Re: a lot of 502 error with using version 7.0.68-1

Dear Christopher, Thank you for your reply. Our circumstances are so old, sorry. I want to renew them, but it seems to be difficult for these errors for now. > This might not be the best list to ask about mod_proxy_http, but there > are some people who probably have good experience with it

RE: Understanding how to controlling what data is written to log4j appenders

This is great information to know. Our installations are on AIX boxes however. Joleen On Mar 10, 2016 10:31 PM, "George Stanchev" wrote: > If you run tomcat via the windows server wrapper, you can > > "%TOMCAT_EXE%" //US//%TOMCAT_SERVICE_NAME% --StdOutput >

RE: Understanding how to controlling what data is written to log4j appenders

If you run tomcat via the windows server wrapper, you can "%TOMCAT_EXE%" //US//%TOMCAT_SERVICE_NAME% --StdOutput "%TOMCAT_CONSOLE_LOG%" --StdError "%TOMCAT_CONSOLE_LOG%" Which will redirect the stderr and stdoout to the corresponding log files George -Original Message- From: Joleen

Re: Idle Thread high CPU

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 8:38 PM, Rallavagu wrote: > > > On 3/10/16 5:23 PM, Christopher Schultz wrote: Rallavagu, > > On 3/10/16 8:10 PM, Rallavagu wrote: On 3/10/16 2:33 PM, Christopher Schultz wrote: Rallavagu, On

Re: a lot of 502 error with using version 7.0.68-1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kenchi, On 3/10/16 8:25 PM, Kenichi MASUDA wrote: > Thank you for your reply and I'm sorry for less information. > >> how are you connecting httpd -> Tomcat? >> > A client sends a request to httpd which listens as 80, after that > httpd throw it

Re: How can I fix deserialization vulnerability?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 林慶龍, On 3/10/16 8:07 PM, 林慶龍 Barry Lin wrote: > These days, Everyone talks about the vulnerability in Tomcat, and > we found that we had the same problem with “deserialization > vulnerability”. > > How can I fix deserialization vulnerability in

Re: Idle Thread high CPU

On 3/10/16 5:23 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 8:10 PM, Rallavagu wrote: On 3/10/16 2:33 PM, Christopher Schultz wrote: Rallavagu, On 3/10/16 5:16 PM, Rallavagu wrote: On 3/10/16 2:09 PM, Christopher Schultz wrote:

Re: a lot of 502 error with using version 7.0.68-1

Thank you for your reply and I'm sorry for less information. > how are you connecting httpd -> Tomcat? > A client sends a request to httpd which listens as 80, after that httpd throw it like this to the tomcat which exists in backend and serves as 8080 port with the rewrite rule. RewriteCond

Re: Idle Thread high CPU

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 8:10 PM, Rallavagu wrote: > > > On 3/10/16 2:33 PM, Christopher Schultz wrote: Rallavagu, > > On 3/10/16 5:16 PM, Rallavagu wrote: On 3/10/16 2:09 PM, Christopher Schultz wrote: Rallavagu, On 3/10/16 4:02 PM,

How can I fix deserialization vulnerability?

Dears: These days, Everyone talks about the vulnerability in Tomcat, and we found that we had the same problem with “deserialization vulnerability”. How can I fix deserialization vulnerability in tomcat? Thanks for your help! Best regard, Barry Lin 鼎捷

Re: Understanding how to controlling what data is written to log4j appenders

Thanks for the tips. I have to use the perl program for now to accomplish the task for the company but l'll continue to work this for the sake of learning and getting this changed through to application. Joleen On Mar 10, 2016 7:42 PM, "Konstantin Kolinko" wrote: >

Re: Understanding how to controlling what data is written to log4j appenders

2016-03-11 2:49 GMT+03:00 Joleen Barker : > I wanted to let you know that I really tried at this and feel the changes I > made should be working and it is a matter of the developer hard coding the > log messages to go to the stdout/stderr and became lazy as one of the

Re: Understanding how to controlling what data is written to log4j appenders

So are you suggesting to remove the ConsoleAppender from the log4j.properties that the vendor has in the WEB-INF/classes directory? Joleen On Mar 10, 2016 7:17 PM, "Konstantin Kolinko" wrote: > 2016-03-08 18:43 GMT+03:00 Christopher Schultz < >

