Re: Expression Language ${initParam.whatever} not working
In your web.xml you want: greeting_color green I think you have defined an initialization parameter for the servlet, not the context. On Mon, 10 Feb 2020 at 17:54, Richard Monson-Haefel wrote: > Hi, > > Tomcat version: 9.0.30 > Operating System: macOS 10.15.2 > > While I can access my initParam vis a JSP scriptlet I cannot access the > same initial paramter EL expression. > > Here is the JSP code I'm using > > > > > %>">Hello ${param.name} from hello.jsp > > > color is ${initParam["greeting_color"]} > > > > Here is my web.xml declaring the initial parameters > > http://xmlns.jcp.org/xml/ns/javaee; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; > xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee > http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd; > version="4.0" > metadata-complete="true"> > > > > > HiJsp > /hello.jsp > > greeting_color > green > > > > HiJsp > /hola/* > > > > Here is the output (source) > > > > > Hello richard from > hello.jsp > > color is > > > > I don't understand why the JSP expression <%= %> works but the EL > expression ${ } doesn't. I've tried many variations and other EL implicit > objects I've tried worked fine. > > What am I missing? > > The WAR is attached for your convenience. > > > > -- > Richard Monson-Haefel > https://twitter.com/rmonson > https://www.linkedin.com/in/monsonhaefel/ > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Redirecting a naked domain to sub domain
On Thu, 15 Aug 2019 at 23:30, Chris Cheshire wrote: > On Thu, Aug 15, 2019 at 2:54 PM Simon Funnell > wrote: > > > > On Thu, 15 Aug 2019 at 01:00, Chris Cheshire > wrote: > > > > > On Wed, Aug 14, 2019 at 5:18 PM Simon Funnell > > > wrote: > > > > > > > > On Tue, 6 Aug 2019 at 14:33, John Larsen > > > wrote: > > > > > > > > > I usually handle the redirect on the webserver side and set the > alias > > > in > > > > > server.xml to the subdomain. > > > > > > > > > > John Larsen > > > > > > > > > > > > > > > > > > > I have now successfully loaded the rewrite valve in the application > > > > context.xml but I am getting the following error on start up: > > > > java.util.regex.PatternSyntaxException > > > > > > > > This is the rewrite.config file: > > > > > > > > RewriteCond %{HTTP_HOST} !^(.*)\.domain\.org\ [NC] > > > > RewriteRule ^(.*)$ https://www.domain.org/$1 [R=301,L] > > > > > > > > It looks like the first line is an error and I don't know enough > about > > > > regex to fix it. > > > > > > > > Any help is great thanks. > > > > > > > > > > > > > > The \ after .org is misplaced (it's trying to quote the space > > > following it), remove that and try again > > > > > > Chris > > > > > > > > > Chris > > > > > > > > It kind of works now but when it redirects it adds two slashes to the end > > of domain: > > > > https://www.domain.org// > > > > which is causing an internal server error for the URL not br normalised > > > > > > > > That's odd. I do the inverse of that to remove www and have a naked > domain, but using mod_rewrite in httpd. The rewrite rule is otherwise > the same. I thought the syntax was the same. Maybe something inside > tomcat is forcing a / at the end of the domain for canonicalization, > and then the extra / is getting added by the rewrite valve rule? > > Looking at a different server where I force the www, I have this instead : > > RewriteRule ^/(.*) https://www.domain.com%{REQUEST_URI} [L,R=301] > This works properly, thanks! > > You can try this instead. It won't be putting a / in there unless it > is already present in the uri passed (unlike the other version where a > / will be appended even if the uri is blank) > > HTH, > > Chris > > > > > > > > > > > > > > > > > > > On Tue, Aug 6, 2019 at 7:11 AM Simon Funnell < > simonfunn...