| 00:00.13 | *** join/#tomcat molin (n=joel@85.8.4.105.static.se.wasadata.net) |
| 00:00.40 | molin | Hi. i'm trying to write an upload servlet. problem is, tomcat reads the whole request before calling my doPost method. If I'm sending a 10GB file I'd like a chance to say no after about 10MB. Can I tell the server to call my service routine after parsing the header? |
| 00:18.38 | jasonb | molin: Are you aware of commons-fileupload? http://commons.apache.org/fileupload/ |
| 00:21.55 | molin | yes |
| 00:22.06 | jasonb | Just checking. |
| 00:22.13 | molin | i just realised i'd made faulty conclusions |
| 00:22.42 | molin | i am using fileupload by the way |
| 00:23.41 | *** join/#tomcat kanai (n=kanai@124.32.114.226) |
| 00:24.18 | molin | I think my problem was with the client, maybe |
| 00:25.59 | molin | i thought I had proved to myself that tomcat by default read and buffered the whole request body, but it doesn't, as is evident when I try with a medium size file |
| 00:44.17 | *** join/#tomcat shellito (n=shellito@sistemas.uis.edu.co) |
| 00:56.11 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 01:06.08 | *** join/#tomcat clajo04 (n=clajo04@cpe-72-229-214-63.nyc.res.rr.com) |
| 01:12.30 | *** join/#tomcat b0ef (n=b0ef@062016141231.customer.alfanett.no) |
| 02:23.55 | *** join/#tomcat karstensrage (n=karstens@76.21.8.74) |
| 02:37.09 | *** join/#tomcat kanai_ (n=kanai@124.32.114.226) |
| 02:47.12 | *** join/#tomcat NetAffect (n=JohnDoe@pool-71-251-75-6.tampfl.fios.verizon.net) |
| 02:47.16 | NetAffect | hi |
| 02:47.22 | NetAffect | does tomcat process php pages? |
| 02:51.31 | *** join/#tomcat blue_asterisk (n=blue_ast@adsl-75-13-101-153.dsl.sndg02.sbcglobal.net) |
| 02:58.43 | Internat | no |
| 02:58.46 | Internat | jsp pages |
| 03:01.25 | NetAffect | oh |
| 03:03.27 | NetAffect | it has the ability to process php? or what do i use? |
| 03:55.42 | *** join/#tomcat acidjnk (n=have@pD9509372.dip0.t-ipconnect.de) |
| 04:30.09 | *** join/#tomcat shital (n=shital@121.243.177.213) |
| 04:55.21 | karstensrage | jfgi |
| 05:16.57 | *** join/#tomcat vinse (n=vinse_@208.253.223.146) |
| 05:52.53 | *** join/#tomcat blavallee (n=chatzill@static-222-229-219-219.b-fam.svips.gol.ne.jp) |
| 05:56.29 | blavallee | Looking for clue... TC is installed on Win2000, IIS has a number of paths, but XYZ is not listed. The thing is, it works, but I have no idea where the real directoy is. i.e. www.server.com/XYZ/ |
| 06:07.15 | *** join/#tomcat kanai (n=kanai@124.32.114.226) |
| 06:27.47 | *** join/#tomcat kizoku_ (n=albus@ti0182a340-0676.bb.online.no) |
| 07:07.50 | *** join/#tomcat Bollinger (n=peter@88-105-198-161.dynamic.dsl.as9105.com) |
| 07:27.46 | *** join/#tomcat vikumar (n=Vimal@59.160.127.177) |
| 07:31.03 | *** join/#tomcat MHSL- (i=Linux@116.88.6.41) |
| 07:59.31 | *** join/#tomcat yassin1 (n=yassine@p54BB65E8.dip.t-dialin.net) |
| 08:20.13 | *** join/#tomcat _change (n=_change@195.250.132.186) |
| 08:23.44 | *** join/#tomcat {Chris} (n=cdupont@LMontsouris-152-61-3-84.w80-13.abo.wanadoo.fr) |
| 08:32.55 | *** join/#tomcat Vanuatoo (n=Vanuatoo@host-85-114-227-35.adsl.caucasus.net) |
| 09:04.52 | *** join/#tomcat kanai_ (n=kanai@124.32.114.226) |
| 09:13.25 | *** join/#tomcat Vanuatoo (n=Vanuatoo@host-85-114-227-35.adsl.caucasus.net) |
| 09:47.24 | *** join/#tomcat Vanuatoo (n=Vanuatoo@host-85-114-227-35.adsl.caucasus.net) |
| 10:38.22 | *** join/#tomcat _ProZaC_ (n=none@201.73.96.194) |
| 10:53.05 | *** join/#tomcat {Chris} (n=cdupont@LMontsouris-152-61-3-84.w80-13.abo.wanadoo.fr) |
| 10:58.00 | *** join/#tomcat TheMoker (n=wy@bzq-219-142-146.static.bezeqint.net) |
| 10:58.08 | TheMoker | hi, i'm trying to configure SSL on TomCat |
| 10:58.11 | TheMoker | 5 |
| 10:58.24 | TheMoker | when running the "keytool" where does it's output go ? |
