getting the start time of Tomcat server.
There is a java Class in tomcat api to get the start time of Tomcat? Thanks :-D -- View this message in context: http://www.nabble.com/getting-the-start-time-of-Tomcat-server.-tp15562340p15562340.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
problem with tomcat clusters sso with apache load balancer
Hi, I am Alejandro from Argentina. I am having an issue with tomcat 6.0.10 using clusters and single sign on, while performing load balance with apache 2.2 When I am accessing a secured page, I try to login (the login form is shown correctly) but I receive the following: HTTP Status 400 - Invalid direct reference to form login page Note: The load balancer makes me switch between 2 tomcat servers. One switch by page request. Please tell me if the info is not enough. Thank you in advance. -- httpd.conf -- SetHandler balancer-manager BalancerMember ajp://sismcarrizo:8009 BalancerMember ajp://servisitadores4:8009 BalancerMember ajp://servisitadores4:8009 ProxyPass balancer://cluster/portal-a stickysession=JSESSIONID ProxyPass balancer://clusterb/portal-b stickysession=JSESSIONID ProxyPass balancer://cluster/portal-c stickysession=JSESSIONID ProxyPass balancer://cluster/accesos-sso stickysession=JSESSIONID -- server.xml -- -- web.xml -- portal-a /mercados.jsp /mercados.page /mercados.jsf accesos FORM Portal A Application /login.jsp /error.jsp The role that is required to log in to the Manager Application accesos
Re: problem with tomcat clusters sso with apache load balancer
Thank you for your answers. As a workarround (forgetting about clustering), can I use 2 tomcat instances with different WARs but both using sso? For instance: Machine 1 - tomcat #1 - a.war Machine 2 - tomcat #2 - b.war both with sso, so when I log-in in application a I am also logged in application b Regards, Alejandro - Original Message - From: "Peter Rossbach" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, May 03, 2007 3:16 PM Subject: Re: problem with tomcat clusters sso with apache load balancer > Hi, > > the clusterSSO implementation is not ready: > > - at normal shutdown from one application or a node all sessions are > expired. > clusterSSO is a normal session listener and context stop expires > all sessions. > - The sessionID rewrite from JvmRouteBinderValve are not coordinated > with clusterSSO sessionID cache. > - I have made some improvements at the tomcat 5.5 backport :-( > > Peter > > > Am 03.05.2007 um 19:24 schrieb Filip Hanik - Dev Lists: > > > I don't think the clusterSSO implementation ever really got > > finished. It got submitted, but never completed. > > At least that was my impression of it > > > > Filip > > > > Alejandro Fernandez wrote: > >> Hi, I am Alejandro from Argentina. > >> > >> I am having an issue with tomcat 6.0.10 using clusters and single > >> sign on, while performing load balance with apache 2.2 > >> > >> When I am accessing a secured page, I try to login (the login form > >> is shown correctly) but I receive the following: > >> > >> HTTP Status 400 - Invalid direct reference to form login page > >> > >> Note: The load balancer makes me switch between 2 tomcat servers. > >> One switch by page request. > >> > >> Please tell me if the info is not enough. > >> > >> Thank you in advance. > >> > >> - > >> - > >> httpd.conf > >> - > >> - > >> > >> > >> > >> > >> SetHandler balancer-manager > >> > >> > >> > >> BalancerMember ajp://sismcarrizo:8009 > >> BalancerMember ajp://servisitadores4:8009 > >> > >> > >> > >> BalancerMember ajp://servisitadores4:8009 > >> > >> > >> > >> ProxyPass balancer://cluster/portal-a stickysession=JSESSIONID > >> > >> > >> > >> ProxyPass balancer://clusterb/portal-b stickysession=JSESSIONID > >> > >> > >> > >> ProxyPass balancer://cluster/portal-c stickysession=JSESSIONID > >> > >> > >> > >> ProxyPass balancer://cluster/accesos-sso stickysession=JSESSIONID > >> > >> > >> > >> > >> - > >> - > >> server.xml > >> - > >> - > >> > >> > >> > >> > >>>> className="org.apache.catalina.ha.tcp.SimpleTcpCluster" > >> channelSendOptions="8"> > >>>> className="org.apache.catalina.ha.session.DeltaManager" > >> expireSessionsOnShutdown="false" > >> notifyListenersOnReplication="true"/> > >> > >>>> className="org.apache.catalina.tribes.group.GroupChannel"> > >> >> className="org.apache.catalina.tribes.membership.McastService" > >> address="228.0.0.4" > >> port="45564" > >> frequency="500" > >> dropTime="3000"/> > >> >> className="org.apache.catalina.tribes.transport.nio.NioReceiver" > >> address="auto" > >> port="4000" > >> autoBind="100" > >> selectorTimeout="5000" > >> maxThreads="6"/> > >> > >> >> className="org.apache.catalina.tribes.transport.ReplicationTransmitte > >> r"> > >>>> className
filters on j_security_check
Hi, my name is Alejandro, I am working with Tomcat 7.0.20 and I need to know how can I apply filters to j_security_check to verify the status of login before continue with my authentication process. I was thinking to use valves, but I read on internet that valves will be replaced with Filters - GSOC since Tomcat 7.0.x, so, I'm not sure what to do . Please, this is very important to me and any help will be appreciated. Best Regards. -- Alejandro Soto
Re: filters on j_security_check
Hi, thanks for reply, well, what i need is to know if the authentication was successful or not, I want to get the status of that authentication, I just need to know that status and has to be before the authentication mechanism continues. I am trying to invoke j_security_check from inside another servlet. Any suggestions about how resolve my requirement? Thanks in advance. Alejandro On Thu, Oct 13, 2011 at 12:50 PM, Pid wrote: > On 13/10/2011 15:09, Alejandro Soto wrote: > > Hi, my name is Alejandro, I am working with Tomcat 7.0.20 and I need to > know > > how can I apply filters to j_security_check to verify the status of login > > before continue with my authentication process. > > You can't use Filters because the Authentication Valves act before the > Filter chain. > > Why do you need to filter on j_security_check? > > > p > > > I was thinking to use valves, but I read on internet that valves will be > > replaced with Filters - GSOC since Tomcat 7.0.x, so, I'm not sure what to > do > > . > > > > Please, this is very important to me and any help will be appreciated. > > > > Best Regards. > > > > > -- Alejandro Soto M. Cel: 705-63861
Re: filters on j_security_check
Hi Chuck, call j_security_check from inside another servlet is just an idea,
why is bad idea?
If possible, I don't want a custom , I want to use the authentication
mechanism of the container (JDBCRealm), use something like this:
.
Context context = (Context) host.findChild("myContext");
Realm realm = context.getRealm();
String username = request.getParameter("j_username");
String password = request.getParameter("j_password");
Principal principal = realm.authenticate(username, password);
if (principal == null)
{
// some tasks
} else {
//
}
But this give me problems with catalina.jar library inside of my .war file.
