subject:"Upgrading from 9.0.20 to 9.0.34 AJP connector issue"

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-05-01 Thread Darryl Philip Baker

On 5/1/20, 5:07 PM, "André Warnier (tomcat/perl)"  wrote:

 I think you may have gotten everyone confused now because

1) you cannot have 2 different tomcat installations under the same 
directory (/opt/tomcat in your above explanation)

I've used this style of parallel installation before.

2) previously, you wrote that the error the two in one case was that you 
got back a 404 error.
Now you are saying that the browser is just waiting and "not returning".

Yes, the results have changed. As I have tried the different 
things suggested.

3) in the diff output below, it seems that you have a line like

 >>   worker.worker1.secret="false"

in one of the "server.xml" files (although it appears to be part of a 
comment).
That is not where such a line belongs.
I Just moved the line out of the syntax block and commented it 
out to keep track of what I have tried in the block below.

Can you be more precise in exactly describing your installation, how you 
are starting one 
tomcat or the other, how you switch between them, and what happens ?

Both installations are in /opt/tomcat. One is in 
/opt/tomcat/apache-tomcat-9.0.20 and the other in 
/opt/tomcat/apache-tomcat-9.0.34. /opt/tomcat/latest is a symbolic link 
I can point to either of the installations. The reason for 
putting the workers.properties file in the apache-tomcat9.0.XX tree is that 
Apache HTTPD can point 
at the workers.properties file as 
/opt/tomcat/latest/conf/jk/workers.properties and the systemd script can use 
the "latest" path to control tomcat. 
That way I can switch between the versions with no 
modifications to Apache HTTPD or the systemd files, just by replacing the 
symbolic link and restarting.

While writing this up I realized I for got one other 
customization is the setenv.sh file. It is the same in both installations but 
maybe it has to be different for the 9.0.34 installation.
It contains -- JAVA_OPTS="$JAVA_OPTS 
-Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true" and I am 
using -- openjdk version "1.8.0_242"

P.S. I would recommend moving your workers.properties file away from the tomcat 
directories, and into some httpd configuration directory, because that file 
has in fact 
nothing to do with tomcat. It is read by the mod_jk module, which is a 
module running in httpd, not tomcat.

I will decline the suggestion as it works for the simple 
flipping between versions as explained above.

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674

On 5/1/20, 5:07 PM, "André Warnier (tomcat/perl)"  wrote:

On 01.05.2020 20:32, Darryl Philip Baker wrote:
> Continuing the investigation:
> 
> I have the two tomcat installation in /opt/tomcat. Apache HTTPD 
references the worker file using a path that has a symbolic link that "latest" 
I can switch to point to either installation of tomcat. The workers file is 
defined in httpd.conf as "JkWorkersFile 
/opt/tomcat/latest/conf/jk/workers.properties"
> 
> Tomcat 9.0.20 works as expected. Tomcat 9.0.34 fails with just having the 
browser clocking and not returning.

I think you may have gotten everyone confused now because

1) you cannot have 2 different tomcat installations under the same 
directory (/opt/tomcat 
in your above explanation)
2) previously, you wrote that the error in one case was that you got back a 
404 error.
Now you are saying that the browser is just waiting and "not returning".
3) in the diff output below, it seems that you have a line like

 >>   worker.worker1.secret="false"

in one of the "server.xml" files (although it appears to be part of a 
comment).
That is not where such a line belongs.

Can you be more precise in exactly describing your installation, how you 
are starting one 
tomcat or the other, how you switch between them, and what happens ?

P.S. I would recommend moving yourt workers.properties file away from the 
tomcat 
directories, and into some httpd configuration directory, because that file 
has in fact 
nothing to do with tomcat. It is read by the mod_jk module, which is a 
module running in 
httpd, not tomcat.

> 
> Just to give you an idea of the differences in the control files:
> 
> [[root@lmsdevsyncapp7 tomcat]# diff apache-tomcat-9.0.20/conf/server.xml 
apache-tomcat-9.0.34/conf/server.xml
> 79c79
> < >  >  
> 119d121
> < address="127.0.0.1"
> [root@lmsdevsyncapp7 tomcat]# diff 
apache-tomcat-9.0.20/conf/jk/workers.properties

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-05-01 Thread calder

On Fri, May 1, 2020, 13:32 Darryl Philip Baker <
darryl.ba...@northwestern.edu> wrote:

> Continuing the investigation:
>
> I have the two tomcat installation in /opt/tomcat.

I assume  /opt/tomcat  is the BASE subdirectory path, where two different
versions are installed under that named BASE. something like

/opt/tomcat/tomcat9020
/opt/tomcat/tomcat9034

Apache HTTPD references the worker file using a path that has a symbolic
> link that "latest" I can switch to point to either installation of tomcat.

The workers file is defined in httpd.conf as "JkWorkersFile
> /opt/tomcat/latest/conf/jk/workers.properties"
>

So "latest" eventually points to either "20" or "34"

Tomcat 9.0.20 works as expected. Tomcat 9.0.34 fails with just having the
> browser clocking and not returning.
>

Here you state, basically, there's no response at the browser, but
eventually it should, upon timeout.

However the above statement contradicts the "404" statement below.

>

I am trying to browse to one of the JKmount URLs in this case
> https://myserver.northwestern.edu/LmsSync/.

When I point the symbolic link to the 9.0.20 installation, it works fine.

When I point the symbolic link to the 9.0.34 installation, it I get a 404
> error.

This contradicts the above "no response" statement

Here's a test I always request a client to perform during troubleshooting :

"remove the redirector from the equation and test again" .. any issue
now?(ie, go to each Tomcat directly - works?   Yes? Then it's an issue
with the redirector config).

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-05-01 Thread tomcat/perl

On 01.05.2020 20:32, Darryl Philip Baker wrote:

Continuing the investigation:

I have the two tomcat installation in /opt/tomcat. Apache HTTPD references the worker file using a 
path that has a symbolic link that "latest" I can switch to point to either installation 
of tomcat. The workers file is defined in httpd.conf as "JkWorkersFile 
/opt/tomcat/latest/conf/jk/workers.properties"

Tomcat 9.0.20 works as expected. Tomcat 9.0.34 fails with just having the 
browser clocking and not returning.

I think you may have gotten everyone confused now because

1) you cannot have 2 different tomcat installations under the same directory (/opt/tomcat 
in your above explanation)

2) previously, you wrote that the error in one case was that you got back a 404 
error.
Now you are saying that the browser is just waiting and "not returning".
3) in the diff output below, it seems that you have a line like

>>   worker.worker1.secret="false"

in one of the "server.xml" files (although it appears to be part of a comment).
That is not where such a line belongs.

Can you be more precise in exactly describing your installation, how you are starting one 
tomcat or the other, how you switch between them, and what happens ?

P.S. I would recommend moving yourt workers.properties file away from the tomcat 
directories, and into some httpd configuration directory, because that file has in fact 
nothing to do with tomcat. It is read by the mod_jk module, which is a module running in 
httpd, not tomcat.

Just to give you an idea of the differences in the control files:

[[root@lmsdevsyncapp7 tomcat]# diff apache-tomcat-9.0.20/conf/server.xml 
apache-tomcat-9.0.34/conf/server.xml
79c79
< 

119d121
< address="127.0.0.1"
[root@lmsdevsyncapp7 tomcat]# diff 
apache-tomcat-9.0.20/conf/jk/workers.properties 
apache-tomcat-9.0.34/conf/jk/workers.properties
[root@lmsdevsyncapp7 tomcat]# ls -l
total 8
drwxrwxr-x 9 tomcat tomcat 4096 May 16  2019 apache-tomcat-9.0.20
drwxr-xr-x 9 tomcat tomcat 4096 Apr 28 11:59 apache-tomcat-9.0.34
lrwxrwxrwx 1 root   root 20 Apr 28 15:00 latest -> apache-tomcat-9.0.34
[root@lmsdevsyncapp7 tomcat]#

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674

On 4/30/20, 5:09 PM, "Darryl Philip Baker"  
wrote:

 I am trying to browse to one of the JKmount URLs in this case 
https://myserver.northwestern.edu/LmsSync/. When I point the symbolic link to 
the 9.0.20 installation, it works fine. When I point the symbolic link to the 
9.0.34 installation, it I get a 404 error.

 Darryl Baker, GSEC  (he/him/his)
 Sr. System Administrator
 Distributed Application Platform Services
 Northwestern University
 1800 Sherman Ave.
 Suite 6-600 – Box #39
 Evanston, IL  60201-3715
 darryl.ba...@northwestern.edu
 (847) 467-6674

 On 4/30/20, 3:35 PM, "Christopher Schultz"  
wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256

 Darryl,

 On 4/30/20 07:59, Darryl Philip Baker wrote:
 > I am trying to upgrade a development environment from 9.0.20 to
 > 9.0.34 and I am having issues getting the tomcat-connectors-1.2.46
 > (mod_jk) to work in with the new version.

