Marcel Stör wrote:
[...]
3. Why does it seem to be relevant that the request where
auto-forwarding-to-login-after-session-timeout fails is an AJAX request?
That was my last thought last night before I fell asleep...and my first this
morning when I woke up. And then the scales fell from my eyes
I'm glad you got it solved Sam.
It was an exciting topic to follow.
I haven't been reading the mailinglist for a long time, but there might
be a good chance you got the longest thread in the mailinglist
history :)
Cheers.
Pieter
On Thu, 2009-02-26 at 10:31 -0600, Sam Hokin wrote:
> Caldarale, Ch
Plan C: go for the gusto and use Spring Security (aka Acegi). Learning Spring
and Spring Security should keep you busy for the next year or so. Definitely
looks good on the resume though.
Charl Gerber wrote:
Hi everyone,
Does Tomcat provide default support in some way to implement a 'remem
> From: Mark Thomas [mailto:ma...@apache.org]
> Subject: Re: Request not forwarded to login page with
> security-constraint after session time-out
> > What the spec is not explicit about is the combination
> > of "*" with an empty or non-existant list.
> I think it is quite clear. It means no-on
On 26.02.2009 22:35, Daryl Stultz wrote:
It appears my last post didn't make it through some virus scanner (Antigen
for Exchange found Body of Message infected with Exceeded Realtime Timeout
virus.) Apologies if it made it to the list.
On Tue, Feb 24, 2009 at 7:40 PM, Rainer Jungwrote:
smax
Marcel Stör wrote:
> Not sure I can follow you guys on this...A few questions, my assumption
> is that the role-issue has nothing to do with the real problem:
Correct. Chuck and I are off on our own little tangent.
> 1. Is the "*"-role issues even relevant in my context? After all, the
> security
Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Subject: Re: Request not forwarded to login page with
>> security-constraintafter session time-out
>>
>> If "*" is all roles defined and you have no roles
>> defined then you are basically preventing anyone
>> from access
On 26.02.2009, at 23:44, Mark Thomas wrote:
Caldarale, Charles R wrote:
From: Mark Thomas [mailto:ma...@apache.org]
Subject: Re: Request not forwarded to login page with
security-constraint after session time-out
The spec is clearer than that. The "*" role == all roles
defined in web.xml.
Y
> From: Mark Thomas [mailto:ma...@apache.org]
> Subject: Re: Request not forwarded to login page with
> security-constraintafter session time-out
>
> If "*" is all roles defined and you have no roles
> defined then you are basically preventing anyone
> from accessing that resource
That's not quite
Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Subject: Re: Request not forwarded to login page with
>> security-constraint after session time-out
>>
>> The spec is clearer than that. The "*" role == all roles
>> defined in web.xml.
>
> Yes, but what it's not clear a
> From: Mark Thomas [mailto:ma...@apache.org]
> Subject: Re: Request not forwarded to login page with
> security-constraint after session time-out
>
> The spec is clearer than that. The "*" role == all roles
> defined in web.xml.
Yes, but what it's not clear about is what happens when there are *n
If the app maintains sessions, then the logon page can read the
cookie, install some sort of User bean as a session attribute,
and then all other pages need only check for the presence of a non-
null value under that attribute. This even works for a
logon-optional/remember-me (low security) set
>
> Does Tomcat provide default support in some way to implement a 'remember
> me' feature for form based authentication? This should not be dependent on a
> user's browser remembering the username/password, but by a checkbox you can
> check/clear on the logon jsp.
>
if you google for 'jsp cookie'
Doesn't seem too hard to do cookies, googling it finds pages like
http://www.roseindia.net/jsp/jspcookies.shtml which can probably help you out.
-Tony
---
Manager, IT Operations
Format Dynamics, Inc.
303-573-1800x27
abia...@formatdynamics.com
http://www.formatdynamics.com
Caldarale, Charles R wrote:
Do you have a CLASSPATH environment variable set for the
Tomcat process? (You shouldn't.)
Or is there a plain / in the -cp argument in the Tomcat startup script? Or has
conf/catalina.properties been modified to include the file system root?
Any of those are a rea
Hi everyone,
Does Tomcat provide default support in some way to implement a 'remember me'
feature for form based authentication? This should not be dependent on a user's
browser remembering the username/password, but by a checkbox you can
check/clear on the logon jsp.
If so, where do I find i
Caldarale, Charles R wrote:
>> From: Marcel Stör [mailto:mar...@frightanic.com]
>> Subject: Re: Request not forwarded to login page with
>> security-constraint after session time-out
>>
>> No, I only mentioned this because Tomcat throws an SQL exception
>> because it tries to query a table called "
It appears my last post didn't make it through some virus scanner (Antigen
for Exchange found Body of Message infected with Exceeded Realtime Timeout
virus.) Apologies if it made it to the list.
On Tue, Feb 24, 2009 at 7:40 PM, Rainer Jung wrote:
>
> smaxEither 0 or 1. I would say 0 in order
On Tue, Feb 24, 2009 at 7:40 PM, Rainer Jung wrote:
>
> smaxEither 0 or 1. I would say 0 in order to get rid of idle
> connections.
