2011-12-05 Thread Justin Larose

 
[org.apache.axis.utils.XMLUtils$ThreadLocalDocumentBuilder@1682a53]) and a 
value of type [org.apache.xerces.jaxp.DocumentBuilderImpl] (value 
[org.apache.xerces.jaxp.DocumentBuilderImpl@1b2d7df]) but failed to remove 
it when the web application was stopped. This is very likely to create a 
memory leak.
Dec 5, 2011 3:02:43 PM org.apache.catalina.loader.WebappClassLoader 
clearThreadLocalMap
SEVERE: The web application [/dmwebservice] created a ThreadLocal with key 
of type [org.apache.axis.utils.XMLUtils.ThreadLocalDocumentBuilder] (value 
[org.apache.axis.utils.XMLUtils$ThreadLocalDocumentBuilder@c07527]) and a 
value of type 
[com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl] (value 
[com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl@14b74a7]) but 
failed to remove it when the web application was stopped. This is very 
likely to create a memory leak.
Dec 5, 2011 3:02:43 PM org.apache.coyote.http11.Http11Protocol destroy
INFO: Stopping Coyote HTTP/1.1 on http-18080
Dec 5, 2011 3:02:43 PM org.apache.coyote.http11.Http11Protocol destroy
INFO: Stopping Coyote HTTP/1.1 on http-8443
Dec 5, 2011 3:02:43 PM org.apache.coyote.http11.Http11Protocol destroy
INFO: Stopping Coyote HTTP/1.1 on http-8543

Thanks,
Justin LaRose
Database  Web Services Administrator
NEXCOM
(757) 631-3443
justin.lar...@nexweb.org
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: tomcat manager/status question

2011-11-18 Thread Justin Larose

Dan,

Thanks for the help.
I opened the server.xml.orig file (from the Tomcat installation) and 
copied the GlobalNamingResources and Engine and restarted Tomcat.
Afterwards I was able to login using the username and password located in 
the tomcat-users.xml file.


Thanks,
Justin LaRose
Database  Web Services Administrator
NEXCOM
(757) 631-3443
justin.lar...@nexweb.org



From:   Daniel Mikusa dmik...@vmware.com
To: Tomcat Users List users@tomcat.apache.org
Date:   11/16/2011 02:21 PM
Subject:Re: tomcat manager/status question


Justin,

Assuming that is the entire file, it looks like you do not have a
UserDatabase or a Realm defined.  You need to define a UserDatabase
Resource tag and a Realm for the security configuration.  This is
required by the manager application perform authentication and
authorization.

This configuration will look something like the following (non-essential
elements removed for brevity)...

Server..
GlobalNamingResources
Resource name=UserDatabase auth=Container
type=org.apache.catalina.UserDatabase
description=User database that can be updated and saved
factory=org.apache.catalina.users.MemoryUserDatabaseFactory
pathname=conf/tomcat-users.xml /
/GlobalNamingResources

Service...
Engine...
Realm className=org.apache.catalina.realm.UserDatabaseRealm
resourceName=UserDatabase/
/Engine
/Service
/Server

For a complete example, grab a fresh copy of Tomcat and take a look at
the server.xml file that is packaged with it.  It has both of these
elements defined and some comments which explain how it works.

Dan



On Wed, 2011-11-16 at 11:04 -0800, Justin Larose wrote:
 I have copied my server.xml file below.
 __

 Server port=8405 shutdown=Shutdown.SerenaCommonTomcat
 !-- Listener
 className=org.apache.catalina.core.AprLifecycleListener SSLEngine=on
 / --
 Listener className=org.apache.catalina.core.JasperListener/
 Listener
 className=org.apache.catalina.mbeans.ServerLifecycleListener/
 Listener
 
className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener/

 Service name=Catalina

 Connector connectionTimeout=2 port=18080
 protocol=HTTP/1.1 redirectPort=8443 server=Unknown Web 
Server/1.0/

 !-- Define a SSL HTTP/1.1 Connector on port 8443, using only
 128-bit+ encryption (remove ciphers attribute if not needed). --
 !-- Connector port=8443 protocol=HTTP/1.1 
SSLEnabled=true
 maxThreads=150 scheme=https secure=true clientAuth=false
 sslProtocol=TLS ciphers=TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
 SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
 TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA
 server=Unknown Web Server/1.0/ --

 Connector SSLEnabled=true acceptCount=100 
clientAuth=false
 disableUploadTimeout=true enableLookups=false keyAlias=tomcat
 keystoreFile=conf/sample-ssl.jks keystorePass=*
 maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150
 minSpareThreads=25 port=8443 scheme=https secure=true
 sslProtocol=TLS strategy=ms truststoreFile=conf/sample-ssl.jks
 truststorePass=*/

 Connector SSLEnabled=true acceptCount=100 clientAuth=true
 disableUploadTimeout=true enableLookups=false keyAlias=tomcat
 keystoreFile=conf/sample-ssl.jks keystorePass=*
 maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150
 minSpareThreads=25 port=8543 scheme=https secure=true
 sslProtocol=TLS strategy=ms truststoreAlgorithm=AnyCert
 truststoreFile=conf/sample-ssl.jks truststorePass=*/

 !-- Define an AJP 1.3 Connector on port 8409. --
 Connector port=8409 protocol=AJP/1.3 redirectPort=8443
 server=Unknown Web Server/1.0/

 Engine defaultHost=localhost name=Catalina
 Host appBase=webapps autoDeploy=true name=localhost
 unpackWARs=true xmlNamespaceAware=false xmlValidation=false/
 /Engine

 /Service
 /Server


 ___

 Thanks,
 Justin LaRose
 Database  Web Services Administrator
 NEXCOM
 (757) 631-3443
 justin.lar...@nexweb.org



 From:   Daniel Mikusa dmik...@vmware.com
 To: Tomcat Users List users@tomcat.apache.org
 Date:   11/14/2011 04:26 PM
 Subject:Re: tomcat manager/status question


 Justin,

 Your conf/tomcat-users.xml looks fine to me.  I copied and pasted it
 into a stock Tocmat 6.0.33 server on my machine and it worked fine.

 At this point, you might want to also post your conf/server.xml file.

 Dan



 On Mon, 2011-11-14 at 13:00 -0800, Justin Larose wrote:
  Yes I have restarted tomcat after editing this file:
 
  ?xml version='1.0' encoding='cp1252'?
  tomcat-users
  role rolename=manager-gui/
  user username=admin password= roles=manager-gui
 /
  /tomcat-users
 
 
 
  Thanks,
  Justin LaRose
  Database  Web Services Administrator
  NEXCOM
  (757) 631-3443
  justin.lar...@nexweb.org
 
 
 
  From:   Daniel Mikusa dmik...@vmware.com
  To: Tomcat Users List users@tomcat.apache.org
  Date:   11/14/2011 02:32 PM
  Subject:Re: tomcat manager/status

Re: tomcat manager/status question

2011-11-16 Thread Justin Larose

I have copied my server.xml file below. 
__

Server port=8405 shutdown=Shutdown.SerenaCommonTomcat
!-- Listener 
className=org.apache.catalina.core.AprLifecycleListener SSLEngine=on 
/ --
Listener className=org.apache.catalina.core.JasperListener/
Listener 
className=org.apache.catalina.mbeans.ServerLifecycleListener/
Listener 
className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener/

Service name=Catalina

Connector connectionTimeout=2 port=18080 
protocol=HTTP/1.1 redirectPort=8443 server=Unknown Web Server/1.0/

!-- Define a SSL HTTP/1.1 Connector on port 8443, using only 
128-bit+ encryption (remove ciphers attribute if not needed). --
!-- Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true 
maxThreads=150 scheme=https secure=true clientAuth=false 
sslProtocol=TLS ciphers=TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 
SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, 
TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA 
server=Unknown Web Server/1.0/ --

Connector SSLEnabled=true acceptCount=100 clientAuth=false 
disableUploadTimeout=true enableLookups=false keyAlias=tomcat 
keystoreFile=conf/sample-ssl.jks keystorePass=* 
maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150 
minSpareThreads=25 port=8443 scheme=https secure=true 
sslProtocol=TLS strategy=ms truststoreFile=conf/sample-ssl.jks 
truststorePass=*/

Connector SSLEnabled=true acceptCount=100 clientAuth=true 
disableUploadTimeout=true enableLookups=false keyAlias=tomcat 
keystoreFile=conf/sample-ssl.jks keystorePass=* 
maxHttpHeaderSize=8192 maxSpareThreads=75 maxThreads=150 
minSpareThreads=25 port=8543 scheme=https secure=true 
sslProtocol=TLS strategy=ms truststoreAlgorithm=AnyCert 
truststoreFile=conf/sample-ssl.jks truststorePass=*/

!-- Define an AJP 1.3 Connector on port 8409. --
Connector port=8409 protocol=AJP/1.3 redirectPort=8443 
server=Unknown Web Server/1.0/

Engine defaultHost=localhost name=Catalina
Host appBase=webapps autoDeploy=true name=localhost 
unpackWARs=true xmlNamespaceAware=false xmlValidation=false/
/Engine

/Service
/Server


___

Thanks,
Justin LaRose
Database  Web Services Administrator
NEXCOM
(757) 631-3443
justin.lar...@nexweb.org



From:   Daniel Mikusa dmik...@vmware.com
To: Tomcat Users List users@tomcat.apache.org
Date:   11/14/2011 04:26 PM
Subject:Re: tomcat manager/status question


Justin,

Your conf/tomcat-users.xml looks fine to me.  I copied and pasted it
into a stock Tocmat 6.0.33 server on my machine and it worked fine.

At this point, you might want to also post your conf/server.xml file.

Dan



On Mon, 2011-11-14 at 13:00 -0800, Justin Larose wrote:
 Yes I have restarted tomcat after editing this file:

 ?xml version='1.0' encoding='cp1252'?
 tomcat-users
 role rolename=manager-gui/
 user username=admin password= roles=manager-gui 
/
 /tomcat-users



 Thanks,
 Justin LaRose
 Database  Web Services Administrator
 NEXCOM
 (757) 631-3443
 justin.lar...@nexweb.org



 From:   Daniel Mikusa dmik...@vmware.com
 To: Tomcat Users List users@tomcat.apache.org
 Date:   11/14/2011 02:32 PM
 Subject:Re: tomcat manager/status question


 Justin,

 What exactly do you have in your conf/tomcat-users.xml file?  If you
 could include the contents of the file inline here, that would be
 helpful.

 Don't forget to redact passwords and other sensitive info.

 Dan


 On Mon, 2011-11-14 at 11:18 -0800, Justin Larose wrote:
  Question:  I upgraded my Tomcat version to 6.0 using the
  apache-tomcat-6.0.33.exe file and I am trying to access the manager
  and the status pages here:  localhost:port\index.jsp
  I get to the default Tomcat page and select status and I get a login
  prompt. After entering the username and password that I have
  configured in the \conf\tomcat-users.xml
  file it just asks for the password again and again. After the 3rd
  attempt it will default to the 401 page that talks about configuring
  the tomcat-users.xml file. I also get the same error after selecting
  the manager link as well.
 
  Do I need to install another portion of Tomcat to get this feature to
  work?
 
 
 
  Thanks,
  Justin LaRose
  Database  Web Services Administrator
  NEXCOM
  (757) 631-3443
  justin.lar...@nexweb.org
 
 
 
**
  This email and any files transmitted with it are intended solely for
  the use of the individual or agency to whom they are addressed.
  If you have received this email in error please notify the Navy
  Exchange Service Command e-mail administrator. This footnote
  also confirms that this email message has been scanned for the
  presence of computer viruses.
 
  Thank You!
 
 
**

tomcat manager/status question

2011-11-14 Thread Justin Larose

Question:  I upgraded my Tomcat version to 6.0 using the 
apache-tomcat-6.0.33.exe file and I am trying to access the manager and 
the status pages here:  localhost:port\index.jsp
I get to the default Tomcat page and select status and I get a login 
prompt. After entering the username and password that I have configured in 
the \conf\tomcat-users.xml
file it just asks for the password again and again. After the 3rd attempt 
it will default to the 401 page that talks about configuring the 
tomcat-users.xml file. I also get the same error after selecting the 
manager link as well.

Do I need to install another portion of Tomcat to get this feature to 
work?



Thanks,
Justin LaRose
Database  Web Services Administrator
NEXCOM
(757) 631-3443
justin.lar...@nexweb.org
**
This email and any files transmitted with it are intended solely for 
the use of the individual or agency to whom they are addressed. 
If you have received this email in error please notify the Navy 
Exchange Service Command e-mail administrator. This footnote 
also confirms that this email message has been scanned for the
presence of computer viruses.

Thank You!
**

Re: tomcat manager/status question

2011-11-14 Thread Justin Larose

Yes I have restarted tomcat after editing this file:

?xml version='1.0' encoding='cp1252'?
tomcat-users
role rolename=manager-gui/
user username=admin password= roles=manager-gui /
/tomcat-users



Thanks,
Justin LaRose
Database  Web Services Administrator
NEXCOM
(757) 631-3443
justin.lar...@nexweb.org



From:   Daniel Mikusa dmik...@vmware.com
To: Tomcat Users List users@tomcat.apache.org
Date:   11/14/2011 02:32 PM
Subject:Re: tomcat manager/status question


Justin,

What exactly do you have in your conf/tomcat-users.xml file?  If you
could include the contents of the file inline here, that would be
helpful.

Don't forget to redact passwords and other sensitive info.

Dan


On Mon, 2011-11-14 at 11:18 -0800, Justin Larose wrote:
 Question:  I upgraded my Tomcat version to 6.0 using the
 apache-tomcat-6.0.33.exe file and I am trying to access the manager
 and the status pages here:  localhost:port\index.jsp
 I get to the default Tomcat page and select status and I get a login
 prompt. After entering the username and password that I have
 configured in the \conf\tomcat-users.xml
 file it just asks for the password again and again. After the 3rd
 attempt it will default to the 401 page that talks about configuring
 the tomcat-users.xml file. I also get the same error after selecting
 the manager link as well.

 Do I need to install another portion of Tomcat to get this feature to
 work?



 Thanks,
 Justin LaRose
 Database  Web Services Administrator
 NEXCOM
 (757) 631-3443
 justin.lar...@nexweb.org

 
**
 This email and any files transmitted with it are intended solely for
 the use of the individual or agency to whom they are addressed.
 If you have received this email in error please notify the Navy
 Exchange Service Command e-mail administrator. This footnote
 also confirms that this email message has been scanned for the
 presence of computer viruses.

 Thank You!
 
**

Re: Tomcat 7: Why is JDK needed ?

2011-07-21 Thread Justin Randall

It uses the Java compiler for activities such as compiling JSPs into Servlets 
into Java class files.

All versions of Tomcat require the JDK.

Sent from my BlackBerry device

-Original Message-
From: Bobi St temporaryb...@yahoo.de
Date: Thu, 21 Jul 2011 19:58:53 
To: users@tomcat.apache.org
Subject: Tomcat 7: Why is JDK needed ?

Hi there,
why is Why is JDK needed also for Tomcat 7 ? Does it use a compiler, or why not 
simply using for example jre6 ?!?
I have to install always extra JDK because of it ...
Best regards,

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat Configuration in Multi Core Systems

2011-04-24 Thread Justin Randall

That statement is only correct if memory footprint is an issue, or if each 
thread allocates a lot of dynamic memory that isn't shared by other threads.  
If there isn't much memory required, or if most of the data stored in memory is 
heavily shared, adding more memory will not increase performance.

Each processor has it's own on-die memory caches, which affect performance more 
than the amount of RAM all together (especially with good memory locality 
design).  If all threads are trying to access an object that resides in the 
memory local to processor 1, adding more memory won't change the fact that 
access to this object from other processors will require non-local memory 
access through CPU boundaries.