| 10:59.04 | TheMoker | i'm following http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html |
| 11:02.10 | MHSL | TheMoker, The keystore is by default stored in a file named .keystore in the user's home directory, as determined by the user.home system property. http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html#Commands |
| 11:02.25 | TheMoker | ok, anyhow, i've followed that |
| 11:02.43 | TheMoker | but when i try to access http://localhost:<ssl port>/ i get something with wrong mime-type and can't view it |
| 11:02.44 | TheMoker | why is that? |
| 11:04.09 | MHSL | TheMoker, isnt it supposed to be https? |
| 11:04.18 | TheMoker | good idea, sec :) |
| 11:04.44 | TheMoker | works :) |
| 11:05.02 | TheMoker | i just need to put "changeit" and it fixes it ? |
| 11:06.10 | MHSL | TheMoker, changeit? |
| 11:07.29 | TheMoker | the HOWTO says to put the certificate password as "changeit" |
| 11:08.51 | MHSL | TheMoker, that's just the cert passport |
| 11:09.10 | TheMoker | ok |
| 11:11.12 | TheMoker | btw, the connection pooling that tomcat offers me for the db |
| 11:11.21 | TheMoker | does it effect the ending of a connection or something ? |
| 11:15.21 | MHSL | TheMoker, ending? do you mean closing connection? you still need to close all connection you've used in your application, whether or not it's physically closed it's managed by tomcat |
| 11:19.51 | TheMoker | i was thinking about autocommit flag |
| 11:21.51 | MHSL | TheMoker, what were you thinking about autocommit flag? |
| 11:39.19 | TheMoker | nm.. forget it :) |
| 11:47.13 | TheMoker | does eclipse have a plugin for javascript ? |
| 12:19.23 | *** join/#tomcat prgrmr (n=prgrmr@bzq-79-182-171-166.red.bezeqint.net) |
| 12:44.56 | *** join/#tomcat randrew (n=raj@dyn-128-59-53-165.dyn.columbia.edu) |
| 12:53.03 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 13:12.39 | *** join/#tomcat rambo123 (n=viny@59.94.98.231) |
| 13:23.24 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 13:47.55 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 13:48.49 | *** join/#tomcat clajo04_ (n=clajo04_@cpe-72-229-214-63.nyc.res.rr.com) |
| 13:52.54 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 14:43.03 | *** join/#tomcat blue_asterisk (n=blue_ast@adsl-75-13-101-153.dsl.sndg02.sbcglobal.net) |
| 14:46.52 | *** join/#tomcat Oddie (n=chatzill@120.180.233.220.exetel.com.au) |
| 15:15.06 | *** join/#tomcat DB42 (n=wy@bzq-219-142-146.static.bezeqint.net) |
| 15:15.13 | DB42 | MHSL: here ? :) |
| 15:15.30 | MHSL | DB42, yes? |
| 15:15.47 | DB42 | how can i setup a resource in my web.xml instead of the context.xml ? |
| 15:15.51 | DB42 | a JDBC connection pool |
| 15:16.10 | DB42 | or those must be in context.xml ? |
| 15:19.56 | MHSL | DB42, as far as i know, yes it should be defined in context.xml and you have resource reference in your web.xml |
| 15:21.14 | DB42 | i see, so i should add the context.xml modification in my documentation (since it's not in the .war) ? |
| 15:22.33 | MHSL | DB42, documentation? you put it under META-INF dir in your war file |
| 15:22.49 | DB42 | the context.xml ? currently it sits in the tomcat\conf dir |
| 15:23.06 | MHSL | DB42, each webapp can have its own context.xml |
| 15:23.23 | DB42 | so i just put it in META-INF\context.xml ? |
| 15:23.34 | DB42 | i'll try ! |
| 15:23.40 | MHSL | DB42, yes |
| 15:26.06 | DB42 | hmm |
| 15:26.08 | DB42 | doesn't work |
| 15:26.28 | DB42 | i put my context.xml in my webapp\META-INF dir and my app can't find the jdbc resource |
| 15:26.49 | MHSL | DB42, of course, that's not the place to put it |
| 15:26.55 | DB42 | so where? |
| 15:27.09 | MHSL | DB42, i told you that it should be under META-INF directory in your war file |
| 15:27.19 | DB42 | i still don't have a .war file :) |
| 15:27.23 | DB42 | i'm still working as a web-app dir |
| 15:27.35 | MHSL | DB42, then put it inside the directory where your app resides |
