Using Authentication/Authorization

to the administration section of the server, I'm wondering if there is some funk going on out of my scope. I downloaded the binaries for mac.. maybe something is wrong? If anyone has any idea, please let me know.. I am at a total loss. Thankyou, Jess Ryan

TID 170878 Re: How to get java process id of a user running tomcat

You have emailed Webjam Customer Support. To send a message to the intended recipient, please use their email address (if known) OR Go to their network, click on their network name (top left-hand side of the top bar) and click on the 'Contact the editor' link to send a message. Alternatively find

mod_jk retry continuing existing stream?

the next server and its response is simply added to the original stream from the client's perspective. That is just plain weird - and doesn't make sense to me at all in terms of retry handling. Any pointers/info on this would be much appreciated. -- Jess Holle P.S. The stream is gen

Re: Mod_jk/firewall configuration problems

tting this interval vary between OS'es.] -- Jess Holle Serlet Jean-Claude wrote: Sorry : that 's all i thought Hope that you don't forget to stop and restart your Apache server after modifying workers.properties Jean-Claude _ De : Greg Allen [mailto:

Re: JConsole query

ions because Java 5 is recognizing Server 2 as a server class machine -- due to heap allocation, total memory on the machine and such -- and it's not doing this on Server 1. I must admit I'm a bit confused myself about when each occurs as

JSP Precompilation vs. JSR-45 Debugging

that to keep working -- I just want to have an option to do source-level JSP debugging as well. What am I missing? -- Jess Holle - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

Re: Apache 2.2 and mod_proxy_ajp

I have some vague recollection that performance of mod_proxy_ajp tested just /slightly /better than mod_jk. Tim Funk wrote: Performance (IIRC while reading on the mailing lists) is about the same. mod_proxy_ajp should be easier to configure and install since it comes bundled with apache and i

Re: Apache 2.2 and mod_proxy_ajp

Chris Lear wrote: * Jess Holle wrote (02/12/05 13:53): I have some vague recollection that performance of mod_proxy_ajp tested just /slightly /better than mod_jk. But where is the information on this? It should be in Apache 2.2's doc set, but it would not surprise me at a

Re: Performance degradation under load

ication latency. -- Jess Holle - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

Re: Comparing Tomcat Performance on Windows vs. Linux

our web application's own code -- time spent optimizing your own code might buy you a lot more than the most expensive servlet engine ever could... -- Jess Holle

Re: Comparing Tomcat Performance on Windows vs. Linux

Remy Maucherat wrote: On 1/5/06, Jess Holle <[EMAIL PROTECTED]> wrote: Also a Tomcat 5.5.12 (or better 5.5.15) with and without APR test against recent IBM, Sun, and BEA offerings would be really nice :-) There seems to be a silly notion out there that because you pay for comm

Re: Comparing Tomcat Performance on Windows vs. Linux

something. -- Jess Holle - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

Re: Tomcat Oracle Jsdk 1.5

Farid Izem wrote: My Second question is : does the ojdbc14.jar will be support for jsdk1.5 and where can i download it ? ojdbc14.jar works fine under Java 5 -- it is for Java 1.4 /and higher/ as I understand it.

Re: AW: JSessionID

Conveying servlet sessions by SSL session is clearly not required by the spec, though... I'm not sure whether Tomcat supports this... Bernhard Slominski wrote: Hi, I just looked it up in the spec and there is a 3rd one as well: SSL Sessions From the Servlet spec: "SRV.7.1 Session Trackin

Re: RequestDumperValve screws UTF-8 parameter parsing

I've produced my own servlet filter to get around this -- which does not dump request parameters until *after* the request has completed. With almost no additional effort you can then add request elapsed time, etc, etc, to this. Mark Thomas wrote: Endre Stølsvik wrote: Enabling the Requ

Re: AW: JSessionID

Bill Barker wrote: "Jess Holle" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Conveying servlet sessions by SSL session is clearly not required by the spec, though... I'm not sure whether Tomcat supports this... It doesn't (mostly because