Thanks.
Alejandro
On Thu, Oct 13, 2011 at 2:11 PM, Caldarale, Charles R <
chuck.caldar...@unisys.com> wrote:
> > From: Alejandro Soto [mailto:smalejan...@gmail.com]
> > Subject: Re: filters on j_security_check
>
> > what i need is to know if the authentication was successful or not
>
> What are you going to do with said information?
>
> > I just need to know that status and has to be before the authentication
> > mechanism continues.
>
> Why? It seems like you might actually need to write a custom , not
> a filter.
>
> > I am trying to invoke j_security_check from inside another servlet.
>
> That sounds really, really wrong.
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you received
> this in error, please contact the sender and delete the e-mail and its
> attachments from all computers.
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
control of session timed out with tomcat
Hi my friends, I want to ask you all, If there is a way to control the timed out of sessions with tomcat, what I need is when the session timed out, automatically the user is redirected to the login page, Is this possible to do that from tomcat?, I mean, tomcat triggers some event to the user with session timed out, with no need user interaction. I know that the time of inactivity of the session is setup in web.xml, with that I have no problem, what I need is just redirect to a login page when the session timed out. I am working with tomcat 7.0.20 and JDBCRealm for authentication. Thanks in advance. -- Alejandro Soto M.
Re: control of session timed out with tomcat
Hi, thanks for your replies, These are the only ways I have to do it?, I was reading something about filters, but I think only works with user interaction. Thanks. On Thu, Oct 20, 2011 at 10:08 AM, Hassan Schroeder < hassan.schroe...@gmail.com> wrote: > On Thu, Oct 20, 2011 at 6:51 AM, Alejandro Soto > wrote: > > Hi my friends, I want to ask you all, If there is a way to control the > timed > > out of sessions with tomcat, what I need is when the session timed out, > > automatically the user is redirected to the login page, Is this possible > to > > do that from tomcat?, I mean, tomcat triggers some event to the user with > > session timed out, with no need user interaction. > > No. That's not how the web works :-) > > What you *can* do is put a meta-refresh tag in the head of each page > (with the time set the same as your session timeout) that redirects to a > protected resource, which will bring up the login page. > > HTH, > -- > Hassan Schroeder hassan.schroe...@gmail.com > http://about.me/hassanschroeder > twitter: @hassan > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Alejandro Soto M. Cel: 705-63861
Re: control of session timed out with tomcat
Thanks for the clarification. Well, my system is like a ERP, what I want to do is basically: the user for work with the system, first must to be authenticated, then the user can works normally, then, if his session timed out, he need to relogin, that is the reason because I need to control the sessions, but what the user was doing before relogin, must be on hold, if the authentication is successful, then the request of the user is committed. Any advice will be welcome. Thanks. On Thu, Oct 20, 2011 at 10:52 AM, André Warnier wrote: > Alejandro Soto wrote: > >> Hi, thanks for your replies, These are the only ways I have to do it?, I >> was >> reading something about filters, but I think only works with user >> interaction. >> >> > The basic issues are these : > > 1) Tomcat (probably) doesn't spend its time all the time scanning stored > sessions to see if one has expired, and deleting it. > What it does is : when a new request comes in, and that new request has a > session-id in it, then Tomcat looks for this stored session. If it finds > it, it checks if it has expired, and if so, it deletes it and does as if the > session had not been there in the first place. > > 2) even assuming that Tomcat would find out, without user interaction, that > a session has expired, and wanted to send something somewhere, where would > it send it ? > It is not certain that the browser of that user still has a connection open > with the server. > And even if there was such a connection open, and Tomcat sent something on > it, the browser isn't waiting for anything, since it has not requested > anything. I wouldn't be surprised if the browser got very confused then. > > > That's why you always need the browser to send something, to have Tomcat > react and search for the session, and send an answer. > > Personally, I think that by trying to do this (in whatever way), you set > yourself up for all kinds of bizarre happenings and side-effects. > What is the problem you are trying to solve ? > > > --**--**- > To unsubscribe, e-mail: > users-unsubscribe@tomcat.**apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Alejandro Soto M. Cel: 705-63861
Problems upgrading to Tomcat 7
Hi all!!
I'm migrating to Tomcat 7 a web system that used to run on Tomcat 4...
So far, I've been able to sort out all of the issues I've faced, but I'm
stuck at one point. When a page loads in Tomcat 4, it goes and fetches the
stylesheet from the server with a link of the form
But on Tomcat 7, the parent directory indirection is removed, and I can't
seem to find the way to prevent this from happening!
What confuses me more, is that when Tomcat generates the *_jsp.java files,
both 4 and 7 versions generate a line of code like this one:
out.write("\r\n\r\n");
So i can't figure out why the rendering process is removing the '../' bit
of the link!
Has anyone faced this problem before? I haven't found any parent directory
restriction configuration or something that would point me in that
direction.
Thanks for your time and help!!
Alejandro
Re: Problems upgrading to Tomcat 7
First of all, thank you very much for your quick response! I'm too having a
hard time believing that tomcat would do something like that... I even
tried on a new web project and it didn't remove the parent directory
reference! I'm very confused right now...
The base url of the application is of the form
http://host/app/servlets/FrontController
So when in Tomcat 4 the page fetches the stylesheet (using the
href="../lightStyle.css" form), it resolves to
http://host/app/lightStyle.css, whereas in Tomcat 7 it goes to
http://host/app/servlets/lightStyle.css.
Here's the output of the JSP (the header part) for both 4 and 7 version.
TOMCAT 4
@import URL("../lightStyle.css")
Consulta de usuarios
...
...
TOMCAT 7
@import URL("lightStyle.css")
Error
...
...
Thanks again for anything you can think of!
Cheers!
Ale
On Tue, Jul 31, 2012 at 5:10 AM, André Warnier wrote:
> Christopher Schultz wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Alejandro,
>>
>> On 7/30/12 5:48 PM, Alejandro Mehring wrote:
>>
>>> I'm migrating to Tomcat 7 a web system that used to run on Tomcat
>>> 4...
>>>
>>
>> Been there (though I went through 5.5 and 6.0 to get there in a
>> relatively short amount of time).
>>
>> So far, I've been able to sort out all of the issues I've faced,
>>> but I'm stuck at one point. When a page loads in Tomcat 4, it goes
>>> and fetches the stylesheet from the server with a link of the form
>>>
>>>
>>>
>>
>> Although this should work, I always recommend using context-relative
>> URLs like this:
>>
>> " />
>>
>> This will ensure that your URLs resolve properly no matter how the
>> .jsp is being evaluated (for instance, in an include or after a
>> forward, where the client's URL may not match what your JSP expects).