| 15:27.42 | DB42 | you mean |
| 15:27.44 | DB42 | webapp\context.xml ? |
| 15:27.55 | MHSL | DB42, what's your webapp context path? |
| 15:28.29 | DB42 | ahh, that might be it |
| 15:28.35 | DB42 | it's some other dir that my runner is using |
| 15:28.49 | DB42 | i'm developing and running via an eclipse plugin |
| 15:28.51 | MHSL | DB42, you may want to read tomcat doc |
| 15:28.57 | DB42 | nah.. i think i got it |
| 15:29.02 | DB42 | once i stop using this lame plugin i'll fix it |
| 15:29.18 | MHSL | ic, won't help you next time if you wont read the doc first |
| 15:29.23 | DB42 | :( |
| 15:36.43 | *** part/#tomcat rambo123 (n=viny@59.94.98.231) |
| 15:36.46 | *** join/#tomcat _change (n=_change@195.250.132.186) |
| 15:59.56 | *** join/#tomcat blue_asterisk (n=blue_ast@adsl-69-224-126-31.dsl.sndg02.pacbell.net) |
| 16:12.02 | *** join/#tomcat clajo04 (n=clajo04@cpe-72-229-214-63.nyc.res.rr.com) |
| 16:29.54 | *** join/#tomcat jasonb (n=jasonb@75.144.23.117) |
| 16:31.38 | *** join/#tomcat clajo04 (n=clajo04@cpe-72-229-214-63.nyc.res.rr.com) |
| 16:54.57 | *** join/#tomcat RurickGrid (n=Erick@201.221.142.243) |
| 16:55.09 | *** part/#tomcat RurickGrid (n=Erick@201.221.142.243) |
| 16:55.30 | _change | Hi, I have more the 106 jar files and I need to put them into the repository for maven, do you know a plugin for that or a command? :) |
| 16:55.58 | *** join/#tomcat jOINuP (n=dfdf@output.ahp.pt) |
| 16:56.01 | jOINuP | hi there |
| 16:57.20 | *** part/#tomcat jOINuP (n=dfdf@output.ahp.pt) |
| 17:47.09 | *** join/#tomcat Nicke (n=niclasa@ua-83-227-140-135.cust.bredbandsbolaget.se) |
| 17:47.49 | *** join/#tomcat Dwayne_Hicks (n=elsie@adsl-68-74-113-222.dsl.emhril.ameritech.net) |
| 18:06.00 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 18:18.56 | *** join/#tomcat drim (n=jeremy@LMontsouris-152-61-3-84.w80-13.abo.wanadoo.fr) |
| 18:18.59 | drim | hi all |
| 18:20.49 | drim | I use tomcat with mod_rewrite and I would like to rewrite url to hide the application path |
| 18:21.02 | drim | /appl/home.do -> /home.do |
| 18:26.14 | drim | ? |
| 18:27.22 | *** join/#tomcat yassine (n=yassine@unaffiliated/yassine) |
| 18:36.22 | grantrules | why not just put it in the root context? |
| 18:39.04 | *** join/#tomcat dvayanu (n=dvayanu@ppp-88-217-18-14.dynamic.mnet-online.de) |
| 18:56.56 | *** join/#tomcat Dwayne_Hicks (n=elsie@adsl-68-74-113-222.dsl.emhril.ameritech.net) |
| 19:00.11 | drim | ok |
| 19:00.14 | drim | another question |
| 19:00.49 | drim | with mod_jk, In a vhost, I have done /* loadbalancer but my application is available in another vhost :o |
| 19:03.07 | drim | grantrules, do you have an idea ? |
| 19:03.34 | grantrules | huh? |
| 19:04.05 | grantrules | in b.com you have the jkmount. but if you go to a.com it's going to the b.com site? |
| 19:04.13 | grantrules | sounds like you just have misconfigured apache |
| 19:06.05 | *** join/#tomcat ninjamonkey (n=kstamour@63.107.11.10) |
| 19:07.36 | ninjamonkey | this the best place for newbie questions? :) someone dropped a dev box on me, tc is new to me and kinda have a couple newbie q's |
| 19:07.43 | drim | I have two vhost |
| 19:07.45 | drim | In one |
| 19:07.46 | drim | I have |
| 19:08.04 | drim | Mount /* loadbalancer |
| 19:08.21 | drim | but all my tomcat appl are available in all vhost |
| 19:09.29 | drim | oups are available in the vhost where I put /* |
| 19:10.15 | ninjamonkey | (4.1.37, 1.4, Linux 2.6.18-4-amd64 ) |
| 19:14.11 | grantrules | ninjamonkey: ask away, i guess |
| 19:14.40 | grantrules | drim: i've never run into that. i use mod_jk in virtualhosts all the time |
| 19:14.54 | grantrules | are you positive your vhosts are set up correctly? |
| 19:16.14 | ninjamonkey | one sec, lost $JAVA_HOME and $CATALINA ...... |
| 19:16.22 | ninjamonkey | *path to... |
