Re: Apex SSO

[rupali singh]

Hello Everyone,

In apex under authentication scheme we are using social sign in and
provided discover url, now when we are trying to login into apex its not
redirecting to discover url (oracle idcs url)
Is their is any setup we need to do on tomcat?
In tomcat access logs i dont see oracle idcs url at all.

On Thu, Mar 24, 2022, 10:42 PM rupali singh 
wrote:

> HI Team,
>
> We are using apex 21.1 with tomcat 9.54.
> we want to implement SSO for application deployed in Apex  with IDCS
> reference URL :
> https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service
>
> but apex is not at all redirecting to IDCS URL and as per Oracle issue is
> with tomcat .
>
> anyone successfully implemented APEX SSO( webserver : apache tomcat)  with
> Oracle IDCS
> or  APEX SSO( webserver : apache tomcat)  with Microsoft Azure AD.
> can you please assist us with steps.
>
> --
> Thanks and Regards,
> Rupali
>

Re: What causes "client errors" with mod_jk

[Christopher Schultz]

Rainer,

On 3/24/22 05:50, Rainer Jung wrote:

Hi Chris,

client errors in jk log are always errors occurring when mod_jk tries to 
write back what it got from the backend using web server APIs to the 
client of the web server (user, browser etc.). So they point to a 
problem between and including the web server and something in front of it.


Especially during performance problems, client errors are expected as a 
consequence, because whenever people try to reload, the browser closes 
the original connection and sending back response data via this 
connection later fails.


I was pretty sure this was the case. Is that specifically documented 
anywhere? If not, I'd like to clarify that in the documentation for mod_jk.


Thanks,
-chris


Am 23.03.2022 um 13:08 schrieb Christopher Schultz:

All,

What kinds of things will cause a "client error" in mod_jk's 
accounting? Does that mean things like unexpected disconnects on the 
part of the remote client (i.e. web browser), or does it mean failure 
of the jk module itself to connect (as a client) to the back-end Tomcat?


I'm starting to see situations where we have small numbers of client 
errors occurring "all the time", meaning that we accumulate maybe 
10-20 per day. If that's web browser disconnects then I don't care at 
all. If it's a problem I have with my internal networking and 
resource-allocation, then it's something I have to adjust.


Thanks,
-chris


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Fwd: tomcat 9.50 - rewrite rule question

[Christopher Schultz]

Rupali,

This has gone around in circles for a while with no progress. Can you 
please:


1. Show examples of what you would like. Specific examples, like:

"I expect that when requesting http://xyz.ae/apex/?f=1001"; I get a 302 
redirect to http://xyz.ae/apex/myapp";


That's what you are asking for, but I suspect that what you really want 
is the reverse: users who request /myapp actually get "?f=1001".


This is further complicated by the fact that all your URLs show as 
ayx.ae in text, but then have  added to the end for some 
reason. Which is it?


Do you want an HTTP redirect? If so, what kind? Or do you want your 
server to proxy from one URL to the other, so the client doesn't know 
it's happening?


2. Which component should be responsible for all of this? You have 
several networking components to choose from:


a. F5 load balancer
b. Oracle Apex
c. Apache Tomcat

Why have you decided to re-write your application's URLs at the Tomcat 
level and not somewhere further up the chain?


3. Show exactly what you currently have in your rewrite config file, and 
exactly where that rewrite configuration file is on the disk.


Going back to your original post, lots of things are confusing:

i. The URLs are inconsistent (.ae va .com, apex vs aorx)

ii. You appear to be asking to redirect from non-friendly URLs to 
friendly URLs which doesn't make any sense. Perhaps this is a 
terminology issue. You want clients to use the friendly URLs 
(/apex/myapp) and then get what they would have received had they called 
/f?p=1001 right?


iii. You are redirecting /myapp to /myapp in your example, which 
accomplishes nothing. You also have the same rule twice.


This should be as simple as:

RewriteRule "^/f?p=1001" "/myapp"

... but it's not, because RewriteRule only looks at the path and not the 
query string, so you need a separate condition. I'll repeat what Felix 
(almost) posted a few days ago, which should be correct:


RewriteCond %{QUERY_STRING} p=1001
RewriteRule ^/f$ /apex/myapp

I don't think you even want the [R] flag because if you do that, the 
client will see the URL change to the unfriendly URL, and the point is 
to hide that from them, right?


The last thing to do is to make sure the file is *in the right place*. 
No amount of configuration in C:\Windows\rewrite.config is going to have 
any effect unless you have a very strange configuration.


-chris

On 3/24/22 14:23, rupali singh wrote:

hi,

yes context name is apex.

  https://xyz.ae/apex/f?p=1001    to
https://xyz.ae/apex/myapp 

we dont want to change xyz.ae that will name remain as it is , we want to
change f?p=1001  to myapp



On Wed, 23 Mar 2022 at 19:23, Felix Schumacher <
felix.schumac...@internetallee.de> wrote:




Am 23. März 2022 12:14:25 MEZ schrieb rupali singh <
rupali.r.si...@gmail.com>:

Hi Chris,

I already tried with fully qualified name but its not working


Can you be more specific, what you tried?

Is Chris right and your context name is apex?

Felix


On Tue, Mar 22, 2022, 7:15 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:


All,

On 3/21/22 10:19, Felix Schumacher wrote:


Am 21.03.22 um 06:39 schrieb rupali singh:

Hi Felix,

location of context.xml file is

   cat context.xml| grep RewriteValve
  
className="org.apache.catalina.valves.rewrite.RewriteValve"

/>

   pwd
/opt/tomcat/apache-tomcat-9.0.54/instance/conf

That context.xml is thought to be a default template for all installed
webapps. It will work, but remember, that every installed webapp will
get its own copy of a rewrite valve.


