00:45.43 | karstensrage | why not change /etc/hosts and see what happens |
00:45.49 | karstensrage | if you have to restart, you have to restart |
00:45.52 | karstensrage | whats the big deal |
00:46.23 | karstensrage | if you cant restart because of some kind of traffic, youre doing it wrong |
01:20.30 | *** join/#tomcat adas (i=d44c3b80@gateway/web/freenode/x-aanfhqnnnrzvblje) |
03:17.53 | *** join/#tomcat internat (n=nf@123-243-184-161.static.tpgi.com.au) |
03:41.57 | *** join/#tomcat tess (n=tess@c-24-130-52-152.hsd1.ca.comcast.net) |
04:33.25 | *** join/#tomcat scribe (n=scribe@72-254-232-93.client.stsn.net) |
04:34.49 | scribe | Hey guys, I'm trying to setup a CometProcessor Servlet on Tomcat and Apache httpd |
04:35.40 | scribe | I have things working fine under Tomcat directly, but I can't seem to get the workers.properties file correctly to get apache to talk correctly to tomcat. JSPs and other Servlets work fine |
04:36.30 | scribe | But I get "HTTP method GET is not supported by this URL" when I try to hit the URL without :8080 |
04:36.38 | scribe | any ideas? |
05:40.22 | *** join/#tomcat bugz__ (n=bugz@adsl-99-129-31-240.dsl.lsan03.sbcglobal.net) |
06:10.43 | *** join/#tomcat anoopb (n=chatzill@38.106.143.248) |
06:25.08 | *** join/#tomcat jasonb (n=jasonb@adsl-66-124-73-250.dsl.sntc01.pacbell.net) |
07:06.29 | *** join/#tomcat magentar (n=magentar@ip-109-90-135-190.unitymediagroup.de) |
07:35.11 | *** join/#tomcat km (n=km@adsl-99-4-79-191.dsl.pltn13.sbcglobal.net) |
09:03.22 | *** join/#tomcat mylarry (n=larry-or@firewall.cologne-systems.de) |
09:04.12 | *** join/#tomcat reid06_ (n=reid06@CPE001cdf73661f-CM001ceacec55e.cpe.net.cable.rogers.com) |
09:15.48 | *** join/#tomcat ReaphSharc (n=John@85.148.224.182) |
09:42.27 | *** join/#tomcat ReaphSharc (n=John@77.74.50.119) |
09:54.43 | *** part/#tomcat mylarry (n=larry-or@firewall.cologne-systems.de) |
10:20.54 | *** join/#tomcat magentar (n=magentar@ip-109-90-135-190.unitymediagroup.de) |
11:08.02 | *** join/#tomcat chillitom (n=chillito@85.92.214.142) |
12:21.20 | *** join/#tomcat mturk (n=mturk@20-111.dsl.iskon.hr) |
12:33.28 | *** join/#tomcat Reaph (n=John@77.74.50.119) |
12:40.44 | gilesw | heya all |
12:41.15 | gilesw | wondering what peoples opinions of securing the manager app with RemoteAddrValve are? |
12:41.33 | gilesw | how easy is it to spoof the incoming ip |
12:42.36 | gilesw | especially if you use the default context path and allow standard RFC1918 ips |
13:35.12 | *** join/#tomcat Reaph (n=John@77.74.50.119) |
13:47.06 | *** join/#tomcat mturk (n=mturk@89-164-117-213.dsl.iskon.hr) |
14:07.41 | *** join/#tomcat Reaph (n=John@77.74.50.119) |
14:08.40 | *** join/#tomcat ReaphSharc (n=John@77.74.50.119) |
14:20.40 | *** join/#tomcat dvinchi (n=dvinchi_@148.245.35.9) |
14:33.10 | *** join/#tomcat Reaph (n=John@85.148.224.182) |
15:01.00 | *** join/#tomcat ReaphSharc (n=John@85.148.224.182) |
15:10.31 | *** join/#tomcat randrewj (n=u1@dyn-128-59-53-3.dyn.columbia.edu) |
15:36.55 | *** join/#tomcat j0nas` (n=tb@156.34.92.222) |
15:37.11 | j0nas` | anyone know off hand if there's a way to profile database connection pools? |
15:47.17 | *** join/#tomcat Jaymoid (n=jamespi@annanova.torch.net) |
15:53.49 | Jaymoid | Hi all, I don't have any tomcat related problems, just more of an enquiry.... here goes... |
15:55.10 | Jaymoid | We currently have a number of web services deployed using JWSDP1.1 with the built in tomcat container, this is quite old and we are looking to getting an updated version of Tomcat (ideally 6) which we could then deploy the JWSDP1.1 built apps onto |
15:55.14 | Jaymoid | is this possible? |
15:57.08 | Jaymoid | we'd also like to use something like metro or axis to develop our new web services on, would this cause any conflicts, having both the new and the old web apps running from the same container? |
16:10.50 | *** join/#tomcat triptec (n=triptec@h-61-119.A163.priv.bahnhof.se) |
16:11.40 | triptec | is there anyone who has used adobes blazeds with their tomcat? |
16:14.35 | dvinchi | Jaymoid, write once run everywhere |
16:14.55 | dvinchi | first rule of World Java |
16:14.59 | Jaymoid | hehe |
16:15.47 | Jaymoid | I've just put Tomcat 6 on my computer, just wondering what I have to do to allow me to deploy my jwsdp wars |
16:16.46 | dvinchi | Jaymoid, only copy the wars |
16:16.50 | dvinchi | to webapps |
16:16.56 | dvinchi | and restart the server |
16:17.03 | dvinchi | just that |
16:17.12 | Jaymoid | ok, have done that, should they be available on the default port (8080) |
16:17.23 | dvinchi | yes |
16:17.25 | dvinchi | 8080 |
16:18.16 | dvinchi | or edit apache-tomcat-6.0.20/conf/server.xml for customize |
16:18.34 | Jaymoid | and I don't need to have jwsdp installed on the machine with tomcat? |
16:18.48 | *** join/#tomcat Alagar (n=helpdesk@174-143-172-49.static.cloud-ips.com) |
16:18.52 | dvinchi | i dont know what is jwsdp |
16:18.54 | dvinchi | XD |
16:19.57 | Jaymoid | ah jwsdp is the web service toolkit that was around before Metro, JAX-WS, it implemented jax-rpc rather than jax-ws |
16:20.13 | Jaymoid | its quite old :) |
16:21.42 | dvinchi | i think than you have to copy some jars of jwsdp to /apache-tomcat-6.0.20/lib/ |
16:21.50 | dvinchi | ok? |
16:22.04 | Jaymoid | yeah I think that would be the case, will give that a go |
16:23.10 | Jaymoid | if I copied them instead to the lib folder in the war file, would this achieve the same result? if I put the olf versions of jax-rpc, jaxb, etc on the new tomcat server it may conflict with the new webservices we are building |
16:23.39 | dvinchi | test |
16:27.34 | *** join/#tomcat jasonb_ (n=jasonb@m410536d0.tmodns.net) |
16:27.55 | *** part/#tomcat heidar (i=heidar@hel.su) |
16:46.50 | triptec | how do I grant permissions for a servlet? |
16:48.12 | triptec | I got error initalizing blazeDs, and then I changed TOMCAT6_SECURITY=no and now it works but I guess this is not the best of solutions.. |
16:51.44 | *** join/#tomcat km (n=km@adsl-99-4-79-191.dsl.pltn13.sbcglobal.net) |
17:07.10 | *** join/#tomcat acarbs12 (n=acarbone@64.206.24.18) |
17:12.22 | *** join/#tomcat tess_ (n=tess@c-24-130-52-152.hsd1.ca.comcast.net) |
17:24.16 | *** join/#tomcat Mohan (i=roughele@unaffiliated/mohan) |
17:25.08 | Mohan | Is it a normal practise to run tomcat without any proxy on a production site ? |
17:40.10 | *** join/#tomcat j2sentient (n=j2sentie@unaffiliated/j2sentient) |
17:53.36 | *** join/#tomcat jasonb (n=jasonb@dsl027-180-244.sfo1.dsl.speakeasy.net) |
18:28.43 | *** join/#tomcat jiska (i=jiska@libri.sur5r.net) |
18:30.08 | jiska | hi |
18:31.20 | Thijssss | Mohan : define normal :) |
18:31.28 | Thijssss | but yeah its being done ... |
18:31.50 | Thijssss | I actually am busy with two big projects.. one which has like 4 proxy servers infront of the tomcats.. the other.. none.. heh |
18:32.03 | jiska | i have defined a filter and a servlet in my web.xml. i want the servlet's init()-method start before the filter's init() to read some xml config files and start logging before using the filter |
18:34.45 | jiska | but i don't want to do the complete application initialisation in the filter because that's actually the wrong place imho |
18:47.45 | Mohan | Thijssss: I should have phrased it as standard practise. apologies for that. |
18:50.54 | triptec | how would I grant permissions to everything? I got an application that wont work unless I turn of the security manager, so my next thing is to have it on an grant all permission and see if that works |
19:00.31 | *** join/#tomcat rlarson89 (n=rlarson8@CPE001cdf73661f-CM001ceacec55e.cpe.net.cable.rogers.com) |
19:09.35 | Thijssss | Mohan: hmm.. standard practise .. in IT .. no such thing sorry :) |
19:10.32 | Thijssss | triptec : sorry no idea on that .. I don't use the security manager stuff you mention .. you probably installed it from a package on .. ubuntu ? |
19:16.45 | triptec | yeah ofcourse ;) I've got it working now, as I turned off the security manager but I guess there's a reason there is one.. |
19:17.58 | triptec | Thijssss: and I would be nice to being able to post a solution for this, if I've know this stuff from the begining it would have been very easy... |
19:25.52 | *** join/#tomcat mturk (n=mturk@89-164-117-213.dsl.iskon.hr) |
19:30.38 | *** join/#tomcat uwe_guenther (n=Notebook@p5B28433B.dip.t-dialin.net) |
19:34.45 | Thijssss | heh |
19:34.55 | Thijssss | it's always 'easy' after you figured something out :) |
19:42.57 | *** join/#tomcat anoopb (n=chatzill@38.106.143.248) |
19:53.43 | *** join/#tomcat Alagar (n=Administ@122.164.41.133) |
19:58.49 | *** join/#tomcat aixenv (n=globalse@96-40-145-23.dhcp.mtpk.ca.charter.com) |
19:59.10 | aixenv | hey guys i need to setup a ssl cert for *.mydomain.com on a tomcat 6 server only documentation im finding is for 5.5 is the process the same for 6.x ? |
19:59.15 | *** join/#tomcat karstensrage_alt (n=karstens@c-71-202-243-186.hsd1.ca.comcast.net) |
20:04.44 | aixenv | i used 'openssl req -new -key www.mysite.com.key -out www.mysite.com.csr' would that work with tomcat? what im reading is i need a *.pem file and i have a *.mydoma.crt, *.mydomain.csr, and *.mydomain.key |
20:05.04 | Thijssss | ohh |
20:05.06 | Thijssss | oh god |
20:05.07 | aixenv | how we normally do it with apache, can i "adapt" those files to tomcat or is that whole process going to have to be re-done |
20:05.07 | Thijssss | keystores haha |
20:05.11 | Thijssss | I know everything you want to know :P |
20:05.17 | Thijssss | been making like 14 today |
20:05.21 | Thijssss | fucking java must die grrr |
20:05.34 | aixenv | its funny all the tomcat stuff we do, this is the first ssl'd one |
20:05.36 | Thijssss | you need a .jks java keystore |
20:05.46 | Thijssss | hold on i'll grab my notes to make it easy for you :) |
20:05.47 | *** join/#tomcat pfn (n=pfnguyen@hanhuy.com) |
20:05.53 | aixenv | ok tyvm |
20:07.26 | Thijssss | you do of course need a private key |
20:07.39 | Thijssss | make a csr (certificate signing request) |
20:07.40 | aixenv | yes we have a private kkey, the csr and the crt the customer got from the csr |
20:07.41 | Thijssss | get a certificate |
20:07.46 | aixenv | ok got all that |
20:07.48 | Thijssss | right |
20:07.52 | aixenv | foo.key, foo.csr, and foo.crt |
20:08.05 | Thijssss | now the next important thing is to use the same password everywhere on the next steps I will show you |
20:08.18 | aixenv | let me ask you something real quick |
20:08.23 | Thijssss | first build a PCKS12 keystore format file: |
20:08.25 | Thijssss | openssl pkcs12 -export -out www.yoursite.com.pkcs12 -in www.yoursite.com_public_certificate.cer -inkey www.yoursite.com_private_key.key |
20:08.31 | Thijssss | now create a java keystore: |
20:08.37 | Thijssss | keytool -importkeystore -srckeystore www.yoursite.com.pkcs12 -srcstoretype PKCS12 -destkeystore www.yoursite.com.jks |
20:08.53 | aixenv | if the server/site is loadbalanced between multiple servers will that cause any issues? or can we just duplicate the steps on each server using the same key/csr/crt (or would a new key/csr have to be gen'd)? |
20:09.16 | Thijssss | do it once |
20:09.25 | aixenv | ok good, was hoping for that |
20:09.26 | Thijssss | and copy the .jks keystore file to the others |
20:10.04 | Thijssss | next |
20:10.07 | Thijssss | ehm doesn't fit here, hold on |
20:10.40 | Thijssss | hmm |
20:10.45 | Thijssss | I forget a paste url |
20:10.53 | Thijssss | thing website |
20:11.10 | Thijssss | http://pastebin.com/m6aff55be |
20:11.11 | Thijssss | there |
20:11.18 | Thijssss | that goes in to your server.xml |
20:11.42 | Thijssss | you do also need a <Host/> besides that |
20:13.03 | aixenv | ok so for the first command id do "openssl pkcs12 -export -out *.mysite.com.pkcs12 -in *.mysite.com.crt -inkey *.mysite.com.key |
20:13.07 | aixenv | right? |
20:13.22 | Thijssss | I wouldn't use a * in a filename |
20:13.29 | aixenv | well its a global cert |
20:13.31 | aixenv | for *.mydomain.com |
20:13.34 | Thijssss | then just myse mysite.com.pcks12 |
20:13.38 | Thijssss | err |
20:13.38 | aixenv | ok |
20:13.40 | *** join/#tomcat Alagar (n=Administ@122.164.41.133) |
20:13.42 | Thijssss | mysite.com.pkcs12 |
20:13.44 | aixenv | gotcha |
20:13.52 | Thijssss | cuz * is a wildcard on many systems.. that could cause big problems :) |
20:13.57 | aixenv | true |
20:14.11 | Thijssss | or just name it wildcard.mysite.com.pkcs12 .. whatever works for you |
20:16.11 | *** join/#tomcat Alagar (n=Administ@122.164.41.133) |
20:16.11 | aixenv | ok is there a openssl command to verify this pkcs12 file is right? |
20:16.18 | Thijssss | probably |
20:16.19 | Thijssss | ;p |
20:16.24 | Thijssss | but skip that |
20:16.27 | Thijssss | make the .jks |
20:16.29 | Thijssss | then use mmm |
20:16.31 | aixenv | k |
20:16.46 | aixenv | ok ig ot the pcks12 file made off the key and crt |
20:17.31 | Thijssss | keytool --list -keystore yoursite.jks |
20:17.41 | Thijssss | add -v for more detailed info on the certs and keys inside |
20:17.52 | aixenv | i assume the -destkeystore will be created in the root of whatever the command is run in right? |
20:17.54 | Thijssss | right, now add it all in to the keystore |
20:18.01 | Thijssss | yes |
20:18.03 | Thijssss | or give it a path |
20:18.05 | aixenv | where do you normally put it? |
20:18.20 | Thijssss | good question |
20:18.21 | aixenv | i have tomcat in /opt/tomcat/ would that be ok? |
20:18.34 | Thijssss | well |
20:18.40 | Thijssss | why not create /opt/tomcat/ssl/ |
20:18.42 | Thijssss | put 'm in there |
20:18.45 | aixenv | okk |
20:18.53 | Thijssss | something which makes sense to you :) |
20:19.02 | aixenv | yea i gotcha, i as just trying to see what the "standard" is |
20:19.05 | Thijssss | or /opt/tomcat/conf/ssl_certs/ |
20:19.10 | Thijssss | no idea on that |
20:19.26 | aixenv | i like the first one, easier to find hehe |
20:19.37 | Thijssss | I made 'm for a specific application and put 'm along side other property files and such in /opt/appname/ with a symlink in /etc/ to that same dir |
20:19.45 | aixenv | i chown'd it tomcat:tomcat with 755 |
20:19.55 | Thijssss | 640 will do just fine |
20:19.59 | aixenv | ok |
20:20.08 | Thijssss | I tried 400 but tomcat bitched it couldn't read 'm :s |
20:20.13 | aixenv | hehe |
20:20.38 | Thijssss | which still doesn't make sense to me; I must have missed something .. 4 gives it read access for the owner which is tomcat .. hrmbl |
20:21.09 | Thijssss | I think there is something java like involved besides tomcat I guess; no idea haven't taken the time to look in to it |
20:21.16 | Thijssss | as long as the last is 0 so others can't read it |
20:21.27 | Thijssss | since your private key is also in there |
20:22.27 | aixenv | go me i can read |
20:22.30 | aixenv | Entry for alias 1 successfully imported. |
20:22.30 | aixenv | Import command completed: 1 entries successfully imported, 0 entries failed or cancelled |
20:22.35 | aixenv | lol |
20:22.39 | Thijssss | ok :) |
20:22.45 | aixenv | ok imd ocumenting this as i go one sec lemem paste that |
20:22.52 | Thijssss | heh yeah |
20:22.56 | Thijssss | got wiki's full of stuff like this |
20:23.09 | Thijssss | and txt files heh |
20:23.13 | aixenv | yea i document all this type stuff in our documentation center |
20:23.20 | aixenv | sadly im the tomcat expert |
20:23.21 | aixenv | lol |
20:23.23 | Thijssss | haha |
20:23.24 | aixenv | which is scary |
20:23.30 | Thijssss | its worse for me |
20:23.38 | Thijssss | the client is supposed to tell us what to do and how to deploy |
20:23.42 | Thijssss | and I end up telling them how to fix things |
20:23.48 | aixenv | tomcat is pretty easy mostly though its just the format/syntax of the server.xml that takes a bit to understand |
20:23.48 | Thijssss | oh well I get payed very well ;p |
20:23.55 | aixenv | yea i hear you |
20:24.03 | Thijssss | well it gets bad when the application is involved |
20:24.05 | aixenv | no complaining here working from home, be a fool to whine |
20:24.10 | Thijssss | good thing I did a fair amount of java programming back in uni |
20:24.56 | aixenv | Keystore type: JKS |
20:24.56 | aixenv | Keystore provider: SUN |
20:24.56 | aixenv | Your keystore contains 1 entry |
20:24.59 | aixenv | looks good eya? |
20:25.02 | Thijssss | yeah |
20:25.15 | Thijssss | you are good to go :) |
20:25.18 | aixenv | ok now |
20:25.25 | aixenv | i just need to sync it to my server.xml |
20:25.30 | Thijssss | yup |
20:25.37 | aixenv | and i could just copy his jks and the server.xml config to the other clustered srevers yes? |
20:25.41 | aixenv | *this |
20:25.57 | Thijssss | if you do not tell tomcat about it; it will search in /opt/tomcat/ for a .keystore file with the password 'changeit' on it :s |
20:26.14 | aixenv | ok |
20:26.15 | Thijssss | sure, but you might perhaps have to change the listen addresses in the server.xml |
20:26.21 | Thijssss | no idea how you set it up |
20:26.22 | aixenv | right gotcha |
20:26.53 | Thijssss | see |
20:26.54 | Thijssss | http://pastebin.com/m6aff55be |
20:27.02 | Thijssss | then you can specify it all |
20:27.53 | *** join/#tomcat j2sentient (n=j2sentie@unaffiliated/j2sentient) |
20:29.35 | aixenv | how funny |
20:29.46 | aixenv | im working on 1 of their servers when nagios throws alerts for one of their other servers |
20:29.52 | aixenv | and im like wtf i havent even touched server.xml yet |
20:29.56 | Thijssss | heh |
20:30.03 | Thijssss | then what was going on? |
20:30.05 | aixenv | turns out they are "dicking" with tomcat while i was doing this my coworkers were like did you do that lol im like no way! |
20:30.12 | aixenv | they being the devs |
20:30.17 | Thijssss | ah lol |
20:30.19 | aixenv | lol |
20:30.28 | Thijssss | been there ;p |
20:31.05 | Thijssss | actually got a few servers silenced .. normally we would totally disable monitoring but meh.. government ppl, wanting to do things themself but we have to give support and also monitor .. blah |
20:31.39 | Thijssss | they pay enough I suppose :) |
20:32.19 | *** part/#tomcat randrewj (n=u1@dyn-128-59-53-3.dyn.columbia.edu) |
20:36.00 | Thijssss | aixenv : got it working? |
20:41.28 | aixenv | sorry got pulled away helping someone with esx |
20:42.04 | aixenv | i dont see that reference you have, im gonna paste bin my current server.xml *minus any sensitive data of course* |
20:42.11 | aixenv | so u can tell me what place i should input that |
20:42.15 | Thijssss | sure |
20:42.17 | aixenv | btw much appreciated on the help |
20:46.45 | aixenv | eh odly enough nothing sensitive lol |
20:46.46 | aixenv | http://pastebin.com/d15d36df4 |
20:47.15 | Thijssss | thats quite clean |
20:47.26 | Thijssss | let me clean mine up, probably easier that way |
20:47.34 | aixenv | i removed all teh comments |
20:47.50 | aixenv | ports are set by the catalina.properties of course |
20:47.54 | aixenv | since they are variables |
20:48.08 | Thijssss | mwah |
20:48.15 | Thijssss | I never change the port.. so its not variable ;p |
20:48.29 | Thijssss | I use IPtables to forward 443 to 8443 |
20:48.30 | aixenv | what we ended up doing was (client request) running 2 tomcats on dif ports, with dif code bases |
20:48.35 | Thijssss | as tomcat runs as user tomcat |
20:48.40 | aixenv | i use the loadbalancer to do that yea |
20:48.48 | Thijssss | you can do that inside one tomcat? |
20:48.56 | Thijssss | two different listerens and webapps bases |
20:49.00 | aixenv | two tomcat instances |
20:49.10 | aixenv | theres a /opt/tomcat and /opt/tomcat.stage |
20:49.12 | Thijssss | but sure you can run tomcat twice if you want.. just not required |
20:49.20 | aixenv | agreed |
20:49.20 | Thijssss | wait now I stripped away a lot |
20:49.21 | aixenv | i told them that |
20:49.25 | Thijssss | i'll put some back for you ;p |
20:49.38 | aixenv | im like you know i can do this with 1 tomcat right, they wanted 2 tomcats wo i was like yay ok ill figure that out. |
20:51.29 | Thijssss | you don't use the clustering option in your cluster to make the tomcats share session information? |
20:51.40 | aixenv | we're using persistent i believe |
20:51.53 | aixenv | so i believe they share session info |
20:51.59 | Thijssss | oh |
20:52.09 | aixenv | thats done by the lb though |
20:52.11 | Thijssss | I always use the in memory clustering option |
20:52.22 | aixenv | hardware lb doing the session/persistence stuffs |
20:52.57 | Thijssss | http://pastebin.ca/1678290 |
20:53.09 | Thijssss | ah yes but if a server dies .. your session is gone |
20:53.49 | aixenv | i believe the LB prevents that, |
20:53.54 | aixenv | ok im looking at your file |
20:54.14 | Thijssss | the LB knows all the session information like the tomcat server knows? |
20:54.36 | *** join/#tomcat globalsec (n=globalse@96-40-145-23.dhcp.mtpk.ca.charter.com) |
20:54.41 | aixenv2 | stupid irc |
20:54.45 | Thijssss | hmm? |
20:54.46 | Thijssss | lol |
20:54.47 | Thijssss | wb |
20:54.51 | aixenv2 | got dc'd |
20:54.51 | Thijssss | still got the url? |
20:54.54 | aixenv2 | yea |
20:54.55 | Thijssss | k |
20:54.56 | aixenv2 | im looking at it |
20:55.01 | aixenv2 | moving my shell to hat desktop |
20:55.16 | Thijssss | irssi + screen <3 ;p |
20:55.30 | aixenv2 | hah |
20:56.26 | Thijssss | you probably just need to tell the connector about the keystore and its password as far as I can see |
20:56.30 | aixenv2 | ok i got it basically there's no 443 connector port atm heh |
20:56.35 | aixenv2 | there's just a 80 one |
20:56.38 | *** join/#tomcat |MHSL| (i=mhsl@cm9.eta6.maxonline.com.sg) |
20:56.48 | Thijssss | 80 ? |
20:56.56 | Thijssss | ohh |
20:56.58 | Thijssss | well figures |
20:57.02 | Thijssss | the <Connector |
20:57.06 | aixenv2 | well there's just a http.port connector |
20:57.09 | Thijssss | add scheme="https" and stuff |
20:57.53 | aixenv2 | the ssl stuff on my file is all commented out |
20:57.53 | aixenv2 | can i do that within 1 connector or should i make a new one defining ssl |
20:57.57 | Thijssss | you only need a few modifications to the one you showed me |
20:57.58 | aixenv | oh ok |
20:57.58 | Thijssss | make a new one for the ssl |
20:57.59 | Thijssss | as it will listen on a different port |
20:57.59 | Thijssss | can't do both at once |
20:58.01 | aixenv | right, that was my plan, ok oen sec |
20:59.22 | *** join/#tomcat Techdeck (n=Techdeck@bzq-84-110-159-92.red.bezeqint.net) [NETSPLIT VICTIM] |
20:59.22 | *** join/#tomcat rabbit7_ (n=rabbit7@ds1789722.dedicated.solnet.ch) [NETSPLIT VICTIM] |
20:59.22 | *** join/#tomcat prgrmr (n=prgrmr@unaffiliated/prgrmr) [NETSPLIT VICTIM] |
20:59.22 | *** join/#tomcat MHSL (i=mhsl@cm9.eta6.maxonline.com.sg) [NETSPLIT VICTIM] |
20:59.22 | *** join/#tomcat JiYu (n=jiyu@m56s07.vlinux.de) [NETSPLIT VICTIM] |
20:59.22 | *** join/#tomcat txxt (n=tiagoh@91.214.169.15) [NETSPLIT VICTIM] |
20:59.22 | *** join/#tomcat Odin_ (n=dlm@host86-128-79-197.range86-128.btcentralplus.com) [NETSPLIT VICTIM] |
21:00.00 | *** join/#tomcat txxt (n=tiagoh@91.214.169.15) |
21:01.52 | aixenv | hows this look |
21:02.13 | aixenv | http://pastebin.co/d7ab53ccf |
21:02.19 | aixenv | http://pastebin.com/d7ab53ccf |
21:02.57 | Thijssss | looks ok to me |
21:02.59 | Thijssss | but localhost? |
21:03.10 | aixenv | oh true |
21:03.14 | Thijssss | thats 127.0.0.1 unless you messed with the rest of the system heh |
21:03.22 | aixenv | hrm |
21:03.35 | Thijssss | just use the IP the LB uses to contact it |
21:03.41 | aixenv | k |
21:04.38 | Thijssss | if anything goes wrong i'm sure the catalina.out will tell :) |
21:06.50 | *** join/#tomcat mineralko (n=VonBruno@93-138-106-92.adsl.net.t-com.hr) |
21:07.24 | *** part/#tomcat mineralko (n=VonBruno@93-138-106-92.adsl.net.t-com.hr) |
21:07.30 | *** join/#tomcat prgrmr (n=prgrmr@unaffiliated/prgrmr) |
21:09.32 | aixenv | one sec gotta configure LB for 443 heh |
21:09.39 | aixenv | tomcat will server it on 8443 right? |
21:09.46 | aixenv | *serve |
21:09.46 | Thijssss | yes |
21:10.05 | Thijssss | only root may use below 1024 |
21:10.12 | Thijssss | you don't want tomcat to run as user root ;p |
21:11.06 | aixenv | rigth |
21:11.08 | aixenv | *right |
21:11.26 | Thijssss | if you want to make sure it's listening.. just use netstat |
21:11.30 | Thijssss | like hmmm: netstat -vnepl |
21:11.34 | aixenv | is there a apache2ctl configtest equiv for tomcat? |
21:11.46 | Thijssss | not that I know of |
21:12.04 | aixenv | its listening |
21:12.12 | Thijssss | test it locally with lynx :) |
21:12.20 | aixenv | i havent restarted yet |
21:12.21 | aixenv | lol |
21:12.33 | aixenv | gotta get the "ok" first |
21:12.50 | Thijssss | ugh |
21:12.53 | Thijssss | hate it when that happens |
21:13.02 | aixenv | actually |
21:13.10 | aixenv | n/m that should be ok |
21:13.13 | