Am 24. September 2024 10:44:46 MESZ schrieb Mark Thomas :
>On 24/09/2024 08:59, Thomas Meyer wrote:
>> Hi,
>>
>> We see sometimes elapsed time values with over 100 million milliseconds and
>> status code 500 in the Tomcat logs for HTTP/2.0 connections.
>>
&g
Hi,
We see sometimes elapsed time values with over 100 million milliseconds and
status code 500 in the Tomcat logs for HTTP/2.0 connections.
Is that expected or a bug?
I assume this is because of http2 multiplexing maybe?
Tomcat version is 10.1.30
Mfg
Thomas
Hi,
This sounds more like a security requirement. Such constraints are usually
implemented in the frontend, i.e. the http reverse proxy with mod_security or
an explicit web application firewall.
Any chance to implement it in a similar way in your setup?
Mfg
Thomas
Am 11. September 2024 18:31:
Hi,
Looks correct, see example from GitHub:
https://github.com/eclipse-ee4j/jersey/blob/3.1/examples/servlet3-webapp/pom.xml
But I assume that Jersey 3.1.x does implement jax-rs 3.1, so maybe that's the
reason it cannot find this class.
Mfg
Thomas
Am 10. September 2024 20:07:07 MESZ schrieb
Am 30. August 2024 16:20:24 MESZ schrieb Mark Thomas :
>On 30/08/2024 15:15, Kenan, John wrote:
>> Apache Tomcat Security Team:
Hi,
>> Please advise when an update to Apache Tomcat will be released that
>> addresses the following Curl and libcurl security vulnerabilities:
>
>What makes you t
Hi,
This looks like an orderly shutdown of tomcat, can you attach strace and see if
tomcat process does receive a signal from somewhere?
Mfg Thomas
Am 4. Juli 2024 14:46:17 MESZ schrieb Bryan Buchanan
:
>I'm running Tomcat 9.0.14 on Centos 8 with JDK 15.
>
>Tomcat is loaded in /opt/tomcat, t
Hi,
No I don't think so. Best is to check ulimit for your tomcat processes.
Also fd count is available as jmx property I think, but not sure if it does
contain all kinds of FDs.
You may want to monitor FD count Vs max FD.
Mfg
Thomas
Am 24. Juni 2024 22:47:52 MESZ schrieb Eric Robinson :
>> ---
Hi,
But be aware that's a generally bad idea to rely on implementation details of
the underlying servlet container in application code.
Also java has native base64 since when? Java 8?! Just use that one.
Mfg
Thomas
Am 15. Juni 2024 00:41:28 MESZ schrieb "Mcalexander, Jon J."
:
>Hi Rémy,
>
>
Hi,
Also newer jvm do have XX:+UseContainerSupport set as default, also when using
XX:+UseContainerSupport setting -Xms and -Xmx do not really make sense at all,
you either want the JVM to deduce the max heap size from the memory cgroup or
not
Mfg
Thomas
Am 4. Dezember 2023 18:52:13 MEZ
Hi,
What arguments do you give to catalina.sh?
Am 17. April 2023 13:08:43 MESZ schrieb "j...@nosnow.us" :
>Not a system job.
>The submitting job is the qshell command interpreter and we should be able to
>do the submit and exit. But haven't got it to work yet.
>
>I was reviewing the catal
Hi,
Do you use newrelic java agent?
Mfg
Thomas
Am 12. April 2023 21:07:27 MESZ schrieb jonmcalexan...@wellsfargo.com.INVALID:
>I have an application team that started receiving the following Exception:
>
>11-Apr-2023 09:26:01.396 SEVERE [https-jsse-nio-0.0.0.0-11510-exec-19]
>org.apache.catali
Hi,
Running Tomcat as pid 1 in k8s pod without readiness probes.
Mfg
Thomas
Am 29. März 2023 10:11:50 MESZ schrieb Kevin Huntly :
>So, I don't think there is - and I'm not sure of any servlet container that
>does this... what would be the case for it?
>
>On Wed, Mar 29, 20
Hi,
Is it possible to shutdown/fail the Tomcat process if any of the deployed
context does fail?