Re: RequestDumperValve screws UTF-8 parameter parsing

at first (I know I got burned once), but the issue has always clearly been there. I'd suggest living with it or writing your own filter. Doing such output at request end works and while I don't think such a filter can provide everything a valve can it

Re: Tomcat integegrated with Apache

sorts of things also currently drive folk to use Apache currently. -- Jess Holle Caldarale, Charles R wrote: From: Gary Blomquist [mailto:[EMAIL PROTECTED] Subject: RE: Tomcat integegrated with Apache Can you give any specifics as to why you think running Tomcat in front of Apache is bad

Re: Authenticating LDAP users without their input - doable?

This is better termed NTLM authentication without a user challenge. I don't know of means of doing this with Tomcat, but I certainly don't know everything... g m wrote: I have a critical 'challenge' It is possible to authenicate on Tomcat using LDAP (Active Directory) (using

Re: Authenticating LDAP users without their input - doable?

Jess Holle wrote: This is better termed NTLM authentication without a user challenge. I don't know of means of doing this with Tomcat, but I certainly don't know everything... I should have added that by using IIS in front of Tomcat and the IIS/Tomcat connector you *can* accom

Re: From Java to C#, ASP.NET [Off Topic]

he most complex, they're also a piece that some, if not many, folk truly don't need -- and a piece that has taken until J2EE 5 to get right (e.g. usable) in the spec (assuming it is finally right there). -- Jess Holle ---

Re: From Java to C#, ASP.NET [Off Topic]

#x27;t use EJBs" to a silly stigma against things like Hibernate both when they claim they're J2EE based (for having too much to do with EJB and app server complexity) and when they're not (for not being standards based). A fine hole dug by the marketeers... -- Jess Holle -

Re: Tuning Tomcat , i need some advice

right JVM, the right basic options, fed it enough memory, and tuned your code is it generally time to turn to further Tomcat tuning. -- Jess Holle George Sexton wrote: Database interaction is by far the major issue. In my application, a page with no db interaction runs in something like 80ms, wh

Re: Log4j configuration on a per context basis

This is trivial if you only introduce log4j.jar in each web app. If you share log4j.jar across web apps, then you have some LoggerRepositorySelector coding ahead of you. This is easy enough via JNDI context for cases where the contextual classloader is set for you by Tomcat, but in other case

Re: why use mod_jk?

ck both mod_jk and Tomcat docs), this is actually very simple as well, though. I am looking forward to mod_proxy_ajp as it is supposed be a tiny bit faster. -- Jess Holle Brad O'Hearne wrote: mod_proxy_ajp? Yet another twist. Its just hard for me to believe that "how do I integ

Re: why use mod_jk?

I guess this kind of adds to my frustration a bit -- what is the way to go now and why: mod_proxy_ajp or mod_jk? mod_proxy_ajp is only for Apache 2.2 and higher. We're still in the process of moving to 2.2. 2.2.0 seems good, though, so you could jump right to it if you don't have

Re: why use mod_jk?

here is no difference to speak of between mod_proxy_ajp and mod_jk. -- Jess Holle - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

jsp:useBean and using the same bean in a page

checkRequestBean(bean) || checkApplicationBean(bean)); } It doesn't seem to me that this is the correct way because I cannot use the same bean twice in the same page. Please let me know if I am wrong about this. Thanks. Jess (Please CC replies to me in 'cc' address as I am no

Re: The problem i have met

of it, I seem to recall having issues getting java.util.logging output from Tomcat when I tried it once [from a low-level library where I wanted no commons or log4j dependencies]. -- Jess Holle Dean Hiller wrote: this problem didn't have much to do with having servlet knowledge so I am con

Re: Applet sharing utility class with Servlet

This is a "feature" of the servlet spec. To use a class from both client and server you're forced to have multiple copies of it in your web app -- or alternatively to do non-standard adjustments to the web app loader / classpath. If you don't have too many of these copy cases, I advise just h