 Can you be more specific? What are you trying, and how is it (not)
 working, specifically?

 > The Apache HTTPD configuration remains unchanged the paths pass
 > through a symbolic link I change to switch versions. The
 > workers.properties file was copied over and is identical. I added
 > the same definition for the AJP connector into server.xml. I will
 > place the pieces I modified below.> Server.xml:   protocol="AJP/1.3" redirectPort="443" address="127.0.0.1"
 > enableLookups="false" tomcatAuthentication="false"
 > secretRequired="false" maxPostSize="10" />
 >
 > Workers.properties: #define 1st worker using worker1
 > worker.list=worker1
 >
 > #set properties for the worker1 worker worker.worker1.type=ajp13
 > worker.worker1.host=127.0.0.1 worker.worker1.port=8009
 > worker.worker1.lbfactor=50 worker.worker1.cachesize=10
 > worker.worker1.cache_timeout=600 worker.worker1.socket_keepalive=1
 > worker.worker1.recycle_timeout=300

 At first glance, this configuration looks fine to me.

 - -chris
 -BEGIN PGP SIGNATURE-
 Comment: Using GnuPG with Thunderbird - 
https://urldefense.com/v3/__https://www.enigmail.net/__;!!Dq0X2DkFhyF93HkjWTBQKhk!ErC-A5wGkE-dmk8oRBS9gKPW7tZZ497pTwaCVibxsqDMz0KEnkBfwlQXEg7vdkyO3a5lJcl65g$

 iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6rNncACgkQHPApP6U8
 pFh5nA//RMgbj+pgTSUqUq7zUaFvzEudyp3kfGDI7As7uvmE2BOwYABPtXjKniRF

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-05-01 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Darryl,

On 5/1/20 14:32, Darryl Philip Baker wrote:
> Continuing the investigation:
>
> I have the two tomcat installation in /opt/tomcat. Apache HTTPD
references the worker file using a path that has a symbolic link that
"latest" I can switch to point to either installation of tomcat. The
workers file is defined in httpd.conf as "JkWorkersFile
/opt/tomcat/latest/conf/jk/workers.properties"
>
> Tomcat 9.0.20 works as expected. Tomcat 9.0.34 fails with just
having the browser clocking and not returning.
>
> Just to give you an idea of the differences in the control files:
>
> [[root@lmsdevsyncapp7 tomcat]# diff
apache-tomcat-9.0.20/conf/server.xml apache-tomcat-9.0.34/conf/server.xm
l
> 79c79 < > > 
> 119d121 < address="127.0.0.1" [root@lmsdevsyncapp7 tomcat]#
> diff
apache-tomcat-9.0.20/conf/jk/workers.properties
apache-tomcat-9.0.34/conf/jk/workers.properties
> [root@lmsdevsyncapp7 tomcat]# ls -l total 8 drwxrwxr-x 9 tomcat
> tomcat 4096 May 16  2019 apache-tomcat-9.0.20 drwxr-xr-x 9 tomcat
> tomcat 4096 Apr 28 11:59 apache-tomcat-9.0.34 lrwxrwxrwx 1 root
> root 20 Apr 28 15:00 latest ->
apache-tomcat-9.0.34
> [root@lmsdevsyncapp7 tomcat]#

Something seems fishy.

First, your workers.properties files should not have had to change at
all. Were there any changes made, there?

Second, you have a diff of the server.xml files with virtually no
changes and yet 9.0.20 did NOT have a "secretRequired" attribute
available (it was introduced in 9.0.31). So why does your 9.0.20
installation have secretRequired="false" in it?

Finally, there was another change in 9.0.31 that changed the way the
connector binds to network interfaces. Your old interface specified
"127.0.0.1" (shown in the diff) and the new one does not specify
anything (except, oddly, you quoted that in your original message as
saying it DOES have address="127.0.0.1" so it's really difficult what
is real and what is not real, here. If you aren't specifying an
"address", then you are getting whatever Java finds when it looks-up
"localhost". That will either be an IPv4 or IPv6 interface. We have
seen some problems where httpd and Java come to different conclusions
as to which interface to use. It's best to specify exactly which
interface you want to use *by IP address* and not by hostname. So, if
you want to use IPv4, then use 127.0.0.1 in both places
(workers.properties and server.xml).