Regards,

Justin Randall
Sent from my BlackBerry device

-Original Message-
From: David Kerber dcker...@verizon.net
Date: Sun, 24 Apr 2011 08:54:35 
To: Tomcat Users Listusers@tomcat.apache.org
Reply-To: Tomcat Users List users@tomcat.apache.org
Subject: Re: Tomcat Configuration in Multi Core Systems

On 4/24/2011 3:07 AM, sujikin wrote:
 Hi,

 Thanks for your replies. I was sure Server B will never will be able to
 match Server A even if it had
 infinite processors in it ( provided everything remains the same). Just
 wanted to confirm.

 @David
 Server B has *116* processors only.
 Slow because of time taken to handle single request.
32Gb shared among 116 processors isn't very much RAM for each process 
(that's why I assumed it was 16, not 116).  You'll likely get a 
performance boost if you can give it more RAM.



 Regards,
 Sujeet



 David Kerber wrote:
 On 4/23/2011 2:31 PM, Sujeet Singh wrote:
 Hi,

 I have two servers which has below configuration,

 Server A has 32 GB RAM, 4  processors each of 2.8 GHz

 Server B has 32 GB RAM, 116  processors each of 1.6 GHz.

 Both servers has tomcat installed having same configuration.

 Tomcat of server B is at least half as slow as Server A.

 My question is...just by increasing the worker thread count, the
 performance
 of
 Server B can be increased or we need to do something else also?

 Tomcat version is 5.5 and Java version is 5. OS used is Solaris 10 SPARC.

 Thanks   Regards,
 Sujeet

 First, I assume you mean 16 processors in server B, rather than 116.

 You need to define slow:  time to process a single request, or # of
 requests it can handle?

 Server B's clock speed is about half that of A, so I would expect
 (everything else being equal) that it would run at ~ half the speed of A
 for a single request.  However, given that it has 4x as many processors,
 it should be able to handle ~ 4x as many simultaneous requests, but each
 of them will still take about 2x as long as they would on A.



 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat Configuration in Multi Core Systems

2011-04-23 Thread Justin Randall

Hi Sujeet,

In any application, speed is primarily determined by serial portions of code 
execution.

Speed isn't something that is increased by adding more threads, however 
throughput can usually be increased which has the illusion of increasing 
speed for a given workload.

That said, you should examine the serial parts of your application code and try 
to leverage additional parallelism (i.e. If you have multiple tasks within a 
single request to complete which aren't heavily dependent on each other).  This 
can help reduce the time it takes for a given request to complete.

If each request is handled only by a single thread then it should be expected 
that a CPU with 1/2 the speed performs 1/2 as fast.

Regards,

Justin Randall
--Original Message--
From: Sujeet Singh
To: users@tomcat.apache.org
ReplyTo: Tomcat Users List
Subject: Tomcat Configuration in Multi Core Systems
Sent: Apr 23, 2011 14:31

Hi,

I have two servers which has below configuration,

Server A has 32 GB RAM, 4  processors each of 2.8 GHz

Server B has 32 GB RAM, 116  processors each of 1.6 GHz.

Both servers has tomcat installed having same configuration.

Tomcat of server B is at least half as slow as Server A.

My question is...just by increasing the worker thread count, the performance
of
Server B can be increased or we need to do something else also?

Tomcat version is 5.5 and Java version is 5. OS used is Solaris 10 SPARC.

Thanks  Regards,
Sujeet



Sent from my BlackBerry device

Re: Tomcat on a Linux virtual machine

2011-04-15 Thread Justin Randall

Hi Darryl,

Is the database also running on a VM?  My experience with problematic 
applications on VMs hasn't been related to the application itself (Tomcat, 
BIND, Apache, etc.) but moreso whether they generate high volumes of local 
storage I/O (like a database using local disks).  The impact this can have can 
also be magnified if your VM disks aren't properly aligned (a common mistake in 
many older VM deployments).

The vendor should also be providing some form of justification for their 
statements.  Depending on your virtualization platform of choice, there may be 
various utilities you can use to analyze the performance of the virtualization 
host itself to help narrow down where bottlenecks may be occurring.

Regards,

--Original Message--
From: Darryl Lewis
To: Tomcat Users List
ReplyTo: Tomcat Users List
Subject: Tomcat on a Linux virtual machine
Sent: Apr 15, 2011 23:18

I have an application (commercial) running on a virtual instance of Linux 
talking to a Postgres database.
We are continually getting locks on the DB that are crashing the app.
I think it's just bad programming on the suppliers side, but the supplier has 
latched onto the idea that it is because it is running on a virtual machine.
Has any experienced any problems running Tomcat on a virtual machine similar to 
this?



Sent from my BlackBerry device

RE: [OT] servlet-specific error pages

2011-04-13 Thread Justin Randall


Hi Chris,

I'm assuming the servlet is in control of generating all of the errors you are 
implying?

For example, if the servlet doesn't load properly and a 404 would be generated, 
the servlet would obviously not be in control of handling this exception and 
this would would have to make use of error-page directives in web.xml, 
specifically for error-code 404 which would redirect to a JSP that just so 
happens to be an XML file.

If I've understood what you're looking for correctly I've worked on similar 
projects in the past and what's worked well for me is leveraging MVC by using 
the RequestDispatcher to forward to relevant JSPs which happen to all be XML 
files with the contents populated either via JSP tags or EL.  This way you can 
catch the exceptions/error conditions in your servlet, set the appropriate 
exception information within the request context and the dispatch to the 
correct JSP XML page.

For example:

errorfile.jsp:

=
%@ page trimDirectiveWhitespaces=true %
%@ page contentType=text/xml; charset=UTF-8 %
%@ page session=false %
%
response.setHeader(Cache-Control,no-cache);
response.setHeader(Pragma,no-cache);
response.setDateHeader (Expires, 0);
%
?xml version=1.0 encoding=utf-8?
someXmlRoot
errorCode${requestScope.errorCode}/errorCode
errorMessage${requestScope.errorMessage}/errorMessage
/someXmlRoot
=

In your serlvet you would redirect to the JSP as follows:

=
RequestDispatcher dispatcher = 
req.getRequestDispatcher(/WEB-INF/path/to/errorfile.jsp);
req.setAttribute(errorCode, 500);
req.setAttribute(errorMessage, My server had an oops!);
dispatcher.forward(req, rsp);
=

Note the XML file doesn't have a schema associated with it but that's just for 
brevity of the example.

I hope this helps!

Justin Randall


 Date: Tue, 12 Apr 2011 16:38:25 -0400
 From: ch...@christopherschultz.net
 To: users@tomcat.apache.org
 Subject: [OT] servlet-specific error pages
 
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 All,
 
 I have a webapp where some of the servlets are expected to return XML
 all the time, even for error conditions. I'd like to be able to set an
 error page for those servlets so the response will be in XML instead of
 HTML like you'd get with the default Tomcat error page or an error page
 we might have configured for the rest of the site.
 
 I didn't see anything in web.xml that would allow me to set an error
 page for a particular servlet.
 
 Any good ideas?
 
 Obviously, I can create a system-wide error resource that determines
 the resource that was being used and then dispatch to either an
 HTML-oriented or XML-oriented error page, but I was wondering if
 something like that already existed or if there was a better approach.
 
 Thanks,
 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
 iEYEARECAAYFAk2kuEEACgkQ9CaO5/Lv0PBpqACfVky6ZZvG/Rgpt4XK804jdbei
 JpEAnj/NF2td4NNHoBAbFBRAgsUDkC0v
 =xjBP
 -END PGP SIGNATURE-
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

RE: [OT] servlet-specific error pages

2011-04-13 Thread Justin Randall


Hi Chris,

 Of course. I was wondering about other exceptions or errors that maybe I
 cannot control from that code.

Are you referring to internal exceptions within Tomcat's own code or simply 
unexpected exceptions within the servlet's implemented code?  If it's the later 
you could always just wrap your code with a try block that catches Throwable 
which will catch any possible exception thrown by Java and properly implemented 
library exceptions.  Perhaps not ideal but considering the available options it 
might not be too bad.

Technically speaking, catching Throwable isn't such a bad practice for end-user 
facing applications because you can at least redirect to a more elegant 
Unexpected Exception has occurred page rather than an error page showing a 
stack trace of a NullPointerException or some other unexpected errors due to 
programming mistakes as an example.

Regards,

Justin Randall

 Date: Wed, 13 Apr 2011 16:11:09 -0400
 From: ch...@christopherschultz.net
 To: users@tomcat.apache.org
 Subject: Re: [OT] servlet-specific error pages
 
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Justin,
 
 On 4/13/2011 9:17 AM, Justin Randall wrote:
  Hi Chris,
  
  I'm assuming the servlet is in control of generating all of the
  errors you are implying?
 
 Yes and no:
 
  For example, if the servlet doesn't load properly and a 404 would be
  generated, the servlet would obviously not be in control of handling
  this exception and this would would have to make use of error-page
  directives in web.xml, specifically for error-code 404 which would
  redirect to a JSP that just so happens to be an XML file.
 
 Right, but I want the default 404 error page to be in HTML.
 
 Basically, I want two defaults.
 
 If the servlet spec allowed for error-page to include a servlet-name
 filter, that's what I would use. But it doesn't :(
 
  If I've understood what you're looking for correctly I've worked on
  similar projects in the past and what's worked well for me is
  leveraging MVC by using the RequestDispatcher to forward to relevant
  JSPs which happen to all be XML files with the contents populated
  either via JSP tags or EL.  This way you can catch the
  exceptions/error conditions in your servlet, set the appropriate
  exception information within the request context and the dispatch to
  the correct JSP XML page.
 
 Of course. I was wondering about other exceptions or errors that maybe I
 cannot control from that code.
 
 Thanks,
 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
 iEYEARECAAYFAk2mA10ACgkQ9CaO5/Lv0PAvMgCgqk4ZiH5b75jrl25Kq73Po3hq
 qCIAniutff9LdBlxKTUya36QdWp9e+eL
 =j2iW
 -END PGP SIGNATURE-
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] servlet-specific error pages

2011-04-13 Thread Justin Randall

Hi Martin,

What Chris is actually looking for is custom servlet specific error handling in 
addition to web application error handling (the later is what you have 
described below).

In other words, 401 for Servlet X is directed to a different JSP than 401 for 
the entire web application.

Regards,

Justin Randall
Sent from my BlackBerry device

-Original Message-
From: Martin Gainty mgai...@hotmail.com
Date: Wed, 13 Apr 2011 21:47:51 
To: Tomcat Users Listusers@tomcat.apache.org
Reply-To: Tomcat Users List users@tomcat.apache.org
Subject: RE: [OT] servlet-specific error pages


in web.xml for your webapp
map a custom jsp for each returned HTTP status code e.g:

  error-page
error-code401/error-code
location/401.jsp/location
  /error-page
  error-page
error-code403/error-code
location/403.jsp/location
  /error-page
  error-page
error-code404/error-code
location/404.jsp/location
  /error-page

Martin  
__ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
 Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger 
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung 
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem 
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. 
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung 
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le 
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez 
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est 
interdite. Ce message sert à l'information seulement et n'aura pas n'importe 
quel effet légalement obligatoire. Étant donné que les email peuvent facilement 
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité 
pour le contenu fourni.




 From: ran...@hotmail.com
 To: users@tomcat.apache.org
 Subject: RE: [OT] servlet-specific error pages
 Date: Wed, 13 Apr 2011 20:10:48 -0400
 
 
 Hi Chris,
 
  Of course. I was wondering about other exceptions or errors that maybe I
  cannot control from that code.
 
 Are you referring to internal exceptions within Tomcat's own code or simply 
 unexpected exceptions within the servlet's implemented code?  If it's the 
 later you could always just wrap your code with a try block that catches 
 Throwable which will catch any possible exception thrown by Java and 
 properly implemented library exceptions.  Perhaps not ideal but considering 
 the available options it might not be too bad.
 
 Technically speaking, catching Throwable isn't such a bad practice for 
 end-user facing applications because you can at least redirect to a more 
 elegant Unexpected Exception has occurred page rather than an error page 
 showing a stack trace of a NullPointerException or some other unexpected 
 errors due to programming mistakes as an example.
 
 Regards,
 
 Justin Randall
 
  Date: Wed, 13 Apr 2011 16:11:09 -0400
  From: ch...@christopherschultz.net
  To: users@tomcat.apache.org
  Subject: Re: [OT] servlet-specific error pages
  
  -BEGIN PGP SIGNED MESSAGE-
  Hash: SHA1
  
  Justin,
  
  On 4/13/2011 9:17 AM, Justin Randall wrote:
   Hi Chris,
   
   I'm assuming the servlet is in control of generating all of the
   errors you are implying?
  
  Yes and no:
  
   For example, if the servlet doesn't load properly and a 404 would be
   generated, the servlet would obviously not be in control of handling
   this exception and this would would have to make use of error-page
   directives in web.xml, specifically for error-code 404 which would
   redirect to a JSP that just so happens to be an XML file.
  
  Right, but I want the default 404 error page to be in HTML.
  
  Basically, I want two defaults.
  
  If the servlet spec allowed for error-page to include a servlet-name
  filter, that's what I would use. But it doesn't :(
  
   If I've understood what you're looking for correctly I've worked on
   similar projects in the past and what's worked well for me is
   leveraging MVC by using the RequestDispatcher to forward to relevant
   JSPs which happen to all be XML files with the contents populated
   either via JSP tags or EL.  This way you can catch the
   exceptions/error conditions in your servlet, set the appropriate
   exception information within the request context and the dispatch to
   the correct JSP XML page.
  
  Of course. I was wondering about other exceptions or errors that maybe I
  cannot control from that code.
  
  Thanks,
  - -chris
  -BEGIN PGP SIGNATURE-
  Version: GnuPG v1.4.10 (MingW32)
  Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
  
  iEYEARECAAYFAk2mA10ACgkQ9CaO5/Lv0PAvMgCgqk4ZiH5b75jrl25Kq73Po3hq
  qCIAniutff9LdBlxKTUya36QdWp9e+eL
  =j2iW
  -END PGP SIGNATURE

Re: Customize URL access

2011-03-31 Thread Justin Randall

Read up on web.xml and using Serlvet mappings to define paths that map to the 
Servlet class itself.

It looks like you're currently using direct servlet invocation.

--Original Message--
From: Jonatan Aguirre Kobayashi
To: users@tomcat.apache.org
ReplyTo: Tomcat Users List
Subject: Customize URL access
Sent: Mar 31, 2011 09:17

Hello, a have a application and the url is for example
http://localhost:8080/myapp/servlet/maiservlet.
How i do to access to my application with this url:
http://localhost:8080/myapp/maiservlet (without servlet reference)

PD: Sorry , my english is not good.

Sent from my BlackBerry device

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] Followup on 32-bit versus 64-bit performance discussion(s)

2011-03-14 Thread Justin Randall

In general, it is technically possible for a 32-bit application to perform 
faster than a 64-bit application when running on a 64-bit CPU because of CPU 
memory cache behaviour.

64-bit memory addresses occupy more space within a single cache line and can 
result in added memory cache misses (cache lines filled more quickly) which 
require additional loads from real memory into CPU registers, effectively 
slowing down the performance of an application.


Sent from my BlackBerry device

-Original Message-
From: Leon Rosenberg rosenberg.l...@gmail.com
Date: Mon, 14 Mar 2011 20:33:21 
To: Tomcat Users Listusers@tomcat.apache.org
Reply-To: Tomcat Users List users@tomcat.apache.org
Subject: Re: [OT] Followup on 32-bit versus 64-bit performance discussion(s)

I'm sorry, I probably missed something, but why should 64 bit app on
64 bit os on 64 bit cpu be slower as 32 bit analog?

regards
Leon

On Mon, Mar 14, 2011 at 6:45 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 David,

 On 3/14/2011 1:36 PM, David kerber wrote:
 On 3/14/2011 1:31 PM, Christopher Schultz wrote:

 I should have mentioned, we are in a Linux environment, so we have lots
 of options. ;)

 Lucky you; I wish I could say the same...