Re: tomcat 5.5, java 6 and jconsole not working as service

Tomcat 5.5.20 runs fine with Java 6, though I'm not sure if I tried it as a service. Martin Dubuc wrote: I haven't been successful running Tomcat on Java 6. My guess is that Tomcat can't run yet on Java 6. Martin On 1/9/07, teknokrat <[EMAIL PROTECTED]> wrote: I am running Tomcat 5.5 as a se

Re: RES: Tomcat Log4j Log Level Configuration

shutdown, etc, so you're better off writing your own (or using log4j 1.3, which supposedly fixes this but is in alpha...) - Manage log4j configurations as JMX beans...I'm not using JMX in depth but it seems that I'd be able to modify the configuration this way. Oh, so you mea

Re: Authenticating with LDAP against multiple organizational units

My guess is that you need to direct the LDAP URL at the ADS "global catalog", which oddly enough is not on port 389... Brian Bonner wrote: We're having a problem authenticating with Tomcat 5.5.9 against multiple organizational units. Our LDAP server is Active Directory. Here's our current se

Re: IIS security with tomcat

Sounds like IIS should be doing your authentication... Steve Gaunt wrote: Hi I have IIS web server servicing static pdf/html content. However, I only want to allow access to these if they have been authenticated by tomcat(using jk2 connector on the AJP connections). I dont want to move the

Re: IIS security with tomcat

That does not sound particularly doable to me. I'd assume that you'd want to look to the latest Tomcat 5.5.x for the best static file handling you can get out of it and essentially take IIS out of the picture. -- Jess Holle Steve Gaunt wrote: HI That;'s what i'm try

Re: LDAP connections pool

It's quite possible via Apache... If it is not possible via Tomcat than this would be one of those reasons to use Apache as a web server. Javier wrote: Con fecha Tuesday, October 25, 2005, 3:16:43 PM, escribió: If you mean pooling with JNDIRealm - there is no pooling available with that

Re: NIO/Large-scale pushes to browsers/Jetty 6 Continuations

you investigate with something Grizzly based as well? I've always wondered whether NIO was the issue on various reports or just Tomcat's implementation thereof [and find the notion of native libraries for something that /should/ be a Java core competency irksome -- but perhaps that

Precompiling .tag files containing Java 5 syntax?

e used as that's the default output of JspC and /not/ the default input of ...] Am I missing something here? Note that the tag files in question work fine at runtime -- they just won't precompile. -- Jess Holle

Invoking JSP/servlet from non-request thread?

y /doing this sort of thing? Is there an existing library for this that I'm overlooking? It seems really bizarre that for all the time and energy invested in servlet and JSP based HTML page generation that there's not a standard bridge to using servlets and JSPs from other threads to generate HTML files, e-mails, etc. -- Jess Holle

Re: JspC woes in Tomcat 6 (Urgent)

Try something like Dola Woolfe wrote: Hi, Just upgraded my Tomcat from 5.5 to 6.0 and noticed that my JspC task in build.xml is no longer working. The documentation for 6.0 quote is below, but with 6.0 th

Session Replication question

alled /and/ that these changes would be coalesced into a minimalistic delta that would then be pushed to other nodes in the cluster (with a separate timestamp on each attribute if necessary). -- Jess Holle

Re: Limit the number of concurrent users

You can easily do this sort of thing with a session listener -- and the code will be relatively portable across servlet engines, etc. -- Jess Holle Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mel, Woodgett, Mel (MSFC-NNM04AA02C)[STEEPLE] wrote: Let me

Re: JConsole port

Yup. David kerber wrote: I guess the deafening silence in response to this question must mean that there's no standard port, and I can use any port I feel like... D David kerber wrote: Is there a standard (either de facto or formal) port to use for jmx when monitoring a tomcat app with jcon

Re: Invoke JSP on tomcat startup

Sounds like you want a ContextListener, not a JSP... Andrew Hole wrote: Hello! Exists some automatic way to invoke a JSP when tomcat starts? Thanks a lot - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe,

Re: HttpSessionActivationListener not getting called in the Tomcat 5.5.20 clustered mode.

