When we restarted tomcat, we are getting the below error while connecting to MySql database

[rk]

Hi,


When we restarted tomcat, we are getting the below error while
connecting to MySql database:


-

Catalina.start: LifecycleException: Exception opening database
connection: java.sql.SQLException: Access denied for user
'root'@'localhost.localdomain' (using password: YES)

LifecycleException: Exception opening database connection:
java.sql.SQLException: Accessdenied for user
'root'@'localhost.localdomain' (using password: YES)

-


Any work-around for the problem ?


Thanks in advance.


RK

Tomcat URL Redirecting

[RK]

Hi,
 
I have my web application running on Tomcat 4.1.31 and SQL Server.
and I have a security certificate issued for my website for
http://www.mydomain.com . So if some one types in https://mydomain.com an
certificate mismatch error is being displayed.
And I know the reason since the names on the certificate don't match.
So my question here is there anyway in Tomcat I can redirect all the
requests coming through https://mydomain.com be forwarded automatically to
https://www.mydomain.com.

Hope I'm clear, can someone please suggest me an idea to resolve this
issue.
 
Thanks
RK

Applying Multiple Certificates To Keystore

[RK]

Hi,
 
 I have a security certificate issued for my website for
 https://www.mydomain.com . So if some one types
in   https://mydomain.com an certificate mismatch
error is being displayed.
 So to avoid this problem I purchased a new certificate on the name of
 http://mydomain.com  and applied to the same keystore
file but with a different alias name.
 But it doesn't' seem to work, is this a possible way of doing it or
this way it doesn't work.
 
 Can anyone suggest me an idea of how to get rid of this problem.
 
Thanks
Rajeev

Tomcat 7.0.100 upgrade issues

[RK Ashburn]

Hi Tomcat 7 team,
We have been using tomcat 7.0.99 and now we upgraded to 7.0.100 and our web
applications stopped working.

Here are changes that we noted from release notes and took action:

1. Updated AJP connector setting and  added secretRequired="false"

However below are still issues, could not find any setting that needed to
be added:

2.  However our application @Controller @RequestMapping are stopped
working.
(we did not use web.xml instead used WebApplicationInitializer and
WebMvcConfigurerAdapter)

3. Also noticed getRemoteUser() returns null


Appreciate your response.
Thank you
Ramesh Kasavaraju

Re: Tomcat 7.0.100 upgrade issues

[RK Ashburn]

Thank  you Martin.
1,2 and 3  (All) are working.


Ramesh

On Tue, Mar 17, 2020 at 6:01 PM Martin Grigorov 
wrote:

> Hi,
>
> On Tue, Mar 17, 2020 at 6:34 PM RK Ashburn 
> wrote:
>
> > Hi Tomcat 7 team,
> > We have been using tomcat 7.0.99 and now we upgraded to 7.0.100 and our
> web
> > applications stopped working.
> >
> > Here are changes that we noted from release notes and took action:
> >
> > 1. Updated AJP connector setting and  added secretRequired="false"
> >
> > However below are still issues, could not find any setting that needed to
> > be added:
> >
> > 2.  However our application @Controller @RequestMapping are stopped
> > working.
> > (we did not use web.xml instead used WebApplicationInitializer and
> > WebMvcConfigurerAdapter)
> >
> > 3. Also noticed getRemoteUser() returns null
> >
> >
> > Appreciate your response.
> >
>
> 7.0.103 is being voted at the moment.
> You can get it from
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.103/bin/ and
> test it.
> 2) has been fixed.
> If 1) and 3) still do not work then please provide more details.
>
> Martin
>
>
> > Thank you
> > Ramesh Kasavaraju
> >
>

Re: Tomcat 7.0.100 upgrade issues

[RK Ashburn]

Please let me know the release date for 7.0.103
Thank you

On Tue, Mar 17, 2020 at 6:01 PM Martin Grigorov 
wrote:

> Hi,
>
> On Tue, Mar 17, 2020 at 6:34 PM RK Ashburn 
> wrote:
>
> > Hi Tomcat 7 team,
> > We have been using tomcat 7.0.99 and now we upgraded to 7.0.100 and our
> web
> > applications stopped working.
> >
> > Here are changes that we noted from release notes and took action:
> >
> > 1. Updated AJP connector setting and  added secretRequired="false"
> >
> > However below are still issues, could not find any setting that needed to
> > be added:
> >
> > 2.  However our application @Controller @RequestMapping are stopped
> > working.
> > (we did not use web.xml instead used WebApplicationInitializer and
> > WebMvcConfigurerAdapter)
> >
> > 3. Also noticed getRemoteUser() returns null
> >
> >
> > Appreciate your response.
> >
>
> 7.0.103 is being voted at the moment.
> You can get it from
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-7/v7.0.103/bin/ and
> test it.
> 2) has been fixed.
> If 1) and 3) still do not work then please provide more details.
>
> Martin
>
>
> > Thank you
> > Ramesh Kasavaraju
> >
>

