Ok, the problem is my misunderstanding of the process here. I thought
WebAppClassLoader always checked WEB-INF/lib before delegating; I see that
it actually delegates to the System loader first, then checks WEB-INF/lib,
and finally delegates to its own parent. So my comment earlier about "they
can'
"Caldarale, Charles R" wrote on 06/16/2010
09:55:19 PM:
> > From: peter_f...@blm.gov [mailto:peter_f...@blm.gov]
> > Subject: Re: Tomcat 6.0 documentation: is classloading description
> > correct?
> >
> > The docs say in one place that the order is one way (WebApp
> > first, then Boot, System and
When I wrote "CLASSPATH" I meant the classpath value that's built up by the
catalina.sh - I'm well aware that it creates this from clean. I think
you're missing the point; CLASSPATH is used to set the System classloader's
search path, sure - but the question is where that loader fits into the
loade
Looking at section 10 of the 6.0 user guide, which describes classloading,
the text makes perfect sense and matches the way I understand things work.
However the summary at the end of the section "Class Loader Definitions"
looks wrong; it basically says that the search order is...
Bootstrap
$CLAS
David kerber wrote on 05/17/2010 12:43:17 PM:
> On 5/17/2010 2:19 PM, peter_f...@blm.gov wrote:
> > "Caldarale, Charles R" wrote on 05/17/2010
> > 12:14:21 PM:
> >
> >>> From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com]
> >>> Subject: RE: Misunderstanding deployOnStartup actions
> >>>
>
"Caldarale, Charles R" wrote on 05/17/2010
12:14:21 PM:
> > From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com]
> > Subject: RE: Misunderstanding deployOnStartup actions
> >
> > The only 100% secure system is one that is turned off.
>
> Not sure even that is sufficient...
>
> - Chuck
You
Well, it's the usual thing - you can have a system that's completely open
but gets cratered because some duffer clicked the wrong button. Or you can
have a system that's 100% secure, but nobody can use it because it's 100%
secure. Or you can have something that's "secure enough" to protect from
acc
Pid wrote on 05/17/2010 10:55:06 AM:
> On 17/05/2010 17:48, peter_f...@blm.gov wrote:
> > To clarify what I'm up to here - we have an in-house doc that suggests
> > switching off autoDeploy and deployOnStartup on production systems, and
>
> Does it explain why it makes this suggestion?
To preven
To clarify what I'm up to here - we have an in-house doc that suggests
switching off autoDeploy and deployOnStartup on production systems, and
I've been testing those recommendations on an experimental setup. What the
in-house doc forgets to say is what you've explained here (and which
answers my o
Mark Thomas wrote on 05/17/2010 10:12:20 AM:
> On 17/05/2010 16:56, peter_f...@blm.gov wrote:
> >
> > I'm a bit confused about what the deployOnStartup setting is supposed
to
> > do, especially when it's set to "false".
>
> It controls if apps are deployed when Tomcat starts.
>
> > The basic que
Notes inline...
"Caldarale, Charles R" wrote on 05/17/2010
10:11:47 AM:
> > From: peter_f...@blm.gov [mailto:peter_f...@blm.gov]
> > Subject: Misunderstanding deployOnStartup actions
> >
> >
> > I'm a bit confused about what the deployOnStartup setting is
> > supposed to do, especially when it's
Oops, forgot to say. I'm on 6.0.26. The online documentation I read is at:
http://tomcat.apache.org/tomcat-6.0-doc/config/host.html#Automatic%20Application%20Deployment
...which is very clear about what happens with deployOnStartup="true" but
as far as I can see gives no details about what's supp
I'm a bit confused about what the deployOnStartup setting is supposed to
do, especially when it's set to "false".
The basic question is, what is the purpose of this setting? It would appear
that if you set it to "false", then applications can only be started by
being hot-deployed, which seems rat
Isn't ${catalina.home}/lib a place that should work with the default
catalia.properties?
Pete
Juergen Weber wrote on 05/17/2010 09:14:01 AM:
>
> Hi, this seems to be a FAQ, but I could not find a solution for Tomcat 6:
>
> We want to keep property files out of war files. Where should we put the
One thing that happened on a system I was working on here, was that we saw
OOMs and yet the GC stats showed we had plenty of free heap space, which
didn't make sense. The problem turned out to be that there was a memory
leak at the native level where the JVM couldn't see it and had no control
(spec
The apps I work on mostly use Commons Logging + Log4J, which fits with
Chainsaw as a useful tool for monitoring and analysis.
Gregor Schneider wrote on 05/07/2010 02:34:21 PM:
> Provided your logfiles are rolling daily:
>
> echo Number of errors i file: `grep "ERROR" [logfilename here] | wget -l
I just confirmed this myself 30 seconds before I received this :) After
comparing the AccessLogValve and FastCommonAccessLogValve sources between
5.5 and 6.0 it appears my colleague is correct; in 6.0 the additional
fields and methods of the Fast valve have been moved into the regular
AccessLogValv
I knew I had to have missed something. The documentation section that
covers classloading isn't very clear and as far as I can see makes no
mention of the privileged setting, and the section under Context
configuration that describes the privileged setting is misleading (from
your description I'd g
Yes, they're from the Chat servlet, and that answers the question. Thank
you!
Konstantin Kolinko wrote on 05/07/2010 08:15:28
AM:
> 2010/5/7 :
> > If I run bin/startup.sh with the -security option switched on, I get a
> > couple of security exceptions thrown into catalina.out. Is this
expected
Sorry for so many questions in a short space of time. This is the last
question, I promise :)
The FastCommonAccessLogValve has been deprecated but the documentation
gives no reason why. Does anyone here know the reason? A colleague
suggested that the functionality may have been rolled into the st
I'm running a Tomcat 6.0.26 on Linux with Java 6u20. This is a freshly
unpacked installation; the only changes I made were in server.xml to change
the shutdown port and disable the AJP port, and tomcat-users so I can log
in to the manager. I haven't removed any of the supplied apps, or installed
m
Can someone clarify something about the Context element's "privileged"
attribute in Tomcat 6.0? In Tomcat 5.5 setting privileged="true" would set
the application's parent class loader to the Catalina loader so that the
app could access the server classes. The default is privileged="false" and
so n
Actually this is very easy; when you want to pass the request down the
chain (i.e. into the servlet) you call the chain.doFilter() method. When
you *don't* want the request passed on, your filter just sets up the
response (status, header, etc.) and returns.
André Warnier wrote on 12/19/2008 02:50
In hindsight that makes perfect sense and answers my question. If it was
vitally important to enforce this (it isn't, but hypothetically) I guess I
could mess with the catalina.policy file.
--Pete
"Bill Bar
I'm trying to clarify something about Tomcat 6 compliance to the Servlet
2.5 spec. The spec (section 9.7.2) says:
"The container should not allow applications to override or access the
container’s implementation classes."
In Tomcat 5 it looks like this was handled by having separate "common",
"s
25 matches
Mail list logo