>
This is ignored for 2.2.2 (see
https://issues.apache.org/bugzilla/show_bug.cgi?id=43371).
>
> connectiontimeout E.g. 5 or 10
This produces an error: ProxyPa
> From: Marcel Stör [mailto:mar...@frightanic.com]
> Subject: Re: Request not forwarded to login page with
> security-constraint after session time-out
>
> No, I only mentioned this because Tomcat throws an SQL exception
> because it tries to query a table called "" if I don't specify a role
> tabl
On 26.02.2009, at 20:13, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marcel,
On 2/26/2009 10:21 AM, Marcel Stör wrote:
If I request a protected URL (manually clicking
link, AJAX request, etc.) *after* the session has timed out I
expect an
automatic forwarding t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marcel,
On 2/26/2009 10:21 AM, Marcel Stör wrote:
> If I request a protected URL (manually clicking
> link, AJAX request, etc.) *after* the session has timed out I expect an
> automatic forwarding to the login page. As I could see while debugging,
> t
in $TOMCAT_HOME/conf/server.xml
set your Non-ssl HTTP connector port to 80 e.g.
Martin
might as well put 'wie' in the subject header
__
Disclaimer and confidentiality note
Everything in this e-mail and any attachments relates to the official busin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregor,
On 2/26/2009 9:59 AM, Gregor Schneider wrote:
> This looks a bit awkward to me (didn't know that this is possible),
> but I guess that's not the reason for your problem:
>
>*
This is fine. From the servlet spec SRV.13.3:
"
The auth-cons
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ali,
On 2/26/2009 8:06 AM, Ali Kassem wrote:
> Do you know the complete cycle of how to configure and apache server with
> modSSL and openSSL to install and get the Certificates from a clients to the
> sever.
1. Don't hijack threads
2. Read the pro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
GIYF: google tomcat not use port
That would have been faster than signing up for the mailing list.
On 2/25/2009 9:09 AM, nicumarius wrote:
> what should I do to not use port number when writting the address of a page
> on the Apache server?
-BEGI
> From: Caldarale, Charles R
> Subject: RE: very slow class loading on initial JSP/servlet
> request afterrestart
>
> Do you have a CLASSPATH environment variable set for the
> Tomcat process? (You shouldn't.)
Or is there a plain / in the -cp argument in the Tomcat startup script? Or has
conf/c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Noam,
On 2/24/2009 5:22 PM, Noam Aigerman wrote:
> Hi Chris,
> I managed to isolate the issue - you were close with your last guess
> :) - in proxy_ajp.conf I mapped my webapp by doing:
>
> ProxyPass / ajp://localhost:8009/Noam
>
> So whoever comes t
> From: Sam Hokin [mailto:s...@ims.net]
> Subject: Re: very slow class loading on initial JSP/servlet
> request afterrestart
>
> Sure enough, / appears in the classpath for the ROOT webapp,
So that appears to be the sole remaining question: why is there a / in JDT's
classpath?
Do you have a CLAS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sam,
On 2/26/2009 10:50 AM, Sam Hokin wrote:
> Caldarale, Charles R wrote:
>>
>> I'll poke around in the webapp classloader to see if I can find
>> anything interesting, but in the meantime, is there a /net directory
>> on the problematic server? If
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 2/25/2009 4:42 AM, Mark Thomas wrote:
> Ok. To summarise when you include net.ims.jcms.* in your imports the
> page compiles quickly but takes ages to respond to the first request.
>
> I wonder if this is related to loading a specific class
Sam Hokin wrote:
Caldarale, Charles R wrote:
Once you have your test Tomcat set up on the problematic server, try
adding this line to the conf/logging.properties file:
org.apache.jasper.level = ALL
That will display a *lot* of information about what's going on during
JSP compilation. One th
Sort of (if I read the code correctly)
isNew is set to false after the response is finished. So if you have 2
concurrent requests running, isNew is true until the first request
finishes sending its response back to the client. Of course isNew could
be set to false if the second request finishe
Caldarale, Charles R wrote:
Once you have your test Tomcat set up on the problematic server, try adding
this line to the conf/logging.properties file:
org.apache.jasper.level = ALL
That will display a *lot* of information about what's going on during JSP
compilation. One thing in particular
> From: Jorge Medina [mailto:jmed...@e-dialog.com]
> Subject: RE: very slow class loading on initial JSP/servlet
> request after restart
>
> Just for curiosity, Is "/" included in your classpath ?
Note that the classpath of interest is the one JDT uses, not any global one or
any associated with
Just for curiosity, Is "/" included in your classpath ?
-Original Message-
From: Sam Hokin [mailto:s...@ims.net]
Sent: Thursday, February 26, 2009 10:59 AM
To: Tomcat Users List
Subject: Re: very slow class loading on initial JSP/servlet request
after restart
Sam Hokin wrote:
> Caldar
In my experience using jsvc with a non-root user, you can't provide the -server
argument. I tried it, because I too also thought I was running -clients, and
even though it doesn't say it (unless you turn on debugging to see the actual
processed startup switches), jsvc will use the server jvm (if
Hello,
We are experiencing some thread/race condition problems with
HttpSession isNew() for Tomcat 6 (specifically for 6.0.18 but we have
seen the problem in prior versions too).