 You should lobby to virtualize your infrastructure on top of some kind
 of Linux-based virtualization platform. Then you can still be running
 on Windows but also have some ... other options ;)

 I would suggest the other way around if you wanted to operate in a Linux
 environment, but if the idea is to improve stability, then running Linux
 on top of Windows isn't exactly recommended technique.

 I had always heard that Microsoft SQL Server was a really good RDBMS.
 It's just too bad it has to run on Windows.

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAk1+VDYACgkQ9CaO5/Lv0PBD+wCfQBK7R2hi6tcsxYaIjNTMYQsR
 jlkAnijh8Tmk7JEX8GLsfzFkf/4qc8Ck
 =emTF
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [OT] Followup on 32-bit versus 64-bit performance discussion(s)

2011-03-14 Thread Justin Randall

Indeed.

It really makes you wonder why caches and pipelines weren't scaled more 
proportionally.

At least we can appreciate better calling conventions.  :)

--Original Message--
From: Christopher Schultz
To: Tomcat Users List
ReplyTo: Tomcat Users List
Subject: Re: [OT] Followup on 32-bit versus 64-bit performance discussion(s)
Sent: Mar 14, 2011 17:08

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Justin,

On 3/14/2011 3:45 PM, Justin Randall wrote:
 In general, it is technically possible for a 32-bit application to
 perform faster than a 64-bit application when running on a 64-bit CPU
 because of CPU memory cache behaviour.

Also due to the amount of data that can be transferred at once across
the data paths to the CPU: 64-bit pointers simply take up more bandwidth
on those paths.

A 32-bit process, using 32-bit pointers, will enjoy a 2x speedup for
those types of data.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk1+g+MACgkQ9CaO5/Lv0PB8DwCgqTO/v8DuSS4M8qKbAiGAMJch
bVoAoIdFUL3MM0TqBOFxWZfMp/+9s8At
=2ZPm
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Sent from my BlackBerry device

Re: Change of email address

2010-12-25 Thread Justin Randall

One would imagine you would simply subscribe your new address and (potentially) 
unsubscribe your old address.

--Original Message--
From: Michael McQuade
To: 'Tomcat Users List'
ReplyTo: Tomcat Users List
Subject: Change of email address
Sent: Dec 25, 2010 09:57

How does one go about changing to a new email address?  A new address of
m.mcqu...@powergate.ca is in effect

Thank-You and Merry christmas
Mike


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




Sent from my BlackBerry device

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Can tomcat detect disconnection by client side in Async mode?

2010-12-06 Thread Justin Randall

Hello,

Without knowing the application and going on standard sockets, I know from 
experience without using Async mode that Tomcat does generate a 
ClientAbortException when a TCP RST is received from a client when Tomcat is 
writing the HTTP response to the client.

The client was a CPE which downloaded firmware/config via HTTP and sent a TCP 
RST after the first chunk of data if the version on the server and in the CPE 
were identical.  Not sure if this is relevant and what the behaviour of your 
client would be for disconnecting from the server (assuming it's not a web 
browser).

Regards,

Justin Randall
Sent from my BlackBerry device

-Original Message-
From: Ben xpsl...@gmail.com
Date: Sun, 5 Dec 2010 14:25:56 
To: Tomcat Users Listusers@tomcat.apache.org
Reply-To: Tomcat Users List users@tomcat.apache.org
Subject: Can tomcat detect disconnection by client side in Async mode?

Hi there,

Any idea about the disconnection handling? Cannot find reference for this.

In my application the client may disconnect and send a new request with 
different parameters. On server side I wanna clean the AsynContext held by 
previous request. Right now only timeout will do, which is not efficient cos I 
set the timeout to quite high value to avoid frequent disconnect / connect.

Thanks for help.

Ben
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Can tomcat detect disconnection by client side in Async mode?

2010-12-06 Thread Justin Randall

Just to clarify, I'm not trying to imply that ClientAbortException wouldn't be 
generated for Async mode in some way but simply that I've only tested TCP RST 
behaviour in non-Async mode.

Sent from my BlackBerry device

-Original Message-
From: Justin Randall ran...@hotmail.com
Date: Tue, 7 Dec 2010 00:16:01 
To: Tomcat Users Listusers@tomcat.apache.org
Reply-To: Tomcat Users List users@tomcat.apache.org
Subject: Re: Can tomcat detect disconnection by client side in Async mode?

Hello,

Without knowing the application and going on standard sockets, I know from 
experience without using Async mode that Tomcat does generate a 
ClientAbortException when a TCP RST is received from a client when Tomcat is 
writing the HTTP response to the client.

The client was a CPE which downloaded firmware/config via HTTP and sent a TCP 
RST after the first chunk of data if the version on the server and in the CPE 
were identical.  Not sure if this is relevant and what the behaviour of your 
client would be for disconnecting from the server (assuming it's not a web 
browser).

Regards,

Justin Randall
Sent from my BlackBerry device

-Original Message-
From: Ben xpsl...@gmail.com
Date: Sun, 5 Dec 2010 14:25:56 
To: Tomcat Users Listusers@tomcat.apache.org
Reply-To: Tomcat Users List users@tomcat.apache.org
Subject: Can tomcat detect disconnection by client side in Async mode?

Hi there,

Any idea about the disconnection handling? Cannot find reference for this.

In my application the client may disconnect and send a new request with 
different parameters. On server side I wanna clean the AsynContext held by 
previous request. Right now only timeout will do, which is not efficient cos I 
set the timeout to quite high value to avoid frequent disconnect / connect.

Thanks for help.

Ben
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-03 Thread Justin Case

 From: Markus Schönhaber tomcat-us...@list-post.mks-mail.de

 Yes, it is an  error. But in this case, I, too, consider the error erroneous.
 A status code  of 400 basically means that the request was syntactically
 b0rked. But, as I  understand it, that's not the problem here: the
 request is syntactically fine  - it fails because the server is
 misconfigured. Therefore a status code of  500 seems more appropriate to me.

Well, w3.org says:

Error 4xx, 5xx 
The 4xx codes are intended for cases in which the client seems to have erred, 
and the 5xx codes for the cases in which the server is aware that the server 
has 
erred. It is impossible to distinguish these cases in general, so the 
difference 
is only informational. 

The body section may contain a document describing the error in human readable 
form.

Not found 404: The server has not found anything matching the URI given 
Internal Error 500: The server encountered an unexpected condition which 
prevented it from fulfilling the request.


I still vote for 404 :) (as if my vote matters) because the server is all fine 
and dandy (the APP is misconfigured not the server), but the client is asking 
for something not available. But the difference is only informational :)

Cheers,
JC





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

migrating to Tomcat 7, when

2010-12-03 Thread Justin Case

Hi all,

I see discussions about migration to Tomcat 7. Do you think it is the right 
moment to count your production apps on it? My thought is no way Jose but 
maybe I'm missing something...

Thank you,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Caldarale, Charles R chuck.caldar...@unisys.com

 JSPs are  only compiled upon first reference, not before.  That results in a 
slight  (usually very slight) pause for the first guy in, 

 so if you want to pre-compile  them, there is a script available to do so:
http://tomcat.apache.org/tomcat-6.0-doc/jasper-howto.html#Production%20Configuration
n

Interesting, thank you. I will look into this.
I would have still expected that in the automatic deployment with the single 
context.xml, tomcat still does that. For the first user, with delay, no 
problem. 
But it threw an unlogged error 400 and didn't compile zit, thus my original 
problem stays...

Thanks a lot,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Konstantin Kolinko knst.koli...@gmail.com

 
 Just  curious: why wtpwebapps? Eclipse IDE uses that name.

Precisely :) Only because Eclipse publishes it there, so the name was kept. No 
other reason.

 Try with recent 6.0.x (build it yourself), or  6.0.30 (when it comes
 out), or 7.0.5 -- they will log such requests into  AccessLog.
 Usually it means that this request was rejected by the connector,  or
 by CoyoteAdapter.  What is your client?

Ummm, I wouldn't go into beta stuff... I have enough troubles as you can see :) 
and what do you mean by client? The browser?

 Do you have a ROOT  application deployed? You should have one.

This is true, I don't have one. Might this be The/a problem?

Thanks a lot,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Pid p...@pidster.com
 This is either because your  application is not deployed, or because the
 request path you're using does  not match the actual request path deployed.
 
 When you start Tomcat, is  there a message in the logs saying:
 
 02-Dec-2010 10:44:17  org.apache.catalina.startup.HostConfig deployDirectory
 INFO: Deploying web  application directory com.mycompany.myapp
 OR
 02-Dec-2010  10:44:17 org.apache.catalina.startup.HostConfig deployDirectory
 INFO:  Deploying web application directory myapp
 ?
 What is the  exact URL (you may omit the actual domain if you wish) that
 you then  request?

Hmmm, it says Deploying web  application directory com.mycompany.myapp which 
is somehow what I was expecting (it IS in that directory under wtpwebapps), 
then 
I'm calling it with http://localhost:8080/myapp (I need it that way)
Now that you mention, I notice this difference: 
- when I put it in the server.xml and it gets deployed automatically, Tomcat 
creates under work/Catalina/localhost the directory myapp. All fine. 

- when I use the standalone context.xml it creates under 
work/Catalina/localhost a directory com.mycompany.myapp - which stays empty 
afterwards.
I still don't know what and why it happens, but I feel it's getting closer to 
the root cause :)

Thank you,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Pid p...@pidster.com
 If the request isn't being routed to your application,  then without a
 ROOT application the host hasn't got a mechanism to serve any  response
 other than an error.

Error is fine, as long it's a 404 (and not this enigmatic 400)...

Thank you,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: New jsvc (commons-daemon-native); catalina.out is owned by root - WTF?

2010-12-02 Thread Justin Case

 From: Gregor Schneider rc4...@googlemail.com
 
 I feel that ppl have a problem if they mistrust  their developers in so
 far that they have to lock their box even to their own  developers
 maintaing the apps. And I'm not talking about full access but  I'm
 talking about browsing the logs.
 
 Besides, when having a  production-problem, one can react quickly if
 the developer responsible for  the app can read the logs.
 
 OTOH, some ppl might have no problems with  outages and can wait for
 the logs being mailed / ftp'ed / whatsoever by the  usally always busy
 server-admins...*sic*

I'm living in such an environment. One of the reasons for this separation is 
fear of quick fixes: production machines are not for testing patches - which 
otherwise you can bet it would happen if anything beyond log reading would be 
granted. But we have log reading allowed and everybody is happy - both 
paranoids 
and genies.

JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Caldarale, Charles R chuck.caldar...@unisys.com
 
 When you say standalone context.xml, are  you referring to a Context 
element located in the webapp's  META-INF/context.xml directory?

Yes, that one.

 Make sure you don't have a  conf/Catalina/[host]/[appName].xml file, since 
 that 

will override anything  inside the webapp.

It usually gets created automatically, right? I remove it by hand each time 
before I plan some changes/redeploy.

 Please post the entire (not just a fragment)  server.xml you're using with 
 the 

standalone context.xml, along with the  Context element.  Remove all 
comments and obfuscate proprietary  information first.

Here it goes:

?xml version=1.0 encoding=UTF-8?
Server port=8005 shutdown=SHUTDOWN
Listener SSLEngine=on
className=org.apache.catalina.core.AprLifecycleListener /
Listener className=org.apache.catalina.core.JasperListener /
Listener 
className=org.apache.catalina.core.JreMemoryLeakPreventionListener /
Listener className=org.apache.catalina.mbeans.ServerLifecycleListener /
Listener 
className=org.apache.catalina.mbeans.GlobalResourcesLifecycleListener /
Service name=Catalina
Connector URIEncoding=UTF-8 connectionTimeout=2
port=8080 protocol=HTTP/1.1 redirectPort=8443 /
Connector port=8009 protocol=AJP/1.3 redirectPort=8443 /
Engine defaultHost=localhost name=Catalina
Host appBase=wtpwebapps autoDeploy=true
name=localhost unpackWARs=true xmlNamespaceAware=false
xmlValidation=false
Valve className=org.apache.catalina.valves.AccessLogValve
directory=logs pattern=common prefix=access_log.
resolveHosts=false suffix=.txt /
/Host
/Engine
/Service
/Server

Thank you,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Pid p...@pidster.com
 
 On 12/2/10 12:34 PM, Justin Case wrote:
  Error is fine, as  long it's a 404 (and not this enigmatic 400)...
 
 400 isn't enigmatic and  /is/ an error.  ;)

It IS an error indeed, but we're not talking about throwing just ANY random 
error number here :) 

400 is a specific error which to my untrained eye has absolutely nothing to do 
with the fact that under the named context there's no application deployed. 
That's why a 404 would have sent me much sooner in the right direction - 
resource not found, instead of trying endlessly to play with the request 
headers 
and the HTTP protocol details. But maybe it's just me.

 I'd suggest you make a simple empty  ROOT app.  Tomcat will then serve
 404s for missing URLs.  You could  also customise the 404 response page
 to suit.

Yeah I probably will do that - but I will still regard it as a dirty hack...

Otherwise thanks a lot for your support, I was obviously misunderstanding what 
the Path parameter of the Context is expected to do. Now I know what I have to 
change. Or I think so at least. Back to the drawing board.

Thanks a lot to you all gals/guys,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: GET and POST data in same request

2010-12-02 Thread Justin Randall

GET and POST are HTTP verbs/operations.

It is impossible to have a combo GET/POST.  Which ever verb is specified in the 
HTTP headers is what will control whether doGet or doPost is called.

You are correct that GET and POST reference data differently, however they are 
actions and not areas of data in an HTTP request.

Regards,

Justin

--Original Message--
From: Larry
To: users
ReplyTo: Tomcat Users List
Subject: GET and POST data in same request
Sent: Dec 2, 2010 17:21

Hello,

I need to have an apache mod_rewrite pass a request ( which contains
POST data ) along to my servlet with some GET parameters.

I think when Tomcat sees the GET params, it invokes my servlet's doGet
( which annihilates my POST data ).

I need to be able to access both the GET data from the request URL and
the POST data from the body.

Is this possible? Maybe its not tomcat's fault ;)

Any insight is welcome, thanks.

-Larry

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




Sent from my BlackBerry device

Re: automatic deployment without server.xml - bad request

2010-12-02 Thread Justin Case

 From: Pid p...@pidster.com
 
 On 12/2/10 10:24 PM, Justin Case wrote:
  Yeah I probably will do that -  but I will still regard it as a dirty 
hack...
 
 A ROOT app should be  mandatory.

It's not - yet :) so I'm all legal without. But what do you think about the 400 
error? Is it really appropriate as answer in this setup? And is it really my 
particular need to write an application only to convert the 400 into 404? I'm 
just surprised...
...or maybe I should consider whether my application can be both root AND 
answer 
to the context...

Cheers,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

automatic deployment without server.xml - bad request

2010-12-01 Thread Justin Case

Hello all,

I'm on Tomcat 6.0.29 in Windows (XP or server 2003, same) and I'm trying to get 
an application to deploy automatically without putting it in server.xml - as 
the 
documentation strongly recommends. 


Just to note, if I put the context setting in server.xml like this all works 
fine.