>>
>> But on Tomcat 7, the parent directory indirection is removed, and I
>>> can't seem to find the way to prevent this from happening!
>>>
>>
>> That doesn't seem right.
>>
>> What confuses me more, is that when Tomcat generates the *_jsp.java
>>> files, both 4 and 7 versions generate a line of code like this
>>> one:
>>>
>>> out.write(">> type=\"text/css\">\r\n\r\n");
>>>
>>> So i can't figure out why the rendering process is removing the
>>> '../' bit of the link!
>>>
>>
>> I have a hard time believing that Tomcat is modifying anything: in the
>> case above, Tomcat does not interpret anything at all. As far as
>> Tomcat is concerned, the above is just a string of characters like
>> "Hello, World" and has no URL context or anything like that.
>>
>> Are you sure this isn't being included by another JSP or forwarded
>> from another URL?
>>
>> Has anyone faced this problem before? I haven't found any parent
>>> directory restriction configuration or something that would point
>>> me in that direction.
>>>
>>
>> What does the output of the JSP look like? That is, what is the actual
>> content of the page as seen by the client?
>>
>>
> +1
>
> And, what does that request for the stylesheet actually look like, when it
> is sent by the client (the browser) to the server ?
> You can find that out by using one of the browser plugins like Fiddler2
> (for IE), HttpFox (for Firefox) or similar.
> The point is : this "href" is interpreted *by the client* and converted to
> a full HTTP request URL (with hostname, path and all), before being sent to
> the server.
> The server always receives an absolute URL, starting at the root.
>
>
> --**--**-
> To unsubscribe, e-mail:
> users-unsubscribe@tomcat.**apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Re: Problems upgrading to Tomcat 7
Thank you very much for your help!
Digging a bit more into the system, I came to a part where it's building
the link based on the original servlet request.
If I have this URL:
http://host/app/servlet/FrontController?arg1=yes&arg2=target.jsp&arg3=something
Java 1.4's getRequestURL() returns 'http://host/app/servlet/FrontController'
whereas
Java 1.6's getRequestURL() returns 'http://host/app/target.jsp'
I found someone reporting this same issue on JBoss community page, but got
no answer. I'll try to find another way to get the same behaviour in Java
1.6 as of getRequestURL in 1.4.
Thank you very much for your kind help.
Ale
On Tue, Jul 31, 2012 at 10:55 AM, André Warnier wrote:
> Alejandro Mehring wrote:
> ...
>
>
>> The base url of the application is of the form
>>
>> http://host/app/servlets/**FrontController<http://host/app/servlets/FrontController>
>>
>> So when in Tomcat 4 the page fetches the stylesheet (using the
>> href="../lightStyle.css" form), it resolves to
>> http://host/app/lightStyle.css**, whereas in Tomcat 7 it goes to
>> http://host/app/servlets/**lightStyle.css<http://host/app/servlets/lightStyle.css>
>> .
>>
>
> How do you *know* this ?
> Are you watching what the browser really sends as a HTTP request URL, and
> if yes how ?
>
>
>
>> Here's the output of the JSP (the header part) for both 4 and 7 version.
>>
>>
> Can you also paste the content of the real JSP page which generates the
> output you showed below ? Is that JSP page *exactly* the same for the
> Tomcats 4 and 7 servers ?
>
>
> TOMCAT 4
>>
>>
>>
>>
>> @import URL("../lightStyle.css")
>>
>>
>>
>>
>>
>>
>>
>> Consulta de usuarios
>>
>> ...
>>
>> ...
>>
>>
>>
>> TOMCAT 7
>>
>>
>>
>> @import URL("lightStyle.css")
>>
>>
>> Error
>>
>>
>>
>>
>>
>> ...
>>
>> ...
>>
>
> --**--**-
> To unsubscribe, e-mail:
> users-unsubscribe@tomcat.**apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Re: Problems upgrading to Tomcat 7
I'm very sorry! I forgot to mention that i tried what he suggested, but got the same result. That's why I started digging more into it and got to that point and what helped me find this other issue. Thanks again! Ale On Tue, Jul 31, 2012 at 11:31 AM, André Warnier wrote: > Alejandro Mehring wrote: > >> Thank you very much for your help! >> >> Digging a bit more into the system, I came to a part where it's building >> the link based on the original servlet request. >> >> If I have this URL: >> http://host/app/servlet/**FrontController?arg1=yes&arg2=** >> target.jsp&arg3=something<http://host/app/servlet/FrontController?arg1=yes&arg2=target.jsp&arg3=something> >> >> Java 1.4's getRequestURL() returns 'http://host/app/servlet/** >> FrontController <http://host/app/servlet/FrontController>' >> whereas >> Java 1.6's getRequestURL() returns 'http://host/app/target.jsp' >> >> I found someone reporting this same issue on JBoss community page, but got >> no answer. I'll try to find another way to get the same behaviour in Java >> 1.6 as of getRequestURL in 1.4. >> >> > Now you seem to be on the right path. > On the other hand, you seem to be strangely ignoring every bit of advice > that people are trying to give you, for example what Christopher suggested > in his earlier message, and which i will repeat here : > > quote > > > Although this should work, I always recommend using context-relative > URLs like this: > > " /> > > This will ensure that your URLs resolve properly no matter how the > .jsp is being evaluated (for instance, in an include or after a > forward, where the client's URL may not match what your JSP expects). > > unquote > > > > --**--**- > To unsubscribe, e-mail: > users-unsubscribe@tomcat.**apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Problems upgrading to Tomcat 7
Thank you, Mark! I'll look into the container and let you know when i find the solution. Cheers, Ale On Tue, Jul 31, 2012 at 11:57 AM, Mark Thomas wrote: > On 31/07/2012 15:07, Alejandro Mehring wrote: > > Thank you very much for your help! > > > > Digging a bit more into the system, I came to a part where it's building > > the link based on the original servlet request. > > > > If I have this URL: > > > http://host/app/servlet/FrontController?arg1=yes&arg2=target.jsp&arg3=something > > > > Java 1.4's getRequestURL() returns ' > http://host/app/servlet/FrontController' > > whereas > > Java 1.6's getRequestURL() returns 'http://host/app/target.jsp' > > > > I found someone reporting this same issue on JBoss community page, but > got > > no answer. I'll try to find another way to get the same behaviour in Java > > 1.6 as of getRequestURL in 1.4. > > That is not a Java 1.4 vs Java 6 issue. That is a container > implementation issue since getRequestURL() is provided by the container. > > You'll need to dig a little more into exactly what is going on in the > app. I don't recall any spec changes in this area. > > Mark > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Some help with Security Manager
