-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ryan,
On 9/13/16 5:13 PM, Ryan Melissari wrote:
> We have recently noticed that our Tomcat installation is writing
> incorrect data to the localhost_access_log. It seems to be writing
> cached data of a previous request for some or all of the fields.
> For example, sometimes the jsessionid of another IP/client is
> written in the logs of having made a request for a page. There are
> other times where the request came from one computer, but is logged
> with the IP and sessionid of another computer. I have included a
> sample of the access log that shows what I mean.
>
> So far we have upgraded to the newest version of Tomcat (8.5.5) and
> added RECYCLE_FACADES=true to our catalina.properties file. We
> also see the same behavior from inside our application using
> getRemoteAddr(). At this point I am not really sure how to proceed
> as google doesn't return anything about a problem like this. Any
> suggestions would be appreciated.
You mean you set the system property
org.apache.catalina.connector.RECYCLE_FACADES=true, right?
How did you set that system property?
It's still possible that your application is trashing a request or
response object before the logger has a chance to emit the log message
(which typically happens at end *end* of the request processing cycle).
> Tomcat 8.5.5 OS: Solaris 11.3 sun4v sparc Java: 1.8.0_92
> TCNative: 1.2.7
>
>
>
>
> *server.xml:* protocol="org.apache.coyote.http11.Http11NioProtocol"
> maxThreads="300" SSLEnabled="true" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLSv1.2" maxHttpHeaderSize="65536"
> keystoreFile="/tomcat/.keystore" keystorePass="" compression="on"
> compressableMimeType="text/html,text/xml,text/plain,text/css,text/java
script,application/javascript"
>>
>
>
>
> ...
>
> directory="logs" prefix="localhost_access_log" suffix=".txt"
> renameOnRotate="true" pattern="%h %l %u
> %{-MM-dd'T'HH:mm:ss.SSSZ}t %r %s %B %S %D
> %{Referer}i" />
>
>
>
> *Clients:*
>
> Client1: 192.168.1.100 JSESSIONID:
> C345EEC54EA556A5E55CE1F7AAB9B706
>
> Client2: 192.168.1.105 JSESSIONID:
> DF4331A7668F8D67249A86DA2313029D
>
>
>
> *localhost_access_log.txt:*
>
> 192.168.1.100 - - 2016-09-13T14:33:34.154-0500 "GET
> /javascript/flyout-nav.js HTTP/1.1" 304 0
> DF4331A7668F8D67249A86DA2313029D 7 https://192.168.1.1/
>
> 192.168.1.105 - - 2016-09-13T14:57:59.110-0500 "GET
> /javascript/custom-expand.js HTTP/1.1" 304 0
> C345EEC54EA556A5E55CE1F7AAB9B706 11 https://192.168.1.1/
That certainly looks weird. Why is your "Referer" header coming in as
192.168.1.1? That looks like a home router's default IP address.
- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJX2cuhAAoJEBzwKT+lPKRYZa0P/iTFmPHzw2Kd1m8JXyFQZxZw
zLswCiZCbLBRLVW3dfjgsDEtacx0+1WCwZDKm8NNUN2GbPuGfkqZhLmds0N8kfxI
TyNaJPlSXHPP5syUoWVMd3sB0X+o4k5xBNNBI9uFUQ0dUmw5JxRpyI+hHXTpUC+K
NS4ZKHdvUGJbXOION29tGQrkNORtRtVKGalu/vDxz6HSJC1AOPwAkT1SlmHp7UOF
cDeDyJDVLP9SAnFlu/RxIS7yuakyBpOTormEZHAJ1zRbIrKUk6qsJ/2ffyejcaBR
MgyrEALO9XN8MU2q+4TGWRl+qAAvWjuThZaJe7Z13OwyNS0/FwJ5RwRELrwgJlvc
nAfPU0BLZbnoK5dGiD2n81KUvN99+OJ5jvlfOcWSR3yncIvQAUAswR1rEdX8VFCB
Bcb+brZG9I9UvCvUP39OyyiuJp02WLGor9kJXiuGe7DxKBVOZ3a9rr69vTx2nd5C
DWmhkust6LhcjsarmmApe1k0f3UrCytl1nwRiFw4l7b/4R8VFHyaVuwGQb3uYsrh
EB22vkEtk9+oTiH6LvItw7EJX45JwuCiK59qcFL6g4do+it0V3zwInmgVUY27QoC
gW+LUQrplv7MdOCTPXYQnqs6tG5e9nO3WIjg4NYg3Vhu9IAYVhwDQsw//6k7BgKh
uKqvbWKapQTuKKjCBvvO
=bocl
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org