[SECURITY] CVE-2024-46544 Apache mod_jk - Information Disclosure / Denial of Service

CVE-2024-46544 Apache mod_jk - Information Disclosure / DoS Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - JK 1.2.9-1.2.49 (mod_jk on Unix like platforms only) Description: Incorrect default permissions for the memory mapped file configured by the JkShmFile

Re: mod_jk retry continuing existing stream?

On 12/08/2024 19:54, Holle, Jess wrote: I have mod_jk load balancing over several back-end Java processes which embed Tomcat. When I Ctrl-C one of those processes, a server-sent-event response stream (which has already sent a number of events) does not end from a client perspective. Rather

Re: mod_jk retry continuing existing stream?

Jess, On 8/12/24 14:54, Holle, Jess wrote: I have mod_jk load balancing over several back-end Java processes which embed Tomcat. When I Ctrl-C one of those processes, a server-sent-event response stream (which has already sent a number of events) does not end from a client perspective

mod_jk retry continuing existing stream?

I have mod_jk load balancing over several back-end Java processes which embed Tomcat. When I Ctrl-C one of those processes, a server-sent-event response stream (which has already sent a number of events) does not end from a client perspective. Rather the original request is retried against

Re: mod_jk logging issue

> Hi Rainer/Simon - I've just had another look at this. With no > application running (IOW, all Java processes killed), I see this > behaviour: Sorry, I was confused because I thought we're talking about files from Tomcat and not from Apache/mod_jk. Regards, Simon >

Re: mod_jk logging issue

Hi Rainer/Simon - I've just had another look at this. With no application running (IOW, all Java processes killed), I see this behaviour:  # systemctl start apache2 This create a number of apache2 processes (generally 7). 2 new mod_jk files are created, corresponding to the apache2 pr

Re: mod_jk logging issue

Hi, > Hi - I'm running mod_jk with an Apache front-end, and I'm having an > issue with the JkShmFile files. > > Every time Apache restarts mod_jk creates two new files > (jk-runtime-status.PID and jk-runtime-status.PID.lock). These are never > cleaned up; the log di

Re: mod_jk logging issue

Hi there, Am 19.12.23 um 18:05 schrieb EML: Hi - I'm running mod_jk with an Apache front-end, and I'm having an issue with the JkShmFile files. Every time Apache restarts mod_jk creates two new files (jk-runtime-status.PID and jk-runtime-status.PID.lock). These are never cleaned u

mod_jk logging issue

Hi - I'm running mod_jk with an Apache front-end, and I'm having an issue with the JkShmFile files. Every time Apache restarts mod_jk creates two new files (jk-runtime-status.PID and jk-runtime-status.PID.lock). These are never cleaned up; the log directory simply fills up with t

[SECURITY] [CORRECTION] CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Authentication Bypass

CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Authentication Bypass Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat Connectors mod_jk Connector 1.2.0 to 1.2.48 Description: In some circumstances, such as when a configuration included "JkOp

[SECURITY] [CORRECTION] CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Authentication Bypass

CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Authentication Bypass Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat Connectors mod_jk Connector 1.2.0 to 1.2.48 Description: In some circumstances, such as when a configuration included "JkOp

[SECURITY] CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Information Disclosure

CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat Connectors mod_jk Connector 1.2.0 to 1.2.48 Description: In some circumstances, such as when a configuration included

Re: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

Martin, On 7/3/23 04:47, Martin Knoblauch wrote: On 6/29/23 17:06, Rainer Jung wrote: Since I try to push people into mod_proxy, I am hesitant to implement more and more features which keep people from switching ;) Hi Rainer, so, what do you suggest for the mod_jk retirement

Re: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

: users@tomcat.apache.org Subject: Re: [mod_jk] Is it possible to set the value of a specific attribute via HTTP? Rainer, On 6/29/23 17:06, Rainer Jung wrote: Hi Chris, Am 29.06.23 um 15:00 schrieb Christopher Schultz: All, I've been using mod_jk forever and have some tools[1][2] to check

Re: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

On 6/29/23 17:06, Rainer Jung wrote: > > > Since I try to push people into mod_proxy, I am hesitant to implement > > more and more features which keep people from switching ;) > > Hi Rainer, so, what do you suggest for the mod_jk retirement? mod_proxy+mod_proxy_ajp, or ju

RE: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

nal Message- > From: Christopher Schultz > Sent: Friday, June 30, 2023 2:19 PM > To: users@tomcat.apache.org > Subject: Re: [mod_jk] Is it possible to set the value of a specific attribute > via > HTTP? > > Rainer, > > On 6/29/23 17:06, Rainer Jung wrote: > >

Re: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

Rainer, On 6/29/23 17:06, Rainer Jung wrote: Hi Chris, Am 29.06.23 um 15:00 schrieb Christopher Schultz: All, I've been using mod_jk forever and have some tools[1][2] to check on the status of a worker and change its state using the status worker. One of the samples I check is the &q

Re: [mod_jk] Is it possible to set the value of a specific attribute via HTTP?

Hi Chris, Am 29.06.23 um 15:00 schrieb Christopher Schultz: All, I've been using mod_jk forever and have some tools[1][2] to check on the status of a worker and change its state using the status worker. One of the samples I check is the "errors" count and if it's above

[mod_jk] Is it possible to set the value of a specific attribute via HTTP?

All, I've been using mod_jk forever and have some tools[1][2] to check on the status of a worker and change its state using the status worker. One of the samples I check is the "errors" count and if it's above 0 then I report an error to my monitoring system. The probl

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

mod_jk thrash by just requesting pages that didn't exist.   It's not a huge issue for us since most of our apps are authenticated using SAML, so all requests are intercepted before the request is ever sent to Tomcat, but for our apps that don't require authentication, it would be easy to

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

time would recommend adding 404 to the fail_on_status, which is what we did...until I realized that we were causing our own internal DOS attack when we had a 404 mistakenly left in our apps; that got me thinking how easy it would be to make mod_jk thrash by just requesting pages that didn't

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

Dan, On 6/20/23 11:32, Dan McLaughlin wrote: When I attach with a debugger, I can see what's causing it not to work. When the Web Application is started, then request.getContext(); returns the correct Web Application context, but when the application is stopped, request.getContext(); returns t

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

One thing I just tested was to undeploy the ROOT context, which is how > we run anyways, and this causes request.getContext() to return null, > which with the code, as is, results in a null pointer and a 500 being > thrown--which inadvertently would cause mod_jk to retry on another > node.

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

One thing I just tested was to undeploy the ROOT context, which is how we run anyways, and this causes request.getContext() to return null, which with the code, as is, results in a null pointer and a 500 being thrown--which inadvertently would cause mod_jk to retry on another node. I don't

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

fail_on_status, which is what we did...until I realized that we were causing our own internal DOS attack when we had a 404 mistakenly left in our apps; that got me thinking how easy it would be to make mod_jk thrash by just requesting pages that didn't exist. It's not a huge issue for us sin

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

We typically don't deploy a ROOT context in our production environments--for no other reason than making it more difficult to poke around. I'll look at that as an option. Thanks for the tips. -- Thanks, Dan On Tue, Jun 20, 2023 at 10:28 AM Mark Thomas wrote: > On 20/06/2023 15:41, Dan McLaug

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

When I attach with a debugger, I can see what's causing it not to work. When the Web Application is started, then request.getContext(); returns the correct Web Application context, but when the application is stopped, request.getContext(); returns the ROOT context, which is up, so the 404 is pass

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

On 20/06/2023 15:41, Dan McLaughlin wrote: So I tried to create a Valve to check to see if the application is stopped and convert the 404 response to a 503, but I haven't had any luck getting it to work. Is there another internal API that I should be using? context.getState().isAvailable ways see

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

So I tried to create a Valve to check to see if the application is stopped and convert the 404 response to a 503, but I haven't had any luck getting it to work. Is there another internal API that I should be using? context.getState().isAvailable ways seems to report the app is available even though

