Re: Tomcat silently shuts down after 10 minutes

2024-07-05 Thread Michael Kosma
Bryan, I would set Tomcat up as a service and let systemd handle startup and shutdown. Create a unit file for tomcat: /etc/systemd/system/tomcat.service - Begin Unit File Contents [Unit] Description=Tomcat 9.0 After=network.target [Service] Type=forking User=joe Group=joe

Re: JVM crashing with caCertificatePath in server.xml

2024-05-22 Thread Michael Osipov
On 2024/05/22 00:05:18 Andy Arismendi wrote: > Hi Micheal, you had asked to try these - > http://home.apache.org/~michaelo/issues/tomcat/openssl-crash/. I replaced my > files with these but Tomcat failed to start at this point with this message - > > 22-May-2024 00:02:30.808 INFO [main]

Re: JVM crashing with caCertificatePath in server.xml

2024-05-22 Thread Michael Osipov
On 2024/05/22 00:05:18 Andy Arismendi wrote: > Hi Micheal, you had asked to try these - > http://home.apache.org/~michaelo/issues/tomcat/openssl-crash/. I replaced my > files with these but Tomcat failed to start at this point with this message - > > 22-May-2024 00:02:30.808 INFO [main]

Re: JVM crashing with caCertificatePath in server.xml

2024-05-22 Thread Michael Osipov
On 2024/05/21 18:04:18 Christopher Schultz wrote: > Michael, > > On 5/21/24 03:32, Michael Osipov wrote: > > On 2024/05/20 13:30:43 Christopher Schultz wrote: > >> Michael, > >> > >> On 5/20/24 06:52, Michael Osipov wrote: > >>> On 2024/05

Re: JVM crashing with caCertificatePath in server.xml

2024-05-21 Thread Michael Osipov
On 2024/05/20 13:30:43 Christopher Schultz wrote: > Michael, > > On 5/20/24 06:52, Michael Osipov wrote: > > On 2024/05/17 15:11:58 Christopher Schultz wrote: > >> Michael, > >> > >> On 5/17/24 03:42, Michael Osipov wrote: > >>> On 2024/05

Re: JVM crashing with caCertificatePath in server.xml

2024-05-20 Thread Michael Osipov
On 2024/05/17 15:11:58 Christopher Schultz wrote: > Michael, > > On 5/17/24 03:42, Michael Osipov wrote: > > On 2024/05/16 21:37:34 Christopher Schultz wrote: > >> Michael, > >> > >> On 5/16/24 12:00, Michael Osipov wrote: > >>> On 2024/05/16

Re: JVM crashing with caCertificatePath in server.xml

2024-05-17 Thread Michael Osipov
On 2024/05/16 21:37:34 Christopher Schultz wrote: > Michael, > > On 5/16/24 12:00, Michael Osipov wrote: > > On 2024/05/16 15:55:04 Andy Arismendi wrote: > >> Ok great! Thank you for taking the time and making the effort to look into > >> this Michael

Re: JVM crashing with caCertificatePath in server.xml

2024-05-16 Thread Michael Osipov
On 2024/05/16 15:55:04 Andy Arismendi wrote: > Ok great! Thank you for taking the time and making the effort to look into > this Michael, much appreciated! Here is a dynamically linked, patched version until there is an official release: http://home.apache.org/~michaelo/issues/tomcat/o

Re: JVM crashing with caCertificatePath in server.xml

2024-05-16 Thread Michael Osipov
On 2024/05/15 20:35:08 Michael Osipov wrote: > On 2024/05/15 14:41:43 Michael Osipov wrote: > > Good news. I can reproduce on Windows: > > 15-May-2024 16:40:31.092 INFORMATION [main] > > org.apache.coyote.AbstractProtocol.init Initialisiere > > ProtocolHandler["

Re: JVM crashing with caCertificatePath in server.xml

2024-05-15 Thread Michael Osipov
On 2024/05/15 14:41:43 Michael Osipov wrote: > Good news. I can reproduce on Windows: > 15-May-2024 16:40:31.092 INFORMATION [main] > org.apache.coyote.AbstractProtocol.init Initialisiere > ProtocolHandler["https-openssl-apr-18444"] > 15-May-2024 1

Re: JVM crashing with caCertificatePath in server.xml

2024-05-15 Thread Michael Osipov
Good news. I can reproduce on Windows: 15-May-2024 16:40:31.092 INFORMATION [main] org.apache.coyote.AbstractProtocol.init Initialisiere ProtocolHandler["https-openssl-apr-18444"] 15-May-2024 16:40:31.144 WARNUNG [main] org.apache.tomcat.util.net.SSLUtilBase.getEnabled Tomcat interprets the