+1

This is probably the problem.


more




/opt/tomcat/apache-tomcat-9.0.54/instance/webapps/ROOT/WEB-INF/rewrite.config

RewriteCond %{QUERY_STRING} p=10001
RewriteRule ^/apex/f$ /apex/myapp [R,L]



I think you want:

RewriteCond %{QUERY_STRING} p=10001
RewriteRule ^/f$ /myapp [R,L]

The prefix /apex is already a part of the context-path and should be
removed from the URL patterns being matched. If you want to redirect to
another web application, you need a fully-qualified redirect like this:

RewriteCond %{QUERY_STRING} p=10001
RewriteRule ^/f$ https://www.google.com/ [R,L]

-chris

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org






-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Apex SSO

[Christopher Schultz]

Peter,

On 3/24/22 14:54, Peter Chiu wrote:

I will email you directly. For the group knowledge, there is nothing
special you need to do on Tomcat if it is not behind a proxy.


Please post to the mailing list. It's not at all clear to me how you'd 
get Oracle APEX to deliver authentication information to Tomcat.


Presumably, that's what Rupali is trying to accomplish and it would be 
helpful for the whole community to post back.


-chris


On Thu, Mar 24, 2022 at 1:51 PM rupali singh 
wrote:


Hi Peter,

Are u using apache web server with tomcat or its only tomcat  .
if possible can you please share steps for azure AD with me on
rupali.r.si...@gmail.com



On Thu, 24 Mar 2022 at 21:21, Peter Chiu  wrote:


I have a working APEX SSO against Azure AD or On-Permise AD.

On Thu, Mar 24, 2022 at 1:13 PM rupali singh 
wrote:


HI Team,

We are using apex 21.1 with tomcat 9.54.
we want to implement SSO for application deployed in Apex  with IDCS
reference URL :





https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service


but apex is not at all redirecting to IDCS URL and as per Oracle issue

is

with tomcat .

anyone successfully implemented APEX SSO( webserver : apache tomcat)

with

Oracle IDCS
or  APEX SSO( webserver : apache tomcat)  with Microsoft Azure AD.
can you please assist us with steps.

--
Thanks and Regards,
Rupali






--
Thanks and Regards,
Rupali





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: AW: Question to possible memory leak by Threadlocal variable

[Christopher Schultz]

Thomas,

On 3/24/22 05:49, Thomas Hoffmann (Speed4Trade GmbH) wrote:




-Ursprüngliche Nachricht-
Von: Mark Thomas 
Gesendet: Donnerstag, 24. März 2022 09:32
An: users@tomcat.apache.org
Betreff: Re: Question to possible memory leak by Threadlocal variable

On 24/03/2022 07:57, Thomas Hoffmann (Speed4Trade GmbH) wrote:




Is it correct, that every spawned thread must call tl.remove() to cleanup all

the references to prevent the logged warning (and not only the main
thread)?

Yes. Or the threads need to exit.


Second question is: How might it cause a memory leak?
The threads are terminated and hold a reference to this static variable. But

on the other side, that class A is also eligible for garbage collection after
undeployment.

So both, the thread class and the class A are ready to get garbage
collected. Maybe I missed something (?)


It sounds as if the clean-up is happening too late. Tomcat expects clean-up to
be completed once contextDestroyed() has returned for all
ServLetContextListeners. If the clean-up is happening asynchronously (e.g.
the call is made to stop the threads but doesn't wait until the threads have
stopped) you could see this message.

In this case it sounds as if you aren't going to get a memory leak but Tomcat
can't tell that at the point it checks.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


Hello Mark,
thanks for the information.
The shutdown of the framework is currently placed within the destroy() method 
of a servlet (with load on startup).
At least the debugger shows that servlet-->destroy() is executed before the 
method checkThreadLocalMapForLeaks() runs.
I will take a look, whether the threads already exited.


Tomcat only checks its own request-processing threads for ThreadLocals, 
so any threads created by the application or that library are unrelated 
to the warning you are seeing.


Any library which saves ThreadLocals from request-processing threads is 
going to have this problem if the objects are of types loaded by the 
webapp ClassLoader.


There are a few ways to mitigate this, but they are ugly and it would be 
better if the library didn't use ThreadLocal storage, or if it would use 
vanilla classes from java.* and not its own types.


You say that those objects are eligible for GC after the library shuts 
down, but that's not true: anything you stick in ThreadLocal storage is 
being held ... by the ThreadLocal storage and won't be GC'd. If an 
object can't be collected, the java.lang.Class defining it can't be 
collected, and therefore the ClassLoader which loaded it (the webapp 
ClassLoader) can't be free'd. We call this a "pinned ClassLoader" and it 
still contains all of the java.lang.Class instances that the ClassLoader 
ever loaded during its lifetime. If you reload repeatedly, you'll see 
un-collectable ClassLoader instances piling up in memory which is 
*definitely* a leak.


The good news for you is that Tomcat has noticed the problem and will, 
over time, retire and replace each of the affected Threads in its 
request-processing thread pool. As those Thread objects are 
garbage-collected, the TheradLocal storage for each is also collected, 
etc. and *eventually* your leak will be resolved. But it would be better 
not to have one in the first place.


Why not name the library? Why anonymize the object type if it's 
org.apache.something?


-chris

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Apex SSO

[Peter Chiu]

Hi Chris,

To implement APEX SSO, that requires NO change to tomcat. That is why I
tried not to post here.

Here is the blog for starters. https://fuzziebrain.com/content/id/1908/

If tomcat is behind a proxy (apache or nginx), we might need to change a
setting in server.xml to return the real hostname.