Mfg
Thomas
Hi,
We may see something similar with tomcat 9.0.73 and jsp pages.
Need to test with newrelic app disabled.
Did you already create a case with newrelic with this problem?
Mfg
Thomas
Am 13. März 2023 20:18:12 MEZ schrieb "Roe, Jennifer L" :
>We are using 9.0.73 Tomcat version and New Relic APM
Hi,
It looks like some parts of this is missing:
JSP snippet:
[...]
[...]
Will render into
configBaseString" />
Looks like the :
>Hello,
>
>> -Ursprüngliche Nachricht-
>> Von: Thomas Meyer
>> Gesendet: Freitag, 17. März 2023 09:57
>>
Hi,
One of our jsp pages did start to render incorrectly in 9.0.73.
The same page does render correctly in 9.0.71.
We never did use 9.0.72.
Any ideas?
--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
Am 18. Januar 2023 23:20:29 MEZ schrieb Christopher Schultz
:
>Thomas,
>
>On 1/17/23 13:33, Thomas Meyer wrote:
>> Does Tomcat's CP support exponential backoff in case DB is unavailable for
>> some reason?
>> I didn't find anything in the documentation
The reason was class loader issues
Am 20. Januar 2023 13:37:11 MEZ schrieb Mark Thomas :
>From memory, there is a reason the Tomcat handler has to be first. I forget
>exactly why that is. I'd need to dig into this some more (and I have my hands
>full working on the RFC 9128 implementation at the
Hi,
Does Tomcat's CP support exponential backoff in case DB is unavailable for some
reason?
I didn't find anything in the documentation in this regards.
Mfg
Thomas
--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
Hi,
Sadly this still does not contain the stacktrace which shows why you servlet
crashes, probably some missing bean in spring framework.
All below stacktraces seems to come from AppDynamics java agents which tries to
load classes from webapo class loader after your webapp was already stopped.
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
>Virus-free.www.avast.com
><https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
><#DAB4F
Hi,
Two remarks from my side:
1. CloudMembershipService is not so usable, and seems to originally target
OpenShift. To make it work you need to create ServiceAccount and give read
permission for listing all pods in namespace. This seems to be missing in your
case. It also has some assumptions a
Hi,
Sadly currently Tomcat startup relies on shell script to bootstrap JVM process.
In the light of distroless images (e.g.
https://blog.chainguard.dev/introducing-apko-bringing-distroless-nirvana-to-alpine-linux/)
what are you thoughts on packaging tomcat in distroless base OCI images that
do
Hi,
Is it possible to find out the per deployed context heap usage in tomcat?
Mfg
Thomas
Hi,
Interesting. I know a bit off topic..
Does it make a difference for the vulnerability if I log with:
a) log.warn("log msg param {}", userControlledParam);
Or
b) log.warn(log msg param " + userControlledParam);
Mfg
Thomas
Am 13. Dezember 2021 19:53:04 MEZ schrieb Mark Thomas :
>On 13/12/
Hi,
What happens when the DB has problems when the webapp starts? Will the startup
fail then?
I think doing lazy init is the better approach, when db comes back it will work
again after the webapp did start.
Mfg
Thomas
Am 8. April 2021 13:54:46 MESZ schrieb "Berneburg, Cris J. - US"
:
>Hi F
Hi,
as far as I can see there seems to be no AccessLog interface implementation
that is using the standard tomcat logging subsystem.
Is there a reason for this?
I have a use case were I want to forward access log to splunk via http event
collector endpoint.
The idea is to log access log via tomc
Am 13. November 2020 10:06:18 MEZ schrieb Mark Thomas :
>On 12/11/2020 14:19, Eric Robinson wrote:
>>> From: Mark Thomas
>
>
>
>>> I keep coming back to this. Something triggered this problem (note
>that
>>> trigger not necessarily the same as root cause). Given that the app,
>Tomcat
>>> and JV
Am 5. Juli 2020 11:28:40 MESZ schrieb Michael Osipov :
>Am 2020-07-02 um 21:30 schrieb Thomas Meyer:
>> Hi,
>>
>> What are your opinions on providing a RFC7807 based ErrorReportValve
>as part of Tomcat default distribution?
>
>Thomas, this has been bugging me
Am 6. Juli 2020 14:14:59 MESZ schrieb Mark Thomas :
>On 04/07/2020 19:54, Thomas Meyer wrote:
>> Hi,
>>
>> a while ago I did write a little POC of how to add a custom
>> authenticator scheme to tomcat.
>>
>> this is what I did come u
Hi,
a while ago I did write a little POC of how to add a custom
authenticator scheme to tomcat.
this is what I did come up with:
https://github.com/thomasmey/BearerTokenAuthenticator
It's rather complicated solution!
Is there an more easy solution to add a custom authenticator scheme to a
Conte
Am 2. Juli 2020 21:45:53 MESZ schrieb Mark Thomas :
>On 02/07/2020 20:30, Thomas Meyer wrote:
>> Hi,
>>
>> What are your opinions on providing a RFC7807 based ErrorReportValve
>as part of Tomcat default distribution?
>
>RFC 7807 looks to be application specific so
Hi,
What are your opinions on providing a RFC7807 based ErrorReportValve as part of
Tomcat default distribution?
With kind regards
Thomas
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-
Am 1. Juli 2020 12:21:46 MESZ schrieb Mark Thomas :
>On 01/07/2020 11:19, Thomas Meyer wrote:
>> Am 30. Juni 2020 11:07:36 MESZ schrieb Mark Thomas
>:
>>> On 29/06/2020 21:41, Christopher Schultz wrote:
>>>> Mark,
>>>>
>>>> On 6/27/20 05
Am 30. Juni 2020 11:07:36 MESZ schrieb Mark Thomas :
>On 29/06/2020 21:41, Christopher Schultz wrote:
>> Mark,
>>
>> On 6/27/20 05:29, Mark Thomas wrote:
>>> On 27/06/2020 10:19, Thomas Meyer wrote:
>>>> Hi,
>>>>
>>>> A few ques
Am 29. Juni 2020 22:13:10 MESZ schrieb Christopher Schultz
:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>
>All,
>
>IMO mod_proxy_balancer is missing an important feature, and that's the
>ability to tell the back-end Tomcat node the current status of the
>worke
>r.
Why would a tomcat Backen
Am 29. Juni 2020 22:54:12 MESZ schrieb Christopher Schultz
:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>
>Thomas,
Hi,
>
>On 6/27/20 05:52, Thomas Meyer wrote:
>> Am 27. Juni 2020 11:29:03 MESZ schrieb Mark Thomas
>> :
>>> On 27/06/2020 10:19, Thoma
Am 27. Juni 2020 11:29:03 MESZ schrieb Mark Thomas :
>On 27/06/2020 10:19, Thomas Meyer wrote:
>> Hi,
>>
>> A few questions regarding tomcat session replication:
>
>load-balancing and session replication are two separate parts of an
>overall clustering solution.
>
Hi,
A few questions regarding tomcat session replication:
1) is the jvmRoute attribute on Engine object necessary for session replication
to work correctly?
2) does session replication only work correctly with sticky load balancer
routing?
My setup is
1) load balancer without sticky session ro
Am 4. April 2020 14:53:17 MESZ schrieb calder :
>On Fri, Apr 3, 2020 at 8:48 PM Mark Boon
>wrote:
>>
>> For the past few months we’ve been trying to trace what looks like
>gradual memory creep. After some long-running experiments it seems due
>to memory leaking when
>> jni_invoke_static(JNIEnv_*,
Am 29. Februar 2020 13:10:13 MEZ schrieb Mark Thomas :
>On 29/02/2020 11:23, Michael Osipov wrote:
>> Am 2020-02-29 um 12:13 schrieb Mark Thomas:
>>> On 29/02/2020 11:07, Michael Osipov wrote:
Am 2020-02-29 um 12:05 schrieb Mark Thomas:
> On 29/02/2020 10:40, Michael Osipov wrote:
>>>
>>>
Am 27. Februar 2020 10:58:01 MEZ schrieb "Martynas Jusevičius"
:
>Hi list,
>
>I'm using a Docker image based on tomcat:8.0-jre8. It serves as an
>end-user facing webapp but also as a REST API which authenticates
>using client certificates. The same URLs serve both purposes, however
>only administr
Am 25. Juli 2019 08:07:18 MESZ schrieb Clemens Wyss DEV :
>Note: I have moved this "issue" over to the tomcat-dev mailinglist ...