Re: JVM crashing with caCertificatePath in server.xml

2024-05-15 Thread Michael Osipov
On 2024/05/15 01:51:41 Andy Arismendi wrote: > ADDITIONAL ENVIRONMENT INFO UPDATE: > > libtcnative: org.apache.catalina.core.AprLifecycleListener.lifecycleEvent > Loaded Apache Tomcat Native library [1.3.0] using APR version [1.7.4]. > > CRASH LOG > > See enclosed: hs_err_pid4464.log > >

Re: JVM crashing with caCertificatePath in server.xml

2024-05-15 Thread Michael Osipov
files in a > > directory. > > The Tomcat documentation does say this just needs to be a directory full > of PEM files. I can trace through the code to see if it's more like what > Michael-O posted. Honestly, the whole idea of having to run c_rehash is > a stupid hack fo

Re: JVM crashing with caCertificatePath in server.xml

2024-05-15 Thread Michael Osipov
osed: hs_err_pid4464.log Attachments are stripped. You not to upload it somewhere or send via email. Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: JVM crashing with caCertificatePath in server.xml

2024-05-14 Thread Michael Osipov
On 2024/05/14 19:23:47 Andy Arismendi wrote: > Sure thing - > > ADDITIONAL ENVIRONMENT INFO: > > libtcnative: tcnative-1.dll is included in the Tomcat 9.0.89 64-bit Windows > zip download, not sure about the version... > OpenSSL version: 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)

Re: JVM crashing with caCertificatePath in server.xml

2024-05-14 Thread Michael Osipov
On 2024/05/14 18:21:36 Andy Arismendi wrote: > Hi, just ran into this today. The JVM is crashing when caCertificatePath is > added to server.xml. I tried the latest Zulu JRE 8 and 11 but still had the > crash. > > > ENVIRONMENT > > Tomcat: 9.0.89 (64-bit Windows zip) > OS: Windows Server 2019

Re: SPNEGO GSSCaller {UNKNOWN} No Delegated Creds

2024-05-07 Thread Michael Osipov
environment. I use it as well. Michael On 2024/05/03 13:42:39 Tom Delaney wrote: > Thanks for the reply Michael, > > I'm trying to achieve retrieving delegated credentials. I'm confused by the > debug output because I'm being told that authentication succeeded but no > indica

Re: SPNEGO GSSCaller {UNKNOWN} No Delegated Creds

2024-05-03 Thread Michael Osipov
On 2024/05/02 19:20:59 Tom Delaney wrote: > Hi All, > > Sorry for the duplicate requests. The first one was accidentally flagged > for Google's new Confidential Mode which happened to be flagged. > I have a red hat 9.2 server hosting a web application on a single instance > of Apache Tomcat. This

Re: [ANN] Apache Tomcat Native 1.3.0 released

2024-02-13 Thread Michael Osipov
On 2024/02/13 08:46:42 Mark Thomas wrote: > The Apache Tomcat team announces the immediate availability of Apache > Tomcat Native 1.3.0 stable. > > The key features of this release are: > > - The minimum supported OpenSSL version is 1.1.1 > - The minimum supported APR version in 1.6.3 > - The

Tomcat Instance unable to connect to DB with TCPS

2024-02-08 Thread Kebret, Michael
Tomcat version 9.0.83 running on Linux redhat 7 java 11.0.20. When changing the protocol from TCP to TCPS in Catalina.properties and in server.xml we have attribute truststorePassword= (tested with both cleartext and encrypted) password connection is refused to the DB and get the below

Re: Rotating/archiving catalina.out

2024-01-30 Thread Michael Osipov
_ldadocgen_prod_1.pid SIGUSR1 Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Problems with cross app uploads (migrating from 9.0.35 to 9.0.84)

2024-01-15 Thread Michael Osipov
ut simply didn't have the time to work on a tomcatX-split port. Michael [1] https://github.com/freebsd/freebsd-ports/blob/4430a994eea5d6b2ed84c940963788069d6fd1d6/www/tomcat9/Makefile#L42 - To unsubscribe, e-mail: users-unsubscr.

Re: 9.0.83 addSslHostConfig failures?

2023-11-21 Thread Michael Osipov
On 2023/11/21 11:25:11 Michael Osipov wrote: > On 2023/11/20 22:14:14 Daniel Skiles wrote: > > Was there a change to the addSslHostConfig JMX mbean operation between > > 9.0.82 and 9.0.83? I have some code that works in 82, but fails with an > > MBeanException:

Re: 9.0.83 addSslHostConfig failures?

2023-11-21 Thread Michael Osipov
On 2023/11/20 22:14:14 Daniel Skiles wrote: > Was there a change to the addSslHostConfig JMX mbean operation between > 9.0.82 and 9.0.83? I have some code that works in 82, but fails with an > MBeanException: Cannot find operation [addSslHostConfig] in 9.0.83. > > When I attempt to look at the

DBCP exception after Tomcat 10.1.13 -> 10.1.14 upgrade

2023-10-10 Thread Michael Hayes
I have just upgraded a working Tomcat 10.1.13 installation to Tomcat 10.1.14, on Rocky Linux 9.2, PostgreSQL 11.20, JDBC driver 42.6.0, Java 17.0.8. During startup I get this exception: java.sql.SQLException at

Re: AW: Solution to "Invalid keystore format" (cross-posted to Tomcat Users List at Apache, and Java 400 List at Midrange)

2023-09-12 Thread Michael Osipov
On 2023/09/12 07:06:52 "Thomas Hoffmann (Speed4Trade GmbH)" wrote: > Hallo James, > > > -Ursprüngliche Nachricht- > > Von: James H. H. Lampert > > Gesendet: Montag, 11. September 2023 18:31 > > An: Java 400 List ; Tomcat Users List > > > > Betreff: Solution to "Invalid keystore format"

Re: Tomcat 9.0.76 Memory leak with Java 17

2023-07-12 Thread Michael Osipov
On 2023/07/11 18:16:24 Christopher Schultz wrote: > You should report all of the previous issues to Oracle against their > ORDS version 22.1 and ask them to fix them. It's why you write those > big, fat checks in the first place ;) This doesn't really matter. I have reported a memory leak in

Re: Apache Tomcat 9.x end of life

2023-06-09 Thread Osipov, Michael (SMD IT IN)
On 2023-06-08 18:17, Mark Thomas wrote: On 08/06/2023 16:32, Zoltan Balogh wrote: Dear Apache Team, I just would like to ask is there any planned EOL for Tomcat 9? Best guess at the moment (and it is only a guess - no decisions have been made) is 3 years after 8.5.x is EOL which gives a

Re: AbstractEndpoint#logCertificate() prints incorrect information

2023-06-09 Thread Osipov, Michael (SMD IT IN)
On 2023-06-08 15:36, Mark Thomas wrote: On 08/06/2023 14:22, Osipov, Michael (SMD IT IN) wrote: On 2023-06-08 14:45, Mark Thomas wrote: On 08/06/2023 12:25, Osipov, Michael (SMD IT IN) wrote: Folks, I am running of 8.5.88 and noticed these lines in my catalina.out: 2023-06-08T12:38:54.938

Re: AbstractEndpoint#logCertificate() prints incorrect information

2023-06-08 Thread Osipov, Michael (SMD IT IN)
On 2023-06-08 14:45, Mark Thomas wrote: On 08/06/2023 12:25, Osipov, Michael (SMD IT IN) wrote: Folks, I am running of 8.5.88 and noticed these lines in my catalina.out: 2023-06-08T12:38:54.938 INFORMATION [main] org.apache.tomcat.util.net.AbstractEndpoint.logCertificate Connector [https

AbstractEndpoint#logCertificate() prints incorrect information

2023-06-08 Thread Osipov, Michael (SMD IT IN)
It causes, at least, confusion that a user/admin has missed to configure something. Should I file a bug? Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: [solved] How to debug 404s / How to enable error log

2023-02-01 Thread Michael B Allen
E=/path/to/myapp-base ${CATALINA_HOME}/bin/catalina.sh run "$@" A minimal bin\run.bat for Windows might look like: setlocal set "JRE_HOME=C:\tmp\java17" set "CATALINA_HOME=C:\tmp\tomcat10" set "CATALINA_BASE=C:\tmp\myapp-base" %CATALINA_HOME%\bin\catalina.ba

Re: [solved] How to debug 404s / How to enable error log

2023-01-31 Thread Michael B Allen
On Tue, Jan 31, 2023 at 4:33 PM Konstantin Kolinko wrote: > > INFO: No global web.xml found > > The above message is odd. > Essentially, it means that the file %CATALINA_BASE%\conf\web.xml does not > exist. > Solved. That was it. After copying over the conf/web.xml into myapp-base/conf, the

How to debug 404s / How to enable error log

2023-01-31 Thread Michael B Allen
This is embarrassing. I have apparently forgotten how to operate Tomcat. I just downloaded openjdk 17, Tomcat 10.1.5 to a clean Windows 10, upacked everything, created a myapp-base with a .bat like: --8<-- bin\start.bat --8<-- setlocal set "JRE_HOME=C:\tmp\java17" set

Re: javax.servlet vs jakarta.servlet?

2021-12-30 Thread Michael B Allen
on see that the file is updated without reloading the webapp (maybe even if the app is packaged as a war) is very useful. On the other hand I don't think I would want another 10 classes just to create some kind of ancillary webapp storage abstraction. Mike -- Michael B Allen Java Active Directory Integratio

Re: javax.servlet vs jakarta.servlet?

2021-12-29 Thread Michael B Allen
On Wed, Dec 29, 2021 at 2:07 PM Mark Thomas wrote: > One of the advantages of moving to Eclipse is that everyone involved in > the spec, not just the spec lead, has an equal say in what goes into the > spec. That sounds like design by committee which is my concern. IMO the only way to design a

Re: javax.servlet vs jakarta.servlet?

2021-12-29 Thread Michael B Allen
On Tue, Dec 28, 2021 at 10:52 AM Mark Thomas wrote: > > On 28/12/2021 14:58, Michael B Allen wrote: > > On Tue, Dec 28, 2021 at 3:29 AM Johan Compagner > > wrote: > >> > >> Will that really work? > > > > No. > > > > Clearly I'm not pa

Re: javax.servlet vs jakarta.servlet?

2021-12-28 Thread Michael B Allen
Tomcat to support both javax.servlet and jakarta.servlet even if it were difficult to do for some reason I'm not seeing. Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ - To unsubscribe, e-mail: users-un

javax.servlet vs jakarta.servlet?

2021-12-27 Thread Michael B Allen
assume one just has to add whatever javax.servlet jar to make Tomcat 10 work with a javax.servlet lib or app? Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ - To unsubscribe, e-mail: users

Re: Authentication with Browser stopped working / missing exception handling in getRemainingLifetime

2021-11-23 Thread Michael B Allen
On Tue, Nov 23, 2021 at 2:59 PM Thomas Hoffmann (Speed4Trade GmbH) wrote: > > Short Addendum: > > The "destroyed" flag gets set, when the dispose-method of the > GSSCredentialImpl was invoked. > Currently, I have no clue when and how it happens, but I have seen this > problem every few months.

Re: Authentication with Browser stopped working / missing exception handling in getRemainingLifetime

2021-11-23 Thread Michael B Allen
t I think the only real short term solution for now would be to catch the IllegalStateException and just set left = 0. Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ - To unsubscribe, e-mail: users

Re: How to *properly* create and use a CATALINA_BASE installation

2021-11-18 Thread Michael B Allen
indows service would know the difference between a link and the directory it points to. If it did, that would make mklink pretty useless. Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ - To unsubscr

Re: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread Michael B Allen
On Wed, Nov 17, 2021 at 9:05 PM Mark Eggers wrote: > CATALINA_HOME and CATALINA_BASE are links to an appropriate Tomcat > installation, and one configured for that particular service. > > Then to upgrade to a new Tomcat, you do the following: > > 1. Unpack the new reference version of Tomcat

Re: How to *properly* create and use a CATALINA_BASE installation

2021-11-17 Thread Michael B Allen
the self-contained $CATALINA_BASE/bin/run.sh method is probably a little better for most cases (although I still need to study the Windows service use-case which is probably important). Mike -- Michael B Allen Java Active Directory Integration http://www.i

Re: How to *properly* create and use a CATALINA_BASE installation

2021-11-16 Thread Michael B Allen
ld completely separate the installation from the host and environment. Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additiona

Re: How to *properly* create and use a CATALINA_BASE installation

2021-11-15 Thread Michael B Allen
completely. I no longer get 404's and the application works. But I would like to further understand this as much as possible to document it for my customers. Thanks, Mike -- Michael B Allen Java Active Directory Integrati

How to *properly* create and use a CATALINA_BASE installation

2021-11-15 Thread Michael B Allen
uch just seeing it work. Thanks, Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Mimicking two distinct virtual hosts just like in HTTPd

2021-11-09 Thread Michael Osipov
Am 2021-11-08 um 17:36 schrieb Mark Thomas: On 08/11/2021 15:36, Michael Osipov wrote: Folks, consider the following in httpd.conf: Listen {IP}:8443 Listen {IP}:8444 later:    DocumentRoot /www/webapps1    ServerName {hostname}    mod_ssl config...    DocumentRoot /www/webapps2

Mimicking two distinct virtual hosts just like in HTTPd

2021-11-08 Thread Michael Osipov
/IP address. From my understanding of the server.xml I would need set up *two* Service elements with one Engine, Connector and Host each. Is my understanding correct? Michael - To unsubscribe, e-mail: users-unsubscr

Re: JASPIC Plugin for OIDC/JWT/OAuth

2021-10-08 Thread Michael Kolenda
Thanks Mark! Will take a look On Fri, Oct 8, 2021, 5:01 AM Mark Thomas wrote: > On 07/10/2021 18:37, Michael Kolenda wrote: > > Hey Tomcat Users, > > > > I've run into an interesting behavior with a custom JASPIC provider. When > > there is an existing session i.e. JS

JASPIC Plugin for OIDC/JWT/OAuth

2021-10-07 Thread Michael Kolenda
Hey Tomcat Users, I've run into an interesting behavior with a custom JASPIC provider. When there is an existing session i.e. JSESSIONID cookie, It appears the groups/roles are not checked again... even when the new groups are provided in the client Subject (JASPIC's validate() ). When attempting

Re: Specifying a Custom Authenticator Class

2021-10-03 Thread Michael Osipov
Am 2021-10-02 um 02:48 schrieb Jerry Malcolm: I need to write a custom BasicAuthenticator class to decode a specialized encoding of the authToken.  I have been scouring google for info.  I found one post where the answer included the statement: This would clearly violate Basic auth scheme and

Re: reporting a problem with LDAP auth to Windows Active Directory with Kerberos using the default spnegoDelegationQop="auth-conf" value for Tomcat 9.0.31 and 9.0.52

2021-09-19 Thread Michael Osipov
Am 2021-09-14 um 18:23 schrieb Tim Miller Dyck: Hello, I wanted to report an issue with Tomcat LDAP user authentication lookups with Tomcat container Kerberos security that I found in our environment when upgrading to version Tomcat 9.0.52 from 9.0.30 and what configuration settings bypassed

Re: JNDIRealm does not retry on read timeouts or closed connections

2021-09-07 Thread Osipov, Michael (LDA IT PLM)
Am 2021-09-06 um 11:21 schrieb Mark Thomas: On 06/09/2021 09:52, Osipov, Michael (LDA IT PLM) wrote: My question is: Mark, you have direct access to JBS, would you be willing to file this issue directly or do you want me to file through bugreport.java.com first and when it arrives in JBS

Re: JNDIRealm does not retry on read timeouts or closed connections

2021-09-06 Thread Osipov, Michael (LDA IT PLM)
Am 2021-09-06 um 11:21 schrieb Mark Thomas: On 06/09/2021 09:52, Osipov, Michael (LDA IT PLM) wrote: My question is: Mark, you have direct access to JBS, would you be willing to file this issue directly or do you want me to file through bugreport.java.com first and when it arrives in JBS

JNDIRealm does not retry on read timeouts or closed connections

2021-09-06 Thread Osipov, Michael (LDA IT PLM)
report.java.com first and when it arrives in JBS you could drop a comment that this also affects Tomcat? Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: how to tune cacheMaxSize

2021-08-20 Thread Michael Richardson
Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature

Re: how to tune cacheMaxSize

2021-08-20 Thread Michael Richardson
Christopher Schultz wrote: > That's quite a long time (1643381ms), and the timestamps match-up. > So you tried to get a thread-dump during this 27-minute period and the > process simply wouldn't respond? Correct. > It is during this 27-minute period that the CPU is pegged?

Re: how to tune cacheMaxSize

2021-08-19 Thread Michael Richardson
! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ - To unsubscribe, e-mail: users-unsubscr

Re: how to tune cacheMaxSize

2021-08-19 Thread Michael Richardson
[1] milliseconds -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature

Re: how to tune cacheMaxSize

2021-08-19 Thread Michael Richardson
0.52/conf/logging.properties No logs. ^\ nothing. ^C nothing. Needs yee-old kill-9 to exit. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.