Hope this helps.

On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Peter,
>
> On 3/24/22 14:54, Peter Chiu wrote:
> > I will email you directly. For the group knowledge, there is nothing
> > special you need to do on Tomcat if it is not behind a proxy.
>
> Please post to the mailing list. It's not at all clear to me how you'd
> get Oracle APEX to deliver authentication information to Tomcat.
>
> Presumably, that's what Rupali is trying to accomplish and it would be
> helpful for the whole community to post back.
>
> -chris
>
> > On Thu, Mar 24, 2022 at 1:51 PM rupali singh 
> > wrote:
> >
> >> Hi Peter,
> >>
> >> Are u using apache web server with tomcat or its only tomcat  .
> >> if possible can you please share steps for azure AD with me on
> >> rupali.r.si...@gmail.com
> >>
> >>
> >>
> >> On Thu, 24 Mar 2022 at 21:21, Peter Chiu  wrote:
> >>
> >>> I have a working APEX SSO against Azure AD or On-Permise AD.
> >>>
> >>> On Thu, Mar 24, 2022 at 1:13 PM rupali singh  >
> >>> wrote:
> >>>
>  HI Team,
> 
>  We are using apex 21.1 with tomcat 9.54.
>  we want to implement SSO for application deployed in Apex  with IDCS
>  reference URL :
> 
> 
> >>>
> >>
> https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service
> 
>  but apex is not at all redirecting to IDCS URL and as per Oracle issue
> >> is
>  with tomcat .
> 
>  anyone successfully implemented APEX SSO( webserver : apache tomcat)
> >>> with
>  Oracle IDCS
>  or  APEX SSO( webserver : apache tomcat)  with Microsoft Azure AD.
>  can you please assist us with steps.
> 
>  --
>  Thanks and Regards,
>  Rupali
> 
> >>>
> >>
> >>
> >> --
> >> Thanks and Regards,
> >> Rupali
> >>
> >
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Re: Apex SSO

[rupali singh]

hi team,

the reason im asking is we have document for apex and idcs integration
https://www.ateam-oracle.com/post/integrating-sso-between-apex-cloud-and-identity-cloud-service-the-easy-way

i did all the setup as per document but now the issue is apex is not
redirecting to idcs url and giving below error.when we are trying to access
the application URL.
In tomcat logs there is no trace of IDCS discover URL and oracle denying
from support coz we are using tomcat which is not supported by oracle.

Hence trying to understand if there is anything we need on tomcat  and why
apex is not redirecting to idcs url
we are not using any proxy for tomcat

apex error :

[image: image.png]

On Fri, 25 Mar 2022 at 18:42, Peter Chiu  wrote:

> Hi Chris,
>
> To implement APEX SSO, that requires NO change to tomcat. That is why I
> tried not to post here.
>
> Here is the blog for starters. https://fuzziebrain.com/content/id/1908/
>
> If tomcat is behind a proxy (apache or nginx), we might need to change a
> setting in server.xml to return the real hostname.
>
> Hope this helps.
>
> On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz <
> ch...@christopherschultz.net> wrote:
>
> > Peter,
> >
> > On 3/24/22 14:54, Peter Chiu wrote:
> > > I will email you directly. For the group knowledge, there is nothing
> > > special you need to do on Tomcat if it is not behind a proxy.
> >
> > Please post to the mailing list. It's not at all clear to me how you'd
> > get Oracle APEX to deliver authentication information to Tomcat.
> >
> > Presumably, that's what Rupali is trying to accomplish and it would be
> > helpful for the whole community to post back.
> >
> > -chris
> >
> > > On Thu, Mar 24, 2022 at 1:51 PM rupali singh  >
> > > wrote:
> > >
> > >> Hi Peter,
> > >>
> > >> Are u using apache web server with tomcat or its only tomcat  .
> > >> if possible can you please share steps for azure AD with me on
> > >> rupali.r.si...@gmail.com
> > >>
> > >>
> > >>
> > >> On Thu, 24 Mar 2022 at 21:21, Peter Chiu  wrote:
> > >>
> > >>> I have a working APEX SSO against Azure AD or On-Permise AD.
> > >>>
> > >>> On Thu, Mar 24, 2022 at 1:13 PM rupali singh <
> rupali.r.si...@gmail.com
> > >
> > >>> wrote:
> > >>>
> >  HI Team,
> > 
> >  We are using apex 21.1 with tomcat 9.54.
> >  we want to implement SSO for application deployed in Apex  with IDCS
> >  reference URL :
> > 
> > 
> > >>>
> > >>
> >
> https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service
> > 
> >  but apex is not at all redirecting to IDCS URL and as per Oracle
> issue
> > >> is
> >  with tomcat .
> > 
> >  anyone successfully implemented APEX SSO( webserver : apache tomcat)
> > >>> with
> >  Oracle IDCS
> >  or  APEX SSO( webserver : apache tomcat)  with Microsoft Azure AD.
> >  can you please assist us with steps.
> > 
> >  --
> >  Thanks and Regards,
> >  Rupali
> > 
> > >>>
> > >>
> > >>
> > >> --
> > >> Thanks and Regards,
> > >> Rupali
> > >>
> > >
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> >
>


-- 
Thanks and Regards,
Rupali

Re: Fwd: tomcat 9.50 - rewrite rule question

[rupali singh]

hi chris,

Apologies for typo mistakes.

business user are using url :   https://xyz.ae/apex/f?p=1001
   to login into apex application and login
is working fine.

xyz.ae is published in our F5 which is pointing to tomcat server on port
8080  hence im not worried about xyz.ae

for making is simple for user we want to rename f?p=1001
   to myapp
so business user will use https://xyz.ae/apex/myapp


So our requirement is  :   in url we want to replace f?p=1001
 to myapp


tried below but not working

RewriteCond %{QUERY_STRING} p=1001
RewriteRule ^/f$ /apex/myapp

rewrite.config location :
/opt/tomcat/apache-tomcat-9.0.54/instance/webapps/ROOT/WEB-INF/rewrite.config


Thanks Peter for suggestion but configure friendly URLs is not our
requirement.


We have achieved  our requirement  where apex is deployed on oracle
weblogic with Oracle HTTP server.
Now same want to achieve with apex-tomcat


curl output:
curl -D- 'localhost:8080/apex/f?p=10001'
HTTP/1.1 302
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Location: https://localhost/apex/workspace/r/abcrelease10001123100/home
Transfer-Encoding: chunked
Date: Fri, 25 Mar 2022 15:18:16 GMT

On Fri, 25 Mar 2022 at 16:52, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> Rupali,
>
> This has gone around in circles for a while with no progress. Can you
> please:
>
> 1. Show examples of what you would like. Specific examples, like:
>
> "I expect that when requesting http://xyz.ae/apex/?f=1001"; I get a 302
> redirect to http://xyz.ae/apex/myapp";
>
> That's what you are asking for, but I suspect that what you really want
> is the reverse: users who request /myapp actually get "?f=1001".
>
> This is further complicated by the fact that all your URLs show as
> ayx.ae in text, but then have  added to the end for some
> reason. Which is it?
>
> Do you want an HTTP redirect? If so, what kind? Or do you want your
> server to proxy from one URL to the other, so the client doesn't know
> it's happening?
>
> 2. Which component should be responsible for all of this? You have
> several networking components to choose from:
>
> a. F5 load balancer
> b. Oracle Apex
> c. Apache Tomcat
>
> Why have you decided to re-write your application's URLs at the Tomcat
> level and not somewhere further up the chain?
>
> 3. Show exactly what you currently have in your rewrite config file, and
> exactly where that rewrite configuration file is on the disk.
>
> Going back to your original post, lots of things are confusing:
>
> i. The URLs are inconsistent (.ae va .com, apex vs aorx)
>
> ii. You appear to be asking to redirect from non-friendly URLs to
> friendly URLs which doesn't make any sense. Perhaps this is a
> terminology issue. You want clients to use the friendly URLs
> (/apex/myapp) and then get what they would have received had they called
> /f?p=1001 right?
>
> iii. You are redirecting /myapp to /myapp in your example, which
> accomplishes nothing. You also have the same rule twice.
>
> This should be as simple as:
>
> RewriteRule "^/f?p=1001" "/myapp"
>
> ... but it's not, because RewriteRule only looks at the path and not the
> query string, so you need a separate condition. I'll repeat what Felix
> (almost) posted a few days ago, which should be correct:
>
> RewriteCond %{QUERY_STRING} p=1001
> RewriteRule ^/f$ /apex/myapp
>
> I don't think you even want the [R] flag because if you do that, the
> client will see the URL change to the unfriendly URL, and the point is
> to hide that from them, right?
>
> The last thing to do is to make sure the file is *in the right place*.
> No amount of configuration in C:\Windows\rewrite.config is going to have
> any effect unless you have a very strange configuration.
>
> -chris
>
> On 3/24/22 14:23, rupali singh wrote:
> > hi,
> >
> > yes context name is apex.
> >
> >   https://xyz.ae/apex/f?p=1001    to
> > https://xyz.ae/apex/myapp 
> >
> > we dont want to change xyz.ae that will name remain as it is , we want
> to
> > change f?p=1001  to myapp
> >
> >
> >
> > On Wed, 23 Mar 2022 at 19:23, Felix Schumacher <
> > felix.schumac...@internetallee.de> wrote:
> >
> >>
> >>
> >> Am 23. März 2022 12:14:25 MEZ schrieb rupali singh <
> >> rupali.r.si...@gmail.com>:
> >>> Hi Chris,
> >>>
> >>> I already tried with fully qualified name but its not working
> >>
> >> Can you be more specific, what you tried?
> >>
> >> Is Chris right and your context name is apex?
> >>
> >> Felix
> >>>
> >>> On Tue, Mar 22, 2022, 7:15 PM Christopher Schultz <
> >>> ch...@christopherschultz.net> wrote:
> >>>
>  All,
> 
>  On 3/21/22 10:19, Felix Schumacher wrote:
> >
> > Am 21.03.22 um 06:39 schrieb rupali singh:
> >> Hi Felix,
> >>
> >> location of context.

Possibly Silly Question

[jonmcalexander]

Good morning,

Doing some history research, but was there EVER a released version 1x or 2x of 
Tomcat? IF so, what version numbers had been out there, once upon a time ago?

Thank you,

Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President
He/His

Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

jonmcalexan...@wellsfargo.com
This message may contain confidential and/or privileged information. If you are 
not the addressee or authorized to receive this for the addressee, you must not 
use, copy, disclose, or take any action based on this message or any 
information herein. If you have received this message in error, please advise 
the sender immediately by reply e-mail and delete this message. Thank you for 
your cooperation.

Migration JDK11 - Tomcat 9 - NoClassDefFoundError: java/sql/Statement

[Senguttuvan, Gopalakrishnan (CWM-NR)]

Hi Team,

We are migrating our application from JDK8 to JDK11 (RedHat OpenJDK11).
Modified the JAVA_HOME to JDK11 path.
Currently we are using Tomcat version 9. (It is working fine with JDK8).
Since the JDK11 won't support the JAVA_ENDORSED_DIRS, so I have removed the 
"-Djava.endorsed.dirs" in catalina.sh.

Once removed endorsed entry, got the below exception while start the 
application:
java.lang.NoClassDefFoundError: java/sql/Statement
at 
java.xml/com.sun.org.apache.xerces.internal.impl.io.UTF8Reader.close(UTF8Reader.java)
at 
java.xml/com.sun.org.apache.xerces.internal.impl.XMLEntityManager.closeReaders(XMLEntityManager.java:1452)
at 
java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.cleanup(XML11Configuration.java:803)
at 
java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:844)
at 
java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at 
java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1216)
at 
java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:635)
at 
org.apache.tomcat.util.digester.Digester.parse(Digester.java:1517)
at 
org.apache.catalina.startup.Catalina.parseServerXml(Catalina.java:584)
at org.apache.catalina.startup.Catalina.load(Catalina.java:675)
at org.apache.catalina.startup.Catalina.load(Catalina.java:712)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at 
org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302)
at 
org.apache.catalina.startup.Bootstrap.mainStatement(Bootstrap.java:472)
Exception in thread "Thread-0" java.lang.NoClassDefFoundError: 
java/sql/Statement
at java.base/java.io.PrintWriter.close(PrintWriter.java)
at org.apache.juli.FileHandler.closeWriter(FileHandler.java:339)
at org.apache.juli.FileHandler.close(FileHandler.java:327)
at 
org.apache.juli.ClassLoaderLogManager.resetLoggers(ClassLoaderLogManager.java:397)
at 
org.apache.juli.ClassLoaderLogManager.shutdown(ClassLoaderLogManager.java:376)
at 
org.apache.juli.ClassLoaderLogManager$Cleaner.run(ClassLoaderLogManager.java:80)


Kindly help us to resolve this issue and let me know if you need any further 
details.




Regards,
Gopalakrishnan S


__ This 
email is intended only for the use of the individual(s) to whom it is addressed 
and may be privileged and confidential. Unauthorised use or disclosure is 
prohibited. If you receive this e-mail in error, please advise immediately and 
delete the original message. This message may have been altered without your or 
our knowledge and the sender does not accept any liability for any errors or 
omissions in the message. Emails are monitored by supervisory personnel in 
jurisdictions where monitoring is permitted. Such communications are retained 
and may be produced to regulatory authorities or others with legal rights to 
the information. Please see link for RBCCM disclosures. 
https://www.rbccm.com/rbccm/policies-disclaimers.page

Re: Possibly Silly Question

[Robert Hicks]

Just looking the history page says:

*Apache Tomcat 3.0.x*. Initial Apache Tomcat release.

Wikipedia also mentions:
2.0 1998 Tomcat started off in November 1998[16]
 as a
servlet reference
implementation
 by James
Duncan Davidson , a
software architect at Sun Microsystems.
So that probably means it was "internal" only.

On Fri, Mar 25, 2022 at 11:45 AM 
wrote:

> Good morning,
>
> Doing some history research, but was there EVER a released version 1x or
> 2x of Tomcat? IF so, what version numbers had been out there, once upon a
> time ago?
>
> Thank you,
>
> Dream * Excel * Explore * Inspire
> Jon McAlexander
> Infrastructure Engineer
> Asst Vice President
> He/His
>
> Middleware Product Engineering
> Enterprise CIO | EAS | Middleware | Infrastructure Solutions
>
> 8080 Cobblestone Rd | Urbandale, IA 50322
> MAC: F4469-010
> Tel 515-988-2508 | Cell 515-988-2508
>
> jonmcalexan...@wellsfargo.com
> This message may contain confidential and/or privileged information. If
> you are not the addressee or authorized to receive this for the addressee,
> you must not use, copy, disclose, or take any action based on this message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
>
>

RE: Possibly Silly Question

[jonmcalexander]

That is what I thought, but I just wanted to make sure. Have some dubious data 
from Flexera around Tomcat versions.

Thanks,

Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President
He/His

Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

jonmcalexan...@wellsfargo.com
This message may contain confidential and/or privileged information. If you are 
not the addressee or authorized to receive this for the addressee, you must not 
use, copy, disclose, or take any action based on this message or any 
information herein. If you have received this message in error, please advise 
the sender immediately by reply e-mail and delete this message. Thank you for 
your cooperation.

> -Original Message-
> From: Robert Hicks 
> Sent: Friday, March 25, 2022 11:17 AM
> To: Tomcat Users List 
> Subject: Re: Possibly Silly Question
> 
> Just looking the history page says:
> 
> *Apache Tomcat 3.0.x*. Initial Apache Tomcat release.
> 
> Wikipedia also mentions:
> 2.0 1998 Tomcat started off in November 1998[16]
>  at*cite_note-16__;Iw!!F9svGWnIaVPGSwU!8a8yiOkctWgZbBLGpm-
> DSrOOtfGcHn27-IHh5EzsZTfD0BSouONgumeY1rD0uxdCe3Fw3yU$ > as a
> servlet reference implementation
>  plementation_(computing)__;!!F9svGWnIaVPGSwU!8a8yiOkctWgZbBLGpm-
> DSrOOtfGcHn27-IHh5EzsZTfD0BSouONgumeY1rD0uxdCWo66CtI$ > by James
> Duncan Davidson
>  n_Davidson__;!!F9svGWnIaVPGSwU!8a8yiOkctWgZbBLGpm-
> DSrOOtfGcHn27-IHh5EzsZTfD0BSouONgumeY1rD0uxdCkeFu21s$ >, a
> software architect at Sun Microsystems.
> So that probably means it was "internal" only.
> 
> On Fri, Mar 25, 2022 at 11:45 AM 
> wrote:
> 
> > Good morning,
> >
> > Doing some history research, but was there EVER a released version 1x
> > or 2x of Tomcat? IF so, what version numbers had been out there, once
> > upon a time ago?
> >
> > Thank you,
> >
> > Dream * Excel * Explore * Inspire
> > Jon McAlexander
> > Infrastructure Engineer
> > Asst Vice President
> > He/His
> >
> > Middleware Product Engineering
> > Enterprise CIO | EAS | Middleware | Infrastructure Solutions
> >
> > 8080 Cobblestone Rd | Urbandale, IA 50322
> > MAC: F4469-010
> > Tel 515-988-2508 | Cell 515-988-2508
> >
> >
> jonmcalexan...@wellsfargo.com
> > This message may contain confidential and/or privileged information.
> > If you are not the addressee or authorized to receive this for the
> > addressee, you must not use, copy, disclose, or take any action based
> > on this message or any information herein. If you have received this
> > message in error, please advise the sender immediately by reply e-mail
> > and delete this message. Thank you for your cooperation.
> >
> >