| 19:20.36 | grantrules | drim: pastebin your apache conf |
| 19:21.12 | ninjamonkey | ok, this must me an oldie but goodie for tomcat veterans, but setting my path is not fixing the following (hope ok to past): |
| 19:21.13 | ninjamonkey | The JAVA_HOME environment variable is not defined |
| 19:21.15 | ninjamonkey | This environment variable is needed to run this program |
| 19:21.28 | grantrules | how are you setting your path? |
| 19:22.56 | ninjamonkey | export JAVA_HOME=/usr/local/j2sdk1.4.2_17/bin/ |
| 19:23.34 | *** join/#tomcat karstensrage_ (n=karstens@75-55-199-5.mobitv.com) |
| 19:23.58 | randrew | ninjamonkey: remove trailing 'bin/' |
| 19:24.03 | grantrules | yah |
| 19:25.09 | randrew | drim: do you have separate appBase dirs for the vhosts? |
| 19:26.06 | ninjamonkey | /usr/local/apache-tomcat-4.1.37/bin$ ./startup.sh |
| 19:26.08 | ninjamonkey | Error: The JAVA_HOME/bin/java directory is missing or not executable. |
| 19:26.10 | ninjamonkey | The JAVA_HOME environment variable is not defined correctly. |
| 19:26.12 | ninjamonkey | This environment variable is needed to run this program. |
| 19:26.14 | ninjamonkey | NB: JAVA_HOME should point to a JDK not a JRE. |
| 19:26.31 | ninjamonkey | (if I should be pasting elsewhere lemme know0 |
| 19:36.13 | grantrules | what's in $JAVA_HOME/bin ? |
| 19:40.49 | ninjamonkey | cookies and milk :)..... from a read me file, for tomcat, said to set path to it |
| 19:41.11 | ninjamonkey | right now my env shows "JAVA_HOME=/usr/local/j2sdk1.4.2_17/bin" |
| 19:41.40 | grantrules | i mean.. what's in that directory? |
| 19:42.28 | ninjamonkey | wait, i dropped the /bin in my path.... |
| 19:42.33 | ninjamonkey | looks better? checking.... |
| 19:42.49 | grantrules | yeah. it shouldn't have bin |
| 19:42.51 | ninjamonkey | ok its up n running.... |
| 19:42.53 | ninjamonkey | ahh |
| 19:46.46 | *** join/#tomcat Infinito_ (n=yingyang@200-140-59-37.gnace701.dsl.brasiltelecom.net.br) |
| 19:50.04 | *** part/#tomcat randrew (n=raj@dyn-128-59-53-165.dyn.columbia.edu) |
| 19:50.14 | *** join/#tomcat roue (n=roue@afterthought.ACS.Carleton.edu) |
| 19:50.31 | roue | hola |
| 19:51.29 | *** join/#tomcat Zencyl (n=eric@158.135.138.107) |
| 19:51.43 | ninjamonkey | ...beautiful errors in localhost_log......... |
| 19:51.49 | roue | I'm running tomcat 6.0.16, jdk1.6.0_06, under RHEL 5.1 linux. My servlet needs to accept a particular CA cert as valid. How do you point tomcat at a keystore store containing that CA cert (and generate the keystore file :). Thanks. |
| 19:52.20 | pucko_ | http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html |
| 19:52.37 | ninjamonkey | 2008-05-23 14:39:14 HostConfig[localhost] Error deploying web application directory ROOT |
| 19:52.39 | ninjamonkey | java.lang.UnsupportedClassVersionError: |
| 19:52.53 | ninjamonkey | .......then some direcory.... |
| 19:53.00 | ninjamonkey | but Tomcat is up! :) |
| 19:53.10 | pucko_ | avoid tomcat 4 |
| 19:53.18 | pucko_ | it's old and buggy |
| 19:53.39 | pucko_ | hm. need reconnect |
| 19:53.42 | pfn | ninjamonkey, you're running java1.4, your code was compiled with something newer |
| 19:53.46 | ninjamonkey | this its the source of that last issue? |
| 19:53.49 | *** join/#tomcat pucko (i=andreas@81-234-246-21-o933.tbon.telia.com) |
| 19:54.04 | ninjamonkey | .....pucko is off like a promdress after 3 winecoolers......... |
| 19:54.07 | ninjamonkey | oh back |
| 19:54.28 | ninjamonkey | thnk TC4 is the source of that issue? |
| 19:56.42 | pucko | not likely, one class file is compiled with jdk 1.5 or higher. that's why you get an error |
| 19:56.50 | pucko | but anyway, don't do 4 |
| 19:57.09 | pucko | v6 (or if you really have to, v5) |
| 20:00.46 | pucko | same for jdk. use 6.0 or 5.0. |
| 20:00.58 | pucko | 5.0 has at least 1 more year supported by sun |
| 20:01.12 | pucko | but I'd go for 5.0 |
| 20:01.16 | pucko | err... 6.0 |
| 20:04.04 | ninjamonkey | lol yea i just figured that out....http://forum.java.sun.com/thread.jspa?threadID=736596...... then I saw you all told me the *same thing* |
| 20:04.24 | ninjamonkey | thank you all very much :) ...Lemme shoot for 5 (1.5?) |
| 20:11.22 | ninjamonkey | PATH is the only way to point to a new JAVA version, there is no apachy-tomcat setting somewhere? I been greppin' and googlin with no obious results... |
| 20:11.31 | ninjamonkey | that assumption accurate? |
| 20:13.01 | pucko | ye. though AFAIK you can specify enviroment variable JAVA_HOME to point to your new JDK directory |
| 20:13.25 | pucko | I think the tomcat scripts use that if available |
| 20:14.11 | ninjamonkey | ok |
| 20:14.48 | ninjamonkey | so 1.6, set path like before....sip beer, ./startup.please-god.... |
| 20:15.20 | ninjamonkey | thanks, this was fasted/more relivant IRC help i got in years :)....should have been using Tomcat all along... |
| 20:15.50 | ninjamonkey | AFAIK?????? |
| 20:15.54 | ninjamonkey | whats AFAIK |
| 20:16.03 | pucko | "as far as I kow" |
| 20:17.29 | pucko | I'm not active here often but when I am I try to help people. |
| 20:17.37 | ninjamonkey | :P |
| 20:17.48 | ninjamonkey | Thanks pucko |
| 20:17.54 | pucko | as opposed to the dorks in ##java |
| 20:18.04 | ninjamonkey | BAH! |
| 20:19.30 | pucko | how I hate 100% heals... |
| 20:28.38 | ninjamonkey | hum, i never wear heals... |
| 20:30.29 | grantrules | i do on weekends. i mean. what? |
| 20:31.25 | ninjamonkey | well ill toss em on , on sundays for this little cabaret act i like to do :) |
| 20:36.20 | pucko | heal, not heels :p I'm playing WoW atm, that's where the heal come from. |
| 20:40.43 | grantrules | sure. change your story. |
| 20:54.08 | *** join/#tomcat {Chris} (n=cdupont@abo-44-36-68.mts.modulonet.fr) |
| 21:18.19 | ninjamonkey | well im off like a prom dress after 2 beers and a redbull..........have good weekend! |
| 21:19.46 | jasonb | laughs |
| 21:37.31 | *** join/#tomcat yassine (n=yassine@unaffiliated/yassine) |
| 22:05.13 | *** join/#tomcat yassine (n=yassine@unaffiliated/yassine) |
| 22:11.20 | *** join/#tomcat cppexpert (n=cppexper@c-24-130-62-198.hsd1.ca.comcast.net) |
| 22:16.10 | *** join/#tomcat odin__ (n=dlm@host86-128-203-229.range86-128.btcentralplus.com) |
| 22:26.48 | *** join/#tomcat pimbo (n=mafm@32.Red-81-37-187.dynamicIP.rima-tde.net) |
| 22:27.12 | pimbo | hi |
| 22:28.47 | pimbo | I'm having a bit of a problem understanding what's happening with my code to the point that I'm considering it being a bug in tomcat |
| 22:28.58 | pimbo | is this the right channel to talk about this? |
| 22:30.28 | jasonb | Yes. |
| 22:31.47 | pimbo | I'm making a testing webapp, and I let people log in, etc |
| 22:32.00 | pimbo | I set three session attributes: role, username, userid |
| 22:32.21 | pimbo | but then *sometimes*, only "role" is available |
| 22:33.41 | pimbo | in example, I browse through the different webpages and I have something in the header printing the variables, with no problem at all |
| 22:34.37 | pimbo | but then I want to make an action (with POST), create a product, and inside the servlet I am able to see "role", but not the other two ones |
| 22:35.33 | pimbo | name: Product 1, cat: 2, timeLimit: 0, desc: This is a nice description, id: null, username: null, role: user |
| 22:35.53 | pimbo | with session.getAttributeNames(): attrs: javax.security.auth.subject attrs: role |
| 22:36.05 | pimbo | so it seems that, for no reason, those vars are gone |
| 22:48.34 | *** join/#tomcat yassine (n=yassine@unaffiliated/yassine) |
| 22:53.33 | cppexpert | Hey guys. I'm using Tomcat 6 under Windows. I added support of SSL, but for some reason I can only open web-page via SSL only within local network, but I can't open it from outside. Here is my box: https://bony.selfip.net/, I can telnet to bony.selfip.net:443, but cannot open in the browser. Could you please advise ? Thank you. |
| 22:55.14 | *** join/#tomcat yassine (n=yassine@unaffiliated/yassine) |
| 22:58.37 | cppexpert | Anyone ? |
| 23:00.39 | pucko | firewalled? |
| 23:05.51 | cppexpert | pucko: I can telnet to 443. |
| 23:06.57 | cppexpert | Now it works. I don't understand this. |
| 23:07.01 | jasonb | :) |
| 23:07.33 | cppexpert | jasonb: Ah I missed 'S' part of the URL. So it doesn't work. |
| 23:08.38 | jasonb | heh! |
| 23:08.46 | cppexpert | jasonb: Here is what I have in the log file: "java.lang.Exception: No Certificate file specified". Could it be the reason ? |
| 23:09.12 | jasonb | Interesting exception! |
| 23:09.21 | jasonb | Your HTTPS still doesn't work, or what? |
| 23:10.19 | cppexpert | jasonb: I can access my tomcat box only within my local network for some reason. When I open it from outside it hangs. |
| 23:10.32 | cppexpert | jasonb: HTTP works though. |
| 23:10.42 | jasonb | Well, yeah, exceptions matter. |
| 23:10.55 | jasonb | You're saying you can access it via HTTPS from your local network? |
| 23:11.04 | jasonb | (and that HTTPS works from there?) |
| 23:11.12 | cppexpert | jasonb: Yes. Like this: https://192.168.1.4 |
| 23:11.19 | jasonb | ok |
| 23:11.50 | cppexpert | jasonb: How do I fix this certificate exception ? |
| 23:12.14 | jasonb | In your server.xml, how many HTTPS connectors do you have active? Look _very_ carefully. Some that you might think are commented out could be uncommeted and vice versa. |
| 23:12.18 | vinse | how is it working w/o a certificate? |
| 23:12.33 | jasonb | FWIW I have not ever seen that particular exception. |
| 23:12.56 | pucko | could be related to AprLifecycleListener |
| 23:13.09 | pucko | if it's enabled |
| 23:13.12 | jasonb | cppexpert: Also, which connector are you using for each connector you have enabled? |
| 23:13.36 | jasonb | That is, which connector _implementation_ are you using? |
| 23:14.23 | pucko | and slap the whole exception chain on a pastebin |
| 23:15.28 | cppexpert | Here is my server.xml: http://pastebin.ca/1027509 |
| 23:16.47 | *** join/#tomcat ksiomelo` (n=ksiomelo@189.70.65.78) |
| 23:17.08 | pucko | if you have APR installed as well that might be your problem |
| 23:17.11 | cppexpert | And here is my log file with exception: http://pastebin.ca/1027512 |
| 23:17.16 | ksiomelo` | hello there |
| 23:17.31 | ksiomelo` | I have a newbie question |
| 23:17.35 | pucko | yes, APR is your problem. |
| 23:17.42 | cppexpert | pucko: It's just default server.xml. How do I disable APR and do I need it ? |
| 23:18.05 | *** join/#tomcat Dwayne_Hicks (n=elsie@adsl-68-74-113-222.dsl.emhril.ameritech.net) |
| 23:18.15 | pucko | it's at the top |
| 23:18.21 | pucko | APRLifeCycleListener |
| 23:18.23 | pucko | but anyways |
| 23:18.28 | ksiomelo` | How can I execute code in a servlet initialization? I just need to populate my bd first |
| 23:18.30 | pucko | if you wanna use it |
| 23:18.42 | pucko | then you have to configure the ssl connector according to; http://tomcat.apache.org/tomcat-5.5-doc/apr.html |
| 23:18.52 | ksiomelo` | tomcat: 5.5.26 |
| 23:19.15 | pucko | right now you've configured it as a coyote ssl |
| 23:19.34 | pucko | ksiomelo, init()-method |
| 23:19.41 | cppexpert | pucko: I used this document to enable SSL: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html |
| 23:20.37 | pucko | yes, that document is for the coyote connectos |
| 23:20.41 | pucko | connector |
| 23:20.45 | jasonb | cppexpert: Three things about your config that make it not possible for me to help debug/fix it: 1) You're using APR HTTPS. 2) You're using a path to your keystore file that has spaces in it. 3) You're trying to do all this on Windows, which does make it more difficult. |
| 23:21.06 | pucko | ksiomelo`: http://java.sun.com/javaee/5/docs/api/javax/servlet/GenericServlet.html#init() |
| 23:21.36 | cppexpert | pucko: Disabling APR removed exception from the log but SSL still doesn't work :( |
| 23:22.17 | cppexpert | jasonb: Maybe you can show me server.xml with properly configured Coyote SSL ? |
| 23:23.54 | pucko | do you have more than one certificate in the keystore? |
| 23:24.02 | cppexpert | pucko: Nope, only one. |
| 23:24.13 | cppexpert | let me double check. |
| 23:25.20 | cppexpert | pucko: Yes, 'keytool --list' says I have only one entry. |
| 23:25.49 | jasonb | cppexpert: The only thing I notice that is potentially wrong with your HTTPS Connector configuration (even for Coyote / JIO) is that you have spaces in your keystore path. |
| 23:26.19 | cppexpert | jasonb: Let me try without spaces just in case. One second. |
| 23:26.24 | jasonb | cppexpert: When you list your keystore, does it show the entry as a key entry or a cert entry? |
| 23:26.50 | cppexpert | jasonb: Here is what it says: |
| 23:26.56 | cppexpert | tomcat, May 23, 2008, PrivateKeyEntry, |
| 23:26.56 | cppexpert | Certificate fingerprint (MD5): 3E:5F:E9:69:FF:2B:6F:42:CC:00:AA:BB:2A:FC:90:5D |
| 23:29.19 | cppexpert | jasonb: Getting rid of space didn't change anything. |
| 23:29.56 | jasonb | cppexpert: Is your cert a self-signed certificate? |
| 23:30.03 | cppexpert | jasonb: Yep |
| 23:30.54 | jasonb | cppexpert: How did you generate it? Either show the web page URL where you got the tutorial, or show a paste server link containing the commands you used. |
| 23:31.19 | cppexpert | jasonb: Here is what I did: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html |
| 23:33.14 | pucko | can you access the site normally within your lan? and examine the certificate in your browser? |
| 23:34.54 | cppexpert | pucko: Are you asking if I can open the site as HTTPS://192.168.1.4 ? Nope. It just hangs. In my network sniffer I see that browser connects to port 443 but server never sends anything back. |
| 23:35.40 | jasonb | cppexpert: The option of last resort is always to set the system property javax.net.debug=all, restart Tomcat, try it again, and then sift through the gobs of logs that generates to see what exactly the problem is. |
| 23:36.56 | cppexpert | jasonb: It sounds like lots of wasted time :( Can you give me server.xml with properly configured SSL ? |
| 23:37.14 | pucko | your server.xml is correct as far as we can see |
| 23:37.48 | pucko | there seem to be some other issue though related to the accessing of the keystore/certificates. |
| 23:38.21 | jasonb | cppexpert: You already have one.. unless you put the spaces back in your keystore path. :) |
| 23:40.26 | pucko | according to the log, AprLifecycleListener is still active |
| 23:40.53 | pucko | find the line <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> |
| 23:41.03 | pucko | and change SSLEngine to "off" |
| 23:41.07 | cppexpert | ok |
| 23:42.35 | cppexpert | pucko: I have new thing in my log now: "java.lang.Exception: Invalid Server SSL Protocol" |
| 23:43.19 | pucko | update the pastebin entry |
| 23:43.23 | cppexpert | pucko: http://pastebin.ca/1027534 |
| 23:43.51 | cppexpert | pucko: Line #2 looks suspicious too. |
| 23:45.25 | pucko | well, lets remove the line; <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> |
| 23:45.44 | pucko | I've never used/liked that apr-crap anyway |
| 23:45.53 | pucko | and it seems to mess with us |
| 23:45.56 | jasonb | Yeah, I agree.. remove it entirely.. and ignore the complaints about it being gone. |
| 23:47.20 | cppexpert | Done, I updated log file here: http://pastebin.ca/1027539 |
| 23:47.22 | pfn | you don't get complaints if it's gone |
| 23:47.59 | jasonb | Last I knew, it complained on every startup that APR isn't enabled, if it's not. |
| 23:48.10 | cppexpert | Also why do I have error about taken port in line #50 if I have only 2 connectors ? |
| 23:48.41 | jasonb | I guess that's just the listener element. Oh well. |
| 23:49.13 | pucko | update the pastebin on your server.xml too |
| 23:49.29 | cppexpert | jasonb: Lines 2, 4 and 6 makes me think that Tomcat doesn't use parameters about keystore at all. |
| 23:49.33 | pfn | jasonb, it hasn't complained about that since 5.5 or so |
| 23:49.34 | cppexpert | pucko: one sec.. |
| 23:49.43 | pfn | jasonb, it only complains tcnative is missing if you have the AprLifeCycleListener enabled |
| 23:49.50 | pfn | if you remove the listener, it doesn't complain about tcnative |
| 23:49.58 | jasonb | Yeah, that's probably true. |
| 23:50.12 | jasonb | cppexpert: You still have APR initializing, so you haven't disabled APR. |
| 23:50.27 | cppexpert | jasonb: let me update my server.xml |
| 23:50.55 | jasonb | cppexpert: Sadly, the way APR is implemented, you have to disable it outside of server.xml. |
| 23:51.11 | jasonb | cppexpert: And, again, since you're on Windows, I don't know how to do that. |
| 23:51.26 | cppexpert | pucko: My current server.xml: http://pastebin.ca/1027542 |
| 23:51.47 | cppexpert | jasonb: How do you disable APR in non-Windows system ? |
| 23:52.39 | jasonb | cppexpert: You make the JVM no longer able to find libtcnative.so. |
| 23:53.15 | jasonb | cppexpert: So, either removing that file, or moving it to a dir where the linker can't find it, or reconfiguring so that it won't find it. |
| 23:53.37 | jasonb | cppexpert: Also, you're probably asking for trouble, again, with this: keystoreFile="C:\DOCUME~1\ROOT\.keystore" |
| 23:54.02 | jasonb | cppexpert: Does "DOCUME~1" resolve to a path name that has a space in it? |
| 23:54.12 | jasonb | s/path name/dir name/ |
| 23:54.34 | cppexpert | jasonb: Nope, it's old MSDOS-style path without spaces. |
| 23:55.32 | pucko | btw, the attribute redirectPort is set to 7443. it should be 443 |
| 23:56.04 | vinse | how many java engineers does it take to enable ssl? |
| 23:56.05 | vinse | ;p |
| 23:56.13 | jasonb | cppexpert: So you literally, manually named a directory c:\DOCUME~1? |
| 23:56.40 | jasonb | vinse: :) |
| 23:56.50 | cppexpert | jasonb: Nope, it's alias for long paths :) So in Windows you have new long paths and short for backward compatibility. |
| 23:57.06 | cppexpert | vinse: And this is expecially funny considering that I'm C++ engineer :) |
| 23:57.14 | jasonb | cppexpert: And, does this particular long path have a space in it? (That was my original question, btw) |
| 23:57.17 | pucko | and for disabling APR, look for.. uhm.. tcnative-1.dll and rename it to tcnative-1.dll.crap |
| 23:57.29 | vinse | i would think it's short for "Documents and Settings" |
| 23:57.29 | jasonb | heh |
| 23:57.35 | jasonb | vinse: Exactly! |
| 23:57.55 | jasonb | cppexpert: You're asking for trouble in more ways than one.. that's my point. |
| 23:58.10 | cppexpert | GUYS, I MADE IT WORK. Check my new server.xml: http://pastebin.ca/1027545. I changed protocol connector for SSL to org.apache.coyote.http11.Http11NioProtocol. |
| 23:58.30 | cppexpert | Will I encouter any problems because of this workaround ? |
| 23:58.36 | jasonb | That's one way to disable APR from that particular connector. |
| 23:58.49 | jasonb | I'd still suggest actually disabling APR from initializing. |
| 23:59.10 | jasonb | cppexpert: You shouldn't use the NIO connector either.. yes, you will encounter problems with it. |
| 23:59.19 | cppexpert | jasonb: What kind of problems ? |
| 23:59.22 | jasonb | cppexpert: You could, though, point it to the JIO connector instead. |
| 23:59.39 | pucko | it's experimental afaik |
| 23:59.45 | jasonb | cppexpert: All sorts of random CPU utilization, truncation, and other misc problems.. some being fixed currently, and some not fixed yet. |