Re: how to tune cacheMaxSize

2021-08-17 Thread Michael Richardson
> That "run" is important: it will run Tomcat in the current console > instead of in the background as a service. You'll get stdout directly > on your console, no log files to worry about. okay. -- ] Never tell me the odds! | ipv6 mesh

Re: trying to deploy oscar (was Re: how to tune cacheMaxSize )

2021-08-16 Thread Michael Richardson
[ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature

Re: how to tune cacheMaxSize

2021-08-16 Thread Michael Richardson
dly, on the main PID of the process, and >> gotten no output. > Anything in the other log files? Nope. > Instead of kill -3, what if you use the "jstack" utility and provide > the PID of the running process? (You'll want to provide the PID of the > parent JVM p

trying to deploy oscar (was Re: how to tune cacheMaxSize )

2021-08-14 Thread Michael Richardson
in PID of the process, and gotten no output. Complete log is now at: https://www.sandelman.ca/tmp/terapia9/catalina.2021-08-14.log-2 -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ]

Re: how to tune cacheMaxSize

2021-08-14 Thread Michael Richardson
This time, after apt-get purge tomcat9 and re-install, I seem to be in 100% CPU before I've deployed oscar or even updated the tomcat-users.xml to enable the manager login. HTOP view attached at bottom. (4 virtual CPUs, 4G of ram. KVM VM running ubuntu 18.04, on a server running ubuntu core 20)

Re: how to tune cacheMaxSize

2021-08-14 Thread Michael Richardson
Thank you for the reply. Christopher Schultz wrote: > On 8/12/21 11:05, Michael Richardson wrote: >> I am trying to deploy OSCAR-EMR > Wow, that still exists? I remember more than a decade ago being asked > to integrate a product at $work with that thing as a

Re: how to tune cacheMaxSize

2021-08-12 Thread Michael Richardson
Michael Richardson wrote: > Then, port 8080 stops responding. And also I see new connections just > stall. to be clear, this is what I mean: oscar-serv03-[~] root 213 #netstat -tan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local A

how to tune cacheMaxSize

2021-08-12 Thread Michael Richardson
to a proxy-pass Apache, but also I have virtio /dev/random, and I also ln /dev/urandom to /dev/random just in case...) -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelma

Re: Updating Oracle JDK or JRE from 1.8.0-1.8.0_291 to 1.8.0-1.8.0_301, Breaks Apache Tomcat 9 Connector Http11AprProtocol

2021-08-01 Thread Michael Osipov
https://bugs.openjdk.java.net/browse/JDK-8202837 https://www.oracle.com/java/technologies/javase/8u301-bugfixes.html What now? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail:

Re: Enhancement: Additional user attributes queried by (some) realms

2021-05-27 Thread Michael Osipov
You read my mind. I always wanted to report this, but never find time. Implemented this for our realm and principal years ago: http://tomcatspnegoad.sourceforge.net/apidocs/net/sf/michaelo/tomcat/realm/ActiveDirectoryPrincipal.html#getAdditionalAttributes-- The entire principal should be

AJAX value %27 results in 403 forbidden

2021-03-20 Thread Michael Duffy
I need help from the very capable and experienced IT professionals on this list. Can you help solve this problem: https://stackoverflow.com/questions/66715576/ajax-value-27-results-in-403-forbidden Thx!

Re: HTTP thread pool size remained high after database failover

2020-11-11 Thread Michael Osipov
Am 2020-11-11 um 12:40 schrieb Suvendu Sekhar Mondal: Hello Everyone, During database failover resiliency testing we noticed something unusual which we still cannot explain. So, reaching out to the community for help. Application Setup: AdoptOpenJDK 1.8.192, Tomcat 7.0.55, Apache httpd,

Re: No thread name in AccessLogValve printed

2020-10-20 Thread Michael Osipov
Am 2020-10-20 um 11:44 schrieb Mark Thomas: On 20/10/2020 10:10, Michael Osipov wrote: Folks, I have seen recently entried like this on our access logs: 2020-10-19T20:00:05.591 [null] xyz - "-" 400 - 0 2020-10-19T20:00:05.591 [null] abc- "-" 400 - 0 2020-10-19T20:

No thread name in AccessLogValve printed

2020-10-20 Thread Michael Osipov
it is malformed because before it is handled to a worker? I am not sure whether "info != null && info.getgetWorkerThreadName() != null" would be the right change here. Does someone know better? Michael --