Failed to load uri_worker_map file

[Ron Hinds]

Windows Server 2016 Standard, IIS 10, Tomcat 8.5.77, Tomcat Connector 
1.2.48 x86-64, Gitbucket 4.37.2


Everything works fine as long as I postfix :8080 to the URL

http://www.example.com:8080/gitbucket

But if I try it without the :8080, I get a 404 error

http://www.example.com/gitbucket

It also puts an entry in the isapi_redirect log

[Fri Mar 25 17:43:50.841 2022] [6136:636] [error] 
uri_worker_map_load::jk_uri_worker_map.c (1270): Failed to load 
uri_worker_map file C:\Program Files\Apache Software Foundation\Tomcat 
8.5\conf\uriworkermap.properties (errno=2, err=No such file or directory).


Obviously, the file exists in that location. I've also made sure that 
the account the webserver runs under (IIS_IUSRS) has permissions to that 
file/folder. This server is on my internal LAN, so no firewall issues 
are preventing access to it.





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

AW: Migration JDK11 - Tomcat 9 - NoClassDefFoundError: java/sql/Statement

[Thomas Hoffmann (Speed4Trade GmbH)]

> -Ursprüngliche Nachricht-
> Von: Senguttuvan, Gopalakrishnan (CWM-NR)
> 
> Gesendet: Freitag, 25. März 2022 17:13
> An: users@tomcat.apache.org
> Betreff: Migration JDK11 - Tomcat 9 - NoClassDefFoundError:
> java/sql/Statement
> 
> Hi Team,
> 
> We are migrating our application from JDK8 to JDK11 (RedHat OpenJDK11).
> Modified the JAVA_HOME to JDK11 path.
> Currently we are using Tomcat version 9. (It is working fine with JDK8).
> Since the JDK11 won't support the JAVA_ENDORSED_DIRS, so I have
> removed the "-Djava.endorsed.dirs" in catalina.sh.
> 
> Once removed endorsed entry, got the below exception while start the
> application:
> java.lang.NoClassDefFoundError: java/sql/Statement
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.io.UTF8Reader.close(UTF
> 8Reader.java)
> at
> java.xml/com.sun.org.apache.xerces.internal.impl.XMLEntityManager.closeR
> eaders(XMLEntityManager.java:1452)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.cl
> eanup(XML11Configuration.java:803)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.p
> arse(XML11Configuration.java:844)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XML
> Parser.java:141)
> at
> java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.par
> se(AbstractSAXParser.java:1216)
> at
> java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXP
> arser.parse(SAXParserImpl.java:635)
> at 
> org.apache.tomcat.util.digester.Digester.parse(Digester.java:1517)
> at
> org.apache.catalina.startup.Catalina.parseServerXml(Catalina.java:584)
> at 
> org.apache.catalina.startup.Catalina.load(Catalina.java:675)
> at 
> org.apache.catalina.startup.Catalina.load(Catalina.java:712)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMet
> hodAccessorImpl.java:62)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Delega
> tingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at 
> org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302)
> at
> org.apache.catalina.startup.Bootstrap.mainStatement(Bootstrap.java:472)
> Exception in thread "Thread-0" java.lang.NoClassDefFoundError:
> java/sql/Statement
> at java.base/java.io.PrintWriter.close(PrintWriter.java)
> at 
> org.apache.juli.FileHandler.closeWriter(FileHandler.java:339)
> at org.apache.juli.FileHandler.close(FileHandler.java:327)
> at
> org.apache.juli.ClassLoaderLogManager.resetLoggers(ClassLoaderLogManag
> er.java:397)
> at
> org.apache.juli.ClassLoaderLogManager.shutdown(ClassLoaderLogManager.j
> ava:376)
> at
> org.apache.juli.ClassLoaderLogManager$Cleaner.run(ClassLoaderLogManage
> r.java:80)
> 
> 
> Kindly help us to resolve this issue and let me know if you need any further
> details.
> 
> 
> 
> 
> Regards,
> Gopalakrishnan S
> 

Hello,
does this error show up in IntelliJ ?
Seems like there is a bug in IntelliJ:
https://stackoverflow.com/questions/52981800/getting-noclassfoundexception-java-sql-sqlexception-in-intellij-idea-for-jdk-1

java.sql.statement is shipped with Java 11.