Hi, I’m using Tomcat with JSF, ICEFaces, Spring and JPA. The configuracion and the app work very well when I deploy it with the security managed disabled. The problem is when I enable the security manager, I can’t deploy the app. In the I can see the next trace: INFO: Desplieque del descriptor de configuración C:\Users\Alejandro\AppData\Roaming\NetBeans\7.2.1\apache-tomcat-7.0.27.0_base\conf\Catalina\localhost\web-root.xml may 04, 2013 1:57:06 PM org.apache.catalina.core.ContainerBase addChildInternal SEVERE: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/web-root]] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:895) at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:130) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:153) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:142) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:869) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1585) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:722) Caused by: java.lang.NullPointerException at com.sun.faces.config.InitFacesContext.cleanupInitMaps(InitFacesContext.java:278) at com.sun.faces.config.InitFacesContext.(InitFacesContext.java:102) at com.sun.faces.config.FacesInitializer.onStartup(FacesInitializer.java:114) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5262) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ... 15 more may 04, 2013 1:57:06 PM org.apache.catalina.startup.HostConfig deployDescriptor SEVERE: Error durante el despliegue del descriptor de configuración C:\Users\Alejandro\AppData\Roaming\NetBeans\7.2.1\apache-tomcat-7.0.27.0_base\conf\Catalina\localhost\web-root.xml java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/web-root]] at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:898) at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:130) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:153) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:142) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:869) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:615) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:649) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1585) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:722) may 04, 2013 1:57:06 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-bio-8084"] I try to find a reason in Internet but I can’t find the correct answer for this problem. Some help, I appreciate it. Regards
Catalina.policy java.security.AllPermission
Hi, I have a problem with the Catalina’s security manager. We are using Tomcat 6, with JDK 6 and JSF 2.1 with Spring, JPA and ICEFaces. My app works very well when I run my app with the security manager disable. The problem presents when I enable the security manager of Tomcat. My app fails when Tomcat start giving me the next log: INFO: Checking whether login URL '/security/login.jsf' is accessible with your configuration 8/05/2013 12:29:11 PM org.springframework.web.context.ContextLoader initWebApplicationContext INFO: Root WebApplicationContext: initialization completed in 1969 ms 8/05/2013 12:29:11 PM org.apache.catalina.core.StandardContext start SEVERE: Error listenerStart 8/05/2013 12:29:11 PM org.apache.catalina.core.StandardContext start SEVERE: Falló en arranque del Contexto [/WebRed] debido a errores previos 8/05/2013 12:29:11 PM com.sun.faces.config.ConfigureListener contextDestroyed SEVERE: Unexpected exception when attempting to tear down the Mojarra runtime java.lang.NullPointerException at com.sun.faces.config.ConfigureListener.getInitFacesContext(ConfigureListener.java:740) at com.sun.faces.config.ConfigureListener.contextDestroyed(ConfigureListener.java:300) at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:4245) at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4886) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4750) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799) at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:124) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:146) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:777) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:943) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:563) at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1399) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:297) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:762) at org.apache.catalina.manager.ManagerServlet.check(ManagerServlet.java:1500) at org.apache.catalina.manager.HTMLManagerServlet.doPost(HTMLManagerServlet.java:252) at javax.servlet.http.HttpServlet.service(HttpServlet.java:643) at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:283) at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185) at org.apache.catalina.filters.CsrfPreventionFilter.doFilter(CsrfPreventionFilter.java:194) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:250) at org.apache.catalina.core.ApplicationFilterChain.internalDoFil
Re: Catalina.policy java.security.AllPermission
Thanks! It is because I am run my app in a Web Hosting that runs with SM enable. --- Mensaje Original --- Desde: "André Warnier" Enviado: 9 de mayo de 2013 04:46 Para: "Tomcat Users List" Asunto: Re: Catalina.policy java.security.AllPermission Alejandro Garcia wrote: > Hi, > I have a problem with the Catalina’s security manager. > > We are using Tomcat 6, with JDK 6 and JSF 2.1 with Spring, JPA and ICEFaces. > My app works very well when I run my app with the security manager disable. > > The problem presents when I enable the security manager of Tomcat. My app > fails when Tomcat start giving me the next log: > > INFO: Checking whether login URL '/security/login.jsf' is accessible with > your configuration > 8/05/2013 12:29:11 PM org.springframework.web.context.ContextLoader > initWebApplicationContext > INFO: Root WebApplicationContext: initialization completed in 1969 ms > 8/05/2013 12:29:11 PM org.apache.catalina.core.StandardContext start > SEVERE: Error listenerStart > 8/05/2013 12:29:11 PM org.apache.catalina.core.StandardContext start > SEVERE: Falló en arranque del Contexto [/WebRed] debido a errores previos > 8/05/2013 12:29:11 PM com.sun.faces.config.ConfigureListener contextDestroyed > SEVERE: Unexpected exception when attempting to tear down the Mojarra runtime > java.lang.NullPointerException > at > com.sun.faces.config.ConfigureListener.getInitFacesContext(ConfigureListener.java:740) > at > com.sun.faces.config.ConfigureListener.contextDestroyed(ConfigureListener.java:300) > at > org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:4245) > at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4886) > at org.apache.catalina.core.StandardContext.start(StandardContext.java:4750) > at > org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799) > at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:124) > at > org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:146) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:777) > at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601) > at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:943) > at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:563) > at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1399) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:297) > at > com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836) > at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:762) > at org.apache.catalina.manager.ManagerServlet.check(ManagerServlet.java:1500) > at > org.apache.catalina.manager.HTMLManagerServlet.doPost(HTMLManagerServlet.java:252) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:643) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309) > at > org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:283) > at > org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56) > at > org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189) > at java.security.AccessController.doPrivileged(Native Method) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185) > at > org.apache.catalina.filters.CsrfPreventionFilter.doFilter(CsrfPreventionFilter.java:194) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at
Please, I need to understand how apache tomcat finds taglib files with .tld and .xml extensions