Host appBase=wtpwebapps autoDeploy=false 
deployOnStartup=false
name=localhost unpackWARs=true xmlNamespaceAware=false
xmlValidation=false
Valve className=org.apache.catalina.valves.AccessLogValve
directory=logs pattern=common prefix=access_log.
resolveHosts=false suffix=.txt /
Context docBase=com.mycompany.myapp path=/myapp
reloadable=true override=true
Manager pathname= /
Resource name=hibernate/MySessionFactory auth=Container
type=org.hibernate.SessionFactory

factory=com.mycompany.myapp.HibernateSessionFactoryTomcatFactory
configuration=hibernate.cfg.xml /
/Context
/Host

If I remove the context from server.xml and place a context.xml in my app's 
META-INF, then enable the two deploy params, the deployment happens succesfully 
- that's what the console says at least. The application even starts ok, I can 
see the logging of my classes.
BUT!
Each request to the application will throw immediately a HTTP error 400 - bad 
request. Funny enough, this error will not even be logged anywhere, even when I 
enabled debug logging in Tomcat! (and got 100M of logs which I searched 
through). No record of the 400 whatsoever, while I can confirm the Host header 
IS there - I see it in Firebug (and with the other context it works anyway).

What I see different is that the Tomcat's work directory, the 
work/Catalina/localhost/com.mycomp.myapp directory it created automatically at 
startup is and stays EMPTY. Now normally there should be the compiled JSP's 
right? So there's SOMETHING not ok about this automatic deployment, and I'm 
unable to figure out what it is. There was in May an interesting discussion 
thread on this list called Misunderstanding deployOnStartup actions, but that 
guy also ended up using server.xml so... I only see advice like your config is 
wrong to start with, which might be very true (otherwise one wouldn't be 
posting), but I wasn't able to see anywhere sampled a CORRECT config.

Thanks A LOT for any hints/samples/links,
JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: automatic deployment without server.xml - bad request

2010-12-01 Thread Justin Case

First of all, thanks for your long answer.



 Please read (carefully), the following  documentation:

Exactly from there I got the approach of Copy unpacked directory hierarchy

 Your docBase would only work if you have a directory 
 $CATALINA_BASE/com.mycompany.myapp.

It works actually, only gives the (expected) warning that it will be ignored. 
But you're right, normally I removed it when switched to context.xml (didn't 
mention in my message as I thought it unimportant)

 2. remove the path attribute from  your Context
 Rename your WAR file to myapp.war. Tomcat will correctly  infer the path

I'm not using a war but the unpacked approach. Nevertheless, interesting - the 
automatic deployment section doesn't mention this inference and I was always 
wondering.

 3. Place myapp.war in $CATALINA_BASE/webapps
 Tomcat  (by default) will unpack and deploy your application

...and will it compile the JSPs as well? Because that was my original problem...

 4. Remove the  Manager node from your Context.
 The Manager node relates to managing HTTP  Sessions. The Hibernate sessions 
 relate to Hibernate units of  work.

Yes but the Manager =  should be used, according to Google, to avoid 
serializing the HTTP sessions - a previously bothering situation. I think I'll 
keep it :)

 5.  Remove the Resource node from your Context.
 6. Place the  hibernate.cfg.xml file where it will be packaged in 
 WEB-INF/classes.

Hibernate.cfg.xml is there already... I'll try removing the Resource but I 
remember needing to put it there as well (used in some filters) - I might be 
wrong here.

 7. Use a ServletContextListener  to get a Hibernate SessionFactory.

I'll try this too.

 that  utility class in a listener. I can then attach logging and MBeans to 
 the 

 listener.

No beans here :)

So, bottom line: great tips thank you! I will try them all. I'm honestly not 
sure whether they relate to my problem, though...

JC



  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: what is it doing ?

2010-10-19 Thread Justin Randall


Hello,

From a general Linux perspective, if you have a knowledge of Linux system 
calls, along with what operations are performed by which web application you 
could use strace (use the -f to follow threads).  Depending on what you're 
interested in you can filter further for operations on files or network 
activity (i.e. -e trace=file,network,desc).  If you see a lot of erroneous 
activity (such as constantly trying to open/stat a file that doesn't exist) 
and you know which web app (or Tomcat) is responsible you can address the 
issue.

You could also check top to see whether the CPU is being consumed in usr or 
sys space, along with whether maybe the memory on your system is maxed out 
(trigger high CPU load transfer data between RAM and swap space).

Regards,

Justin Randall

 Date: Tue, 19 Oct 2010 17:40:17 +0200
 From: a...@ice-sa.com
 To: users@tomcat.apache.org
 Subject: what is it doing ?
 
 Hi.
 
 I have a Linux system like so :
 
 Linux arthur 2.6.26-2-686 #1 SMP Mon Aug 30 07:01:57 UTC 2010 i686 GNU/Linux
 
 with a tomcat like so :
 
 Using CATALINA_BASE:   /usr/share/tomcat5.5
 Using CATALINA_HOME:   /usr/share/tomcat5.5
 Using CATALINA_TMPDIR: /usr/share/tomcat5.5/temp
 Using JRE_HOME:   /usr/lib/jvm/java-1.5.0-sun
 Server version: Apache Tomcat/5.5
 Server built:   Oct 15 2008 12:57:44
 Server number:  5.5.26.0
 OS Name:Linux
 OS Version: 2.6.26-2-686
 Architecture:   i386
 JVM Version:1.5.0_22-b03
 JVM Vendor: Sun Microsystems Inc.
 
 (Java JDK installed)
 
 and where night and day, tomcat seems to be using a fair amount of CPU time, 
 like so :
 
PID USER  PR  NI  VIRT  RES  SHR S %CPU %MEMTIME+  COMMAND
   2901 tomcat55  20   0  459m 285m  16m S   13 32.3 354:39.13 java
 
 although by all means, it should not be doing that much sometimes.
 
 How can I figure out what it is actually doing ?
 I mean, which is the easiest standard tool or procedure not requiring a 
 degree in quantum 
 physics, and which could give me at least a rough idea of which webapp or 
 internal tomcat 
 process is keeping that CPU busy all the time ?
 
 I have a nagging feeling that someone is going to tell me to take thread 
 dumps.  If so, 
 maybe they would also kindly point out a place where I could find some 
 instructions as to 
 how to interpret such a thing ?
 
 Thanks
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

RE: what is it doing ?

2010-10-19 Thread Justin Randall


One more thing, aside from checking whether the CPU consumed is usr or sys you 
may also want to lookup at iowait (a.k.a wa).  This would indicate the CPU is 
busy waiting for IO operations to complete (potentially a slow disk or storage 
device).

Regards,

Justin Randall

 From: ran...@hotmail.com
 To: users@tomcat.apache.org
 Subject: RE: what is it doing ?
 Date: Tue, 19 Oct 2010 12:10:54 -0400
 
 
 Hello,
 
 From a general Linux perspective, if you have a knowledge of Linux system 
 calls, along with what operations are performed by which web application you 
 could use strace (use the -f to follow threads).  Depending on what you're 
 interested in you can filter further for operations on files or network 
 activity (i.e. -e trace=file,network,desc).  If you see a lot of erroneous 
 activity (such as constantly trying to open/stat a file that doesn't exist) 
 and you know which web app (or Tomcat) is responsible you can address the 
 issue.
 
 You could also check top to see whether the CPU is being consumed in usr or 
 sys space, along with whether maybe the memory on your system is maxed out 
 (trigger high CPU load transfer data between RAM and swap space).
 
 Regards,
 
 Justin Randall
 
  Date: Tue, 19 Oct 2010 17:40:17 +0200
  From: a...@ice-sa.com
  To: users@tomcat.apache.org
  Subject: what is it doing ?
  
  Hi.
  
  I have a Linux system like so :
  
  Linux arthur 2.6.26-2-686 #1 SMP Mon Aug 30 07:01:57 UTC 2010 i686 GNU/Linux
  
  with a tomcat like so :
  
  Using CATALINA_BASE:   /usr/share/tomcat5.5
  Using CATALINA_HOME:   /usr/share/tomcat5.5
  Using CATALINA_TMPDIR: /usr/share/tomcat5.5/temp
  Using JRE_HOME:   /usr/lib/jvm/java-1.5.0-sun
  Server version: Apache Tomcat/5.5
  Server built:   Oct 15 2008 12:57:44
  Server number:  5.5.26.0
  OS Name:Linux
  OS Version: 2.6.26-2-686
  Architecture:   i386
  JVM Version:1.5.0_22-b03
  JVM Vendor: Sun Microsystems Inc.
  
  (Java JDK installed)
  
  and where night and day, tomcat seems to be using a fair amount of CPU 
  time, like so :
  
 PID USER  PR  NI  VIRT  RES  SHR S %CPU %MEMTIME+  COMMAND
2901 tomcat55  20   0  459m 285m  16m S   13 32.3 354:39.13 java
  
  although by all means, it should not be doing that much sometimes.
  
  How can I figure out what it is actually doing ?
  I mean, which is the easiest standard tool or procedure not requiring a 
  degree in quantum 
  physics, and which could give me at least a rough idea of which webapp or 
  internal tomcat 
  process is keeping that CPU busy all the time ?
  
  I have a nagging feeling that someone is going to tell me to take thread 
  dumps.  If so, 
  maybe they would also kindly point out a place where I could find some 
  instructions as to 
  how to interpret such a thing ?
  
  Thanks
  
  -
  To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
  For additional commands, e-mail: users-h...@tomcat.apache.org

RE: j_security_check with https

2009-01-07 Thread Justin Randall


Hello,

I'm not going to bother responding to the many posts that said the solution I 
mentioned was wrong, instead I'll just provide the example of how to do it, 
since it works.



. lines removed .

package blah;

. lines removed .

public final class SomeFilterClass implements Filter {

. lines removed .

public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse rsp = (HttpServletResponse) response;
rsp.sendRedirect(req.getRequestURI());
filterChain.doFilter(request, response);
}

. lines removed .

}
=

And below is what the web.xml looks like:

=

 lines removed .

  filter
  filter-nameSomeFilterClass/filter-name
  filter-classblah.SomeFilterClass/filter-class
  /filter
  filter-mapping
  filter-nameSomeFilterClass/filter-name
  url-pattern/ssl/*/url-pattern
  dispatcherFORWARD/dispatcher
  dispatcherINCLUDE/dispatcher
  dispatcherERROR/dispatcher
  /filter-mapping

. lines removed .

  security-constraint
  web-resource-collection
  web-resource-nameRequiresLogin/web-resource-name
  url-pattern/html/*/url-pattern
  /web-resource-collection
  auth-constraint
  role-namesomerole/role-name
  /auth-constraint
  /security-constraint
  
  security-constraint
  web-resource-collection
  web-resource-nameRequiresSSL/web-resource-name
  url-pattern/ssl/*/url-pattern
  /web-resource-collection
  user-data-constraint
  transport-guaranteeCONFIDENTIAL/transport-guarantee
  /user-data-constraint
  /security-constraint
  
  security-role
  role-namesomerole/role-name
  /security-role
  
  login-config
  auth-methodFORM/auth-method
  form-login-config
  form-login-page/ssl/login.jsp/form-login-page
  form-error-page/ssl/login-error.jsp/form-error-page
  /form-login-config
  /login-config

. lines removed .

=

Of course you'll need to change the login/security constraint URLs and role 
name to match those in your environment.

For anyone who stated the earlier statements were incorrect, I encourage you to 
provide another better working example.  This one works for me and is used by 
other industry professionals.

Regards,

Justin

Here is an example:

 Date: Wed, 7 Jan 2009 09:35:33 +0100
 From: rc4...@googlemail.com
 To: users@tomcat.apache.org
 Subject: Re: j_security_check with https
 
 Hi Justin,
 
 On Wed, Jan 7, 2009 at 4:13 AM, Justin Randall ran...@hotmail.com wrote:
 
  Create a Filter subclass with the sole purpose of having its doFilter 
  method call sendRedirect on the HttpServletResponse object.  Map this 
  Filter to the same URL pattern you use for SSL and make sure to use the 
  dispatcher tags for FORWARD, INCLUDE, ERROR, and whatever other 
  RequestDispatcher operations you want to ensure use SSL.
 
 
 You've got any example using this solution?
 
 Gregor
 -- 
 just because your paranoid, doesn't mean they're not after you...
 gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 

_
Keep in touch and up to date with friends and family. Make the connection now.
http://www.microsoft.com/windows/windowslive/

RE: j_security_check with https

2009-01-06 Thread Justin Randall


Howdy,

First, to clear an incorrect point made...

There is a point of switching back to HTTP after HTTPS.  From a server load 
perspective having to perform SSL computations for every single HTTP request 
can be a serious performance bottleneck.  As for the security aspect, 
transmission of the username/password should be done over HTTPS, as this is 
considered private/confidential data and can be used to establish future 
authenticated sessions, however unless you are in a location where 
eavesdropping attacks are a risk, there is no need for encryption as the 
session ID is either a hashed string in a cookie, or the servlet is making use 
of URL re-writing, both of which are only temporary passes until the 
HttpSession has been invalidated.

Second, to answer the question regarding actions redirect to HTTP...

The reason the redirects are not going to HTTPS is because of the 
RequestDispatcher.  When Tomcat sees that you are trying to access a resource 
for which login is required, it FOWARDs the request to the login form.  The 
security constraints defined in web.xml are for when requests are made directly 
for those resources.  What this means is that your configuration to make sure 
that the login pages use SSL only come into affect when the browser requests 
them directly.  Requests that have been FORWARDed by the RequestDispatcher 
totally bypass the SSL constraints.

What is the solution?

Create a Filter subclass with the sole purpose of having its doFilter method 
call sendRedirect on the HttpServletResponse object.  Map this Filter to the 
same URL pattern you use for SSL and make sure to use the dispatcher tags for 
FORWARD, INCLUDE, ERROR, and whatever other RequestDispatcher operations you 
want to ensure use SSL.

Hope this helps.

Justin

 Date: Tue, 6 Jan 2009 19:01:24 -0200
 From: diegogus...@gmail.com
 To: users@tomcat.apache.org
 Subject: Re: j_security_check with https
 
 this didnt work
 
 security-constraint
 
   web-resource-collection
   
   web-resource-nameUsuario/web-resource-name  
   url-pattern/login/*/url-pattern
   http-methodPOST/http-method
   http-methodGET/http-method  
 
   /web-resource-collection
   user-data-constraint
   
 transport-guaranteeCONFIDENTIAL/transport-guarantee
   /user-data-constraint
 
   /security-constraint
 
 if i try myAPP/login/login.jsp  work, but when i try an action and
 has restrict access, and havent user logged, tomcat redirect to login
 page with http !!!
 
 2009/1/6 Caldarale, Charles R chuck.caldar...@unisys.com:
  From: Diego Armando Gusava [mailto:diegogus...@gmail.com]
  Subject: Re: j_security_check with https
 
  when u login, your username and password will be transport https, but
  after that, you are in http! u dont need https because, you are only
  reading messages(emails)
 
  And what does that have to do with the behavior of a servlet container?
 
   - Chuck
 
 
  THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
  MATERIAL and is thus for use only by the intended recipient. If you 
  received this in error, please contact the sender and delete the e-mail and 
  its attachments from all computers.
 
  -
  To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
  For additional commands, e-mail: users-h...@tomcat.apache.org
 
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 

_
Keep in touch and up to date with friends and family. Make the connection now.
http://www.microsoft.com/windows/windowslive/

RE: Form Based Authenticattion - j_security_check does not redirect from http to https

2008-12-09 Thread Justin Randall


Hello,

Have you tried adding j_security_check to your web.xml for patterns which 
should be redirected to SSL?

Regards,

Justin

 Date: Tue, 9 Dec 2008 00:17:36 -0800
 From: [EMAIL PROTECTED]
 To: users@tomcat.apache.org
 Subject: Form Based Authenticattion - j_security_check does not redirect from 
 http to https
 
 
 Hi,
 
  
 
 I am using Apache Tomcat Version 5.5.2. I am running it on Windows XP
 Professional Service Pack 2.
 