Hope that helps,
- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6sj3kACgkQHPApP6U8
pFgPJQ//Su/qv/PEYohk6lzma8kiyAC2+6+zo4LsIxq2yu9SKlz357rIxstFQgfd
Zdsuhs/QHZA8elpGbo3ecMZ4BikAAFHfwmXK4fEUBqSejCcdI2VY7bBumpYPIrYG
zTaOSBfX5UNA+IgWSoQvbtUutnoGIrg+cPSR+eJz/NOl87xiM2fwWaMlZFqGw5Qv
pnEpvtfljQtTiG7TC1KX8Ys91uWoiaF8SLrqW4KGdTQpkBQwMwmUFCpS0UksTnoR
jhUqb+Wxav+sjLpazwiZP0mwCx2liVKAv4TQOOMjSHU16eQRDK81HzpeZytl9A0V
qYIl3d6+d+P6+TSW0z9t1enIp6BMcl05G9g6ONUvxMsRsTaIV5UiT5iKhUP7BRHF
D0CXphFJy+4I8LSNvrjgKt0laneSF0R8JHtH5aRdsQkalJxEr4filQXSdgcwcQ2v
GhtUU5MBe56HPijml+S5v6CZ8C7SG1UhZxeVTS0jxsrQhkCPBFCVseKq5Wfsj6v3
VAJxUBBUm2eL4APBvDB24dpqY3Uiycj2yW89vY/lG93wq8fF8F9pnra4XkAIxa2N
HwQnNO508TAHULGT9fqp7mCMnTHfKeoqtY+6I1wMOV4YS8kI1wsvMtkaBnE4pweS
2dyKGnoqEZCpkK0slXHaJXX+dttVMMKFWl/JQC5pcIvfaVAhLI0=
=J0sn
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-05-01 Thread Darryl Philip Baker

Continuing the investigation:

I have the two tomcat installation in /opt/tomcat. Apache HTTPD references the 
worker file using a path that has a symbolic link that "latest" I can switch to 
point to either installation of tomcat. The workers file is defined in 
httpd.conf as "JkWorkersFile /opt/tomcat/latest/conf/jk/workers.properties"

Tomcat 9.0.20 works as expected. Tomcat 9.0.34 fails with just having the 
browser clocking and not returning.

Just to give you an idea of the differences in the control files:

[[root@lmsdevsyncapp7 tomcat]# diff apache-tomcat-9.0.20/conf/server.xml 
apache-tomcat-9.0.34/conf/server.xml
79c79
<   
119d121
< address="127.0.0.1" 
[root@lmsdevsyncapp7 tomcat]# diff 
apache-tomcat-9.0.20/conf/jk/workers.properties 
apache-tomcat-9.0.34/conf/jk/workers.properties
[root@lmsdevsyncapp7 tomcat]# ls -l 
total 8
drwxrwxr-x 9 tomcat tomcat 4096 May 16  2019 apache-tomcat-9.0.20
drwxr-xr-x 9 tomcat tomcat 4096 Apr 28 11:59 apache-tomcat-9.0.34
lrwxrwxrwx 1 root   root 20 Apr 28 15:00 latest -> apache-tomcat-9.0.34
[root@lmsdevsyncapp7 tomcat]#

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674

On 4/30/20, 5:09 PM, "Darryl Philip Baker"  
wrote:

I am trying to browse to one of the JKmount URLs in this case 
https://myserver.northwestern.edu/LmsSync/. When I point the symbolic link to 
the 9.0.20 installation, it works fine. When I point the symbolic link to the 
9.0.34 installation, it I get a 404 error.

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674

On 4/30/20, 3:35 PM, "Christopher Schultz"  
wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Darryl,

On 4/30/20 07:59, Darryl Philip Baker wrote:
> I am trying to upgrade a development environment from 9.0.20 to
> 9.0.34 and I am having issues getting the tomcat-connectors-1.2.46
> (mod_jk) to work in with the new version.

Can you be more specific? What are you trying, and how is it (not)
working, specifically?

> The Apache HTTPD configuration remains unchanged the paths pass
> through a symbolic link I change to switch versions. The
> workers.properties file was copied over and is identical. I added
> the same definition for the AJP connector into server.xml. I will
> place the pieces I modified below.> Server.xml:   protocol="AJP/1.3" redirectPort="443" address="127.0.0.1"
> enableLookups="false" tomcatAuthentication="false"
> secretRequired="false" maxPostSize="10" />
>
> Workers.properties: #define 1st worker using worker1
> worker.list=worker1
>
> #set properties for the worker1 worker worker.worker1.type=ajp13
> worker.worker1.host=127.0.0.1 worker.worker1.port=8009
> worker.worker1.lbfactor=50 worker.worker1.cachesize=10
> worker.worker1.cache_timeout=600 worker.worker1.socket_keepalive=1
> worker.worker1.recycle_timeout=300

At first glance, this configuration looks fine to me.

- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - 
https://urldefense.com/v3/__https://www.enigmail.net/__;!!Dq0X2DkFhyF93HkjWTBQKhk!ErC-A5wGkE-dmk8oRBS9gKPW7tZZ497pTwaCVibxsqDMz0KEnkBfwlQXEg7vdkyO3a5lJcl65g$

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6rNncACgkQHPApP6U8
pFh5nA//RMgbj+pgTSUqUq7zUaFvzEudyp3kfGDI7As7uvmE2BOwYABPtXjKniRF
2r/whNKQDu8VGOAp1JwTamPGpuNSh9pHW8KVqoTkr3Hg47E9fl86zE3a33/Gzq4G
Q72SZNmIyZtDvkf7autdSUXUeb1DX4KJcX7O42c7TzYp6APb82u/NUwDLRBD24FK
dVkMtkdoUgG19tsjLVNalGRkTgBNHC1ySIFikn0Tsd/28ApxCOtApn5Y85JxkjNh
GwoxbFXjTtGDVVq3Yo039xelALdquk9mm5BdA1UyANTcOx1s2VZozlVy1ayPMHNm
zPgqWLdhgRipAiLqDrPiE4u1R1PQ9wr/klQragHwY5LTzby8x1V7PAn4RZw0BRrt
yPCIAoI+dEnsiMRxfnVuNYHYbqMjTKlEF4M2zBKYuq6bpGKZEw8/IoK86kEAFYR5
trVt3o2uJ/qhn/34m4F30ilTXm7DR389ZaZ83nF4dihsst9aNmZuSUCZ6qEHTbNC
Tk1v7p+GxMJQwLglr63hfhNTij3zJPbZjQ9NXza7UiLYqqkzStXJX9JeUCjHmKsq
V6Ageh0STQm7zjRSsFse0QGP21anIxqmzkD6MmZE85v0Wsbe5gEzHXvGVpb5NdHe
ClWrI8H94YGG9XeZePvD2hlMNwCwATqJlev+IKk5WyPE+zI8BkM=
=NL+W
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-04-30 Thread tomcat/perl

On 01.05.2020 00:09, Darryl Philip Baker wrote:

I am trying to browse to one of the JKmount URLs in this case 
https://myserver.northwestern.edu/LmsSync/. When I point the symbolic link to 
the 9.0.20 installation, it works fine. When I point the symbolic link to the 
9.0.34 installation, it I get a 404 error.

Ah, here may be a clue : the 404 error page returned by Apache httpd looks significantly 
different from the 404 error page returned by Tomcat (in look). Which one are you getting ?
If you get the Apache httpd version, then the problem is that Apache httpd/mod_jk is not 
even trying to forward the call to Tomcat, and tries to map it locally to the Apache 
document space.
Conversely, if you get the Tomcat version, then it means that the call /is/ forwarded by 
httpd/mod_jk to Tomcat, but that it is tomcat somehow which does not find anything in its 
URL space that matches the forwarded link URL.

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674

On 4/30/20, 3:35 PM, "Christopher Schultz"  
wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256

 Darryl,

 On 4/30/20 07:59, Darryl Philip Baker wrote:
 > I am trying to upgrade a development environment from 9.0.20 to
 > 9.0.34 and I am having issues getting the tomcat-connectors-1.2.46
 > (mod_jk) to work in with the new version.

 Can you be more specific? What are you trying, and how is it (not)
 working, specifically?

 > The Apache HTTPD configuration remains unchanged the paths pass
 > through a symbolic link I change to switch versions. The
 > workers.properties file was copied over and is identical. I added
 > the same definition for the AJP connector into server.xml. I will
 > place the pieces I modified below.> Server.xml:   protocol="AJP/1.3" redirectPort="443" address="127.0.0.1"
 > enableLookups="false" tomcatAuthentication="false"
 > secretRequired="false" maxPostSize="10" />
 >
 > Workers.properties: #define 1st worker using worker1
 > worker.list=worker1
 >
 > #set properties for the worker1 worker worker.worker1.type=ajp13
 > worker.worker1.host=127.0.0.1 worker.worker1.port=8009
 > worker.worker1.lbfactor=50 worker.worker1.cachesize=10
 > worker.worker1.cache_timeout=600 worker.worker1.socket_keepalive=1
 > worker.worker1.recycle_timeout=300

 At first glance, this configuration looks fine to me.

 - -chris
 -BEGIN PGP SIGNATURE-
 Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

 iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6rNncACgkQHPApP6U8
 pFh5nA//RMgbj+pgTSUqUq7zUaFvzEudyp3kfGDI7As7uvmE2BOwYABPtXjKniRF
 2r/whNKQDu8VGOAp1JwTamPGpuNSh9pHW8KVqoTkr3Hg47E9fl86zE3a33/Gzq4G
 Q72SZNmIyZtDvkf7autdSUXUeb1DX4KJcX7O42c7TzYp6APb82u/NUwDLRBD24FK
 dVkMtkdoUgG19tsjLVNalGRkTgBNHC1ySIFikn0Tsd/28ApxCOtApn5Y85JxkjNh
 GwoxbFXjTtGDVVq3Yo039xelALdquk9mm5BdA1UyANTcOx1s2VZozlVy1ayPMHNm
 zPgqWLdhgRipAiLqDrPiE4u1R1PQ9wr/klQragHwY5LTzby8x1V7PAn4RZw0BRrt
 yPCIAoI+dEnsiMRxfnVuNYHYbqMjTKlEF4M2zBKYuq6bpGKZEw8/IoK86kEAFYR5
 trVt3o2uJ/qhn/34m4F30ilTXm7DR389ZaZ83nF4dihsst9aNmZuSUCZ6qEHTbNC
 Tk1v7p+GxMJQwLglr63hfhNTij3zJPbZjQ9NXza7UiLYqqkzStXJX9JeUCjHmKsq
 V6Ageh0STQm7zjRSsFse0QGP21anIxqmzkD6MmZE85v0Wsbe5gEzHXvGVpb5NdHe
 ClWrI8H94YGG9XeZePvD2hlMNwCwATqJlev+IKk5WyPE+zI8BkM=
 =NL+W
 -END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-04-30 Thread Darryl Philip Baker

I am trying to browse to one of the JKmount URLs in this case 
https://myserver.northwestern.edu/LmsSync/. When I point the symbolic link to 
the 9.0.20 installation, it works fine. When I point the symbolic link to the 
9.0.34 installation, it I get a 404 error.

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674
 

On 4/30/20, 3:35 PM, "Christopher Schultz"  
wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Darryl,

On 4/30/20 07:59, Darryl Philip Baker wrote:
> I am trying to upgrade a development environment from 9.0.20 to
> 9.0.34 and I am having issues getting the tomcat-connectors-1.2.46
> (mod_jk) to work in with the new version.

Can you be more specific? What are you trying, and how is it (not)
working, specifically?

> The Apache HTTPD configuration remains unchanged the paths pass
> through a symbolic link I change to switch versions. The
> workers.properties file was copied over and is identical. I added
> the same definition for the AJP connector into server.xml. I will
> place the pieces I modified below.> Server.xml:   protocol="AJP/1.3" redirectPort="443" address="127.0.0.1"
> enableLookups="false" tomcatAuthentication="false"
> secretRequired="false" maxPostSize="10" />
>
> Workers.properties: #define 1st worker using worker1
> worker.list=worker1
>
> #set properties for the worker1 worker worker.worker1.type=ajp13
> worker.worker1.host=127.0.0.1 worker.worker1.port=8009
> worker.worker1.lbfactor=50 worker.worker1.cachesize=10
> worker.worker1.cache_timeout=600 worker.worker1.socket_keepalive=1
> worker.worker1.recycle_timeout=300

At first glance, this configuration looks fine to me.

- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6rNncACgkQHPApP6U8
pFh5nA//RMgbj+pgTSUqUq7zUaFvzEudyp3kfGDI7As7uvmE2BOwYABPtXjKniRF
2r/whNKQDu8VGOAp1JwTamPGpuNSh9pHW8KVqoTkr3Hg47E9fl86zE3a33/Gzq4G
Q72SZNmIyZtDvkf7autdSUXUeb1DX4KJcX7O42c7TzYp6APb82u/NUwDLRBD24FK
dVkMtkdoUgG19tsjLVNalGRkTgBNHC1ySIFikn0Tsd/28ApxCOtApn5Y85JxkjNh
GwoxbFXjTtGDVVq3Yo039xelALdquk9mm5BdA1UyANTcOx1s2VZozlVy1ayPMHNm
zPgqWLdhgRipAiLqDrPiE4u1R1PQ9wr/klQragHwY5LTzby8x1V7PAn4RZw0BRrt
yPCIAoI+dEnsiMRxfnVuNYHYbqMjTKlEF4M2zBKYuq6bpGKZEw8/IoK86kEAFYR5
trVt3o2uJ/qhn/34m4F30ilTXm7DR389ZaZ83nF4dihsst9aNmZuSUCZ6qEHTbNC
Tk1v7p+GxMJQwLglr63hfhNTij3zJPbZjQ9NXza7UiLYqqkzStXJX9JeUCjHmKsq
V6Ageh0STQm7zjRSsFse0QGP21anIxqmzkD6MmZE85v0Wsbe5gEzHXvGVpb5NdHe
ClWrI8H94YGG9XeZePvD2hlMNwCwATqJlev+IKk5WyPE+zI8BkM=
=NL+W
-END PGP SIGNATURE-

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-04-30 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Darryl,

On 4/30/20 07:59, Darryl Philip Baker wrote:
> I am trying to upgrade a development environment from 9.0.20 to
> 9.0.34 and I am having issues getting the tomcat-connectors-1.2.46
> (mod_jk) to work in with the new version.

Can you be more specific? What are you trying, and how is it (not)
working, specifically?

> The Apache HTTPD configuration remains unchanged the paths pass
> through a symbolic link I change to switch versions. The
> workers.properties file was copied over and is identical. I added
> the same definition for the AJP connector into server.xml. I will
> place the pieces I modified below.> Server.xml:   protocol="AJP/1.3" redirectPort="443" address="127.0.0.1"
> enableLookups="false" tomcatAuthentication="false"
> secretRequired="false" maxPostSize="10" />
>
> Workers.properties: #define 1st worker using worker1
> worker.list=worker1
>
> #set properties for the worker1 worker worker.worker1.type=ajp13
> worker.worker1.host=127.0.0.1 worker.worker1.port=8009
> worker.worker1.lbfactor=50 worker.worker1.cachesize=10
> worker.worker1.cache_timeout=600 worker.worker1.socket_keepalive=1
> worker.worker1.recycle_timeout=300

At first glance, this configuration looks fine to me.

- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6rNncACgkQHPApP6U8
pFh5nA//RMgbj+pgTSUqUq7zUaFvzEudyp3kfGDI7As7uvmE2BOwYABPtXjKniRF
2r/whNKQDu8VGOAp1JwTamPGpuNSh9pHW8KVqoTkr3Hg47E9fl86zE3a33/Gzq4G
Q72SZNmIyZtDvkf7autdSUXUeb1DX4KJcX7O42c7TzYp6APb82u/NUwDLRBD24FK
dVkMtkdoUgG19tsjLVNalGRkTgBNHC1ySIFikn0Tsd/28ApxCOtApn5Y85JxkjNh
GwoxbFXjTtGDVVq3Yo039xelALdquk9mm5BdA1UyANTcOx1s2VZozlVy1ayPMHNm
zPgqWLdhgRipAiLqDrPiE4u1R1PQ9wr/klQragHwY5LTzby8x1V7PAn4RZw0BRrt
yPCIAoI+dEnsiMRxfnVuNYHYbqMjTKlEF4M2zBKYuq6bpGKZEw8/IoK86kEAFYR5
trVt3o2uJ/qhn/34m4F30ilTXm7DR389ZaZ83nF4dihsst9aNmZuSUCZ6qEHTbNC
Tk1v7p+GxMJQwLglr63hfhNTij3zJPbZjQ9NXza7UiLYqqkzStXJX9JeUCjHmKsq
V6Ageh0STQm7zjRSsFse0QGP21anIxqmzkD6MmZE85v0Wsbe5gEzHXvGVpb5NdHe
ClWrI8H94YGG9XeZePvD2hlMNwCwATqJlev+IKk5WyPE+zI8BkM=
=NL+W
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]

2020-04-30 Thread Darryl Philip Baker

Thank you for your suggestions. I don't see any difference in the results. I 
think I have logging turned up all the way but nothing in the way of errors 
from Tomcat. I'm looking at HTTPD now.


Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674
 

On 4/30/20, 8:43 AM, "Beard, Shawn M."  wrote:

My workers is identical to yours and it works.

Here is our connector config that is working.

Might want to try removing address="127.0.0.1" and/or 
tomcatAuthentication="false"

The fix for the Ghostcat vulnerability created some config challenges on 
the ajp protocol. I'm pretty sure it’s the tomcatAuthentication you need to 
remove.





Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528

-Original Message-
From: Darryl Philip Baker 
Sent: Thursday, April 30, 2020 7:00 AM
To: Tomcat Users List 
Subject: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]

** CAUTION: External message


I am trying to upgrade a development environment from 9.0.20 to 9.0.34 and 
I am having issues getting the tomcat-connectors-1.2.46 (mod_jk) to work in 
with the new version. The Apache HTTPD configuration remains unchanged the 
paths pass through a symbolic link I change to switch versions. The 
workers.properties file was copied over and is identical. I added the same 
definition for the AJP connector into server.xml. I will place the pieces I 
modified below.

Server.xml:



Workers.properties:
#define 1st worker using worker1
worker.list=worker1

#set properties for the worker1 worker
worker.worker1.type=ajp13
worker.worker1.host=127.0.0.1
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.recycle_timeout=300

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu<mailto:darryl.ba...@northwestern.edu>
(847) 467-6674

CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain 
private, privileged and confidential information belonging to the sender. The 
information therein is solely for the use of the addressee. If your receipt of 
this transmission has occurred as the result of an error, please immediately 
notify us so we can arrange for the return of the documents. In such 
circumstances, you are advised that you may not disclose, copy, distribute or 
take any other action in reliance on the information transmitted.

RE: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]

2020-04-30 Thread Beard, Shawn M.

My workers is identical to yours and it works.

Here is our connector config that is working.

Might want to try removing address="127.0.0.1" and/or 
tomcatAuthentication="false"

The fix for the Ghostcat vulnerability created some config challenges on the 
ajp protocol. I'm pretty sure it’s the tomcatAuthentication you need to remove.





Shawn Beard
Sr. Systems Engineer
BTS
+1-515-564-2528

-Original Message-
From: Darryl Philip Baker 
Sent: Thursday, April 30, 2020 7:00 AM
To: Tomcat Users List 
Subject: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]

** CAUTION: External message


I am trying to upgrade a development environment from 9.0.20 to 9.0.34 and I am 
having issues getting the tomcat-connectors-1.2.46 (mod_jk) to work in with the 
new version. The Apache HTTPD configuration remains unchanged the paths pass 
through a symbolic link I change to switch versions. The workers.properties 
file was copied over and is identical. I added the same definition for the AJP 
connector into server.xml. I will place the pieces I modified below.

Server.xml:



Workers.properties:
#define 1st worker using worker1
worker.list=worker1

#set properties for the worker1 worker
worker.worker1.type=ajp13
worker.worker1.host=127.0.0.1
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.recycle_timeout=300

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu<mailto:darryl.ba...@northwestern.edu>
(847) 467-6674

CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain 
private, privileged and confidential information belonging to the sender. The 
information therein is solely for the use of the addressee. If your receipt of 
this transmission has occurred as the result of an error, please immediately 
notify us so we can arrange for the return of the documents. In such 
circumstances, you are advised that you may not disclose, copy, distribute or 
take any other action in reliance on the information transmitted.

Upgrading from 9.0.20 to 9.0.34 AJP connector issue

2020-04-30 Thread Darryl Philip Baker

I am trying to upgrade a development environment from 9.0.20 to 9.0.34 and I am 
having issues getting the tomcat-connectors-1.2.46 (mod_jk) to work in with the 
new version. The Apache HTTPD configuration remains unchanged the paths pass 
through a symbolic link I change to switch versions. The workers.properties 
file was copied over and is identical. I added the same definition for the AJP 
connector into server.xml. I will place the pieces I modified below.

Server.xml:



Workers.properties:
#define 1st worker using worker1
worker.list=worker1

#set properties for the worker1 worker
worker.worker1.type=ajp13
worker.worker1.host=127.0.0.1
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.recycle_timeout=300

Darryl Baker, GSEC  (he/him/his)
Sr. System Administrator
Distributed Application Platform Services
Northwestern University
1800 Sherman Ave.
Suite 6-600 – Box #39
Evanston, IL  60201-3715
darryl.ba...@northwestern.edu
(847) 467-6674

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue

Re: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]

RE: Upgrading from 9.0.20 to 9.0.34 AJP connector issue [EXTERNAL]

Upgrading from 9.0.20 to 9.0.34 AJP connector issue

11 matches

Site Navigation

Mail list logo

Footer information