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

ot deploy often, so it's not a huge issue, and even more rarely do we run into issues in production where we need to stop just one app, but it has happened. It would just be nice not to have to go tell mod_jk that a node was down for an application or have to stop Tomcat to get it to not send r

Re: Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

On 14/06/2023 19:49, Dan McLaughlin wrote: Hello, This is probably a question that would be better suited for the dev list, but I thought I'd start here first. That depends. It is generally better to start on the users list. Does anyone understand the reasoning behind why Tomcat, when cluste

Tomcat Clustering, Mod_JK, Fail_on_Status, Stopped Application

ome unavailable, you have to configure mod_jk fail_on_status to failover for 404s. 3) Lastly, configuring mod_jk to failover for 404s means you will never throw a 404 even when all apps are started, but a page really doesn't exist. 4) It seems to fail over for every 404 would make it very easy

Re: Mod_JK vs Mod_Proxy

. -chris -Original Message- From: Christopher Schultz Sent: Wednesday, December 7, 2022 4:54 PM To: Tomcat Users List ; jonmcalexan...@wellsfargo.com.INVALID Subject: Re: Mod_JK vs Mod_Proxy Jon, On 12/6/22 16:22, jonmcalexan...@wellsfargo.com.INVALID wrote: What, pray tell, is an enc

RE: Mod_JK vs Mod_Proxy

> Sent: Wednesday, December 7, 2022 4:54 PM > To: Tomcat Users List ; > jonmcalexan...@wellsfargo.com.INVALID > Subject: Re: Mod_JK vs Mod_Proxy > > Jon, > > On 12/6/22 16:22, jonmcalexan...@wellsfargo.com.INVALID wrote: > > What, pray tell, is an encrypted AJP connection?

Re: Mod_JK vs Mod_Proxy

hultz Sent: Tuesday, December 6, 2022 3:01 PM To: users@tomcat.apache.org Subject: Re: Mod_JK vs Mod_Proxy Jon, On 12/6/22 12:36, jonmcalexan...@wellsfargo.com.INVALID wrote: IMHO, switching to mod_proxy, and using it over SSL, is by far better than using mod_jk or mod_ajp, primarily as mod_

RE: Mod_JK vs Mod_Proxy

chultz > Sent: Tuesday, December 6, 2022 3:01 PM > To: users@tomcat.apache.org > Subject: Re: Mod_JK vs Mod_Proxy > > Jon, > > On 12/6/22 12:36, jonmcalexan...@wellsfargo.com.INVALID wrote: > > IMHO, switching to mod_proxy, and using it over SSL, is by far better than >

Re: Mod_JK vs Mod_Proxy

Jon, On 12/6/22 12:36, jonmcalexan...@wellsfargo.com.INVALID wrote: IMHO, switching to mod_proxy, and using it over SSL, is by far better than using mod_jk or mod_ajp, primarily as mod_proxy allows for secure proxy connection, whereas mod_jk and mod_ajp aren't "secure"

RE: Mod_JK vs Mod_Proxy

IMHO, switching to mod_proxy, and using it over SSL, is by far better than using mod_jk or mod_ajp, primarily as mod_proxy allows for secure proxy connection, whereas mod_jk and mod_ajp aren't "secure" as they are not encrypted channels. Again, just my .02 worth. Dream *

Re: Mod_JK vs Mod_Proxy

Mark, On 12/6/22 08:48, Mark H. Wood wrote: On Mon, Dec 05, 2022 at 03:37:59PM -0500, Christopher Schultz wrote: On 12/5/22 15:03, Cathy Spears wrote: Using Tomcat 8.5 and 9.0 with 32-bit Apache 2.4 and mod_jk. Are there benefits to using mod_proxy instead of mod_jk? Also, is there a planned

Re: Mod_JK vs Mod_Proxy

On Mon, Dec 05, 2022 at 03:37:59PM -0500, Christopher Schultz wrote: > On 12/5/22 15:03, Cathy Spears wrote: > > Using Tomcat 8.5 and 9.0 with 32-bit Apache 2.4 and mod_jk. Are there > > benefits to using mod_proxy instead of mod_jk? Also, is there a > > planned end of life

Re: Mod_JK vs Mod_Proxy

Cathy, On 12/5/22 15:03, Cathy Spears wrote: Using Tomcat 8.5 and 9.0 with 32-bit Apache 2.4 and mod_jk. Are there benefits to using mod_proxy instead of mod_jk? Also, is there a planned end of life for mod_jk or will it continue to be supported for now? Hopefully this will be helpful: https

Mod_JK vs Mod_Proxy

Using Tomcat 8.5 and 9.0 with 32-bit Apache 2.4 and mod_jk. Are there benefits to using mod_proxy instead of mod_jk? Also, is there a planned end of life for mod_jk or will it continue to be supported for now? Thanks, Cathy DISCLAIMER: The information transmitted in this e-mail message and

RE: [External] Re: Looking for Mod_JK compiled for Windows

Thanks Mark! Was looking on VS17 tab. All good. From: Mark Thomas Sent: Monday, December 5, 2022 6:10 AM To: users@tomcat.apache.org Subject: [External] Re: Looking for Mod_JK compiled for Windows CAUTION: This email originated from an external system. Do not click links, open attachments or

Re: Looking for Mod_JK compiled for Windows

On 05/12/2022 13:46, Cathy Spears wrote: Hello all - I am looking for the latest version of mod_jk for Windows. At one time I was able to find it on Apache Lounge but no longer. Please advise. They are still there: https://www.apachelounge.com/download/VS16/ Mark

Looking for Mod_JK compiled for Windows

Hello all - I am looking for the latest version of mod_jk for Windows. At one time I was able to find it on Apache Lounge but no longer. Please advise. Thanks, Cathy DISCLAIMER: The information transmitted in this e-mail message and attachments, if any, may be attorney-client information

Re: What causes "client errors" with mod_jk

Hi Chris, Am 27.05.2022 um 01:49 schrieb Christopher Schultz: On 5/26/22 17:25, Rainer Jung wrote: Am 26.05.2022 um 21:49 schrieb Christopher Schultz: Would you prefer to use mod_unique_id + unique-id-logging in mod_jk over just adding more request-level information to the mod_jk.log? I&#

Re: What causes "client errors" with mod_jk

end via PM, I think it would be better to try to add a unique request ID as a correlation ID. Apache can already generate them using mod_unique_id and you can add them there to the access log. Would you prefer to use mod_unique_id + unique-id-logging in mod_jk over just adding more request-level

Re: What causes "client errors" with mod_jk

dd a unique request ID as a correlation ID. Apache can already generate them using mod_unique_id and you can add them there to the access log. Now how could we make that ID accessible from mod_jk? We could either add it as a new item to jk_ws_service and I think it would be a good fit. Any serv

Re: What causes "client errors" with mod_jk

log format (duration in microseconds) - remember that Apache logs start of request as default time stamp, but mod_jk logs at the moment of error, so later than start of request. Finding the right access log line for a mod_jk error log line now means: - filter the access log according to th

Re: What causes "client errors" with mod_jk

All, On 5/26/22 15:49, Christopher Schultz wrote: Rainer, On 5/16/22 13:48, Christopher Schultz wrote: Rainer, I've been looking into this a little more in my production environment. These errors are not super common, but there seems to be a steady trickle of errors from my two services tha

Re: What causes "client errors" with mod_jk

but configurable). Can be done by using the %{format}t syntax in the LogFormat and adding "usec_frac" to the format. - adding %D to the access log format (duration in microseconds) - remember that Apache logs start of request as default time stamp, but mod_jk logs at the moment of er

Re: What causes "client errors" with mod_jk

Rainer, On 5/16/22 13:48, Christopher Schultz wrote: Rainer, I've been looking into this a little more in my production environment. These errors are not super common, but there seems to be a steady trickle of errors from my two services that have human users. I see 0 errors for my API-based

Re: What causes "client errors" with mod_jk

her Schultz wrote: Rainer, On 3/24/22 05:50, Rainer Jung wrote: Hi Chris, client errors in jk log are always errors occurring when mod_jk tries to write back what it got from the backend using web server APIs to the client of the web server (user, browser etc.). So they point to a problem bet

Re: What causes "client errors" with mod_jk

Rainer, On 3/24/22 05:50, Rainer Jung wrote: Hi Chris, client errors in jk log are always errors occurring when mod_jk tries to write back what it got from the backend using web server APIs to the client of the web server (user, browser etc.). So they point to a problem between and

Re: What causes "client errors" with mod_jk

Hi Chris, client errors in jk log are always errors occurring when mod_jk tries to write back what it got from the backend using web server APIs to the client of the web server (user, browser etc.). So they point to a problem between and including the web server and something in front of it

Re: What causes "client errors" with mod_jk

ot;worker myworker is in local error state" which looks like mod_jk is considering this *worker* to be in an error-state, meaning that it would direct traffic to another worker. I'm not seeing the worker being put in

What causes "client errors" with mod_jk

All, What kinds of things will cause a "client error" in mod_jk's accounting? Does that mean things like unexpected disconnects on the part of the remote client (i.e. web browser), or does it mean failure of the jk module itself to connect (as a client) to the back-end Tomcat? I'm starting t

Re: mod_jk interference with ErrorDocument/Alias on HEAD request

interference between Apache httpd and mod_jk. For the full picture, the infrastructure setup contains 1. a Loadbalancer providing HTTPS, HTTP/1.1 and HTTP/2 for Clients. 2. an Apache httpd 2.4 webserver (HTTP only) with mod_jk 3. a Tomcat mit AJP-Connector We have an application doing many different

AW: mod_jk interference with ErrorDocument/Alias on HEAD request

Hello Stefan, the debug output of mod_jk shows at least which route the request is going: [info] jk_handler::mod_jk.c (2968): No body with status=401 for worker=ajp13_worker So it looks like that the code https://github.com/apache/tomcat-connectors/blob/main/native/apache-2.0/mod_jk.c#L2954

AW: mod_jk interference with ErrorDocument/Alias on HEAD request

Hello Stefan, Now I got it. Thanks for the clarification :) -Ursprüngliche Nachricht- Von: Stefan Mayr Gesendet: Dienstag, 15. Februar 2022 14:26 An: users@tomcat.apache.org Betreff: Re: mod_jk interference with ErrorDocument/Alias on HEAD request Hello Thomas, Am 15.02.2022 um 11:38

Re: mod_jk interference with ErrorDocument/Alias on HEAD request

Hello Thomas, Am 15.02.2022 um 11:38 schrieb Thomas Hoffmann (Speed4Trade GmbH): Hello Stefan, by spec / RFC, a HEAD request is not allowed to return any body. Greetings, Thomas This is true and that is why i'm writing to this list. In the described case mod_jk returns a response

AW: mod_jk interference with ErrorDocument/Alias on HEAD request

Hello Stefan, by spec / RFC, a HEAD request is not allowed to return any body. Greetings, Thomas -Ursprüngliche Nachricht- Von: Stefan Mayr Gesendet: Montag, 14. Februar 2022 23:07 An: users@tomcat.apache.org Betreff: Re: mod_jk interference with ErrorDocument/Alias on HEAD request

Re: mod_jk interference with ErrorDocument/Alias on HEAD request

Hello again, a self-compiled mod_jk 1.2.48 shows the same issue. Am 13.02.2022 um 18:37 schrieb Stefan Mayr: Hi, looking at the source code https://github.com/apache/tomcat-connectors/blob/main/native/apache-2.0/mod_jk.c#L2954#L2973 I did some more testing: Variant 1: JkMount /demo