  
 
 I have a form based authentication for my application:
 
  
 
 […]
 
 login-config
 
   auth-methodFORM/auth-method
 
   realm-nameAuthentication Area/realm-name
 
   form-login-config
 
 form-login-page/login.jsp/form-login-page
 
 form-error-page/login.jsp?action=error/form-error-page
 
   /form-login-config 
 
 /login-config
 
 […]
 
  
 
  
 
 Also, I have redirected all my requests for port-80 to port-443. So,
 whenever I try to open a page in http, it automatically gets redirected to
 https. This is working fine for all the pages. 
 
  
 
 Except, when I open the http://localhost/APP_NAME/j_security_check page it
 does not get redirected and stays on http. This is the only page showing
 this deviation in behavior.
 
 For example, the http://localhost/APP_NAME/security_check page gets
 redirected to https, and the same goes for my login page and all other pages
 in my app.
 
  
 
 Is this a known issue or is there a configuration that I am unaware of.
 
  
 
 Thanks a lot.
 
 
 -- 
 View this message in context: 
 http://www.nabble.com/Form-Based-Authenticattion---j_security_check-does-not-redirect-from-http-to-https-tp20910454p20910454.html
 Sent from the Tomcat - User mailing list archive at Nabble.com.
 
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 

_

RE: Form Based Authenticattion - j_security_check does not redirect from http to https

2008-12-09 Thread Justin Randall


Hi again,

I thought about this a little more and I think what you're experiencing might 
be as a result of the RequestDispatcher.

When the RequestDispatcher fowards to a URL resource, it overrides the 
SSL/Authentication constraints you have setup.  There is a way of getting 
around this (which also adds an additional layer of maintenance programming 
security in your code) by using Filters.

Basically, in your web.xml you define a filter for your SSL protected pages:

  filter
  filter-nameMyFilterClass/filter-name
  filter-classmy.package.MyFilterClass/filter-class
  /filter
  filter-mapping
  filter-nameMyFilterClass/filter-name
  url-pattern/ssl/*/url-pattern
  dispatcherFORWARD/dispatcher
  dispatcherINCLUDE/dispatcher
  dispatcherERROR/dispatcher
  /filter-mapping

Below is a sample implementation of the doFilter that takes care of the 
redirecting:

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain arg2) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse rsp = (HttpServletResponse) response;
rsp.sendRedirect(req.getRequestURI());
}

I hope this helps!

Justin

 From: [EMAIL PROTECTED]
 To: users@tomcat.apache.org
 Subject: RE: Form Based Authenticattion - j_security_check does not redirect 
 from http to https
 Date: Tue, 9 Dec 2008 03:28:10 -0500
 
 
 Hello,
 
 Have you tried adding j_security_check to your web.xml for patterns which 
 should be redirected to SSL?
 
 Regards,
 
 Justin
 
  Date: Tue, 9 Dec 2008 00:17:36 -0800
  From: [EMAIL PROTECTED]
  To: users@tomcat.apache.org
  Subject: Form Based Authenticattion - j_security_check does not redirect 
  from http to https
  
  
  Hi,
  
   
  
  I am using Apache Tomcat Version 5.5.2. I am running it on Windows XP
  Professional Service Pack 2.
  
   
  
  I have a form based authentication for my application:
  
   
  
  […]
  
  login-config
  
auth-methodFORM/auth-method
  
realm-nameAuthentication Area/realm-name
  
form-login-config
  
  form-login-page/login.jsp/form-login-page
  
  form-error-page/login.jsp?action=error/form-error-page
  
/form-login-config 
  
  /login-config
  
  […]
  
   
  
   
  
  Also, I have redirected all my requests for port-80 to port-443. So,
  whenever I try to open a page in http, it automatically gets redirected to
  https. This is working fine for all the pages. 
  
   
  
  Except, when I open the http://localhost/APP_NAME/j_security_check page it
  does not get redirected and stays on http. This is the only page showing
  this deviation in behavior.
  
  For example, the http://localhost/APP_NAME/security_check page gets
  redirected to https, and the same goes for my login page and all other pages
  in my app.
  
   
  
  Is this a known issue or is there a configuration that I am unaware of.
  
   
  
  Thanks a lot.
  
  
  -- 
  View this message in context: 
  http://www.nabble.com/Form-Based-Authenticattion---j_security_check-does-not-redirect-from-http-to-https-tp20910454p20910454.html
  Sent from the Tomcat - User mailing list archive at Nabble.com.
  
  
  -
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]
  
 
 _
 

_

RE: Form Based Authenticattion - j_security_check does not redirect from http to https

2008-12-09 Thread Justin Randall


Hello,

Are you using other filters?

If you are you will need the method to look like the below:

public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse rsp = (HttpServletResponse) response;
rsp.sendRedirect(req.getRequestURI());
filterChain.doFilter(request, response);
}

However, from the looks of your stack trace the problem is with your 
login.jsp?action=error page.  You need to review your code to figure out 
where and how it is trying to create an HttpSession (presumably in the login 
error page) after a failed login attempt.

Regards,

Justin

 Date: Tue, 9 Dec 2008 02:29:53 -0800
 From: [EMAIL PROTECTED]
 To: users@tomcat.apache.org
 Subject: RE: Form Based Authenticattion - j_security_check does not redirect 
 from http to https
 
 
 
 Justin Randall-5 wrote:
  
  
  Hi again,
  
  I thought about this a little more and I think what you're experiencing
  might be as a result of the RequestDispatcher.
  
  When the RequestDispatcher fowards to a URL resource, it overrides the
  SSL/Authentication constraints you have setup.  There is a way of getting
  around this (which also adds an additional layer of maintenance
  programming security in your code) by using Filters.
  
  Basically, in your web.xml you define a filter for your SSL protected
  pages:
  
filter
filter-nameMyFilterClass/filter-name
filter-classmy.package.MyFilterClass/filter-class
/filter
filter-mapping
filter-nameMyFilterClass/filter-name
url-pattern/ssl/*/url-pattern
dispatcherFORWARD/dispatcher
dispatcherINCLUDE/dispatcher
dispatcherERROR/dispatcher
/filter-mapping
  
  Below is a sample implementation of the doFilter that takes care of the
  redirecting:
  
  public void doFilter(ServletRequest request, ServletResponse response,
  FilterChain arg2) throws IOException, ServletException {
  HttpServletRequest req = (HttpServletRequest) request;
  HttpServletResponse rsp = (HttpServletResponse) response;
  rsp.sendRedirect(req.getRequestURI());
  }
  
  
 
 
 I tried this but I got the following exception and the j_security_check page
 on http doesn't get redirected:
 
 java.lang.IllegalStateException: Cannot create a session after the response
 has been committed
   at org.apache.catalina.connector.Request.doGetSession(Request.java:2221)
   at org.apache.catalina.connector.Request.getSession(Request.java:2031)
   at
 org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:832)
   at
 javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:216)
   at
 org.apache.catalina.core.ApplicationHttpRequest.getSession(ApplicationHttpRequest.java:545)
   at
 org.apache.catalina.core.ApplicationHttpRequest.getSession(ApplicationHttpRequest.java:494)
   at
 org.apache.jasper.runtime.PageContextImpl._initialize(PageContextImpl.java:136)
   at
 org.apache.jasper.runtime.PageContextImpl.initialize(PageContextImpl.java:113)
   at
 org.apache.jasper.runtime.JspFactoryImpl.internalGetPageContext(JspFactoryImpl.java:105)
   at
 org.apache.jasper.runtime.JspFactoryImpl.getPageContext(JspFactoryImpl.java:62)
   at org.apache.jsp.login_jsp._jspService(login_jsp.java:33)
   at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
   at
 org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
   at 
 org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
   at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
   at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
   at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
   at com.solidcore.bl.servlet.TagFilter.doFilter(TagFilter.java:110)
   at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
   at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
   at
 org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:691)
   at
 org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:469)
   at
 org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:403)
   at
 org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
   at
 org.apache.catalina.authenticator.FormAuthenticator.forwardToErrorPage(FormAuthenticator.java:337

RE: Tomcat 6.0.18 Servlet Loading/Reloading

2008-12-04 Thread Justin Randall


Hi Chuck,

Thanks for the response.  I guess perhaps I was not clear enough in my 
configuration or description of the issue.

Each Servlet in the application has load-on-startupX/load-on-startup where 
X represents the numeric order in which I've assigned them to start.

Also what I did mention previously is that init is NOT called when I browse 
to the URI, however the Servlet is loaded as my System.out.println statements 
in doGet/doPost  are being output to catalina.out and they also show that 
init was never called (by checking parameters that should have been 
initialized by init.

Lastly, the reason I say init' methods is that there IS more than one, and 
Tomcat calls both of them when initializing a Servlet.  If you think this is 
incorrect, make sure to @Override both init and init(ServletConfig config) 
and have different logging statements.  You will see both of them being 
executed when Tomcat loads the Servlet.

I hope this helps better clarify the situation.

Justin.

 From: [EMAIL PROTECTED]
 To: users@tomcat.apache.org
 Date: Wed, 3 Dec 2008 20:46:50 -0600
 Subject: RE: Tomcat 6.0.18 Servlet Loading/Reloading
 
  From: Justin Randall [mailto:[EMAIL PROTECTED]
  Subject: RE: Tomcat 6.0.18 Servlet Loading/Reloading
 
  Basically when I restart Tomcat, it doesn't call any of the
  init methods of the Servlet
 
 Unless you have load-on-startup set for the servlet in your webapp's 
 WEB-INF/web.xml, that is correct behavior for a Tomcat restart.  The init() 
 method (there can only be one per servlet) should be called upon first 
 reference to a URL that matches a url-pattern element inside one of your 
 servlet-mapping elements.  If load-on-startup is set, the init() method 
 will be called at Tomcat restart for each such servlet.
 
  however all of the initialization which was to be
  performed by the init methods was never done.
 
 You keep using the word methods when there is only one init() method for a 
 given servlet; why is that?
 
  When I copy the existing war file from the webapps directory
  to another location, update the modify timestamp and then
  move it back into the webapps directory, the init methods
  are then called and the application works properly.
 
 This is also correct behavior for initial or re-deployment.  Although the 
 spec doesn't require it, Tomcat calls the init() methods to verify webapp 
 viability at these times.
 
  - Chuck
 
 
 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
 MATERIAL and is thus for use only by the intended recipient. If you received 
 this in error, please contact the sender and delete the e-mail and its 
 attachments from all computers.
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 

_

Tomcat 6.0.18 Servlet Loading/Reloading

2008-12-03 Thread Justin Randall


Hello,

I have a very strange issue with Tomcat 6.0.18 and I'm not sure what 
information to provide to help debug further.

I have an installation of Tomcat 6.0.18 which fails to properly initialize 
servlets upon restart. If I deploy a new application.war file while Tomcat is 
running (even if it is the same war file with different modify timestamp) 
everything loads up just fine.  Below are the system details:

  - Tomcat: Tomcat version 6.0.18 with APR 1.1.14
  - Java: JDK 1.6u10
  - RedHat Enteprise Linux 5

It seems that Servlet X, for example, does load to a point, because it returns 
a value, however the log4j subsystem is not initialized at all (providing me 
with no debug info at all) and catalina.out/err show no signs of trouble.  
Below is a snippet of restarting Tomcat.

=
Dec 3, 2008 7:08:36 PM org.apache.coyote.http11.Http11AprProtocol pause
INFO: Pausing Coyote HTTP/1.1 on http-80
Dec 3, 2008 7:08:37 PM org.apache.catalina.core.StandardService stop
INFO: Stopping service Catalina
Dec 3, 2008 7:08:37 PM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: contextDestroyed()
Dec 3, 2008 7:08:37 PM org.apache.catalina.core.ApplicationContext log
INFO: ContextListener: contextDestroyed()
Dec 3, 2008 7:08:37 PM org.apache.coyote.http11.Http11AprProtocol destroy
INFO: Stopping Coyote HTTP/1.1 on http-80
Dec 3, 2008 7:08:43 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.14.
Dec 3, 2008 7:08:43 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], 
random [true].
Dec 3, 2008 7:08:43 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-80
Dec 3, 2008 7:08:43 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 562 ms
Dec 3, 2008 7:08:43 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Dec 3, 2008 7:08:43 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.18
Dec 3, 2008 7:08:44 PM org.apache.catalina.core.ApplicationContext log
INFO: ContextListener: contextInitialized()
Dec 3, 2008 7:08:44 PM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: contextInitialized()
Dec 3, 2008 7:08:44 PM org.apache.coyote.http11.Http11AprProtocol start
INFO: Starting Coyote HTTP/1.1 on http-80
Dec 3, 2008 7:08:44 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1432 ms
AbandonedObjectPool is used ([EMAIL PROTECTED])
   LogAbandoned: false
   RemoveAbandoned: true
   RemoveAbandonedTimeout: 60
=

Then once I move a new .war file into the webapps directory:

=
Dec 3, 2008 7:20:25 PM org.apache.catalina.startup.HostConfig checkResources
INFO: Undeploying context [/thewebapplication]
Dec 3, 2008 7:20:25 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive thewebapplication.war
=

Has anyone else ever experienced this before and can provide some help?

Kind regards,

Justin

_

RE: Tomcat 6.0.18 Servlet Loading/Reloading

2008-12-03 Thread Justin Randall


I've been doing some more testing and added a bunch of System.out.println 
statements to the init, init(ServletConfig), and doPost/doGet methods so 
that I could see what my application was doing without log4j initialized.

Basically when I restart Tomcat, it doesn't call any of the init methods of 
the Servlet, however it does load it partially.  When I actually browse to the 
URL of the Servlet, I can see my System.out.println statements being output 
to catalina.out, however all of the initialization which was to be performed by 
the init methods was never done.

When I copy the existing war file from the webapps directory to another 
location, update the modify timestamp and then move it back into the webapps 
directory, the init methods are then called and the application works 
properly.


 From: [EMAIL PROTECTED]
 To: users@tomcat.apache.org
 Subject: Tomcat 6.0.18 Servlet Loading/Reloading
 Date: Wed, 3 Dec 2008 19:22:15 -0500
 
 
 Hello,
 
 I have a very strange issue with Tomcat 6.0.18 and I'm not sure what 
 information to provide to help debug further.
 
 I have an installation of Tomcat 6.0.18 which fails to properly initialize 
 servlets upon restart. If I deploy a new application.war file while Tomcat is 
 running (even if it is the same war file with different modify timestamp) 
 everything loads up just fine.  Below are the system details:
 
   - Tomcat: Tomcat version 6.0.18 with APR 1.1.14
   - Java: JDK 1.6u10
   - RedHat Enteprise Linux 5
 
 It seems that Servlet X, for example, does load to a point, because it 
 returns a value, however the log4j subsystem is not initialized at all 
 (providing me with no debug info at all) and catalina.out/err show no signs 
 of trouble.  Below is a snippet of restarting Tomcat.
 
 =
 Dec 3, 2008 7:08:36 PM org.apache.coyote.http11.Http11AprProtocol pause
 INFO: Pausing Coyote HTTP/1.1 on http-80
 Dec 3, 2008 7:08:37 PM org.apache.catalina.core.StandardService stop
 INFO: Stopping service Catalina
 Dec 3, 2008 7:08:37 PM org.apache.catalina.core.ApplicationContext log
 INFO: SessionListener: contextDestroyed()
 Dec 3, 2008 7:08:37 PM org.apache.catalina.core.ApplicationContext log
 INFO: ContextListener: contextDestroyed()
 Dec 3, 2008 7:08:37 PM org.apache.coyote.http11.Http11AprProtocol destroy
 INFO: Stopping Coyote HTTP/1.1 on http-80
 Dec 3, 2008 7:08:43 PM org.apache.catalina.core.AprLifecycleListener init
 INFO: Loaded APR based Apache Tomcat Native library 1.1.14.
 Dec 3, 2008 7:08:43 PM org.apache.catalina.core.AprLifecycleListener init
 INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], 
 random [true].
 Dec 3, 2008 7:08:43 PM org.apache.coyote.http11.Http11AprProtocol init
 INFO: Initializing Coyote HTTP/1.1 on http-80
 Dec 3, 2008 7:08:43 PM org.apache.catalina.startup.Catalina load
 INFO: Initialization processed in 562 ms
 Dec 3, 2008 7:08:43 PM org.apache.catalina.core.StandardService start
 INFO: Starting service Catalina
 Dec 3, 2008 7:08:43 PM org.apache.catalina.core.StandardEngine start
 INFO: Starting Servlet Engine: Apache Tomcat/6.0.18
 Dec 3, 2008 7:08:44 PM org.apache.catalina.core.ApplicationContext log
 INFO: ContextListener: contextInitialized()
 Dec 3, 2008 7:08:44 PM org.apache.catalina.core.ApplicationContext log
 INFO: SessionListener: contextInitialized()
 Dec 3, 2008 7:08:44 PM org.apache.coyote.http11.Http11AprProtocol start
 INFO: Starting Coyote HTTP/1.1 on http-80
 Dec 3, 2008 7:08:44 PM org.apache.catalina.startup.Catalina start
 INFO: Server startup in 1432 ms
 AbandonedObjectPool is used ([EMAIL PROTECTED])
LogAbandoned: false
RemoveAbandoned: true
RemoveAbandonedTimeout: 60
 =
 
 Then once I move a new .war file into the webapps directory:
 
 =
 Dec 3, 2008 7:20:25 PM org.apache.catalina.startup.HostConfig checkResources
 INFO: Undeploying context [/thewebapplication]
 Dec 3, 2008 7:20:25 PM org.apache.catalina.startup.HostConfig deployWAR
 INFO: Deploying web application archive thewebapplication.war
 =
 
 Has anyone else ever experienced this before and can provide some help?
 
 Kind regards,
 
 Justin
 
 _
 

_

Basic question on requiring a login

2008-06-11 Thread Justin Morgan - Logic Sector


Hi Tomcat users,

Maybe I'm not googling with the right keywords, but I can't seem to  
find a simple answer to this...


I have a standard Tomcat 6.0.10 installation (no Apache httpd front  
end or anything).  All the contents of the webapps directory have been  
removed, and a single web app has been deployed -- my root application  
(ROOT.war).  Very simple, and all's working great.


Here's the part I need help with:  Now I want Tomcat to require a  
login panel before anyone can access the application.


How to I get Tomcat to force a login panel when users access the root  
web app?  (Basically I'm looking for the same sort of functionality  
you get with Apache .htaccess files etc but without the extra  
complexity of integrating with Apache httpd).


Any tips or pointers greatly appreciated!  Thanks!

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: building mod_jk failing

2008-03-10 Thread Justin Vassallo

Hello,

 

I am trying to build mod_jk on Solaris 10 x86, which unfortunately is not
available in binary form.

 

I dlded Apache source and built using:

 $ PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin

 $ export PATH SH_LIBS

 $ ./configure --with-included-apr
--prefix=/usr/local/apache/httpd-2.2.8 --enable-so --enable-mods -shared=ssl
--enable-ssl --enable-module=rewrite --enable-shared=rewrite

 

I then dlded mod_jk source, cd native, then tried to build using the apxs
from the Apache i just built from source. I am getting a general error which
is not helping me to identify the problem.

 

Where can i look to get more information? thanks

 

# ./configure --with-apxs=/local/apache/apache2.2.8/bin/apxs

: bad interpreter: No such file or directory

 



smime.p7s
Description: S/MIME cryptographic signature

RE: building mod_jk failing

2008-03-10 Thread Justin Vassallo

Thank you that helped. I got gnumake installed and configure worked fine.
(had to chmod 700 configure and scripts/build/instdso.sh)

Now getting this warning, otherwise .so being created ok:

Warning!  dlname not found in
/local/home/ixops3/tomcat-connectors-1.2.26-src/tomcat-connectors-1.2.26-src
/native/apache-2.0/mod_jk.la.

However, apache is not liking it...
httpd: Syntax error on line 412 of
/local/apache/apache2.2.8/conf/httpd.conf: Cannot load
/local/apache/apache2.2.8/modules/mod_jk.so into server: ld.so.1: httpd:
fatal: /local/apache/apache2.2.8/modules/mod_jk.so: wrong ELF data format:
ELFDATA2MSB

Thanks - j
PS - it was Re since I had posted this before I became a user, and forwarded
once I joined

-Original Message-
From: Rainer Jung [mailto:[EMAIL PROTECTED] 
Sent: 10 March 2008 17:53
To: Tomcat Users List
Subject: Re: building mod_jk failing

Justin Vassallo wrote:
 Hello,
 
 I am trying to build mod_jk on Solaris 10 x86, which unfortunately is not
 available in binary form.
 
 I dlded Apache source and built using:
 
  $ PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin
 
  $ export PATH SH_LIBS
 
  $ ./configure --with-included-apr
 --prefix=/usr/local/apache/httpd-2.2.8 --enable-so --enable-mods
-shared=ssl
 --enable-ssl --enable-module=rewrite --enable-shared=rewrite
 
 I then dlded mod_jk source, cd native, then tried to build using the apxs
 from the Apache i just built from source. I am getting a general error
which
 is not helping me to identify the problem.
 
 Where can i look to get more information? thanks
 
 # ./configure --with-apxs=/local/apache/apache2.2.8/bin/apxs
 
 : bad interpreter: No such file or directory

Not sure, why your mail subject starts with Re:, I couldn't find any 
previous mails in this thread.

configure is a shell script. From the error I would guess, that you 
downloaded the zip source and not the tarball format. The zip file 
contains DOS files, so configure and many other files have DOS line 
endings and using those shell scripts gives an error, because /bin/sh^M 
is not an existing shell.

If I'm right about the zip download, simply choose the .tar.gz download, 
which should work. Are we talking about mod_jk 1.2.26?

Please also make sure, that you are using the make/gmake in /usr/sfw/bin 
and not the Solaris make in /usr/ccs/bin.

Regards,

Rainer

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



smime.p7s
Description: S/MIME cryptographic signature

Re: URL Redirects from Root?

2008-01-18 Thread Justin Stanczak

Yes, thank you. I think I seen this before, but forgot until you pointed it
out. Coo!

On Jan 18, 2008 12:58 PM, Hassan Schroeder [EMAIL PROTECTED]
wrote:

 On Jan 16, 2008 2:22 PM, Justin Stanczak [EMAIL PROTECTED] wrote:
  Anyone have suggestions on setting up redirect for the ROOT folder?

 http://tuckey.org/urlrewrite/ should take care of it :-)

 --
 Hassan Schroeder  [EMAIL PROTECTED]

 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-- 
All that is necessary for the triumph of evil is that good men do nothing.
- Edmund Burke

Re: URL Redirects from Root?

2008-01-18 Thread Justin Stanczak

Just bumping this. Not sure if it got through. I got an email error.

On Jan 16, 2008 5:22 PM, Justin Stanczak [EMAIL PROTECTED] wrote:

 Anyone have suggestions on setting up redirect for the ROOT folder? What I
 have is an old IIS server that I'm moving to Linux Tomcat. The IIS has all
 kinds of redirects. My first thought was to just create folders and
 index.jsp pages with a redirect tag, but is there a better way?

 --
 All that is necessary for the triumph of evil is that good men do
 nothing. - Edmund Burke




-- 
All that is necessary for the triumph of evil is that good men do nothing.
- Edmund Burke

URL Redirects from Root?

2008-01-16 Thread Justin Stanczak

Anyone have suggestions on setting up redirect for the ROOT folder? What I
have is an old IIS server that I'm moving to Linux Tomcat. The IIS has all
kinds of redirects. My first thought was to just create folders and
index.jsp pages with a redirect tag, but is there a better way?

-- 
All that is necessary for the triumph of evil is that good men do nothing.
- Edmund Burke

upgrade to 5.5.25 causes java permissions issues

2007-11-13 Thread Justin Kennedy


HI,

I upgraded from 5.5.15 to 5.5.25 and now I'm getting errors relating to 
java security (I'm using security manager). It appears as if my 
catalina.policy is not longer being recognized, because I have clearly 
outlined the permissions for the webapps, like 
java.lang.RuntimePermission setContextClassLoader etc..., but I get 
access denied errors for all my existing permissions.


Has the security configuration changed at all?

Thanks

--
Justin Kennedy
Maritime Source, Inc.
http://maritimesource.ca
506-696-1564


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Sessions counter on Web Application Manager

2007-08-27 Thread Justin Madex

Good Afternoon,

I recently took note of the Sessions counter on the Tomcat Web 
Application Manager for one of the applications that i have deployed to 
the server and the fact that the counter never decreases until the session 
times out.

Despite the fact that my application calls Session.invalidate when the 
user logs out, the session counter never decreases.

Could anyone give me some information around this counter and why it 
doesnt decrease when you invalidate the session.

Thanks 

Kind Regards

Justin Madex

Re: Replying to threads

2006-11-09 Thread Justin Jaynes

Well, I suppose it depends on your email client.  But on almost all clients, 
open the message (or thread response which you wish to add to) and click the 
'Reply' button in your email client.  Then write your response to the dialog 
occuring, and click send.

Of course you have to be a member of the group.  But since you got this message 
sent to the list, you are.  So go ahead and try respond to this message.

Justin

- Original Message 
From: Andrew Friebel [EMAIL PROTECTED]
To: users@tomcat.apache.org
Sent: Thursday, November 9, 2006 6:53:56 PM
Subject: Replying to threads

This is going to seem like a real stupid question, but there seems to be
no obvious way for me to reply to responses on threads.  I have tried to
use users-help and users-info email addresses to get this information,
but they keep giving me automatic responses.
 
How do I reply to a given thread?
 
Regards,
Andrew






-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Include Directive Misbehaving: Feedback for Mark Thomas

2006-11-08 Thread Justin Jaynes

Mark Thomas,

To start on a positive note, I 've never found an open source project with
real help as accessable, as reliable, as knowledgeable, or as patient as I
have with Tomcat.  I have access to amazing
support/discussion groups, with immediate communications to developers and
document writers.  It's better than any product I've ever paid for.


I know you spend a LOT of time with end users.  Thanks a million.  You really 
make tomcat work for us.

With your pointers I've been able to glean the info I needed and I've fixed my 
problem.

I don't think there is any wrong info on the doc pages.  But either I am not 
seeing everything there is to read, or there is a lack of explanation about 
contexts.  I mean, really, I've been using tomcat for a few years and I learned 
the whole thing alone.  Just me, a book, tomcat, and this list (I guess that's 
not really alone).  And frankly, there is no reasonable explanation of what a 
context is.  I feel like the documentation might be assuming I know more than I 
do.  Me and anybody else who has very few resources to become introduced to 
tomcat.

Where am I looking on the site?  Well, I go to the tomcat page and click 
Configuration in the Reference section of links.  I click on Context under the 
Containters section of links.

The definition of a context there is VERY VAGUE.  And although it lists the 
elements of a context, it gives NO EXAMPLES and no explanation of how to create 
a context, and what a context does.  It says what a context is, but not what it 
does.

Please consider revising the context page to make it clearer.  If I had a 
firmer understanding, I would volunteer a revision myself.

Justin



- Original Message 
From: Mark Thomas [EMAIL PROTECTED]
To: Tomcat Users List users@tomcat.apache.org
Sent: Tuesday, November 7, 2006 10:27:38 PM
Subject: Re: Include Directive Misbehaving

Justin Jaynes wrote:
 Oh snap!  That's exactly what's happening.  Can you point me to a good 
 document that expalins how to set up contexts?  I've got everything set up 
 exactly as you described.

 Any good reading for a comprehensive (or even rudimetry) understanding would 
 be greatly appreciated.
The on-line docs should have what you need. If we can id places where
changes are needed then I'll get them incorporated.

 If you can explain it in a reasonable length that is appropriate to this 
 forum (and convenient to your time), it would also be greatly appreciated.
The short version is:
- a context's docBase should never be the same as a host's appBase

A suitable directory structure for multiple hosts could be:
$CATALINA_HOME\host1-webapps  - Host1 appBase
$CATALINA_HOME\host1-webapps\ROOT - Default context for Host1
$CATALINA_HOME\host1-webapps\app1 - Application on Host1
$CATALINA_HOME\host1-webapps\app2 - Application on Host1
$CATALINA_HOME\host2-webapps  - Host2 appBase
$CATALINA_HOME\host2-webapps\ROOT - Default context for Host2
$CATALINA_HOME\host2-webapps\app3 - Application on Host2
etc for as many hosts and applications as you like

 The explanation in the doc on the tomcat.apache.org site seems to only cover 
 what I am using, which treats every director as a webapp.  Definatly not what 
 I want.
Which page(s) are you looking at? If the docs tell you to do this they
need to be changed. I can't see anything like this but I could easily
be missing the obvious.

Mark


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]







-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Include Directive

2006-11-07 Thread Justin Jaynes

Chris,

Using /header.jsp which is of course an absolute path, I get virtually the 
same error.  Only /../header.jsp changes to /header.jsp  Still doesn't work.

You also suggested this: %@ include file=%= request.getContextPath() 
%/header.jsp %
I tried it but the code inside the quotes does not get evaluated.

Justin

- Original Message 
From: Christopher Schultz [EMAIL PROTECTED]
To: Tomcat Users List users@tomcat.apache.org
Sent: Tuesday, November 7, 2006 6:14:58 AM
Subject: Re: Include Directive

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Justin,

 The index.jsp file in the main directory contains the code %@
 include file=header.jsp % and it works great.
 
 In the admin directory the index.jsp file contains this code %@
 include file=../header.jsp % obviously referencing to the parent
 directory, where the header.jsp file sits.  I don't want to have to
 copy it to the child directory and maintain two copies of it.
 
 But when I do this, I get an error every time.  What am I doing
 wrong?  You can find the error below.

It's a good idea to start your include directives with a '/', making
your paths relative to the context path (the webapp base URI, if you
will). As you can see, Tomcat is adding a leading '/' for you, which
makes the path into nonsense:

 File /../header.jsp not found

/../header.jsp would actually be located one directory above your
webapp's root directory, which is illegal.

Consider using /header.jsp as the include's location.

There is another thread from the last 24 hours or so with someone asking
about changing context paths. This is the best way to do this:

%@ include file=%= request.getContextPath() %/header.jsp %

Not sure if that compiles (I haven't touched JSP in years), but it's the
general idea.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFUIbR9CaO5/Lv0PARAiNSAJ9T4mX3Vz5nMvdNN/RfyS25CmpKVQCdENMF
f09sh+IY0kXEb/MPD39Qi+Y=
=44Mk
-END PGP SIGNATURE-

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]







-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Include Directive Misbehaving

2006-11-07 Thread Justin Jaynes

To further complicate this problem, I have tried more experimenting and am 
becoming more frustrated.

The original situation remains below.

Now if I add a sub-directory to the admin subdirectoy, the directory structure 
looks like this:

[main host directory (/host)]
index.jsp
header.jsp (ROOT VERSION, with a notation I can see in the html distinguishable 
from others)
[admin sub directory (/host/admin)
index.jsp
header.jsp (ADMIN VERSION, with a notation)
[user sub directory (/host/admin/user)]
[justin sub directory (/host/admin/user/justin)]
index.jsp

As you can see, I have copied the header.jsp to the sub-directory admin and 
have altered its contets so I can identify which header.jsp is being 
used--namely that in the root directory or in the admin directory.

Then in the index.jsp file in the justin subdirectory, I use the code

%@ include file=../../../header.jsp %

to reach the ROOT header.jsp to be included.  But instead, the output in the 
browser uses the file from the ADMIN directory.

So I figured I should just add ../ once more to move one more level up.  so I 
did.

%@ include file=../../../../header.jsp %

But it used the ADMIN version again.

%@ include file=../../../../../../../../header.jsp %

actually does too.  What is the problem here?

And trying to go less instead of more,

%@ include file=../../header.jsp %

this also works but uses the ADMIN version.  Which is the expected behavior FOR 
ONCE.

But then even less

%@ include file=../header.jsp %

gives this error:

org.apache.jasper.JasperException: /sites/14/index.jsp(8,0) File 
/sites/14/../header.jsp not found

org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:512)

org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
Can someone try to reproduce this error?  I believe that Tomcat 5.5 and 6.0 do 
not behave properly in this reguard.  Unless I am making a mistake.  If that is 
the case, please guide me out of it.

Justin

When I enter the same 

- Original Message 
From: Justin Jaynes [EMAIL PROTECTED]
To: users@tomcat.apache.org
Sent: Monday, November 6, 2006 10:01:00 PM
Subject: Include Directive

Hello,

I am trying to eliminate unnecessary duplication of code by using include 
directives.  Currently my directory structure is like this:

[main app directory]
index.jsp
header.jsp
footer.jsp
[admin subdirectory]
index.jsp

The index.jsp file in the main directory contains the code %@ include 
file=header.jsp % and it works great.

In the admin directory the index.jsp file contains this code %@ include 
file=../header.jsp % obviously referencing to the parent directory, where 
the header.jsp file sits.  I don't want to have to copy it to the child 
directory and maintain two copies of it.

But when I do this, I get an error every time.  What am I doing wrong?  You can 
find the error below.

Justin

HTTP Status 500 - type Exception report
message 
description The server encountered an internal error () that prevented it from 
fulfilling this request.
exception 
org.apache.jasper.JasperException: /index.jsp(4,0) File /../header.jsp not 
found

org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:512)

org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
root cause 
org.apache.jasper.JasperException: /index.jsp(4,0) File /../header.jsp not 
found

org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:39)

org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:405)
org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:86)
org.apache.jasper.compiler.Parser.processIncludeDirective(Parser.java:339)
org.apache.jasper.compiler.Parser.parseIncludeDirective(Parser.java:372)
org.apache.jasper.compiler.Parser.parseDirective(Parser.java:484)
org.apache.jasper.compiler.Parser.parseElements(Parser.java:1556)
org.apache.jasper.compiler.Parser.parse(Parser.java:126)

org.apache.jasper.compiler.ParserController.doParse(ParserController.java:211)
org.apache.jasper.compiler.ParserController.parse(ParserController.java:100)
org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:155)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:295)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:276)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:264)

org.apache.jasper.JspCompilationContext.compile

Re: Include Directive Misbehaving

2006-11-07 Thread Justin Jaynes

Oh snap!  That's exactly what's happening.  Can you point me to a good document 
that expalins how to set up contexts?  I've got everything set up exactly as 
you described.

Any good reading for a comprehensive (or even rudimetry) understanding would be 
greatly appreciated.

If you can explain it in a reasonable length that is appropriate to this forum 
(and convenient to your time), it would also be greatly appreciated.

The explanation in the doc on the tomcat.apache.org site seems to only cover 
what I am using, which treats every director as a webapp.  Definatly not what I 
want.

Justin

- Original Message 
From: Mark Thomas [EMAIL PROTECTED]
To: Tomcat Users List users@tomcat.apache.org
Sent: Tuesday, November 7, 2006 9:30:07 PM
Subject: Re: Include Directive Misbehaving

Justin Jaynes wrote:
 To further complicate this problem, I have tried more experimenting and am 
 becoming more frustrated.

I have just tested all combinations of files and included files for
three levels of directories and everything is working as it should.

Just a guess but...
Is it possible your contexts are not correctly deployed? If your
host's appBase and your web application's docBase point to the same
directory and autoDeploy is enabled you will have all sorts of odd
behaviour since by default *every* directory in a host's appBase gets
deployed as a web application.

HTH,

Mark

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]







-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Include Directive

2006-11-06 Thread Justin Jaynes

Hello,

I am trying to eliminate unnecessary duplication of code by using include 
directives.  Currently my directory structure is like this:

[main app directory]
index.jsp
header.jsp
footer.jsp
[admin subdirectory]
index.jsp

The index.jsp file in the main directory contains the code %@ include 
file=header.jsp % and it works great.

In the admin directory the index.jsp file contains this code %@ include 
file=../header.jsp % obviously referencing to the parent directory, where 
the header.jsp file sits.  I don't want to have to copy it to the child 
directory and maintain two copies of it.

But when I do this, I get an error every time.  What am I doing wrong?  You can 
find the error below.

Justin

HTTP Status 500 - type Exception report
message 
description The server encountered an internal error () that prevented it from 
fulfilling this request.
exception 
org.apache.jasper.JasperException: /index.jsp(4,0) File /../header.jsp not 
found

org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:512)

org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
root cause 
org.apache.jasper.JasperException: /index.jsp(4,0) File /../header.jsp not 
found

org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:39)

org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:405)

org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:86)

org.apache.jasper.compiler.Parser.processIncludeDirective(Parser.java:339)
org.apache.jasper.compiler.Parser.parseIncludeDirective(Parser.java:372)
org.apache.jasper.compiler.Parser.parseDirective(Parser.java:484)
org.apache.jasper.compiler.Parser.parseElements(Parser.java:1556)
org.apache.jasper.compiler.Parser.parse(Parser.java:126)

org.apache.jasper.compiler.ParserController.doParse(ParserController.java:211)

org.apache.jasper.compiler.ParserController.parse(ParserController.java:100)
org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:155)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:295)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:276)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:264)

org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:563)

org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:305)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)





-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Cycling Missing File Error

2006-09-18 Thread Justin Jaynes

Hello Tomcat Users et. al.

I've been developing with tomcat for a few years now,
and I've never had this problem until I decided to
restructure some code to save time by consolidating
files with similar content AT DIFFERENT LEVELS in the
DIRECTORY TREE.  Now these files I have been using, I
was already including in each of my jsp's as a
header.inc or a header.jsp by using the %@ include
file=header.inc % directive and they'd been working
great.  Now I decided I only wanted them at one
directory level so I could maintain them easier.  So
is a child directory I used the directive %@ include
file=../header.jsp %.

But when I made these changes, some bizarre behavior
started.  At first I thought it was random, but then I
checked closer and the error occurs at a regular
interval.

When I would load my page, sometimes it would load
properly, and other times, I would get a 500 error as
seen below.  So I tried reloading the page four times
a second to see if the occurance was random.  It was
not.  The error occured once in 12 page reloads over a
period of three seconds, and the pattern continued
that way for some time, in a very precise manner.

This happens on pages both in the application root
which sit directly beside the header.jsp file to be
included, and on pages in the child directory.

What would be causing this?  I run SuSE linux and KDE.
 I've tried in multiple browsers to avoid cacheing
errors.

Stack trace below:

type Exception report

message

description The server encountered an internal error
() that prevented it from fulfilling this request.

exception

org.apache.jasper.JasperException:
/sites/14/index.jsp(8,0) File /header.jsp not found

org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:510)

org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:375)

org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)

org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)

javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

root cause

org.apache.jasper.JasperException:
/sites/14/index.jsp(8,0) File /header.jsp not found

org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:39)

org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:405)

org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:86)

org.apache.jasper.compiler.Parser.processIncludeDirective(Parser.java:339)

org.apache.jasper.compiler.Parser.parseIncludeDirective(Parser.java:372)

org.apache.jasper.compiler.Parser.parseDirective(Parser.java:484)

org.apache.jasper.compiler.Parser.parseElements(Parser.java:1552)

org.apache.jasper.compiler.Parser.parse(Parser.java:126)

org.apache.jasper.compiler.ParserController.doParse(ParserController.java:211)

org.apache.jasper.compiler.ParserController.parse(ParserController.java:100)

org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:155)

org.apache.jasper.compiler.Compiler.compile(Compiler.java:295)

org.apache.jasper.compiler.Compiler.compile(Compiler.java:276)

org.apache.jasper.compiler.Compiler.compile(Compiler.java:264)

org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:563)

org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:303)

org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)

org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)

javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

note The full stack trace of the root cause is
available in the Apache Tomcat/5.5.17 logs.

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cpu 100% java

2006-08-02 Thread Justin Spies


Ben,
For various reasons, I've had to send this response using your  
original message.  I've included below some of the feedback provided  
by Chris since I'm pretty sure I'v read the entire thread so far...


I've run into this type of issue many times as well, memory management
definitely is not automatic in Java, at least not for admins.


[Hide Quoted Text]


Think the Java that is hogging the cpu is something different.
I run /Library/Tomcat/bin/startup.sh (with ram settings)
PID COMMAND  %CPU   TIME   #TH #PRTS #MREGS RPRVT  RSHRD  RSIZE
VSIZE
 1792 java27.9%  0:08.83  12   255   191  47.9M+ 13.1M  35.6M+
469M+ (using -Xms128m -Xmx256m)



This application looks to not be using much of the heap.  What you see
is that the system is using only about 50MB of memory.  According to
http://www.mozilla.org/projects/footprint/OSX_opt_mem_usage.txt
however, the numbers add up the opposite (the document says that
47+13=3D3D35, but it looks more like 13+35=3D3D48)

The VSIZE question--when the JVM starts, it places a hold on the
memory it thinks is needed.  So if you allocate a maximum heap of
256MB + the permanent size of 128MB (which I realize you haven't set
and I don't recall the default) + extra overhead memory =3D3D 469MB of
VSIZE.  Note that the JVM needs memory, as Chris mentioned, of HEAP +
PERMSIZE + (THREADMEMORY * NUM THREADS).

To check memory usage, you'll want to add the following to your
startup parameters (plus any others you want):

-verbose:gc -Xloggc:/tmp/garbage.log -XX:+PrintGCTimeStamps -XX:PrintGCDetai=
=3D
ls

The above will tell you how much memory is being allocated and how
often the system is doing garbage collection.

Details for reading and understanding the log files can be found at
http://java.sun.com/docs/hotspot/gc5.0/gc_tuning_5.html  (jvm 1.5)
http://java.sun.com/docs/hotspot/gc1.4.2/ (jvm 1.4.2)

I've seen weird issues with the different garbage collectors as well,
for example we have an application in BEA WebLogic on a Sun server
where using the ConcMarkSweep collector caused a core dump.  I've also
seen JVM's on Linux hard lock in the middle of a GC and the CPU spike
to 100% utilization.  Only a kill -9 would kill the process.

[Hide Quoted Text]

but this one is still around
PID COMMAND  %CPU   TIME   #TH #PRTS #MREGS RPRVT  RSHRD  RSIZE
VSIZE
1775 java98.8%  0:56.40  21   597   243  88.3M  9.94M  77.8M
288M (one that hogs cpu, the problem process from the start)

I do  /Library/Tomcat/bin/shutdown.sh and I only have the pid 1775 (hog
one) other java is gone now.



I haven't used a Mac in about 8 mo, so I don't recall the details of
the startup / shutdown for Tomcat, however this could be due to the
high load  the shutdown command cannot communicate with the Tomcat
instance.

Also note that the above instance is using much more REAL memory
(88MB) than the first instance, but has much less total allocated
memory (288MB).  It's highly likely that the application is defaulting
to a heap size of something like or 9MB.

Since this is the instance causing problems, you'll probably want to
use the above JVM arguments for this instance.  Note that you probably
cannot put the -Xloggc:/tmp/garbage.log into a shared startup script.
Any instance started with that script would write to the same file,
destroying / contaminating your data.


[Hide Quoted Text]

Two Java programs:
Ran by Appserve java
-Djava.endorsed.dirs=3D3D/Library/Tomcat/common/endorsed -classpath
/Library/Java/Home/lib/tools.jar:/Library/Tomcat/bin/bootstrap.jar
-Dcatalina.base=3D3D/Library/Tomcat/blojsom_root
-Dcatalina.home=3D3D/Library/Tomcat
-Djava.io.tmpdir=3D3D/Library/Tomcat/blojsom_root/temp
org.apache.catalina.startup.Bootstrap start
(weblogs use this one, seems to be the problem one, any idea where the
config is for this one?)

Ran by Root
/System/Library/Frameworks/JavaVM.framework/Versions/1.4/Home/bin/java
-Xms128m -Xmx256m -Djava.endorsed.dirs=3D3D/Library/Tomcat/common/endorsed
 so this one is using the ram change -Xms128m -Xmx256m other is
not.





It's tough to tell what's going on with this:


 PID COMMAND  %CPU   TIME   #TH #PRTS #MREGS RPRVT  RSHRD  RSIZE
VSIZE
 825 java   102.4%  2:43:34  61  371  98.0M   872K  85.1M-
308M


RSIZE (resident size, IIRC) is 85.1M - 308M? WTF does that mean?

If the 308M is spurious, then your Java process was using 85MB which
suggests that your heap size was probably more like 64MB or somewhere in
there. Increasing it to 128/256 as you have above ought to give you some
more room to move around in.

Does this help the problem?

-chris




Ben



This message was sent using IMP, the Internet Messaging Program.


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Problem starting Tomcat in Netbeans

2006-05-28 Thread Justin See


Dear all,

I've tried to search for it but couldn't find an answer.
Please try to help me.

I've created an application and deployed and run successfully in the first
PC.
I copied everything over, installed everything as the first PC.


1) I've the mysql-connector-java-3.1.12-bin.jar in the common/lib.

2) Added this to the server.xml:

Context

 Resource name=jdbc/MySQLDB auth=Container
   type=javax.sql.DataSource username=root password=password
   driverClassName= com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/transport
   maxActive=8 maxIdle=4/

/Context

3) Added this to the web.xml

descriptionMySQL Connection/description
  resource-ref
   descriptionDB Connection/description
   res-ref-namejdbc/MySQLDB/res-ref-name
   res-type javax.sql.DataSource/res-type
   res-authContainer/res-auth
  /resource-ref



4) Set the environment variable: CLASSPATH=C:\Program Files\netbeans-
5.0\enterprise2\jakarta-tomcat-5.5.9\common
lib

Now when i deploy and start the application on the Tomcat,
Tomcat logs give me this error:


May 28, 2006 10:46:10 PM
org.apache.catalina.mbeans.ServerLifecycleListenercreateMBeans

SEVERE: createMBeans: Throwable

java.lang.NullPointerException

   at org.apache.catalina.mbeans.MBeanUtils.createObjectName(
MBeanUtils.java:1079)

   at org.apache.catalina.mbeans.MBeanUtils.createMBean(MBeanUtils.java
:496)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:569)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:365)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:534)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:497)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:659)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:627)

   at org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(
ServerLifecycleListener.java:277)

   at org.apache.catalina.mbeans.ServerLifecycleListener.lifecycleEvent
(ServerLifecycleListener.java:128)

   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
LifecycleSupport.java:119)

   at org.apache.catalina.core.StandardServer.start(StandardServer.java
:676)

   at org.apache.catalina.startup.Catalina.start(Catalina.java:537)

   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

   at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:39)

   at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:25)

   at java.lang.reflect.Method.invoke(Method.java:324)

   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)

   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)

java.lang.reflect.InvocationTargetException

   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

   at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:39)

   at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:25)

   at java.lang.reflect.Method.invoke(Method.java:324)

   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)

   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)

Caused by: java.lang.NullPointerException

   at java.util.Hashtable.put(Hashtable.java:393)

   at org.apache.catalina.core.StandardContext.resourcesStart(
StandardContext.java:3741)

   at org.apache.catalina.core.StandardContext.start(
StandardContext.java:3925)

   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java
:1012)

   at org.apache.catalina.core.StandardHost.start(StandardHost.java
:718)

   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java
:1012)

   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java
:442)

May 28, 2006 10:46:11 PM org.apache.catalina.core.StandardService start

INFO: Starting service Catalina

May 28, 2006 10:46:11 PM org.apache.catalina.core.StandardEngine start

   at org.apache.catalina.core.StandardService.start(
StandardService.java:450)

INFO: Starting Servlet Engine: Apache Tomcat/5.5.9

   at org.apache.catalina.core.StandardServer.start(StandardServer.java
:683)

May 28, 2006 10:46:11 PM org.apache.catalina.core.StandardHost start

   at org.apache.catalina.startup.Catalina.start(Catalina.java:537)

INFO: XML validation disabled

   ... 6 more


Thanks in advance!