Re: OpenSSL prompts for key password

2020-10-15 Thread Michael Osipov
Am 2020-10-15 um 17:34 schrieb Christopher Schultz: Michael, On 10/15/20 08:12, Michael Osipov wrote: Michael, On 10/14/20 12:46, Michael Osipov wrote: Folks, I have recently upgrade a cert and left out the last char of the key password by accident. # /sbin/init.d/tomcat-smartld start

Re: Re: OpenSSL prompts for key password

2020-10-15 Thread Michael Osipov
> Michael, > > On 10/14/20 12:46, Michael Osipov wrote: > > Folks, > > > > I have recently upgrade a cert and left out the last char of the key > > password by accident. > > > >> # /sbin/init.d/tomcat-smartld start > >> Starting Apache

OpenSSL prompts for key password

2020-10-14 Thread Michael Osipov
to inhibit the interactive prompt. Does someone know whether we can make this better with libtcnative? Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h

Re: Tomcat JDBC Pool Cleaner Deadlock Problem

2020-08-27 Thread Michael Ng
I had a similar issue with JDBC and it got fixed by adding this parameter 'numTestsPerEvictionRun'=> '3', 'auth' => 'Container', 'driverClassName' => 'oracle.jdbc.OracleDriver', 'maxActive' =>

Re: [tomcat-users] Re: getting web application version string?

2020-08-17 Thread Michael Osipov
Am 2020-08-17 um 17:57 schrieb Jason Pyeron: -Original Message- From: Michael Osipov Sent: Sunday, August 16, 2020 1:27 PM Am 2020-08-16 um 18:16 schrieb Jason Pyeron: Is there a better way than this? Specifically - detect running Tomcat, then if under Tomcat (today only interested

Re: getting web application version string?

2020-08-16 Thread Michael Osipov
can use my listener, it will expose all all context-related information via JNDI. Give it a try: http://mo-tomcat-ext.sourceforge.net/user-guide.html#ContextNamingInfoListener Michael - To unsubscribe, e-mail: users-unsubscr

Re: [Tomcat 9.0.37] Https / SSL on Windows server 2016 with windows certificate store

2020-07-12 Thread Michael Osipov
is to write the simplest code, open Windows-MY iterate over all keys, print keys and then you will know what these display names are. The DNS name you use is obviously not the right one since it had to be CERT_NAME_DNS_TYPE. Good luck, Michael

Re: Looking for mod_proxy_ajp or mod_proxy_http users

2020-07-09 Thread Michael Osipov
ile. I wish I could use Tomcat directly, there are several annoying bugs in mod_proxy_http discussing with httpd devs. Michael - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: RFC7807 ErrorReportValve

2020-07-07 Thread Michael Osipov
Am 2020-07-06 um 16:04 schrieb Mark Thomas: On 05/07/2020 10:28, Michael Osipov wrote: Am 2020-07-02 um 21:30 schrieb Thomas Meyer: Hi, What are your opinions on providing a RFC7807 based ErrorReportValve as part of Tomcat default distribution? Thomas, this has been bugging me for a while

Re: RFC7807 ErrorReportValve

2020-07-05 Thread Michael Osipov
? Tomcat produced errors or by a framework? As for the framework, I would prefer to file an issue with Spring Framework first and see what the devs say because this would solely solve a symptom. Michael - To unsubscribe, e-mail

Re: jsvc - non root - log as root

2020-06-27 Thread Michael Osipov
Am 2020-06-26 um 09:21 schrieb Jürgen Weber: Hi, when you run tomcat with jsvc and have jsvc drop privileges to a different user, stdout and stderr log files are still created with root as owner. Can you make jsvc create them as the -user ? What is you actual problem with that? I have talked

Re: Connection Closure due to Fatal Stream with HTTP2

2020-06-13 Thread Michael Osipov
Am 2020-06-13 um 08:42 schrieb Chirag Dewan: Hi, We are observing that under high load, my clients start receiving a GoAway frame with error: *Connection[{id}], Stream[{id}] an error occurred during processing that was fatal to the connection.* Background : We have implemented our clients to

Re: Should Tomcat 10 enable response compression by default?

2020-06-10 Thread Michael Osipov
Am 2020-06-09 um 22:20 schrieb Mark Thomas: Hi all, An enhancement has been opened to enable response compression by default: https://bz.apache.org/bugzilla/show_bug.cgi?id=64431 In short, the proposal is to change the default for the Connector's compression attribute from "off" to "on". This

Re: Tomcat 9.0.27 loads incorrect openssl version

2020-06-07 Thread Michael Osipov
Am 2020-06-07 um 21:31 schrieb Norbert Elbanbuena: Hi Michael, Interesting I find multiple files. You have managed to mess up your system. The loader hierarchy looks wrong. # ldd -v /usr/lib/libtcnative-1.so I assume that this is provided by your package manager. If so linux

Re: Tomcat 9.0.27 loads incorrect openssl version

2020-06-07 Thread Michael Osipov
Am 2020-06-07 um 20:16 schrieb Norbert Elbanbuena: Hi, I removed the previous version of OpenSSL 1.0.2k-fips from yum. Then I installed OpenSSL 1.1.1g from source and made a clean install of tomcat-native 1.2.24 pointing to the correct OpenSSL path. When I start Tomcat, it still shows OpenSSL

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-27 Thread Osipov, Michael
I see no silver bullet here. It seriously depends on the usecase. If the usecase contains a slow link between client and server, I prefer 0. For a fast link, it depends on the average size of the request payload. Can pr

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-27 Thread Osipov, Michael
Am 2020-05-27 um 12:35 schrieb Mark Thomas: On 27/05/2020 10:59, Osipov, Michael wrote: Am 2020-05-27 um 10:51 schrieb Mark Thomas: On 22/05/2020 22:59, Osipov, Michael wrote: I found one issue with HttpClient and Tomcat via HTTP/1.1. I have decrypted the TLS traffic [1]. I can see

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-27 Thread Osipov, Michael
Am 2020-05-27 um 10:51 schrieb Mark Thomas: On 22/05/2020 22:59, Osipov, Michael wrote: I found one issue with HttpClient and Tomcat via HTTP/1.1. I have decrypted the TLS traffic [1]. I can see that HttpClient sends the headers also with a 4 KiB large chunk of the ZIP file. In return

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-26 Thread Osipov, Michael
Am 2020-05-22 um 13:26 schrieb Mark Thomas: On 21/05/2020 23:30, Osipov, Michael wrote: Output will be sent privately. Got it. Tx. Looking at the direct case. It looks like you have debug logging enabled for everything. You only need it for the org.apache.coyote.http2 package. grep

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-22 Thread Osipov, Michael
Am 2020-05-22 um 18:51 schrieb [ext] Osipov, Michael: Am 2020-05-22 um 13:26 schrieb Mark Thomas: On 21/05/2020 23:30, Osipov, Michael wrote: Output will be sent privately. Got it. Tx. Looking at the direct case. It looks like you have debug logging enabled for everything. You only

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-22 Thread Osipov, Michael
Am 2020-05-22 um 13:26 schrieb Mark Thomas: On 21/05/2020 23:30, Osipov, Michael wrote: Output will be sent privately. Got it. Tx. Looking at the direct case. It looks like you have debug logging enabled for everything. You only need it for the org.apache.coyote.http2 package. grep

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-21 Thread Osipov, Michael
Am 2020-05-21 um 23:36 schrieb Mark Thomas: On 21/05/2020 21:45, Osipov, Michael wrote: Am 2020-05-21 um 11:02 schrieb Mark Thomas: On 20/05/2020 17:57, Osipov, Michael wrote: Is there an option to proxy via HTTP/2? That should be able to handle these sorts of situations more gracefully

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-21 Thread Osipov, Michael
Am 2020-05-21 um 11:02 schrieb Mark Thomas: On 20/05/2020 17:57, Osipov, Michael wrote: Is there an option to proxy via HTTP/2? That should be able to handle these sorts of situations more gracefully. This seems to be broken for some reason in another way: What now? Turn on debug

Re: maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-20 Thread Osipov, Michael
Am 2020-05-20 um 15:07 schrieb Mark Thomas: On 20/05/2020 11:05, Osipov, Michael wrote: My questions are: * Why is parseRequestLine printing the request body? Because it is the contents of the input buffer that is being logged, not just the headers. * Can someone confirm the erratic

maxSwallowSize and misbehaving clients (e.g., mod_proxy_http)

2020-05-20 Thread Osipov, Michael
?id=61090 * https://bz.apache.org/bugzilla/show_bug.cgi?id=60717 * https://github.com/eclipse/jetty.project/issues/651 My questions are: * Why is parseRequestLine printing the request body? * Can someone confirm the erratic behavior of HTTPd's module? * Is there anyting we need

  1   2   3   4   5   6   7   8   9   10   >