AW: mod_jk interference with ErrorDocument/Alias on HEAD request

gs, Thomas -Ursprüngliche Nachricht- Von: Stefan Mayr Gesendet: Sonntag, 13. Februar 2022 18:37 An: users@tomcat.apache.org Betreff: Re: mod_jk interference with ErrorDocument/Alias on HEAD request Hi, looking at the source code https://github.com/apache/tomcat-connectors/blob/main/native/

Re: mod_jk interference with ErrorDocument/Alias on HEAD request

->status The response only seems correct for variant 1 - which is configured to let Apache httpd handle all responses for status codes >= 401. For variant 2 mod_jk seems to handle the response itself - contrary to what the comment explains. Am 12.02.2022 um 14:24 schrieb Stefan Mayr:

Re: mod_jk interference with ErrorDocument/Alias on HEAD request

Mount /demo/* ajp13_worker JkUnMount /error/* ajp13_worker -Ursprüngliche Nachricht- Von: Stefan Mayr Gesendet: Samstag, 12. Februar 2022 14:24 An: Tomcat Users List Betreff: mod_jk interference with ErrorDocument/Alias on HEAD request Hello Tomcat users, this week we were debugg

AW: mod_jk interference with ErrorDocument/Alias on HEAD request

bug: JkLogLevel (same reference page as above). Greetings, Thomas -Ursprüngliche Nachricht- Von: Stefan Mayr Gesendet: Samstag, 12. Februar 2022 14:24 An: Tomcat Users List Betreff: mod_jk interference with ErrorDocument/Alias on HEAD request Hello Tomcat users, this week we were debugg

mod_jk interference with ErrorDocument/Alias on HEAD request

Hello Tomcat users, this week we were debugging a strange connection issue which I tracked down to an interference between Apache httpd and mod_jk. For the full picture, the infrastructure setup contains 1. a Loadbalancer providing HTTPS, HTTP/1.1 and HTTP/2 for Clients. 2. an Apache httpd

Re: mod_jk "Can not determine the proper size for pid_t" on macOS 10.15.7

Brian, On 10/28/20 21:24, Paquin, Brian wrote: Chris, On Oct 27, 2020, at 12:31 PM, Christopher Schultz wrote: Brian On 10/26/20 15:33, Paquin, Brian wrote: I’m trying to build httpd and mod_jk for the first time on a macOS 10.15.7 box. XCode 12.1 is installed and I was able to compile

Re: mod_jk "Can not determine the proper size for pid_t" on macOS 10.15.7

Chris, > On Oct 27, 2020, at 12:31 PM, Christopher Schultz > wrote: > > Brian > > On 10/26/20 15:33, Paquin, Brian wrote: >> I’m trying to build httpd and mod_jk for the first time on a macOS 10.15.7 >> box. XCode 12.1 is installed and I was able to compile Ope

Re: mod_jk "Can not determine the proper size for pid_t" on macOS 10.15.7

Brian On 10/26/20 15:33, Paquin, Brian wrote: I’m trying to build httpd and mod_jk for the first time on a macOS 10.15.7 box. XCode 12.1 is installed and I was able to compile OpenSSL 1.1.1g. I got an error “Can not determine the proper size for pid_t” when compiling httpd (v2.4.46) with

mod_jk "Can not determine the proper size for pid_t" on macOS 10.15.7

I’m trying to build httpd and mod_jk for the first time on a macOS 10.15.7 box. XCode 12.1 is installed and I was able to compile OpenSSL 1.1.1g. I got an error “Can not determine the proper size for pid_t” when compiling httpd (v2.4.46) with included apr (v1.7.0). This issue https

Tomcat mod_jk rpm-build for CentOS-8 - exit with error.