Greetings,
Thomsa

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

AW: Failed to load uri_worker_map file

[Thomas Hoffmann (Speed4Trade GmbH)]

> -Ursprüngliche Nachricht-
> Von: Ron Hinds 
> Gesendet: Freitag, 25. März 2022 19:09
> An: users@tomcat.apache.org
> Betreff: Failed to load uri_worker_map file
> 
> Windows Server 2016 Standard, IIS 10, Tomcat 8.5.77, Tomcat Connector
> 1.2.48 x86-64, Gitbucket 4.37.2
> 
> Everything works fine as long as I postfix :8080 to the URL
> 
> http://www.example.com:8080/gitbucket
> 
> But if I try it without the :8080, I get a 404 error
> 
> http://www.example.com/gitbucket
> 
> It also puts an entry in the isapi_redirect log
> 
> [Fri Mar 25 17:43:50.841 2022] [6136:636] [error]
> uri_worker_map_load::jk_uri_worker_map.c (1270): Failed to load
> uri_worker_map file C:\Program Files\Apache Software Foundation\Tomcat
> 8.5\conf\uriworkermap.properties (errno=2, err=No such file or directory).
> 
> Obviously, the file exists in that location. I've also made sure that the 
> account
> the webserver runs under (IIS_IUSRS) has permissions to that file/folder.
> This server is on my internal LAN, so no firewall issues are preventing access
> to it.
> 

Hello,
IIS uses several accounts, especially virtual user accounts might be used.
Some information is listed here: 
https://docs.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities
Make sure, that also the virtual user "IIS AppPool\" has read access 
to this file.

You can also use procmon to check where IIS is searching for this file and 
whether there is a permission issue.
When using procmon, make sure to set the filters well, otherwise you will get 
no or tons of lines.

Another method would be to temporarily grant all users full access to this 
folder to determine, whether it’s a permission issue.

Greetings, Thomas

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Apex SSO

[Luis Rodríguez Fernández]

Hello there,

My two cents: we have ORDS 20 over tomcat 9.0.41 authenticating against
keycloak IdP, however using SAML [1]. In tomcat we have the keycloak
connector [2] and for the APEX integration I developed a simple valve [3]
that injects a header with the username. This header is used by the APEX
application for authenticating the user. A new Authentication Scheme based
on that header is needed.

Hope it helps,

Luis

ps: thanks for the blog entry Peter, I was not aware that APEX 21.1 comes
with an OpenIDConnect authentication scheme, very nice stuff!

[1] https://www.keycloak.org/
[2]
https://www.keycloak.org/docs/latest/securing_apps/index.html#_saml-tomcat-adapter
[3]
https://github.com/cerndb/tomcat-sso-integration-components/blob/master/cern-tomcat-authentication-kit/src/main/java/ch/cern/sso/tomcat/valves/SsoHeadersValve.java

El vie, 25 mar 2022 a las 16:08, rupali singh ()
escribió:

> hi team,
>
> the reason im asking is we have document for apex and idcs integration
>
> https://www.ateam-oracle.com/post/integrating-sso-between-apex-cloud-and-identity-cloud-service-the-easy-way
>
> i did all the setup as per document but now the issue is apex is not
> redirecting to idcs url and giving below error.when we are trying to access
> the application URL.
> In tomcat logs there is no trace of IDCS discover URL and oracle denying
> from support coz we are using tomcat which is not supported by oracle.
>
> Hence trying to understand if there is anything we need on tomcat  and why
> apex is not redirecting to idcs url
> we are not using any proxy for tomcat
>
> apex error :
>
> [image: image.png]
>
> On Fri, 25 Mar 2022 at 18:42, Peter Chiu  wrote:
>
>> Hi Chris,
>>
>> To implement APEX SSO, that requires NO change to tomcat. That is why I
>> tried not to post here.
>>
>> Here is the blog for starters. https://fuzziebrain.com/content/id/1908/
>>
>> If tomcat is behind a proxy (apache or nginx), we might need to change a
>> setting in server.xml to return the real hostname.
>>
>> Hope this helps.
>>
>> On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz <
>> ch...@christopherschultz.net> wrote:
>>
>> > Peter,
>> >
>> > On 3/24/22 14:54, Peter Chiu wrote:
>> > > I will email you directly. For the group knowledge, there is nothing
>> > > special you need to do on Tomcat if it is not behind a proxy.
>> >
>> > Please post to the mailing list. It's not at all clear to me how you'd
>> > get Oracle APEX to deliver authentication information to Tomcat.
>> >
>> > Presumably, that's what Rupali is trying to accomplish and it would be
>> > helpful for the whole community to post back.
>> >
>> > -chris
>> >
>> > > On Thu, Mar 24, 2022 at 1:51 PM rupali singh <
>> rupali.r.si...@gmail.com>
>> > > wrote:
>> > >
>> > >> Hi Peter,
>> > >>
>> > >> Are u using apache web server with tomcat or its only tomcat  .
>> > >> if possible can you please share steps for azure AD with me on
>> > >> rupali.r.si...@gmail.com
>> > >>
>> > >>
>> > >>
>> > >> On Thu, 24 Mar 2022 at 21:21, Peter Chiu  wrote:
>> > >>
>> > >>> I have a working APEX SSO against Azure AD or On-Permise AD.
>> > >>>
>> > >>> On Thu, Mar 24, 2022 at 1:13 PM rupali singh <
>> rupali.r.si...@gmail.com
>> > >
>> > >>> wrote:
>> > >>>
>> >  HI Team,
>> > 
>> >  We are using apex 21.1 with tomcat 9.54.
>> >  we want to implement SSO for application deployed in Apex  with
>> IDCS
>> >  reference URL :
>> > 
>> > 
>> > >>>
>> > >>
>> >
>> https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service
>> > 
>> >  but apex is not at all redirecting to IDCS URL and as per Oracle
>> issue
>> > >> is
>> >  with tomcat .
>> > 
>> >  anyone successfully implemented APEX SSO( webserver : apache
>> tomcat)
>> > >>> with
>> >  Oracle IDCS
>> >  or  APEX SSO( webserver : apache tomcat)  with Microsoft Azure AD.
>> >  can you please assist us with steps.
>> > 
>> >  --
>> >  Thanks and Regards,
>> >  Rupali
>> > 
>> > >>>
>> > >>
>> > >>
>> > >> --
>> > >> Thanks and Regards,
>> > >> Rupali
>> > >>
>> > >
>> >
>> > -
>> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> > For additional commands, e-mail: users-h...@tomcat.apache.org
>> >
>> >
>>
>
>
> --
> Thanks and Regards,
> Rupali
>


-- 

"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."