The HttpSession activation and passivation listeners in Tomcat are /quite/ broken -- at least last time I checked. I've been in the habit of patching this part of the code. I submitted a patch once, but I mixed in a few other things that were broken in this area and it was not accepted -- and

Re: HttpSessionActivationListener not getting called in the Tomcat 5.5.20 clustered mode.

I sent the patch quite some time back now, so I'm not sure where it is. Being similarly lazy I'm attaching an excerpt of the patched StandardSession.java (from 5.5.23) with changes embedded in it. Mark Thomas wrote: Jess Holle wrote: The HttpSession activation and passivation

Re: HttpSessionActivationListener not getting called in the Tomcat 5.5.20 clustered mode.

I believe similar changes were still necessary in 6.0.14 as well (and previously were needed in 5.0.30). Jess Holle wrote: I sent the patch quite some time back now, so I'm not sure where it is. Being similarly lazy I'm attaching an excerpt of the patched StandardSession.java (f

Re: Tomcat memory leak?

... -- Jess Holle Leon Rosenberg wrote: i downloaded the war file and put it info webapps (it was the only webapp ) started tomcat (5.5.17) started following in another shell: while true; do wget "http://localhost:8080/LoadTest/something.jsp"; ; done canceled after some thousands of

Re: Internal Tomcat4/jk2/apache2 timeout after lengthy servlet processing?

t, but for mod_proxy_ajp you have to set this to a large value explicitly. -- Jess Holle Pablo Barrón wrote: Hi!!! I've run into a configuration problem in a Tomcat4/jk2/Apache2 server (Debian Sarge 3.1), in which Java servlets are running to generate the webpages. There are some operations that n

%3B in path-info

certainly would appear to be a bug in /something/. Or is this a bug or misconfiguration in mod_proxy_ajp or some such? -- Jess Holle

Re: %3B in path-info

You're right -- this works fine in the direct case. So I need to file a bug against mod_proxy_ajp instead? Or is there some chance this is in the AJP connector? Rainer Jung wrote: So are you saying, that th request goes through httpd/mod_proxy or mod_jk? If so, you should first test with dir

Re: %3B in path-info

Is there any reasonable way I can tell where the issue resides, mod_proxy_ajp or the Tomcat AJP connector. I'm using Apache 2.2.8 and the Java (non-native, non-NIO) AJP connector. [The native connector is just too painful to build on half a dozen platforms...] Jess Holle wrote: Y

Re: %3B in path-info

Mark Thomas wrote: Jess Holle wrote: You're right -- this works fine in the direct case. So I need to file a bug against mod_proxy_ajp instead? Or is there some chance this is in the AJP connector? Only if there is a bug - we haven't shown that yet ;) Could you provide some versi

Re: %3B in path-info

Mark Thomas wrote: Jess Holle wrote: Mark Thomas wrote: Jess Holle wrote: You're right -- this works fine in the direct case. So I need to file a bug against mod_proxy_ajp instead? Or is there some chance this is in the AJP connector? Only if there is a bug - we haven't show

Re: %3B in path-info

Jess Holle wrote: Mark Thomas wrote: Jess Holle wrote: Mark Thomas wrote: Jess Holle wrote: You're right -- this works fine in the direct case. So I need to file a bug against mod_proxy_ajp instead? Or is there some chance this is in the AJP connector? Only if there is a bug - we ha

Re: %3B in path-info

Mark Thomas wrote: Jess Holle wrote: Mark Thomas wrote: I couldn't see anything either. This looks like a mod_proxy_ajp bug/missing feature. I jumped the gun once by filing this against Tomcat, but it seems everything is pointing to mod_proxy_ajp. Is it time to file a bug against it?

Re: %3B in path-info

serious gap in mod_proxy_ajp. On the other hand, there's a lot to be said for Apache 2.2 in general and mod_proxy_ajp in particular, so we really need this gap closed and can't just revert to mod_jk. -- Jess Holle --

Re: %3B in path-info

eed for an option (or default behavior!) in mod_proxy_ajp wherein the URL passed to via AJP is not decoded. -- Jess Holle

Re: Few public ports w/many Tomcat instances

e AJP as the communication protocol and could be an instance of Tomcat or Glassfish or a special web app as far as I'm concerned -- though ideally it would use NIO rather than APR as having to build/maintain/distribute native code for various platforms is the main i

Re: JMX MBean

tes if/when you need to. The managed MBean stuff in Tomcat itself is more complicated than most common use cases require. -- Jess Holle - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL

Re: It¡¯s amazing, apache make TC performance decrease dramatically.

l without extra work -- is also pretty nice [Tomcat does not yet have this last I checked...], but wouldn't by itself be sufficient justification for Apache in a primarily JSP/servlet environment. -- Jess Holle - To start a

Another session replication question

not so critical in this example -- but easily could be if the values passed to setAttribute() are large object graphs rather than simple strings. -- Jess Holle

Re: Another session replication question

/removeAttribute()-based change detection, last-request-wins session update, etc... -- Jess Holle Filip Hanik - Dev Lists wrote: hi Jess, you're example is correct, replication doesn't happen until the request is complete and is done by the ReplicationValve. Filip Jess Holle wrote: I some

Re: [JMX] org.apache.catalina.session.StandardManager not serializable

ngs are" and possibly addressed by replaceObject(). [In my recent case I used replaceObject() to replace my non-serializable data with an approximation thereof whose toString() would show something somewhat meaningful in a remote JMX console.] -- Jess Holle

Re: Performance of APR

ormance load balancing over Tomcats by a Tomcat would be huge. -- Jess Holle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Performance of APR

David Boreham wrote: Jess Holle wrote: David Boreham wrote: I think you also need to factor in the labor cost to manage two different servers. I know that in our production deployments we could buy many many machines for the cost of the time we've spent trying to make AJP work. Tomcat

Re: Performance of APR

to deal with native code messes (like building/linking on AIX or learning enough about Apache's guts to make substantive patches). -- Jess Holle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additiona

Re: Performance of APR

er just to have more than one Tomcat serving the load is a non-starter, though. -- Jess Holle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Performance of APR

David Boreham wrote: Jess Holle wrote: You can make your own LB using Tomcat. Yes, I /could/, but Apache already does it. I don't want to invest enough of my own time in such a thing to put it on an equal footing with mod_jk and mod_proxy_ajp. Until someone does, though, Apache is a r

Re: HttpSessionActivationListener problems

we have a number of patches to this particular area of source that overlap. Others are of a bit more controversial nature and I have not kept them separate.] -- Jess Holle Rui Pedro wrote: Hi! I'm implementing one tomcat cluster solution (tomcat 5.5-20). One of the things that I need to k

Re: Logging servlet time and connections

that continuously building the native connector for all of these platforms is a non-starter. [One might say just build it once, but we've also had issues with the native connector that are not reproducible with the pure-Java connector.] This has to be one of the ugliest Tomcat warts I've

method invocations in EL?

I note in http://java.dzone.com/articles/unified-el-learns-method that in JEE 6 EL finally allows method invocations. Is there any chance this feature can be used in JSPs in Tomcat 6 today? If so, how? -- Jess Holle - To

Re: method invocations in EL?

cat 6. The closest you'll get are the function taglibs functionality. -Tim Jess Holle wrote: I note in http://java.dzone.com/articles/unified-el-learns-method that in JEE 6 EL finally allows method invocations. Is there any chance this feature can be used in JSPs in Tomcat 6 tod

Re: Websphere / Apache similarities

rpretation. -- Jess Holle Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 André, On 3/3/2009 11:54 AM, André Warnier wrote: - Websphere itself is a Java servlet server, unrelated to Tomcat despite my mistaken impressions to the contrary, but implementing the sa

Re: Why we need two servers (httpd and tomcat)

guring modules in Apache (where that is approach is sufficient). -- Jess Holle

Re: Why we need two servers (httpd and tomcat)

Jess Holle wrote: Robin Wilson wrote: For the record, my answer was neither stupid or reflexive. I simply pointed out why someone might want 2 layers of servers (httpd and tomcat). And certainly, my rationale is both sound and arguable at the same time. As for your assertion that 2 layers of

Re: Form Authentication and status (response) code

x27;t one that could possibly be used by a login form or 2. Add some other custom header to your response. If it's not there but you got a 200, then something hijacked the response -- quite probably a login form. -- Jess Holle On 9/1/2011 5:49 PM, Mabry Tyson wrote: Summary: When re

Form Authentication vs. Tomcat Restart

? Intentional? Configurable? -- Jess Holle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Form Authentication vs. Tomcat Restart

Okay, I now notice this plainly stated in the documentation for JNDIRealm (which I'm using): The cached user is *not* saved and restored across sessions serialisations. That seems a bit odd... On 12/6/2011 5:12 PM, Jess Holle wrote: When doing a graceful shutdown of Tomcat, the ses

Re: Form Authentication vs. Tomcat Restart

/ Tomcat behaves this way. If one quickly restarts Tomcat for some reason and session data is preserved, you really don't want all the users to have to login again do you? -- Jess Holle On 12/6/2011 7:05 PM, André Warnier wrote: Jess Holle wrote: When doing a graceful shutdown of Tomcat

Re: Form Authentication vs. Tomcat Restart

2:24 PM, Jess Holle wrote: I should have noted that this is with Tomcat 7.0.23, but it seemed unlikely to be JVM (Java 6 Update 29) or OS (Windows 7) specific. Of course given that I found that the documentation clearly states this behavior, I suspect this is longstanding Tomcat behavior

Any servlet API event to denote change in session id

n see.] -- Jess Holle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Any servlet API event to denote change in session id

On 12/7/2011 11:47 AM, Mark Thomas wrote: On 07/12/2011 17:04, Jess Holle wrote: I note that in recent versions of Tomcat (e.g. 7.0.23), the session id changes when you do a form-based authentication. I do not see any sort of notice via anything one can listen to via the servlet API to receive

Re: Form Authentication vs. Tomcat Restart

You get an error when that's what's occurring, though. On 12/7/2011 12:55 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jess, On 12/6/11 6:17 PM, Jess Holle wrote: Okay, I now notice this plainly stated in the documentation for JNDIRealm (which I'

Re: ThreadLocals, context listeners and classloader leaks

t natural and useful Java language feature. I'd argue all servlet engines should really provide this feature for just this reason. That said, I can live with A. -- Jess Holle

Re: Tomcat does not honor acceptCount configuration variable

isn't going to change no matter how stable these connectors are and I need to use Apache anyway, so native connectors are a dead end. It's either old-IO or NIO, but it needs to be pure Java for me. -- Jess Holle On 5/10/2010 7:35 AM, André Warnier wrote: Timir Hazarika wrote: Andre,

Tomcat Form Authentication Timeout Behavior

d out. In that case, Tomcat fails to deliver the POST data. I assume this is a known issue/limitation. If not, is there some configuration setting I'm missing or some such? This is with Tomcat 7.0.23. -- Jess Holle --

Form Authentication POST data not preserved?

etty sure I was having similar issues with 7.0.25 as well. [No, I didn't really downgrade -- I'm just working in a context that's still using 7.0.23 at the moment.] I'm left wondering what could be causing the issue. -- Jess Holle P.S. The lack of wisdom of setting ma

Re: Form Authentication POST data not preserved?

In case this makes any difference this is with the AJP BIO connector. On 2/3/2012 4:51 PM, Jess Holle wrote: I posted a query recently wherein I thought that POST data was being lost *only* if the user had been authenticated, their session timed out, and then they POST'ed to a URL requ

Re: Form Authentication POST data not preserved?

Or could this be getting loused up by having a servlet request filter that calls getParameterMap() first thing? I'd *assume* not -- as that would be pretty hokey... On 2/3/2012 4:53 PM, Jess Holle wrote: In case this makes any difference this is with the AJP BIO connector. On 2/3/2012

Re: Form Authentication POST data not preserved?

On 2/3/2012 5:26 PM, Konstantin Kolinko wrote: 2012/2/4 Jess Holle: I posted a query recently wherein I thought that POST data was being lost *only* if the user had been authenticated, their session timed out, and then they POST'ed to a URL requiring authentication -- thus having their re

Re: Form Authentication POST data not preserved?

Yes, I'm using Tomcat authentication. Yes, the issue is after authentication on the POST retry. On 2/4/2012 12:27 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jess, On 2/3/12 5:59 PM, Jess Holle wrote: Or could this be getting loused up by having a se

Re: Form Authentication POST data not preserved?

ess I either ignore this (ouch) or really dig into debugging Tomcat's internals (which while far easier than trying to do so with httpd is still not where I'd wanted to spend my time). -- Jess Holle On 2/4/2012 5:49 PM, Jess Holle wrote: Yes, I'm using Tomcat authentication. Yes

Re: Form Authentication POST data not preserved?

On 2/5/2012 8:29 AM, Konstantin Kolinko wrote: 2012/2/5 Jess Holle: I've done all the basic troubleshooting tweaks I can think of, trying 7.0.25 and 7.0.23, switching my web.xml back to the 2.5 spec level, reducing from a combination of 2 JNDI realms to 1, cranking lots of loggers up to

Re: Form Authentication POST data not preserved?

and where they are called from. Thanks. I've already seen via a heap dump that the request is saved with the correct content body. So now the only question that remains is why it does not get restored. -- Jess Holle ---

Re: Form Authentication POST data not preserved?

On 2/5/2012 9:43 AM, Jess Holle wrote: On 2/5/2012 9:26 AM, Konstantin Kolinko wrote: build.xml: build.properties.default: compile.debug=true Thus debug information should already be there. I usually start with setting some breakpoints. In your case take a look at FormAuthenticator

Re: Form Authentication POST data not preserved?

On 2/5/2012 10:38 AM, Jess Holle wrote: Diving in deeper, I see that AbstractAjpProcessor.action() is setting the bodyBytes perfectly for the ActionCode.REQ_SET_BODY_REPLAY case here. After that is done, however, I don't see anything that tries to read AbstractAjpProcessor.body

Re: Form Authentication POST data not preserved?

Tomcat. I just don't want to maintain this patch forever (nor have everyone else suffer from this bug in the AJP case). -- Jess Holle - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional comma

Re: Form Authentication POST data not preserved?

On 2/5/2012 11:22 AM, Jess Holle wrote: On 2/5/2012 11:15 AM, Konstantin Kolinko wrote: I think this issue is specific to AJP. For HTTP connectors a similar issue was noted and fixed here: https://issues.apache.org/bugzilla/show_bug.cgi?id=51940#c9 I think adding the following line to

Re: Form Authentication POST data not preserved?

On 2/5/2012 11:24 AM, Jess Holle wrote: On 2/5/2012 11:22 AM, Jess Holle wrote: On 2/5/2012 11:15 AM, Konstantin Kolinko wrote: I think this issue is specific to AJP. For HTTP connectors a similar issue was noted and fixed here: https://issues.apache.org/bugzilla/show_bug.cgi?id=51940#c9 I

  1   2   >