Re: Understanding how to controlling what data is written to log4j appenders

2016-03-08 18:43 GMT+03:00 Christopher Schultz : > > Everything that says log4j.logger.[something]=[level], stdout > > Is going to send those log messages to the "stdout" appender, which is > tied to System.out. You'll need to do one of two things to dig > yourself

RE: AJP protocol auto-switching default

-Original Message- From: Rémy Maucherat [mailto:r...@apache.org] Sent: Thursday, March 10, 2016 4:41 PM To: Tomcat Users List Subject: Re: AJP protocol auto-switching default 2016-03-11 0:38 GMT+01:00 George Stanchev : > > Perhaps I am

Re: AJP protocol auto-switching default

2016-03-11 0:38 GMT+01:00 George Stanchev : > > Perhaps I am overlooking something, but the documentation for AJP [1] > > states for "protocol" > > > > > > The standard protocol value for an AJP connector is AJP/1.3 which uses > > an auto-switching mechanism to select

RE: AJP protocol auto-switching default

> Perhaps I am overlooking something, but the documentation for AJP [1] > states for "protocol" > > > The standard protocol value for an AJP connector is AJP/1.3 which uses > an auto-switching mechanism to select either a Java based connector or > an APR/native based connector. If the PATH

Re: AJP protocol auto-switching default

2016-03-10 23:55 GMT+01:00 George Stanchev : > Perhaps I am overlooking something, but the documentation for AJP [1] > states for "protocol" > > > The standard protocol value for an AJP connector is AJP/1.3 which uses an > auto-switching mechanism to select either a Java

AJP protocol auto-switching default

Perhaps I am overlooking something, but the documentation for AJP [1] states for "protocol" The standard protocol value for an AJP connector is AJP/1.3 which uses an auto-switching mechanism to select either a Java based connector or an APR/native based connector. If the PATH (Windows) or

Re: Idle Thread high CPU

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 5:16 PM, Rallavagu wrote: > On 3/10/16 2:09 PM, Christopher Schultz wrote: Rallavagu, > > On 3/10/16 4:02 PM, Rallavagu wrote: On 3/10/16 11:54 AM, Christopher Schultz wrote: > Are you sure you have matched-up the

Re: Prevent Sending of SSL Root Certificate

On Thu, Mar 10, 2016 at 4:22 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Tad, ​... > > And what tool is telling you that the root cert is being served along > with the server and intermediate certs? > > So the cert chain

Re: Idle Thread high CPU

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck, On 3/10/16 5:18 PM, Caldarale, Charles R wrote: >> From: Christopher Schultz [mailto:ch...@christopherschultz.net] >> Subject: Re: Idle Thread high CPU > >> My version of 'top' (Debian Linux) doesn't show thread ids. :( > > Can you try "top

Re: Prevent Sending of SSL Root Certificate

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tad, On 3/10/16 5:12 PM, Tad Marko wrote: > On Thu, Mar 10, 2016 at 3:59 PM, Christopher Schultz > wrote: >> Tad, >> >> On 3/10/16 4:03 PM, Tad Marko wrote: >>> Is it possible to tell tomcat to NOT send the root for a

Re: NullPointerException in MemoryRealm after upgrading to Tomcat 8.0.32 from 7.0.26

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason, On 3/10/16 4:40 PM, Jason Overland wrote: > Chris, > > On Thu, Mar 10, 2016 at 6:18 AM, Christopher Schultz > wrote: >> Give this patch a try: ... I have no idea how the options get >> parsed; we'll see if this

RE: Idle Thread high CPU

> From: Christopher Schultz [mailto:ch...@christopherschultz.net] > Subject: Re: Idle Thread high CPU > My version of 'top' (Debian Linux) doesn't show thread ids. :( Can you try "top -H" (case sensitive option)? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE

Re: Intermittent ClassNotFoundException in Jasper EL evaluation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 3/10/16 4:43 PM, Mark Thomas wrote: > On 10/03/2016 21:16, jimi.hulleg...@svensktnaringsliv.se wrote: >> On Thursday, March 10, 2016 11:20 AM, ma...@apache.org wrote: >>> 3. Why is the problem not limited to the first request for a

Re: Idle Thread high CPU

On 3/10/16 2:09 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 4:02 PM, Rallavagu wrote: On 3/10/16 11:54 AM, Christopher Schultz wrote: Are you sure you have matched-up the correct thread within the JVM that is using all that CPU? How

Re: Prevent Sending of SSL Root Certificate

On Thu, Mar 10, 2016 at 3:59 PM, Christopher Schultz wrote: > Tad, > > On 3/10/16 4:03 PM, Tad Marko wrote: > > Is it possible to tell tomcat to NOT send the root for a > > certificate chain? > > Yep. > > ... > > Just remove the root cert from your keystore, and

Re: Idle Thread high CPU

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 4:02 PM, Rallavagu wrote: > On 3/10/16 11:54 AM, Christopher Schultz wrote: >> Are you sure you have matched-up the correct thread within the >> JVM that is using all that CPU? > >> How are you measuring the CPU usage? > > It

Re: Prevent Sending of SSL Root Certificate

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tad, On 3/10/16 4:03 PM, Tad Marko wrote: > Is it possible to tell tomcat to NOT send the root for a > certificate chain? Yep. > I am trying to support some old VeriFone terminals that are pretty > limited what they expect when dealing with SSL.

Re: NullPointerException in MemoryRealm after upgrading to Tomcat 8.0.32 from 7.0.26

On 10/03/2016 21:40, Jason Overland wrote: > Chris, > > On Thu, Mar 10, 2016 at 6:18 AM, Christopher Schultz > wrote: >> Give this patch a try: >> ... >> I have no idea how the options get parsed; we'll see if this simple >> implementation will get you going again.

Re: Intermittent ClassNotFoundException in Jasper EL evaluation

On 10/03/2016 21:16, jimi.hulleg...@svensktnaringsliv.se wrote: > On Thursday, March 10, 2016 11:20 AM, ma...@apache.org wrote: >> >>> 3. Why is the problem not limited to the first request for a jsp >>> page? >> >> Because EL imports may be dynamic so the EL has to be evaluated on >> execution.

Re: NullPointerException in MemoryRealm after upgrading to Tomcat 8.0.32 from 7.0.26

Chris, On Thu, Mar 10, 2016 at 6:18 AM, Christopher Schultz wrote: > Give this patch a try: > ... > I have no idea how the options get parsed; we'll see if this simple > implementation will get you going again. > > -chris > The parsing is working correctly. After

Re: Idle Thread high CPU

On 3/10/16 1:02 PM, Konstantin Kolinko wrote: 2016-03-10 22:54 GMT+03:00 Christopher Schultz : Rallavagu, On 3/10/16 2:11 PM, Rallavagu wrote: From a thread dump and corresponding "top" output it is reported that the following thread is consuming significant

RE: Intermittent ClassNotFoundException in Jasper EL evaluation

On Thursday, March 10, 2016 11:20 AM, ma...@apache.org wrote: > > > 3. Why is the problem not limited to the first request for a jsp page? > > Because EL imports may be dynamic so the EL has to be evaluated on execution. I'm not really sure I follow you now. Can you explain what you mean with

Re: Idle Thread high CPU

2016-03-10 22:54 GMT+03:00 Christopher Schultz : > Rallavagu, > > On 3/10/16 2:11 PM, Rallavagu wrote: >> From a thread dump and corresponding "top" output it is reported >> that the following thread is consuming significant CPU (around >> 80%) >> >>

Re: Idle Thread high CPU

On 3/10/16 11:54 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 2:11 PM, Rallavagu wrote: From a thread dump and corresponding "top" output it is reported that the following thread is consuming significant CPU (around 80%)

Prevent Sending of SSL Root Certificate

Howdy! Is it possible to tell tomcat to NOT send the root for a certificate chain? I am trying to support some old VeriFone terminals that are pretty limited what they expect when dealing with SSL. I've gotten a new domain certificate issued by Go Daddy, and in my keystore I've installed this

Re: Idle Thread high CPU

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rallavagu, On 3/10/16 2:11 PM, Rallavagu wrote: > From a thread dump and corresponding "top" output it is reported > that the following thread is consuming significant CPU (around > 80%) > > "http-bio-28080-exec-437" daemon prio=10

Idle Thread high CPU

All, From a thread dump and corresponding "top" output it is reported that the following thread is consuming significant CPU (around 80%) "http-bio-28080-exec-437" daemon prio=10 tid=0x7f4acc0de000 nid=0x54ce waiting on condition [0x7f4b038f7000] java.lang.Thread.State:

Re: Tomcat mod_jk confirmation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael, On 3/10/16 11:31 AM, Michael Fox wrote: > I am running Red Hat Linux version 7.2 Apache version 2.4.6 Tomcat > version 9.0.0.M1 Tomcat connector version 1.2.41 > > I have configured Tomcat and Apache for Tomcat calls to be handled > by

Tomcat mod_jk confirmation

I am running Red Hat Linux version 7.2 Apache version 2.4.6 Tomcat version 9.0.0.M1 Tomcat connector version 1.2.41 I have configured Tomcat and Apache for Tomcat calls to be handled by Apache. I am not getting any errors when starting up Tomcat or Apache, but how can I tell if the Tomcat

Re: NullPointerException in MemoryRealm after upgrading to Tomcat 8.0.32 from 7.0.26

Jason, On 3/9/16 1:19 PM, Jason Overland wrote: > For what it's worth, that analysis & approach to fixing seem > reasonable to me. Yes I'll be glad to file a bug report and test a > patch. Give this patch a try: CUT = Index:

Re: Tomcat 8 Shared Classloader

On 10/03/2016 10:34, Theo Sweeny wrote: > Hi Mark, > > From: Mark Thomas > Sent: 10 March 2016 10:22 > To: Tomcat Users List > Subject: Re: Tomcat 8 Shared cCassloader > > On 10/03/2016 10:19, Theo Sweeny wrote: >> Hello - I've recently

Re: Intermittent ClassNotFoundException in Jasper EL evaluation

On 10/03/2016 10:19, Mark Thomas wrote: > On 10/03/2016 08:12, jimi.hulleg...@svensktnaringsliv.se wrote: >> Then surely one can look at the other implementations, and what they did to >> avoid this problem. But one thing off the top of my head would be to at >> least avoid doing that class

Re: a lot of 502 error with using version 7.0.68-1

Kenichi, On 3/10/16 4:52 AM, Kenichi MASUDA wrote: > Hi, > > I updated the tomcat on CentOS6 from 7.0.39-1 to 7.0.68-1, > and it seems to that the 502 proxy error was increased than before. > > The error is below: > - apache log: proxy: Error reading from remote server returned by > - mobile

Re: Tomcat 8 Shared Classloader

Hi Mark, From: Mark Thomas Sent: 10 March 2016 10:22 To: Tomcat Users List Subject: Re: Tomcat 8 Shared cCassloader On 10/03/2016 10:19, Theo Sweeny wrote: > Hello - I've recently noticed that there is no reference to shared.loader in >

Re: Tomcat 8 Shared cCassloader

On 10/03/2016 10:19, Theo Sweeny wrote: > Hello - I've recently noticed that there is no reference to shared.loader in > this Tomcat How To guide seen here - > > https://tomcat.apache.org/tomcat-8.0-doc/class-loader-howto.html > > Has the shared.loader property from within catalina.properties

Re: Intermittent ClassNotFoundException in Jasper EL evaluation

On 10/03/2016 08:12, jimi.hulleg...@svensktnaringsliv.se wrote: > On Wednesday, March 9, 2016 8:22 PM, ma...@apache.org wrote: >> It is a known 'feature' of the new EL requirements added in 3.0. The EL >> parser can't differentiate >> between an attribute without a scope and a reference to an

Tomcat 8 Shared cCassloader

Hello - I've recently noticed that there is no reference to shared.loader in this Tomcat How To guide seen here - https://tomcat.apache.org/tomcat-8.0-doc/class-loader-howto.html Has the shared.loader property from within catalina.properties been deprecated? If so - should shared.loader

a lot of 502 error with using version 7.0.68-1

Hi, I updated the tomcat on CentOS6 from 7.0.39-1 to 7.0.68-1, and it seems to that the 502 proxy error was increased than before. The error is below: - apache log: proxy: Error reading from remote server returned by - mobile phone display: 502 proxy error. The proxy server received an invalid

RE: Intermittent ClassNotFoundException in Jasper EL evaluation

On Wednesday, March 9, 2016 8:22 PM, ma...@apache.org wrote: > It is a known 'feature' of the new EL requirements added in 3.0. The EL > parser can't differentiate > between an attribute without a scope and a reference to an static field. > > See

Re: Mapping servlet to non English url pattern

Christopher, On Wed, Mar 9, 2016 at 5:38 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > Yuval, > > On 3/8/16 4:04 PM, Yuval Schwartz wrote: > > @WebServlet(name="SomeServlet", urlPatterns={"/help/why-no-work", > > "/iw/help/למה-לא-עובד", > >