- Samuel Beckett

AW: AW: Question to possible memory leak by Threadlocal variable

[Thomas Hoffmann (Speed4Trade GmbH)]

> -Ursprüngliche Nachricht-
> Von: Christopher Schultz 
> Gesendet: Freitag, 25. März 2022 14:05
> An: users@tomcat.apache.org
> Betreff: Re: AW: Question to possible memory leak by Threadlocal variable
> 
> Thomas,
> 
> On 3/24/22 05:49, Thomas Hoffmann (Speed4Trade GmbH) wrote:
> >
> >
> >> -Ursprüngliche Nachricht-
> >> Von: Mark Thomas 
> >> Gesendet: Donnerstag, 24. März 2022 09:32
> >> An: users@tomcat.apache.org
> >> Betreff: Re: Question to possible memory leak by Threadlocal variable
> >>
> >> On 24/03/2022 07:57, Thomas Hoffmann (Speed4Trade GmbH) wrote:
> >>
> >> 
> >>
> >>> Is it correct, that every spawned thread must call tl.remove() to
> >>> cleanup all
> >> the references to prevent the logged warning (and not only the main
> >> thread)?
> >>
> >> Yes. Or the threads need to exit.
> >>
> >>> Second question is: How might it cause a memory leak?
> >>> The threads are terminated and hold a reference to this static
> >>> variable. But
> >> on the other side, that class A is also eligible for garbage
> >> collection after undeployment.
> >>> So both, the thread class and the class A are ready to get garbage
> >>> collected. Maybe I missed something (?)
> >>
> >> It sounds as if the clean-up is happening too late. Tomcat expects
> >> clean-up to be completed once contextDestroyed() has returned for all
> >> ServLetContextListeners. If the clean-up is happening asynchronously
> (e.g.
> >> the call is made to stop the threads but doesn't wait until the
> >> threads have
> >> stopped) you could see this message.
> >>
> >> In this case it sounds as if you aren't going to get a memory leak
> >> but Tomcat can't tell that at the point it checks.
> >>
> >> Mark
> >>
> >> -
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> > Hello Mark,
> > thanks for the information.
> > The shutdown of the framework is currently placed within the destroy()
> method of a servlet (with load on startup).
> > At least the debugger shows that servlet-->destroy() is executed before
> the method checkThreadLocalMapForLeaks() runs.
> > I will take a look, whether the threads already exited.
> 
> Tomcat only checks its own request-processing threads for ThreadLocals, so
> any threads created by the application or that library are unrelated to the
> warning you are seeing.
> 
> Any library which saves ThreadLocals from request-processing threads is
> going to have this problem if the objects are of types loaded by the webapp
> ClassLoader.
> 
> There are a few ways to mitigate this, but they are ugly and it would be
> better if the library didn't use ThreadLocal storage, or if it would use 
> vanilla
> classes from java.* and not its own types.
> 
> You say that those objects are eligible for GC after the library shuts down,
> but that's not true: anything you stick in ThreadLocal storage is being held 
> ...
> by the ThreadLocal storage and won't be GC'd. If an object can't be collected,
> the java.lang.Class defining it can't be collected, and therefore the
> ClassLoader which loaded it (the webapp
> ClassLoader) can't be free'd. We call this a "pinned ClassLoader" and it still
> contains all of the java.lang.Class instances that the ClassLoader ever loaded
> during its lifetime. If you reload repeatedly, you'll see un-collectable
> ClassLoader instances piling up in memory which is
> *definitely* a leak.
> 
> The good news for you is that Tomcat has noticed the problem and will, over
> time, retire and replace each of the affected Threads in its request-
> processing thread pool. As those Thread objects are garbage-collected, the
> TheradLocal storage for each is also collected, etc. and *eventually* your 
> leak
> will be resolved. But it would be better not to have one in the first place.
> 
> Why not name the library? Why anonymize the object type if it's
> org.apache.something?
> 
> -chris

Hello Chris,
I didn't want to blame any library 😉 But as you ask for it, I send more details.

Regarding the ThreadLocal thing:
I thought that the threadlocal variables are stored within the Thread-class in 
the member variable "ThreadLocal.ThreadLocalMap threadLocals":
https://github.com/AdoptOpenJDK/openjdk-jdk11/blob/master/src/java.base/share/classes/java/lang/Thread.java

So I thought, when the thread dies, these variables will also be released and 
automatically removed from the ThreadLocal variable / instance (?)
I considered the ThreadLocal class as just the manager of the thread's member 
variable "threadLocals".

Regarding the library:
The full log-message is:
12-Mar-2022 15:01:16.302 SCHWERWIEGEND [Thread-15] 
org.apache.catalina.loader.WebappClassLoaderBase.checkThreadLocalMapForLeaks 
The web application [ROOT] created a ThreadLocal with key of type 
[java.lang.ThreadLocal.SuppliedThreadLocal] (value 
[java.lang.ThreadLocal$SuppliedThreadLocal@2121cbad]