@gmail.com> > > > > > wrote: > > > > > > > > > > > Hi, > > > > > > > > > > > > I was going to do a redirect at my dns provider from the naked > > > domain to > > > > > > the www subdomain. Unfortunatly this doesn't really work if it is > > > over > > > > > > https so I am going to have to do the redirect at the host > level. My > > > > > > question is, is this what the rewrite valve is for? I was going > to > > > set up > > > > > > two hosts, one for the naked domain and one for the subdomain > with a > > > set > > > > > up > > > > > > like the following: > > > > > > > > > > > > > > > > > unpackWARs="true" autoDeploy="true"> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > unpackWARs="true" autoDeploy="true"> > > > > > > > > > > > > > > > > > > className="org.apache.catalina.valves.AccessLogValve" > > > > > > directory="logs" > > > > > >prefix="localhost_access_log" suffix=".txt" > > > > > >pattern="%h %l %u %t %r %s %b" /> > > > > > > > > > > > > > > > > > > > > > > > > If this is what the rewrite valve is for, how do I configure it > to > > > > > redirect > > > > > > to the subdomain apart from when it accesses the .well-known > folder > > > > > (which > > > > > > is needed to get a letsencrypt certificate). > > > > > > > > > > > > If the rewrite valve is not the correct way to do this do I just > > > deploy a > > > > > > catch all servlet or a filter to do the redirect instead? > > > > > > > > > > > > Thanks, > > > > > > > > > > > > Simon > > > > > > > > > > > > > > > > > - > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Redirecting a naked domain to sub domain
On Thu, 15 Aug 2019 at 01:00, Chris Cheshire wrote: > On Wed, Aug 14, 2019 at 5:18 PM Simon Funnell > wrote: > > > > On Tue, 6 Aug 2019 at 14:33, John Larsen > wrote: > > > > > I usually handle the redirect on the webserver side and set the alias > in > > > server.xml to the subdomain. > > > > > > John Larsen > > > > > > > > > > > I have now successfully loaded the rewrite valve in the application > > context.xml but I am getting the following error on start up: > > java.util.regex.PatternSyntaxException > > > > This is the rewrite.config file: > > > > RewriteCond %{HTTP_HOST} !^(.*)\.domain\.org\ [NC] > > RewriteRule ^(.*)$ https://www.domain.org/$1 [R=301,L] > > > > It looks like the first line is an error and I don't know enough about > > regex to fix it. > > > > Any help is great thanks. > > > > > > The \ after .org is misplaced (it's trying to quote the space > following it), remove that and try again > > Chris > > > Chris > > It kind of works now but when it redirects it adds two slashes to the end of domain: https://www.domain.org// which is causing an internal server error for the URL not br normalised > > > > > > > > > On Tue, Aug 6, 2019 at 7:11 AM Simon Funnell > > > wrote: > > > > > > > Hi, > > > > > > > > I was going to do a redirect at my dns provider from the naked > domain to > > > > the www subdomain. Unfortunatly this doesn't really work if it is > over > > > > https so I am going to have to do the redirect at the host level. My > > > > question is, is this what the rewrite valve is for? I was going to > set up > > > > two hosts, one for the naked domain and one for the subdomain with a > set > > > up > > > > like the following: > > > > > > > > > > > unpackWARs="true" autoDeploy="true"> > > > > > > > > > > > > > > > > > > > unpackWARs="true" autoDeploy="true"> > > > > > > > > > > > > > > > directory="logs" > > > >prefix="localhost_access_log" suffix=".txt" > > > >pattern="%h %l %u %t %r %s %b" /> > > > > > > > > > > > > > > > > If this is what the rewrite valve is for, how do I configure it to > > > redirect > > > > to the subdomain apart from when it accesses the .well-known folder > > > (which > > > > is needed to get a letsencrypt certificate). > > > > > > > > If the rewrite valve is not the correct way to do this do I just > deploy a > > > > catch all servlet or a filter to do the redirect instead? > > > > > > > > Thanks, > > > > > > > > Simon > > > > > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Redirecting a naked domain to sub domain