--
Regards,
Justin See

Re: IIS 6 + Apache tomcat 5.5.15 + SQL Server 2000 ? ( Windows 20 03 Server )

2006-03-09 Thread Justin Greene

We have used both JTDS and JDBC to connect Tomcat to SQL2000.  JTDS seems to
be more memory efficient.  It is also far stricter in how data types are
cast.  Stored Procedures that worked fine with JDBC sometimes did not
properly with JTDS.  I think the issue (I am not doing the java work) is
that the variable types in preparing the statement must be strictly
correct... i.e. JTDS will not truncate a string that is too long for the var
type but JDBC will. 

Justin

 -Original Message-
 From: Phil Wilson [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, March 09, 2006 10:32 AM
 To: Tomcat Users List
 Subject: Re: IIS 6 + Apache tomcat 5.5.15 + SQL 
 Server 2000 ? ( Windows 2003 Server )
 
  I know ... it's not a good Combo

IIS 6 + Apache tomcat 5.5.15 + SQL Server 2000 ? ( Windows 2003 
  Server ) but... let's crash and burn ;)
 
 Hi,
 
 I've done this combo before using the jTDS driver from 
 http://jtds.sourceforge.net/
 
 If you notice, all of the examples on the URL you give are 
 very very similar, and off the 
 top of my head I can't remember any massive differences 
 between the SQL Server 2000 config 
 and MySQL, so just try the MySQL config (with the correct 
 driverClassName and JDBC URL of 
 course) and see how far you get.
 
 Good luck!
 
 Phil
 

Checking in the web site i see that i can install the 
 Apache-Tomcat 
  and  that works properly ( First time i work with Windows 2003 ).

What i'm not plenty sure ...  I'm going to face problems 
 if i want  
  to stablish JDBC conectivity with a SQL Server 2000 Database.

I just see , Mysql ,Oracle and PostgreSQL Conectivity.


  
 http://tomcat.apache.org/tomcat-5.5-doc/jndi-datasource-exampl
es-howto.html
   
   Regards and Thx In Advance.
   Sergio Gonzalez Ramos.
   
 -
 
 LLama Gratis a cualquier PC del Mundo.
 Llamadas a fijos y móviles desde 1 céntimo por minuto. 
 http://es.voice.yahoo.com

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Performance tricks with multiple tomcat instances

2006-03-09 Thread Justin Greene

 -Original Message-
 From: Leon Rosenberg [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, March 09, 2006 10:28 AM
 To: Tomcat Users List
 Subject: Re: Performance tricks with multiple 
 tomcat instances

 On 3/9/06, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
  If I were to add my two cents, I would say the OS 
 scheduler, the bus, 
  memory access all will play their part. ie, I think you 
 will get more 
  juice out of 8 single CPU machines each running a tomcat, than one 
  machine with 8 CPU's, as your 8cpu machine will not have 8 parallel 
  buses, 8 drives, 8 everything etc.

 Of course, but it also means 8 HE rack space, 16 power 
 cables, 8 switch ports etc. It also means 8 systems to 
 backup, to install and to administrate. We are trying to find 
 a configuration between n-one cpu servers and 1 n-cpu server 
 which is best from the manageability point of view and has 
 optimal tco. Personally I don't believe that anything with 
 more than 2 cpu's will ever pay out, but we have to test it :-)

I have never been a big fan of single CPU machines for threaded
applications.  It it too easy for a single slow thread to botteneck the
whole system.  Going beyond 2 CPUs however is expensive and I think that it
is best reserved for applications that

 - Cannot easily run across load balanced servers, such as a database
 - Are written to take advantage threading in a way that will truly benefit
from having more than 2 CPUs. (i.e, we have an app where one thread is
reading data from the network and populating a queue, a thread pool is
parsing the queue data and another thread pool is processing the parsed data
so having more CPUs would allow us to increase the size of the thread pools
and thus make the app run faster).

If these two criteria are not met (and there are probably a few more I am
missing) then I think it is better to have more less powerful machines which
provided redundancy.

I have to say that I am always surpised to read when people are setting
application servers (such as Tomcat) to maxthreads of 1000.  If I had 1000
processes running at the same time on any of my application servers it would
melt never finish any of them.  It is more realistic to have 5 - 10 threads
processing at any given time and to allow requests to queue (though one must
test to find the sweet spot).

Just my $.02

Justin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Is this tomcat or my app?

2006-03-09 Thread Justin Greene

Fairly regularly I have a page resquest visible on the 'Server Status' of
the Tomcat Manager that never ends.  I have tomcat set to timeout sockets
after 120 seconds, and have mod_jk set to do the same.  It always stalls at
4192K sent (is this a magic number?).  I tried increasing the output buffer
size and have set JKOptions +FlushPackets on the off chance that it would
make a difference but it does not seem to.  The stack trace obtained through
jconsole is below.  Can anyone shed any light on this?  Could my application
be causing this problem?  This page has been running for 10209703ms at the
moment and while restarting Apache will cause it to exit, I am getting
really tired of restarting apache all the time to resolve these issues.
Anyone, anyone... Bueller, Bueller?

Thank,
Justin

Name: TP-Processor24
State: RUNNABLE
Total blocked: 3,049  Total waited: 75,144

Stack trace: 
java.net.SocketOutputStream.socketWrite0(Native Method)
java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
java.net.SocketOutputStream.write(SocketOutputStream.java:136)
org.apache.jk.common.ChannelSocket.send(ChannelSocket.java:506)
org.apache.jk.server.JkCoyoteHandler.doWrite(JkCoyoteHandler.java:260)
org.apache.coyote.Response.doWrite(Response.java:551)
org.apache.catalina.connector.OutputBuffer.realWriteBytes(OutputBuffer.java:
361)
org.apache.tomcat.util.buf.ByteChunk.flushBuffer(ByteChunk.java:403)
org.apache.tomcat.util.buf.ByteChunk.append(ByteChunk.java:323)
org.apache.catalina.connector.OutputBuffer.writeBytes(OutputBuffer.java:392)
org.apache.catalina.connector.OutputBuffer.write(OutputBuffer.java:381)
org.apache.catalina.connector.CoyoteOutputStream.write(CoyoteOutputStream.ja
va:76)
com.seccas.servlet.GetMessagePartServlet.execute(GetMessagePartServlet.java:
226)
com.seccas.servlet.GetMessagePartServlet.doGet(GetMessagePartServlet.java:31
)
javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:252)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:173)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja
va:214)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja
va:178)
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126
)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105
)
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
:107)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:306)
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:385)
org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:745)
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)
org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:868)
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
a:684)
java.lang.Thread.run(Thread.java:595)

--
Justin Greene
SECCAS, LLC.
212-242-9308 x 101 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Performance tricks with multiple tomcat instances

2006-03-09 Thread Justin Greene

 -Original Message-
 From: Leon Rosenberg [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, March 09, 2006 3:06 PM
 To: Tomcat Users List
 Subject: Re: Performance tricks with multiple 
 tomcat instances

 On 3/9/06, Justin Greene [EMAIL PROTECTED] wrote:

   -Original Message-
   From: Leon Rosenberg [mailto:[EMAIL PROTECTED]
   Sent: Thursday, March 09, 2006 10:28 AM
   To: Tomcat Users List
   Subject: Re: Performance tricks with multiple
   tomcat instances

   On 3/9/06, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
If I were to add my two cents, I would say the OS
   scheduler, the bus,
SNIP

  I have to say that I am always surpised to read when people are 
  setting application servers (such as Tomcat) to maxthreads 
 of 1000.  
  If I had 1000 processes running at the same time on any of my 
  application servers it would melt never finish any of them.  It is 
  more realistic to have 5 - 10 threads processing at any 
 given time and 
  to allow requests to queue (though one must test to find the sweet 
  spot).

 I would say, you are right, but if you want to support http 
 1.1 keepalives 1.5 threads per user are blocked simply 
 waiting for incoming requests, so how are you supposed to 
 server 500 users with 75 threads?

500 users != 500 concurrent connections (threads).  You can likely handle
many users being logged in at the same time with very few threads if you
take they do not all click a URL at the same time, and even if they did, you
would not want to service them all at the same time as your system could not
handle it.  We set our keepalives pretty short, only a few seconds.  If
another request does not come in quickly, then it costs a little overhead to
create a new connection.  Oh well.  Try taking an application that has some
load and watching the # of active threads in the 'Manager'.  We typically
have 20 or 30 clients logged in at a time but only see a single active
thread at any given time as it only takes milliseconds to service most
requests (if we are writing our code well).

Justin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Workes.properties socket_timeout clarification

2006-03-09 Thread Justin Greene

The docs state:

socket_timeout default 0

Socket timeout in seconds used for communication channel between JK and
remote host. If remote host does not respond inside that timeout the JK will
generate an error, and retry again. If set to value zero (default) the JK
will wait for infinite on all socket operations.

How does this differ from reply_timout?

Any feedback would be appreciated.

Thanks,
Justin

--
Justin Greene
SECCAS, LLC.
212-242-9308 x 101 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Problem with mod_jk/apache 1.3.34 Windows

2006-03-06 Thread Justin Greene

)
java.io.DataInputStream.readFully(DataInputStream.java:176)
java.io.DataInputStream.readFully(DataInputStream.java:152)
net.sourceforge.jtds.jdbc.SharedSocket.readPacket(SharedSocket.java:826)
net.sourceforge.jtds.jdbc.SharedSocket.getNetPacket(SharedSocket.java:707)
net.sourceforge.jtds.jdbc.ResponseStream.getPacket(ResponseStream.java:466)
net.sourceforge.jtds.jdbc.ResponseStream.read(ResponseStream.java:103)
net.sourceforge.jtds.jdbc.ResponseStream.peek(ResponseStream.java:88)
net.sourceforge.jtds.jdbc.TdsCore.wait(TdsCore.java:3870)
net.sourceforge.jtds.jdbc.TdsCore.executeSQL(TdsCore.java:1042)
net.sourceforge.jtds.jdbc.JtdsStatement.executeSQL(JtdsStatement.java:478)
net.sourceforge.jtds.jdbc.JtdsPreparedStatement.execute(JtdsPreparedStatemen
t.java:478)
org.apache.tomcat.dbcp.dbcp.DelegatingPreparedStatement.execute(DelegatingPr
eparedStatement.java:168)
...SNIP

In both cases, restarting apache resolves the issue.

Any thoughts that anyone has would be greatly appreciated.  I am running out
of things to try on the troubleshooting side.  We are also pursuing whether
our code could somehow be contibuting to this... Some sort of session
synchronization issue or something.

Thanks,
Justin

--
Justin Greene
SECCAS, LLC.
212-242-9308 x 101 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Problem with mod_jk/apache 1.3.34 Windows

2006-03-06 Thread Justin Greene

 -Original Message-
 From: Mladen Turk [mailto:[EMAIL PROTECTED] 
 Sent: Monday, March 06, 2006 12:33 PM
 To: Tomcat Users List
 Subject: Re: Problem with mod_jk/apache 1.3.34 Windows

 Justin Greene wrote:

SNIP

  Do not use cachesize with values higher then 1 on Apache 
 2.x prefork 
  or Apache 1.3.x!

  I believe that this only applies to Non-Windows installations.  
  (correct me if I am wrong here) Apache 1.3.34 on Windows is 
  multi-threaded and you must set the cachesize = webserver child 
  processes.  This change resolved the 'Server Busy Page' issue.  I 
  believe that by only having 1 thread essentially causes it to run in

 Right. cachesize=MaxClients on Windows.
 On Apache2 it's set by querying the mpm if omitted.

It would be nice if the docs reflected this :-)

 Apache 1.3.x on Windows for production?
 I must admit, you guys are very brave ;)

Been running for years and have found it quite stable, however our use is
very specific, static files, mod_jk and mod_[old version of cold fusion].
Very little room for anything to go wrong here.  The cold fusion mod
(v4.1.something) is not available for apache 2 mod so we are a little stuck
on 1.3.34 at the moment.

Justin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: mod_jk errors - are these normal?

2006-03-06 Thread Justin Greene

 -Original Message-
 From: michael thomas [mailto:[EMAIL PROTECTED] 
 Sent: Monday, March 06, 2006 4:42 PM
 To: Tomcat Users List
 Subject: TomcatUsers: Re: mod_jk errors - are these normal?

 --- Sven KÃ¯Â¿Â½hler [EMAIL PROTECTED] wrote:

   [Wed Mar 01 20:00:42 2006] [error] 
   ajp_connection_tcp_get_message::jk_ajp_common.c
  (961):
   Can't receive the response message from tomcat,
   network problems or tomcat is down
  (10.0.0.9:8009),
   err=-113
   [Wed Mar 01 20:00:42 2006] [error] ajp_get_reply::jk_ajp_common.c 
   (1503): Tomcat is
  down
   or refused connection. No response has been sent
  to
   the client (yet)

SNIP

 2. It seems like people who have apache and tomcat
 running on the same server can get away without any
 errors.

We are running on the same server (windows) and get these error contantly...
Actually, our read:

[Mon Mar 06 16:32:22 2006] [error] jk_ajp_common.c (961): Can't receive the
response message from tomcat, network problems or tomcat is down
(127.0.0.1:8009), err=-54
[Mon Mar 06 16:32:22 2006] [error] jk_ajp_common.c (1503): Tomcat is down or
refused connection. No response has been sent to the client (yet)

Which is subely different.  Anyone have a reference to what the various
'err=' codes mean?

Justin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: JMX via SSH tunnel does not work?

2006-03-06 Thread Justin Greene

We had issues using jconsole remotely a while back (jdk 1.5.0_02) that we
were never able to solve.  If memory serves, jconsole opens a connection on
the specified port to that Java instance.  An additional port or two (I
can't remember) are then opened and the ports that are used are somewhat
random making it very difficult to do this through anything that needs to
port forward or needs ports opened.  I do not remember if the additional
ports are opened by jconsole or the other way, but you can see it by
connecting locally and checking netstat for connections to/from the jconsole
process.  The only solution here is to be able to specify the additional
ports, but at the time there was no way to do this.  I have not looked into
the jconsole or JMX options since so I do not know if this was added.

Justin

 -Original Message-
 From: Andreas Schildbach [mailto:[EMAIL PROTECTED] 
 Sent: Monday, March 06, 2006 4:57 PM
 To: users@tomcat.apache.org
 Subject:Re: JMX via SSH tunnel does not work?
 
 Hello Mikolaj,
 
  I have set up the JMX server of JDK 1.5.0_06/Tomcat 
 5.5.15. It works
  fine locally, I'm testing with jconsole.
 
  However, if I tunnel the JMX port over SSH, it does not work. I can
  connect to the port, but there is no flow of data. jconsole is 
  hanging around for a minute, and then the connect dialog 
 pops up. What 
  is going wrong here?
  
  http://forum.java.sun.com/thread.jspa?threadID=565139tstart=30
  
 http://forum.java.sun.com/thread.jspa?threadID=289869messageID=124228
  8
 
 I understand the problem, but do not know how to solve it. 
 Can you give 
 an example how the java.rmi.server.hostname and 
 java.rmi.server.useLocalHostname properties on the client and 
 the server 
 should be set in this case?
 
 Regards,
 
 Andreas
 
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

1 2 >

100 matches

Mail list logo