Hello: I have the following problem, actually it is not a problem, it is a conceptual problem I think. I have a custom taglib file, which is named mytaglib.xml. When I deploy my app, which uses this file, in apache tomcat 5.5 and better, my app does not have any problem to find this file, and everything works fine. But when I deploy my app in JBoss, I have the problem that the app can't find this file. If I renamed this file to mytaglib.tld, the problem is solved. I did the same test with tomcat, and it works fine. So, my question is, why doesn't apache tomcat have problems to find this file with a .tld or .xml extension?. I would like to know whether in older versions of apache tomcat, the name of taglib.xml was required, so today there is no problem with .tld or .xml extension. Is this part documented in somewhere? Thanks a lot. Regards. -- Alejandro
Re: tomcat 6 vulnerability scan default error page help
You need to unpack catalina.jar in tomcat lib directory, then go to org\apache\catalina\util\, open ServerInfo.properties and edit it server.info=Apache Tomcat server.number= server.built= You need to set to empty these variables, as shown above. Save the file. Pack as jar again Put in the tomcat\lib directory again. Hope this could help you, I'm using Tomcat 8.0.27 "Berneburg, Cris J. - US" escribió: We are getting dinged by a vulnerability scan for the default not-found error page being returned by Tomcat for a Status 404. On my dev server when requesting an invalid URL, Tomcat returns a Status 404 page that displays the Tomcat version. Right, I need to do something about that. However, I can't find where the error-page for 404 is defined. It's not defined in: - webapps/ROOT/WEB-INF/web.xml - conf/web.xml - conf/server.xml - conf/context.xml Also, I can't find a notFound or error page either. How do I get rid of or override the default error / 404 / not-found page if I can't find it or where it is currently defined? Also, how is Tomcat returning the default 404 error page if it does not exist? I hope it's not hardcoded in a servlet response. FYI, we're going to remove the ROOT, docs, and examples folders to mitigate other scan findings. And we're using Tomcat 6.0.37 (ahem). -- Cris Berneburg CACI Lead Software Engineer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat in Netbeans 11.1
Well if you're developping in Netbeans, Netbeans always make a copy of tomcat in other folder. When you run the project, Netbeans deploy the project in its working directory and that deploy stays there until you cleaned or undeploy it or undeploy them. In Netbeans there's a tab named Services, generally on the left side of the screen, near it is Projects tab and Files tab. In Services you find the servers, expand it and you'll find Tomcat, if you expand Tomcat you will able to see all your deployments that you ran when you were developping on them, you are able to stop ever one of them and undeploy them. I hope this helps. Greetings. Quoting Don : I've been using Tomcat in production for about 15 years. I'm currently working in 8.5.39. The people at NetBeans suggested I ask this list about a problem I experience when I select Project | Run from the NetBeans project window. Instead of running just the project I selected, it also runs other projects that are open in NetBeans. I don't see anything in the webapps folder when it is running so I have doubts that Tomcat is keeping track of what is has previously run. Does any of this sound like anything anyone else has experienced? It only started happening last week, until then it seemed just fine. Don - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Trying to mix db connection pooling on web and desktop applications
Hello, this is the scenario:
I have an application that must have two interfaces: as a desktop application
and as a web application
I've put the business logic inside a JAR library (client_bpm.jar), which must
connect to an Oracle 9i database
I configured the web application so it can use a db pool connection, in the
following manner:
1. Added to %CATALINA_HOME%/conf/server.xml the following:
2. Added to %CATALINA_HOME%/conf/context.xml the following:
3. Added to %CATALINA_HOME%/webapps/myWebApp/WEB-INF/web.xml the following:
Resource reference to a factory for java.sql.Connection
instances that may be used for talking to a particular
database that is configured in the Context
configurartion for the web application.
jdbc/RAM_DB
javax.sql.DataSource
Container
4. Added my business library (client_bpm.jar) to
%CATALINA_HOME%/webapps/myWebApp/WEB-INF/lib
5. Added JDBC library (ojdbc14.jar) to %CATALINA_HOME%/lib
6. Use the following code to get a db connection:
Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env");
DataSource ds = (DataSource) envCtx.lookup("jdbc/RAM_DB");
Connection conn= ds.getConnection();
And the web application runs fine, i have no problems with it
Now, what i want is to use the same db connection pool facility (that Tomcat
provides to web applications) on my desktop application, and use the same code
(or something very similar) i used in point 6 to obtain a db connection
With points 1-3 Tomcat provided my web application with a db connection pooling
facility
I want Tomcat to provide to my desktop application the same db connection
pooling facility, ¿How do i do that?
I have tried invoking my desktop application with the following:
java -classpath
".;%CATALINA_HOME%/webapps/myWebApp/WEB-INF/lib/client_bpm.jar;%CATALINA_HOME%/lib/catalina.jar;%CATALINA_HOME%/bin/tomcat-juli.jar;%CATALINA_HOME%/lib/ojdbc14.jar"
-Djava.naming.factory.initial=org.apache.naming.java.javaURLContextFactory
-Djava.naming.factory.url.pkgs=org.apache.naming MyDesktopApp
And got the following error:
javax.naming.NameNotFoundException: Name java: is not bound in this Context
at org.apache.naming.NamingContext.list(NamingContext.java:345)
at org.apache.naming.NamingContext.list(NamingContext.java:368)
at javax.naming.InitialContext.list(InitialContext.java:436)
at MyDesktopApp.main(MyDesktopApp.java:12)
Any suggestions will be appreciated
---
Aviso Confidencial.-
Este correo electrónico, así como los archivos adjuntos que contenga son
confidenciales de conformidad con las leyes aplicables, y es para uso exclusivo
del destinatario al que expresamente se le ha enviado. Si usted no es el
destinatario legítimo del mismo, deberá reportarlo al remitente del correo y
borrarlo inmediatamente. Cualquier revisión, retransmisión, divulgación,
difusión o cualquier otro uso de este correo, por personas o entidades
distintas a las del destinatario legítimo, queda expresamente prohibido. Los
derechos de propiedad respecto de la información, material, bases de datos,
diseños, y los distintos elementos en él contenidos son titularidad de Mapfre
Tepeyac, S. A. Este correo electrónico no pretende ni debe ser considerado como
constitutivo de ninguna relación legal, contractual o de otra índole similar.
Confidencial Notice.-
This e-mail, as such as the attached files it contains are confidential in
accordance with the applicable laws, and is for exclusive use to expressly
addressee has been sending. If you are not the legitimate addressee itself, you
will must report to sender of mail and cross it immediately. Any review,
re-transmission, disclosure, dissemination or any other use of this mail, from
people or different entities from the legitimate addressee, is prohibited. The
property rights about the information, material, databases, designs, and the
different components in it contains are ownership of MAPFRE Tepeyac, S. A.
This e-mail do not pretend, neither it should be considered of any legal or
contractual relationship.
---
Problem with threads in stage Service (Tomcat 7.0.14)
Good day. I have the following problem with my tomcat. Sometimes, some threads are keep in service stage for a long time (really never exit from this stage), this causes that tomcat uses a hight percentage of the CPU (100 % of 2 or 3 cores) thus the webapp executes very slow. I have a Tomcat 7.0.14 in a Redhat RHLE 5.5. The partial solution is restart the service, but this is not a practical solution(because is a 24/7 server). is posible config a timeout for threads in service stage, or any solution?? Thanks. Sorry for the redaction. Attached an image with the tomcat manager status and the CPU consuming. Cordial saludo. Tengo el siguiente problema con mi tomcat. En algunas ocasiones , algunos hilos se quedan en la etapa de servicio por demasiado tiempo (de hecho nunca salen de esta etapa), esto causa que el tomcat use un alto porcenta de la CPU (el 100 % de 2 o 3 núcluos incluso hasta los 8 a veces), y en consecuencia mi aplicación web trabaja demasiado lento. Tengo el Tomcat 7.0.14 en Redhat RHLE 5.5 La solución temporal que tengo es reiniciar el servicio, sin embargo esta no es una solución práctica (pues debe ser un servidor 24/7). Es posible configurar algún timeout para hilos en la etapa de servicio, o alguna solución alternativa para este problema? Muchas Gracias. Adjunto una imagen del reporte del estado por el tomcat Manager, y el uso de la CPU - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with threads in stage Service (Tomcat 7.0.14)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:303) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:431) Locked ownable synchronizers: - None "VM Thread" prio=10 tid=0x40e3c800 nid=0x1ee5 runnable "GC task thread#0 (ParallelGC)" prio=10 tid=0x40dea000 nid=0x1edd runnable "GC task thread#1 (ParallelGC)" prio=10 tid=0x40deb800 nid=0x1ede runnable "GC task thread#2 (ParallelGC)" prio=10 tid=0x40ded800 nid=0x1edf runnable "GC task thread#3 (ParallelGC)" prio=10 tid=0x40def800 nid=0x1ee0 runnable "GC task thread#4 (ParallelGC)" prio=10 tid=0x40df1000 nid=0x1ee1 runnable "GC task thread#5 (ParallelGC)" prio=10 tid=0x40df3000 nid=0x1ee2 runnable "GC task thread#6 (ParallelGC)" prio=10 tid=0x40df5000 nid=0x1ee3 runnable "GC task thread#7 (ParallelGC)" prio=10 tid=0x40df6800 nid=0x1ee4 runnable "VM Periodic Task Thread" prio=10 tid=0x2aaab2495800 nid=0x1eec waiting on condition JNI global references: 1425 - Mensaje original - De: "Pid" Para: "Tomcat Users List" Enviados: Jueves, 28 de Julio 2011 10:44:37 Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14) On 28/07/2011 16:09, Alejandro Henao González wrote: > Good day. > > I have the following problem with my tomcat. > > Sometimes, some threads are keep in service stage for a long time > (really never exit from this stage), this causes that tomcat uses a > hight percentage of the CPU (100 % of 2 or 3 cores) thus the webapp > executes very slow. Take a thread dump when this is occurring. http://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics p > I have a Tomcat 7.0.14 in a Redhat RHLE 5.5. > > The partial solution is restart the service, but this is not a practical > solution(because is a 24/7 server). is posible config a timeout for > threads in service stage, or any solution?? > > Thanks. Sorry for the redaction. Attached an image with the tomcat > manager status and the CPU consuming. > > > > > Cordial saludo. > > Tengo el siguiente problema con mi tomcat. > En algunas ocasiones, algunos hilos se quedan en la etapa de servicio > por demasiado tiempo (de hecho nunca salen de esta etapa), esto causa > que el tomcat use un alto porcenta de la CPU (el 100 % de 2 o 3 núcluos > incluso hasta los 8 a veces), y en consecuencia mi aplicación web > trabaja demasiado lento. > > Tengo el Tomcat 7.0.14 en Redhat RHLE 5.5 > > La solución temporal que tengo es reiniciar el servicio, sin embargo > esta no es una solución práctica (pues debe ser un servidor 24/7). Es > posible configurar algún timeout para hilos en la etapa de servicio, o > alguna solución alternativa para este problema? > > Muchas Gracias. Adjunto una imagen del reporte del estado por el tomcat > Manager, y el uso de la CPU > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with threads in stage Service (Tomcat 7.0.14)
I dont believe that have GC running all the time, but the GC is called in the above line to HTMLEncoder.encode. as follows. System.gc(); resultado = htmlEncoder.encode(resultado); response.reset(); may be this the problem? why? Thanks. - Mensaje original - De: "Filip Hanik - Dev Lists" Para: "Tomcat Users List" Enviados: Jueves, 28 de Julio 2011 12:35:56 Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14) most likely you have GC running all the time ""http-bio-80"-exec-107" daemon prio=10 tid=0x2aaab31ea000 nid=0x47b2 runnable [0x436ab000] java.lang.Thread.State: RUNNABLE at java.util.HashMap.get(HashMap.java:303) at sae.HTMLEncoder.encode(HTMLEncoder.java:46) this should not be a stage where you're stuck, unless you have a loop problem. On 7/28/2011 9:09 AM, Alejandro Henao González wrote: > Good day. > > I have the following problem with my tomcat. > > Sometimes, some threads are keep in service stage for a long time (really > never exit from this stage), this causes that tomcat uses a > hight percentage of the CPU (100 % of 2 or 3 cores) thus the webapp executes > very slow. > > I have a Tomcat 7.0.14 in a Redhat RHLE 5.5. > > The partial solution is restart the service, but this is not a practical > solution(because is a 24/7 server). is posible config a timeout > for threads in service stage, or any solution?? > > Thanks. Sorry for the redaction. Attached an image with the tomcat manager > status and the CPU consuming. > > > > > Cordial saludo. > > Tengo el siguiente problema con mi tomcat. > En algunas ocasiones, algunos hilos se quedan en la etapa de servicio por > demasiado tiempo (de hecho nunca salen de esta etapa), esto > causa que el tomcat use un alto porcenta de la CPU (el 100 % de 2 o 3 núcluos > incluso hasta los 8 a veces), y en consecuencia mi > aplicación web trabaja demasiado lento. > > Tengo el Tomcat 7.0.14 en Redhat RHLE 5.5 > > La solución temporal que tengo es reiniciar el servicio, sin embargo esta no > es una solución práctica (pues debe ser un servidor 24/7). Es > posible configurar algún timeout para hilos en la etapa de servicio, o alguna > solución alternativa para este problema? > > Muchas Gracias. Adjunto una imagen del reporte del estado por el tomcat > Manager, y el uso de la CPU > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with threads in stage Service (Tomcat 7.0.14)
Ok. i will trie with this option. - Mensaje original - De: "Filip Hanik - Dev Lists" Para: "Tomcat Users List" Enviados: Jueves, 28 de Julio 2011 14:20:26 Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14) that's an academic exercise for you, in the meantime, add in this option to your startup options -XX:-DisableExplicitGC Filip On 7/28/2011 1:07 PM, Alejandro Henao González wrote: > I dont believe that have GC running all the time, but the GC is called in the > above line to HTMLEncoder.encode. as follows. > > > > System.gc(); > > > resultado = htmlEncoder.encode(resultado); > response.reset(); > > > may be this the problem? why? > > > Thanks. > > - Mensaje original - > > De: "Filip Hanik - Dev Lists" > Para: "Tomcat Users List" > Enviados: Jueves, 28 de Julio 2011 12:35:56 > Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14) > > most likely you have GC running all the time > > ""http-bio-80"-exec-107" daemon prio=10 tid=0x2aaab31ea000 nid=0x47b2 > runnable [0x436ab000] > java.lang.Thread.State: RUNNABLE > at java.util.HashMap.get(HashMap.java:303) > at sae.HTMLEncoder.encode(HTMLEncoder.java:46) > > this should not be a stage where you're stuck, unless you have a loop problem. > > > > > > On 7/28/2011 9:09 AM, Alejandro Henao González wrote: >> Good day. >> >> I have the following problem with my tomcat. >> >> Sometimes, some threads are keep in service stage for a long time (really >> never exit from this stage), this causes that tomcat uses a >> hight percentage of the CPU (100 % of 2 or 3 cores) thus the webapp executes >> very slow. >> >> I have a Tomcat 7.0.14 in a Redhat RHLE 5.5. >> >> The partial solution is restart the service, but this is not a practical >> solution(because is a 24/7 server). is posible config a timeout >> for threads in service stage, or any solution?? >> >> Thanks. Sorry for the redaction. Attached an image with the tomcat manager >> status and the CPU consuming. >> >> >> >> >> Cordial saludo. >> >> Tengo el siguiente problema con mi tomcat. >> En algunas ocasiones, algunos hilos se quedan en la etapa de servicio por >> demasiado tiempo (de hecho nunca salen de esta etapa), esto >> causa que el tomcat use un alto porcenta de la CPU (el 100 % de 2 o 3 >> núcluos incluso hasta los 8 a veces), y en consecuencia mi >> aplicación web trabaja demasiado lento. >> >> Tengo el Tomcat 7.0.14 en Redhat RHLE 5.5 >> >> La solución temporal que tengo es reiniciar el servicio, sin embargo esta no >> es una solución práctica (pues debe ser un servidor 24/7). Es >> posible configurar algún timeout para hilos en la etapa de servicio, o >> alguna solución alternativa para este problema? >> >> Muchas Gracias. Adjunto una imagen del reporte del estado por el tomcat >> Manager, y el uso de la CPU >> >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with threads in stage Service (Tomcat 7.0.14)
ummm...
