James and Mark,
On 10/15/25 3:26 AM, Mark Thomas wrote:
On 14/10/2025 21:38, James H. H. Lampert wrote:
Not much of a coincidence here: this is the same customer that raised
the HSTS issue.
Assuming you have full command-line access to the box on which a
Tomcat server is running,...
Is there a way to start and stop a webapp context in a running Tomcat
server *without* using Manager? Ideally, a way that can start and stop
Manager itself?
It is brutal but if autoDeploy is enabled a quick and dirty way to do
that would be to move the manager directory out of the webapps directory
to stop it and move it back to start it.
A cleaner way to do it would be with JMX but that would need a JMX
client to be installed. If a GUI is available, then you can use jconsole
that comes with the JDK. You can find the web applications under
WebModule and then call stop() and start()
Again if autoDeploy is enabled you could edit web.xml to make it invalid
to disable the manager and fix the web.xml to enable it but that will
generate a lot of noise in the logs.
A better variation of editing web.xml would be to edit META-INF/
context.xml and configure the RemoteCIDRValve (or RemoteAddrValve if you
have the old configuration) to deny all IPs. You'll get 403s by default
but you can change that to 404s if you want.
I am sure there are other ways but hopefully that gives you some options.
I recently added reload capabilities to my application for users with
admin roles. The code is basically (after triple-checking authentication
and some app-specific bells and whistles):
ServletContext app = getServletContext();
MBeanServer mbs = getServer();
if(null != mbs) {
try {
String vhost = getHostname();
ObjectName objectName = new
ObjectName("Catalina:j2eeType=WebModule,name=//" + vhost +
app.getContextPath() + ",J2EEApplication=none,J2EEServer=none");
if(mbs.isRegistered(objectName)) {
mbs.invoke(objectName, "reload", null, null);
}
} catch (MBeanException | MalformedObjectNameException |
InstanceNotFoundException | ReflectionException e) {
app.log(getClass().getSimpleName() + ": Failed to
reload application ", e);
}
}
... with the helper functions:
private String hostname = "localhost"; // This is an init-param
public String getHostname() {
return hostname;
}
private static MBeanServer getServer() {
ArrayList<MBeanServer> mbservers =
MBeanServerFactory.findMBeanServer(null);
if (mbservers.size() > 0) {
MBeanServer mbserver = mbservers.get(0);
if (mbserver != null)
return mbserver;
}
return null;
}
Just wire this into your application somewhere. You don't need to
install anything else, even the Manager application.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