>
>-Ursprüngliche Nachricht-
>Von: Clemens Wyss DEV
>Gesendet: Mittwoch, 24. Juli 2019 11:07
>An: 'Tomcat Users List'
>Betreff: PooledConnection#connectUsingD
Am 10. Juli 2019 13:06:50 MESZ schrieb Mark Thomas :
Hi,
>The notable changes since 8.5.42
>include:
>- Update to Tomcat Native 1.2.23 including Windows binaries built
> with OpenSSL 1.1.1c
Btw. are the prebuild tomcat native libraries are also available from maven
central?
If not, could they
Hi,
a PropertySource that uses environment variables as source would be nice.
I.e. an OpenShift/Kubernetes Secret mapped into environemnt variables that can
be used in server.xml or context.xml!
With Kind regards
Thomas
Von: Mark Thomas
Gesendet: Donnerstag, 4. April 2019 16:29
An: Tomcat User
Hi,
what would be the easiest way to uncoditionally add an header field to
all requests coming from a given connector?
I searched the provided Valves but there seems to be no support for my
requirment.
with kind regards
thomas
> Am 10.05.2017 um 12:02 schrieb Oliver Fernandez
> :
>
> But, is it correct Thread to be sleep?
Basically yes. But Brendan Gregg had yesterday an interesting article about CPU
utilization in modern OSes -
http://brendangregg.com/blog/2017-05-09/cpu-utilization-is-wrong.html
>
>> On 10 Ma
Hi,
Does there exists a small helper tool that can create the minimum necessary
directories and files in a new CATALINA-BASE directory ? Or a template zip file
or something like this?
Such a tool would be helpful, because I always struggle what directories are
minimum necessary to start a new
With kind regards
Thomas
> Am 17.03.2017 um 14:54 schrieb Christopher Schultz
> :
>> Note that Java *never* gives any memory back to the OS, even when the
> heap-usage goes down. This is a Java thing, not a Tomcat thing.
>
Are you sure about this? I think I've read otherwise somewhere. A quic
Hi,
if anybody else is hitting this:
This commit seems to have broken the Spring when running under Tomcat
with unpackWARs=false -
https://github.com/apache/tomcat80/commit/7e767cc6efe79cdd367213da3c1f88711a29ad7a#diff-a72fb99b0729353084d2c437f749e718
I did open a Jira Bug report against
You may also want to have a look at flexy pool -
https://github.com/vladmihalcea/flexy-pool
With kind regards
Thomas
With kind regards
Thomas
> Am 11.01.2017 um 01:36 schrieb Joleen Barker :
>
> As always, thank you Christopher, I'll take a look at the slides.
>
> And Thank you to the other
Am Mittwoch, den 01.06.2016, 09:29 -0400 schrieb Christopher Schultz:
> Thomas,
>
> On 6/1/16 7:15 AM, Thomas Meyer wrote:
> >
> > Hi,
> >
> > How do I get a custom mapping set in
> > ContextConfig.setCustomAuthenticators? (
> > https://tomcat.apac
Hi,
How do I get a custom mapping set in
ContextConfig.setCustomAuthenticators? (
https://tomcat.apache.org/tomcat-8.0-doc/api/org/apache/catalina/startup/ContextConfig.html#setCustomAuthenticators(java.util.Map)
)
I want to add a custom mapping for lets say BEARER to a my Authenticator.
Hi,
I noticed that I can block tomcat 8 by opening 200 connection to the
http 1.1 connector and send 512 bytes of zero in each connection.
Tomcat 8 seems to block in parseRequestLine() method for 20 seconds
(connectionTimeout) and times out after that.
The blocking seems to happen while waiting
54 matches
Mail list logo