Re: AW: AW: AJP Connector issue

[RK Ashburn]

I have tested r successful AJP connector with apache proxy on (tomcat 7)

1. For AJP connector adding  secretRequired="false" and address="0.0.0.0"
resolved my connectivity issue. I suspect the issue you are having (with
403)  is more like a permissions issue on the site the request is trying to
reach, than a AJP connector configuration issue.


On Fri, Mar 20, 2020 at 8:50 AM Fritze, Florian <
florian.fri...@irb.fraunhofer.de> wrote:

> Just to make it clear what from my opinion the problem is:
>
> SCHWERWIEGEND [main]
> org.apache.catalina.core.StandardService.startInternal Failed to start
> connector [Connector[AJP/1.3-8011]]
> org.apache.catalina.LifecycleException: Der Start des
> Protokoll-Handlers ist fehlgeschlagen
> at
> org.apache.catalina.connector.Connector.startInternal(Connector.java:1057)
> at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
> at
> org.apache.catalina.core.StandardService.startInternal(StandardService.java:440)
> at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
> at
> org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:766)
> at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
> at
> org.apache.catalina.startup.Catalina.start(Catalina.java:688)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:343)
> at
> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:474)
> Caused by: java.lang.IllegalArgumentException: The AJP Connector
> is configured with secretRequired="true" but the secret attribute is either
> null or "". This combination is not valid.
> at
> org.apache.coyote.ajp.AbstractAjpProtocol.start(AbstractAjpProtocol.java:274)
> at
> org.apache.catalina.connector.Connector.startInternal(Connector.java:1055)
> ... 12 more
>
> This new "secretRequired" attribute prevents the Tomcat from starting
> flawlessly. It was first introduced with the Ghostcat release.
> So this is a wish from me to the Tomcat developers: Please set this new
> attribute not mandatory but optional. So that I can run the newest Tomcat
> without this attribute which I do now with the pre-Ghostcat releases.
>
> Have a nice weekend
> Florian Fritze
>
> --
> Florian Fritze M.A.
> Fraunhofer-Informationszentrum Raum und Bau IRB
> Competence Center Research Services & Open Science
> Nobelstr. 12, 70569 Stuttgart, Germany
> Telefon +49 711 970-2713
> florian.fri...@irb.fraunhofer.de | www.irb.fraunhofer.de
>
>
> -Ursprüngliche Nachricht-
> Von: André Warnier (tomcat/perl) 
> Gesendet: Freitag, 20. März 2020 13:34
> An: users@tomcat.apache.org
> Betreff: Re: AW: AW: AJP Connector issue
>
> Ok, so it looks like :
> - the request is effectively reaching tomcat, and that it is tomcat
> sending back the 403 response.
> - the URL is "/", so presumably it is "well-formed" etc.
>
> Furthermore, according to something you wrote below, both Apache httpd and
> tomcat are running on the same Linux host.
>
> This reminds me vaguely of some issue previously (and recently) discussed
> on the list, with some request attributes which tomcat did not like..
> But I do not remember ptecisely what the issue was, and it also seems to
> me that this concerned an IIS front-end, not Apache httpd.
>
> Perhaps someone else on the list has a better idea.
>
>
> Incidentally, it also seems that you are, in httpd, proxying *all*
> requests to tomcat.
> Which raises the question of why you have a httpd front-end in the first
> place.
> (But that's a later discussion maybe, let's first see why "/" doesn't work)
>
>
> On 20.03.2020 11:07, Fritze, Florian wrote:
> > Here is the additional information:
> >
> > The error page looks like Tomcat:
> >
> > HTTP Status 403 – Forbidden
> >
> >_
> >
> > Type Status Report
> >
> > Beschreibung Der Server hat die Anfrage verstanden, verbietet aber eine
> Autorisierung.
> >
> >_
> >
> > Apache Tomcat/8.5.53
> >
> > The Apache HTTPD log file says:
> >
> > - "" [20/Mar/2020:10:56:24 +0100] "GET / HTTP/1.1" 403 1042 "-"
> "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
> Gecko) Chrome/80.0.3987.149 Safari/537.36 Edg/80.0.361.69"
> >
> > - "" [20/Mar/2020:10:56:24 +0100] "GET /favicon.ico HTTP/1.1" 403 885 "
> https://dev-fordatis.fraunhofer.de/"; "Mozilla/5.0 (Windows NT 10.0;
> Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149
> Safari/537.36 Edg/80.0.361.69"
> >

Re: AW: AW: AJP Connector issue

[RK Ashburn]

thanks Chirs. fixed it to an real ip,





On Fri, Mar 20, 2020 at 12:40 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> RK,
>
> On 3/20/20 09:57, RK Ashburn wrote:
> > I have tested r successful AJP connector with apache proxy on
> > (tomcat 7)
> >
> > 1. For AJP connector adding  secretRequired="false" and
> address="0.0.0.0"
> > resolved my connectivity issue. I suspect the issue you are having
> > (with 403)  is more like a permissions issue on the site the
> > request is
> trying to
> > reach, than a AJP connector configuration issue.
>
> binding to "all interfaces" may work, but it's not terribly secure.
> Are you really expecting an AJP connection from anywhere in the world?
>
> - -chris
>
> > On Fri, Mar 20, 2020 at 8:50 AM Fritze, Florian <
> > florian.fri...@irb.fraunhofer.de> wrote:
> >
> >> Just to make it clear what from my opinion the problem is:
> >>
> >> SCHWERWIEGEND [main]
> >> org.apache.catalina.core.StandardService.startInternal Failed to
> >> start connector [Connector[AJP/1.3-8011]]
> >> org.apache.catalina.LifecycleException: Der Start des
> >> Protokoll-Handlers ist fehlgeschlagen at
> >>
> org.apache.catalina.connector.Connector.startInternal(Connector.java:105
> 7)
> >> at
> >> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
> >>
> >>
> at
> >>
> org.apache.catalina.core.StandardService.startInternal(StandardService.j
> ava:440)
> >> at
> >> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
> >>
> >>
> at
> >>
> org.apache.catalina.core.StandardServer.startInternal(StandardServer.jav
> a:766)
> >> at
> >> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
> >>
> >>
> at
> >> org.apache.catalina.startup.Catalina.start(Catalina.java:688) at
> >> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
> >>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
> a:62)
> >> at
> >>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
> Impl.java:43)
> >> at java.lang.reflect.Method.invoke(Method.java:498) at
> >> org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:343)
> >> at
> >> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:474)
> >> Caused by: java.lang.IllegalArgumentException: The AJP
> Connector
> >> is configured with secretRequired="true" but the secret
> >> attribute
> is either
> >> null or "". This combination is not valid. at
> >>
> org.apache.coyote.ajp.AbstractAjpProtocol.start(AbstractAjpProtocol.java
> :274)
> >> at
> >>
> org.apache.catalina.connector.Connector.startInternal(Connector.java:105
> 5)
> >> ... 12 more
> >>
> >> This new "secretRequired" attribute prevents the Tomcat from
> >> starting flawlessly. It was first introduced with the Ghostcat
> >> release. So this is a wish from me to the Tomcat developers:
> >> Please set this new attribute not mandatory but optional. So that
> >> I can run the newest
> Tomcat
> >> without this attribute which I do now with the pre-Ghostcat
> >> releases.
> >>
> >> Have a nice weekend Florian Fritze
> >>
> >> -- Florian Fritze M.A. Fraunhofer-Informationszentrum Raum und
> >> Bau IRB Competence Center Research Services & Open Science
> >> Nobelstr. 12, 70569 Stuttgart, Germany Telefon +49 711 970-2713
> >> florian.fri...@irb.fraunhofer.de | www.irb.fraunhofer.de
> >>
> >>
> >> -Ursprüngliche Nachricht- Von: André Warnier
> >> (tomcat/perl)  Gesendet: Freitag, 20. März 2020
> >> 13:34 An: users@tomcat.apache.org Betreff: Re: AW: AW: AJP
> >> Connector issue
> >>
> >> Ok, so it looks like : - the request is effectively reaching
> >> tomcat, and that it is tomcat sending back the 403 response. -
> >> the URL is "/", so presumably it is "well-formed" etc.
> >>
> >> Furthermore, according to something you wrote below, both Apache
> httpd and
> >> tomcat are running on the same Linux host.
> >>
> >> This reminds me vaguely of some issue previously (and recently)
> discussed
> >> on the list, with some request attributes which tomcat d