@Klaus Trachtler: Managed to build mod_jk RPM for CentOS8. See https://gist.github.com/robertoschwald/3317b4d777f44260fef86c5059955ffc

Re: request.getLocatHost() Different with port 80 vs mod_jk

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jerry, On 7/18/20 18:29, Jerry Malcolm wrote: > I'm taking Christopher's advice to remove httpd and mod_jk out of > my process and go straight to Tomcat on port 80. At this point the > only thing I've done is stop the http

request.getLocatHost() Different with port 80 vs mod_jk

I'm taking Christopher's advice to remove httpd and mod_jk out of my process and go straight to Tomcat on port 80.  At this point the only thing I've done is stop the httpd service and change the Connector port to 80.  I'm running on my local machine.  I have

Re: Tomcat mod_jk rpm-build for CentOS-8 - exit with error.

Hi Klaus, Am 06.07.2020 um 15:13 schrieb Klaus Tachtler: > Hi, > > I'm trying to build a rpm package for CentOS-8 for mod_jk with the > latest version 1.2.48. While building the rpm package, following error > occurs: > > > - %< - > > ... > make

Re: Monitoring Connections and Limits Thru HTTPD/mod_jk/Tomcat

ltz wrote: Jerry, > > On 7/7/20 16:50, Jerry Malcolm wrote: >>>> I'm setting up an environment that has the potential for a >>>> large number of simultaneous requests coming in. I have a >>>> basic Apache HTTPD with mod_jk talking to Tomcat, all on

Re: Monitoring Connections and Limits Thru HTTPD/mod_jk/Tomcat

Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jerry, On 7/7/20 16:50, Jerry Malcolm wrote: I'm setting up an environment that has the potential for a large number of simultaneous requests coming in. I have a basic Apache HTTPD with mod_jk talking to Tomcat, all on the same A

Re: Monitoring Connections and Limits Thru HTTPD/mod_jk/Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jerry, On 7/7/20 16:50, Jerry Malcolm wrote: > I'm setting up an environment that has the potential for a large > number of simultaneous requests coming in. I have a basic Apache > HTTPD with mod_jk talking to Tomcat, all on the s

Monitoring Connections and Limits Thru HTTPD/mod_jk/Tomcat

I'm setting up an environment that has the potential for a large number of simultaneous requests coming in.   I have a basic Apache HTTPD with mod_jk talking to Tomcat, all on the same Amazon EC2 instance.  From my understanding, I have the potential of maxing out connections at httpd

Tomcat mod_jk rpm-build for CentOS-8 - exit with error.

Hi, I'm trying to build a rpm package for CentOS-8 for mod_jk with the latest version 1.2.48. While building the rpm package, following error occurs: - %< - ... make[1]: Entering directory '/root/rpmbuild/BUILD/tomcat-connectors-1.2.48-src/native/apache-2.0'

Re: mod_jk and application deployed check

Il giorno ven, 29/05/2020 alle 14.09 -0400, Christopher Schultz ha scritto: > Giuseppe, > > On 5/29/20 11:57, Giuseppe Sacco wrote: > > [...] > > misconfigured machines and failed with 404 errors. From what I > > understood, the mod_jk protocol only allows to check it

Re: mod_jk and application deployed check

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Giuseppe, On 5/29/20 11:57, Giuseppe Sacco wrote: > Hello,I have an apache httpd with mod_jk that load balance > requests among two different tomcat servers.Today, one of the > tomcat servers has been rebooted and tomcat could not d

mod_jk and application deployed check

Hello,I have an apache httpd with mod_jk that load balance requests among two different tomcat servers.Today, one of the tomcat servers has been rebooted and tomcat could not deploy the application since it failed to find a configuration file. Please note that tomcat was running correctly, only

Re: [semi-OT] tomcat 7.0.100 AJP connector with mod_jk on another host

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Thomas, On 3/4/20 19:37, Thomas Glanzmann wrote: > allowedRequestAttributesPattern=JK_LB_ACTIVATION Note that JK_LB_ACTIVATION is already in the list of white-listed attribute names. You should probably not have to set this configuration attribute

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

On 06/03/2020 06:46, Thomas Glanzmann wrote: > the issue seems to be that mod_jk no longer works without a password > with tomcat7. So you need to set a password on both sites, and than > everything works again. This is not the case. Tomcat can be configured so a secret is not