We narrowed it down to a small example.
The flow is quite simple.
1. Request first.jsp
2. Request second.jsp
Randoml
Sam Hokin wrote:
Caldarale, Charles R wrote:
I'll poke around in the webapp classloader to see if I can find
anything interesting, but in the meantime, is there a /net directory
on the problematic server? If there is and it targets a remote file
system, that might explain the long delay on
Caldarale, Charles R wrote:
I'll poke around in the webapp classloader to see if I can find anything
interesting, but in the meantime, is there a /net directory on the problematic
server? If there is and it targets a remote file system, that might explain
the long delay on these stat() calls
Your options are pretty limited -- 1. Talk to the developer of your
webapp, 2. Hire another developer if the original isn't available, or 3.
Learn Java and web application development with Struts (that's the
framework your webapp is using), then look at the source code and debug
it yourself.
Sorry
Gregor Schneider wrote:
Marcel,
On Thu, Feb 26, 2009 at 12:16 AM, Marcel Stör wrote:
[Problem]
Upon session time-out the request is not forwarded to the login page (form
based auth). Nothing happens on the UI. However, forwarding to the login
page does work during the initially login into the
Marcel,
On Thu, Feb 26, 2009 at 12:16 AM, Marcel Stör wrote:
>
> [Problem]
> Upon session time-out the request is not forwarded to the login page (form
> based auth). Nothing happens on the UI. However, forwarding to the login
> page does work during the initially login into the application.
>
N
> From: Laura Bartolomé [mailto:la...@secways.com]
> Subject: Re: problems solved restarting tomcat
>
> Ok, and the question is: is possible than this error makes Tomcat
> doesn't work and we need to restart it???
Probably not that error directly, but the failure in properly handling the
request
ok... :(
some idea of where can I get information about this problem? I mean the
problem that leaves Tomcat without working
David Smith escribió:
> Normally no, but then again I don't know a lot about your software.
> Anything I suggest would be pure conjecture.
>
> --David
>
> Laura Bartolomé w
Normally no, but then again I don't know a lot about your software.
Anything I suggest would be pure conjecture.
--David
Laura Bartolomé wrote:
> Ok, and the question is: is possible than this error makes Tomcat
> doesn't work and we need to restart it???
>
> Thanks for your help
>
> David Smith
Ok, and the question is: is possible than this error makes Tomcat
doesn't work and we need to restart it???
Thanks for your help
David Smith escribió:
> It looks like your web application is trying to convert a string to a
> long (a type of number similar to an integer, but bigger) at line 49 in
It looks like your web application is trying to convert a string to a
long (a type of number similar to an integer, but bigger) at line 49 in
se.purpur.roach.web.pub.action.PublicArticleAction, but the string it's
trying to convert is null. On a guess, this is related to a form
submission and a re
Hi,
Do you know the complete cycle of how to configure and apache server with
modSSL and openSSL to install and get the Certificates from a clients to the
sever.
Best regards,
Ali Kassem
Project Manager
IT Dept. Banque Du Liban
Email: akas...@bdl.gov.lb
alikasse...@hotmail.com
Phone: 961
You can use VPN than:)
But RDP (remote desktop) is better, because RPC calls used in all MMC
(management consoles) are designed for local network and work pretty slow on
the Internet.
Remote desktop connection (mstsc) is the best solution, I think.
-Original Message-
From: Laura Bartolo
Hi again...
We have problems with our webpage, suddenly it doens't load and an error
message appears (I can't told you the exact error showed cause I
couldn't see it, but I have to believe the boss... ). If we restart
Tomcat then it turns on again working correctly! We have Tomcat 6 like a
service
Sam Hokin wrote:
André Warnier wrote:
What in this directory path is (are) a symlink(s) ?
/home/sites/ims/jcms/webapps/ROOT/WEB-INF/classes/org/apache/jsp/test6_jsp.class
There are no symlinks in that path.
Then the question is : why is that thing doing lstat's ?
(I mean in the trace list
nicumarius wrote:
what should I do to not use port number when writting the address of a page
on the Apache server?
Do you want to use:
http://server.com/app
instead of
http://server.com:8080/app ?
If this is the case than you need to have a web server (either Apache
HTTPD or Apache To
Hi,
I have read about similar issues in some old posts, and it appears to be
related to the compilation of jsvc, you need to make sure it points to your
JDK. Check what parameters you use when building jsvc. What version of Java are
you using? its also possible that its picking up a jvm that do
just a question, if you are behind a loadbalancer, why wouldn't your
just run it as non-root user on a non-privelleged port without jsvc?
regards
Leon
On Thu, Feb 26, 2009 at 3:31 AM, B.V. Prasad wrote:
> I am running Tomcat 6 on a group of Linux servers behind a loadbalancer. This
> setup was
55 matches
Mail list logo