On Tue, 6 Aug 2019 at 14:33, John Larsen wrote: > I usually handle the redirect on the webserver side and set the alias in > server.xml to the subdomain. > > John Larsen > > > I have now successfully loaded the rewrite valve in the application context.xml but I am getting the following error on start up: java.util.regex.PatternSyntaxException This is the rewrite.config file: RewriteCond %{HTTP_HOST} !^(.*)\.domain\.org\ [NC] RewriteRule ^(.*)$ https://www.domain.org/$1 [R=301,L] It looks like the first line is an error and I don't know enough about regex to fix it. Any help is great thanks. > > On Tue, Aug 6, 2019 at 7:11 AM Simon Funnell > wrote: > > > Hi, > > > > I was going to do a redirect at my dns provider from the naked domain to > > the www subdomain. Unfortunatly this doesn't really work if it is over > > https so I am going to have to do the redirect at the host level. My > > question is, is this what the rewrite valve is for? I was going to set up > > two hosts, one for the naked domain and one for the subdomain with a set > up > > like the following: > > > > > unpackWARs="true" autoDeploy="true"> > > > > > > > > > unpackWARs="true" autoDeploy="true"> > > > > > > > directory="logs" > >prefix="localhost_access_log" suffix=".txt" > >pattern="%h %l %u %t %r %s %b" /> > > > > > > > > If this is what the rewrite valve is for, how do I configure it to > redirect > > to the subdomain apart from when it accesses the .well-known folder > (which > > is needed to get a letsencrypt certificate). > > > > If the rewrite valve is not the correct way to do this do I just deploy a > > catch all servlet or a filter to do the redirect instead? > > > > Thanks, > > > > Simon > > >
Redirecting a naked domain to sub domain
Hi, I was going to do a redirect at my dns provider from the naked domain to the www subdomain. Unfortunatly this doesn't really work if it is over https so I am going to have to do the redirect at the host level. My question is, is this what the rewrite valve is for? I was going to set up two hosts, one for the naked domain and one for the subdomain with a set up like the following: If this is what the rewrite valve is for, how do I configure it to redirect to the subdomain apart from when it accesses the .well-known folder (which is needed to get a letsencrypt certificate). If the rewrite valve is not the correct way to do this do I just deploy a catch all servlet or a filter to do the redirect instead? Thanks, Simon
Memory Usage
Hi, I am looking at running a small ecommerce site with about 40-80 users at a time on a virtual private server with 4 cores and 1GB of memory, I am planning on running apache james, mysql and tomcat on this instance. My question is will 256MB maximum heap memory with say 50 threads be enough to handle the load without any out of memory errors? Thanks.
OpenID
Hi, Are there any projects specific for Tomcat, like a Realm/Authenticator combination with appropriate licensing, that implements openid features? Regards, Simon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to protect the plain text username and password in the server.xml
It is possible to define the element as an entity in server.xml: |!ENTITY secure_resource SYSTEM http://somewhere.com/resource.xml;| and then replace the Resource element with the entity: |secure_resource Because the entity resolves to an external source, this source can be generated dynamically, by a script for example. This script could potentially be limited in execution to the tomcat user/instance. Other users who can possibly read the script that generates the the username/password, but not execute it, cannot get the username/password. Regards, Simon | On 29/10/10 10:19, 彬 乔 wrote: Dears, We are using Tomcat 5.5.20 in a RHEL 64bit box. The application running on it is a financial system. An internal audit indicated that we should not use plain text username and password in the server.xml, as: Resource name=jdbc/JiraDS auth=Container type=javax.sql.DataSource username=user password=password ... / Is there a way to use encrypted username and password in the server.xml file? Or, use the username and password as parameters of the startup command, instead of leaving them as plain text in the server.xml? Thanks, Roy Qiao - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: how can i turn off This is very likely to create a memory leak.
On 28/10/10 14:53, Leon Rosenberg wrote: ok, i revoke my nevermind message, even after I removed JreMemoryLeakPreventionListener I still get the warning. Even weirder: Oct 28, 2010 3:50:55 PM org.apache.catalina.core.StandardService stop INFO: Stopping service Catalina Oct 28, 2010 3:50:55 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/moskitodemo] appears to have started a thread named [Poller SunPKCS11-Darwin] but has failed to stop it. This is very likely to create a memory leak. Note the word 'likely' is not 'defiantly', it is possible that your implementation is 'not' creating a memory leak. If tomcat launches an independent thread (not a tomcat thread) that refers to objects within the tomcat instance (and its pool of threads), this is when a memory leak would occur. This is because objects referenced by the independent thread 'and' the tomcat instance would not be GC'ed when tomcat shuts down, because they are still referenced by a living thread. 'Generally' you will want to stop the independent threads when tomcat shuts down, thus removing the 'likelihood' of memory leaks. If the independent threads have their own shut down hooks that realise tomcat is shutting down and dereference any appropriate objects, a memory leak will 'not' occur. If you want your independent threads to shut down with tomcat because they do not have the own mechanisms, implement a ServletContextListener.contextDestroyed that does so. Regards, Simon Oct 28, 2010 3:50:55 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/moskitodemo] appears to have started a thread named [MoskitoIntervalUpdater] but has failed to stop it. This is very likely to create a memory leak. Oct 28, 2010 3:50:55 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/moskitodemo] appears to have started a thread named [MoskitoMemoryReader] but has failed to stop it. This is very likely to create a memory leak. Oct 28, 2010 3:50:55 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/moskitodemo] appears to have started a thread named [MoskitoMemoryPoolReader] but has failed to stop it. This is very likely to create a memory leak. Oct 28, 2010 3:50:55 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/moskitodemo] appears to have started a thread named [MoskitoMemoryPoolReader] but has failed to stop it. This is very likely to create a memory leak. Oct 28, 2010 3:50:55 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/moskitodemo] appears to have started a thread named [Thread-6] but has failed to stop it. This is very likely to create a memory leak. Oct 28, 2010 3:50:56 PM org.apache.coyote.http11.Http11Protocol destroy INFO: Stopping Coyote HTTP/1.1 on http-8080 anyplace else except the server.xml to fix it? regards Leon On Thu, Oct 28, 2010 at 3:46 PM, Leon Rosenberg rosenberg.l...@gmail.com wrote: nevermind, found it, sorry for disturbing. On Thu, Oct 28, 2010 at 3:44 PM, Leon Rosenberg rosenberg.l...@gmail.com wrote: Hello, I investigated an issue (another thread) with new error messages after tomcat update: SEVERE: The web application [/moskitodemo] appears to have started a thread named [MoskitoMemoryPoolReader] but has failed to stop it. This is very likely to create a memory leak. After some research and discussions with colleagues we came to the conclusion that this message is ... well not helping us. Is there a possibility to turn it off? Its annoying to have such messages in the logs after a server shutdown. For explanation: I'm not planing to use webapp reload in my environment, hence, this message is actually just spam. regards Leon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Fwd: Re: deploying as ROOT application
On 26/10/10 20:31, Aggarwal, Ajay wrote: Where is the official Tomcat documentation on how to make your application a ROOT application? I am using Tomcat 6.0 and can't seem to locate the section on deploying as ROOT application. -Ajay Put your application in the webapps/ROOT folder 'or' (I think) a war file called ROOT.war in the webapps folder. Or use the manager webapp. Simon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
APR Features
Hi, I wanted to know if it was worth using the sendfile features for small static files or is the APR already optimised for serving static content? I basically have a jsp that makes a choice between serving up a static (.html) and custom version of the page dependant on whether the user is authenticated. If the user is not authenticated the required sendfile request attributes for the static version are set and the body of the jsp disregarded. The static versions are about 10-20k and it works fine. I guess my question is, if I use jsp:forward page=/index.html / instead of sendfile, is their any difference? I figure that if I have lots of unauthenticated users this will help with maintaining the load. Regards, Simon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Confidential Login
Hi, I have not been able to implement the following so I was wondering if it was possible or would I need a custom Realm/Authenticator implementation? I have some content that is restricted by role but not over a secure connection, however, if a user tries to access the content and is presented with the credentials/authentication form the form is also not over a secure connection and it needs to be. I tried applying a confidential transport security restraint on just the form but this seems to be bypassed when the form is actually used in a context without the transport constraint. I am thinking that some sort of redirect will be required instead to make the transition from non-secure to secure (for authentication) and back to non-secure. Will tomcat do this out of the box or will I need a need a custom/additional authentication package? Regards, Simon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
APR Features
Hi, I wanted to know if it was worth using the sendfile features for small static files or is the APR already optimised for serving static content? I basically have a jsp that makes a choice between serving up a static (.html) and custom version of the page dependant on whether the user is authenticated. If the user is not authenticated the required sendfile request attributes for the static version are set and the body of the jsp disregarded. The static versions are about 10-20k and it works fine. I guess my question is, if I use jsp:forward page=/index.html / instead of sendfile, is their any difference? I figure that if I have lots of unauthenticated users this will help with maintaining the load. Regards, Simon - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org