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

ion of Tomcat. the issue seems to be that mod_jk no longer works without a password with tomcat7. So you need to set a password on both sites, and than everything works again. server.xml: workers.properties of mod_jk worker.tomcat-06.secret=verysecure If I do _not_ set a password I&#x

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

cing the same problem with 403. Might it be possible that I need > to use a secret in order to access ajp from mod_jk? > If you don't set secretRequired="false" properly then at start time Tomcat will complain if there is no specified "secret" attribute. If it doesn

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

Hello Martin, > > This should be: secretRequired="false". > > This attribute has been renamed recently. I just looked at my notes, and I tried that already yesterday night. Still facing the same problem with 403. Might it be possible that I need to use a secret in order to

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

Hello Martin, > This should be: secretRequired="false". > This attribute has been renamed recently. thanks. I'll test later and let you know how it went. Cheers, Thomas - To unsubscribe, e-mail: users-unsubscr...@tomcat

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

ealm.LockOutRealm"> > className="org.apache.catalina.realm.UserDatabaseRealm" > resourceName="UserDatabase"/> > > unpackWARs="true" autoDeploy="true"> >

Re: tomcat 7.0.100 AJP connector with mod_jk on another host

. However when I try to access this using mod_jk, I get a 403. I used a sniffer and it is coming from the AJP connector

tomcat 7.0.100 AJP connector with mod_jk on another host

Hello, I've just upgraded to tomcat7 (7.0.100) afterwards I'm unable to reconfigure it to the pre 7.0.100 behaviour where AJP connector listens on the public ip address in order to use it with mod_jk. Can someone help me out to make it works again? My ser

Re: Is there a limit to mod_jk?

Am 25.04.2019 um 06:22 schrieb John Larsen: Hello, Is there a limit to the number of workers instances mod_jk can handle? There will be limits due to general file descriptor limits, each TCP connection counts as a file descriptor. But I am not aware of a limit on the number of workers per

Is there a limit to mod_jk?

Hello, Is there a limit to the number of workers instances mod_jk can handle? I currently have 38 tomcat instances running on a machine. I have had up to 75 in the past, but this machine I keep getting bind exception errors but lsof -i :port comes up empty when that particular tomcat is offline

RE: loss of connection with mod_jk(tomcat connector)

Sent: 06 February 2019 06:41 PM To: Tomcat Users List ; Rathore, Rajendra Subject: Re: loss of connection with mod_jk(tomcat connector) External email from: rainer.j...@kippdata.de Hi Rajendra, Am 06.02.2019 um 12:36 schrieb Rathore, Rajendra: > Hi Mark, > > I am stuck and due

Re: loss of connection with mod_jk(tomcat connector)

/show_bug.cgi?id=63075 but there is no progress on it. as Mark already wrote, your mod_jk log file shows, that many of your tomcat instances are down. You have configured a load balancer with 9 members, listening on localhost ports 8010-8018, but of these 9 tomcat instances only the one listening on

RE: loss of connection with mod_jk(tomcat connector)

, Rajendra Rathore 9922701491 -Original Message- From: Rathore, Rajendra Sent: 17 January 2019 10:33 AM To: Tomcat Users List Subject: RE: loss of connection with mod_jk(tomcat connector) External email from: users-return-266670-rarathore=ptc@tomcat.apache.org Hi Mark, We configure

RE: loss of connection with mod_jk(tomcat connector)

enable extra loggers that will help out to understand the problem better, Thanks and Regards, Rajendra Rathore 9922701491 -Original Message- From: Mark Thomas Sent: 17 January 2019 05:05 AM To: Tomcat Users List Subject: Re: loss of connection with mod_jk(tomcat connector) External

Re: loss of connection with mod_jk(tomcat connector)

On 16/01/2019 12:26, Rathore, Rajendra wrote: > Hi Team, > >   > > we are using Apache Http server with basic authentication, when we try > to send some request to apache for authentication it will fail with 401 > error and when we check the JK Status, > > we found that status was not proper mea

  1   2   3   4   5   6   7   8   9   10   >