The option -XX:-DisableExplicitGC not solves the problem, may be with the
+DisableExplicitGC, i will try it.
The method HTMLEncoder.encode is static and uses a HashMap static. this is the
class.
public class HTMLEncoder {
private static Map mapChar2HTMLEntity;
private final static char [] characters = {
'á','ú','ó','é','í','ñ','Á','Ú','Ó','É','Í','°','ü'
};
private final static String[] entities = {
"á","ú","ó","é","í","ñ","Á","Ú","Ó","É","Í","°","ü"
};
public HTMLEncoder() {
mapChar2HTMLEntity= new HashMap();
int longueur = characters.length;
for (int i = 0; i < longueur; i++)
mapChar2HTMLEntity.put(new Character(characters[i]), entities[i]);
}
public String encode(String s) {
int longueur = s.length();
final StringBuffer sb = new StringBuffer(longueur * 2);
char ch;
for (int i =0; i < longueur ; ++i) {
ch = s.charAt(i);
if ((ch >= 63 && ch <= 90) || (ch >= 97 && ch <= 122))
sb.append(ch);
else {
String ss = (String)mapChar2HTMLEntity.get(new Character(ch));
if(ss==null)
sb.append(ch);
else
sb.append(ss);
}
}
return sb.toString();
}
public StringBuffer encode(StringBuffer s) {
int longueur = s.length();
final StringBuffer sb = new StringBuffer(longueur * 2);
char ch;
for (int i =0; i < longueur ; ++i) {
ch = s.charAt(i);
if ((ch >= 63 && ch <= 90) || (ch >= 97 && ch <= 122))
sb.append(ch);
else {
String ss = (String)mapChar2HTMLEntity.get(new Character(ch));
if(ss==null)
sb.append(ch);
else
sb.append(ss);
}
}
return sb;
}
}
- Mensaje original -
De: "Rainer Jung"
Para: users@tomcat.apache.org
Enviados: Viernes, 29 de Julio 2011 5:05:37
Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14)
On 28.07.2011 21:20, Filip Hanik - Dev Lists wrote:
> that's an academic exercise for you, in the meantime, add in this option
> to your startup options
> -XX:-DisableExplicitGC
I think Filip wanted to suggest -XX:+DisableExplicitGC
The plus or minus after the colon decides whether the switch is set or
unset. So in this case we want to set a disable switch (which will only
be a workaround).
Regards,
Rainer
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with threads in stage Service (Tomcat 7.0.14)
I'm not sure that the problem is this. And, many JSPs have this line. may be origin of problem is the hashmap static, because the method HTMLEncoder.encode not is static and the construct of HTMLEncoder initialize the object. - Mensaje original - De: "André Warnier" Para: "Tomcat Users List" Enviados: Viernes, 29 de Julio 2011 12:36:21 Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14) Alejandro Henao González wrote: > ummm... > The option -XX:-DisableExplicitGC not solves the problem, may be with the > +DisableExplicitGC, i will try it. > ummm.. A mystery for me is : since you have the source, why do you not just comment out the system.gc(); line, and see what your Tomcat is then doing ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Problem with threads in stage Service (Tomcat 7.0.14)
Thanks to all. The problem was the static hashmap. I removed the static keyword
to the variable and problem solved.
- Mensaje original -
De: "Christopher Schultz"
Para: "Tomcat Users List"
Enviados: Lunes, 1 de Agosto 2011 20:11:27
Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alejandro,
On 7/29/2011 11:55 AM, Alejandro Henao González wrote:
> public class HTMLEncoder { private static Map mapChar2HTMLEntity;
>
> private final static char [] characters = {
> 'á','ú','ó','é','í','ñ','Á','Ú','Ó','É','Í','°','ü' }; private final
> static String[] entities = {
> "á","ú","ó","é","í","ñ","Á","Ú","Ó","É","Í","°","ü"
> };
>
> public HTMLEncoder() { mapChar2HTMLEntity= new HashMap(); int
> longueur = characters.length;
>
> for (int i = 0; i < longueur; i++) mapChar2HTMLEntity.put(new
> Character(characters[i]), entities[i]); }
So you have Character -> String (entity reference). Your Map is not
synchronized, but it doesn't have to be: you are only calling get() on
it so there shouldn't be any synchronization issues here.
> public String encode(String s) { int longueur = s.length(); final
> StringBuffer sb = new StringBuffer(longueur * 2);
Big buffer every time?
> char ch;
>
> for (int i =0; i < longueur ; ++i) { ch = s.charAt(i);
>
> if ((ch >= 63 && ch <= 90) || (ch >= 97 && ch <= 122)) sb.append(ch);
> else { String ss = (String)mapChar2HTMLEntity.get(new
> Character(ch));
New Character object every time? Mmm. You might want to choose a more
optimized storage system so you don't have to create a new object every
time.
> if(ss==null) sb.append(ch); else sb.append(ss); } } return
> sb.toString(); }
Aside from any other strange issues you are having, you might be wasting
a lot of time (and invoking a lot of GC) by creating a large
StringBuffer for every invocation. You might want some more complicated
logic to determine if you even need to create such a buffer.
Honestly, I don't see much wrong with this class. I don't see any use of
System.gc and I don't see any connection reset. Was there a post that I
missed?
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk43Tr4ACgkQ9CaO5/Lv0PBk4QCglB4MNYVbEvwsqZFwiOYupAUv
J84AnRAnw2o6PwTRiaNnNFc9iyNq0pUS
=UWQu
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
web.xml
Good afternoon, I have a website on a client, and they ran a vulnerability test, and it throws a vulnerability that any user can see web.xml from a web browser, how can I hide to see web.xml or any other file from the browser? Thanks. -- Alejandro Vargas Mayorga /*Gerente Desarrollo C.A. & C.*/ *Tel. 506- 7232-3366* *Email:**alejandro.var...@kymsolutions.com* <mailto:%20alejandro.var...@kymsolutions.com>* **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra aula virtual! *
Session delete
Is there anyway to delete a session in Tomcat when the user not logout correctly from the application, normally they not logged out correctly, they just click on the "X" (they said), they click the close button of Internet Explorer. I tried with $(window).unload using JS, but it works on every refresh, not when close button on the browser is clicked. -- Alejandro Vargas Mayorga /*Gerente Desarrollo C.A. & C.*/ *Tel. 506- 7232-3366* *Email:**alejandro.var...@kymsolutions.com* <mailto:%20alejandro.var...@kymsolutions.com>* **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra aula virtual! *
Re: tomcat ssl setup
Do you see what's on the log files, they can tell you what's the problem in. Maybe you can share those files too. I also saw on line 117 this "|||-->|" Looks like there's left over. On 09/19/2017 09:31 AM, John Ellis wrote: I have been trying to setup SSL for tomcat 9.00.M26 on a RHEL (version 6.4) server for testing purposes. I downloaded & installed Tomcat9 fine and I get a proper webpage on port 8080 but when I used the keytool commands and created a certificate from cacert.org and then edited the server.xml file to setup the ssl configuration to run on port 8443 I cannot get a webpage on that port; it defaults back to port 8080. If I am not providing all the needed info or asking a wrong question please forgive me. I am not a programmer. My background is in computer hardware. I have just been forced to learn this to support two products that we use here in our office; Jira and Confluence. I have actually been working on setting them up for an SSL connection on a different server. I got Confluence working on a secure port but not Jira so my boss suggested troubleshooting the issue by trying to first get SSL setup for Tomcat on this other server. I am providing a copy of the Tomcat9 server.sml file here on a DropBox link- https://www.dropbox.com/s/k3l07w9p4n81fas/server.xml?dl=0 Thanks in advance! John Ellis 405.285.2500 office United States bize-logo-rgb-original_Ryan_Revised_portal sizecid:image002.jpg@01CECFDA.65B42CD0 http://biz-e.io -- Alejandro Vargas Mayorga /*Gerente Desarrollo C.A. & C.*/ *Tel. 506- 7232-3366* *Email:**alejandro.var...@kymsolutions.com* <mailto:%20alejandro.var...@kymsolutions.com>* **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra aula virtual! *
security headers
Hello, I recently used on web.xml httpHeaderSecurity org.apache.catalina.filters.HttpHeaderSecurityFilter true httpHeaderSecurity /* to enable some security headers, but it won't enable Content Security Policy header. Is there anyway to enable Content Security Policy at top server level??? Thanks in advance. --
Re: security headers
You can help with an example of this url-rewrite to add this header, Please, Thanks in advance. On 11/01/2017 02:03 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alejandro, On 11/1/17 3:37 PM, Alejandro Vargas M. wrote: Hello, I recently used on web.xml httpHeaderSecurity org.apache.catalina.filters.HttpHeaderSecurityFilter lter-class> true httpHeaderSecurity /* to enable some security headers, but it won't enable Content Security Policy header. Is there anyway to enable Content Security Policy at top server level??? What were you expecting that Filter to generate for you? A header which disables everything? Not terribly useful. My recommendation would be to use something like url-rewrite[1] to add headers to every outgoing response. url-rewrite has very similar capabilities to httpd's mod_headers (and much more, of course). - -chris [1] http://tuckey.org/urlrewrite/ -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAln6KJkACgkQHPApP6U8 pFjuWRAAilRKahVEge71VBJrhragUyZuKR/uqEwfwpYj9Zq5DzI3I0JT6jwD8kwE //iuxBgDroVH/Xedn9oiMen9u1wSpf4p4fCQY0xcP99l6QnlgReimEM7Aoi24hTc WFgYlA2DVsKvmU0qjaI8HQoBrN+n8A+4Qhxu4fj5knNT1Sk1KppYDl/l6bkaI3Lc oPAvbYJbR2OV9SwCBoKFNjEPZwK9kTZhAr74gbErS/OZHcQAynZjHPcYl4+2K6Uj 98T3VKu6NIif5g3ry6TA9YYe5Dn3DyqBkY6wlAI91gRn7KjESDcJPcCiYglYDHqP 37ZdcP6LPmySFlBaug5E9811lyKIHnkpv/0OTaFM3AH0sulazBvLu38Ea5yeZQFC CofoYTMAY8KAlfwzKn+3RhTTQA8lmKHF/dVxQBRqP3vbN/+KU1KzqZmn2Q6KoYH+ Lf+gMJjeLE/0/8X9CnTaFPkmg7VbYgGmhGzgFkD85YTswT962L8M5evG1xdHaNiM ZZDEeYLWC/Cjdqvht3zQ0gvmI35pI1q2K/fnYb+mrV0eIi/rcosz99GQVpTTqS58 wCtIAKLChLuxuWoGp0+1+sI0ugwn9RmsIft34QBM1Us/FxGYc0Ou5VpBHE0JeYG8 G8RjZ+9eonM5ScwPrAZKZ7pd6qfCHY24/OvK6vT4HbRdqJbvWT8= =j1H+ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Alejandro Vargas Mayorga /*Gerente Desarrollo C.A. & C.*/ *Tel. 506- 7232-3366* *Email:**alejandro.var...@kymsolutions.com* <mailto:%20alejandro.var...@kymsolutions.com>* **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra aula virtual! *
Tomcat-embed and Tomcat Vulnerabilities
Hi Users, My question is about whether a vulnerability applies to my particular application. My application is using tomcat-embed. Being tomcat-embed derived from Tomcat server, could tomcat-embed has the vulnerabilities that Tomcat server has? In affirmative case, is disclosure of vulnerability going to mention tomcat-embed or Tomcat Server only when applicable? Thank you David A Christensen HCL Software -- ::DISCLAIMER:: The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects.
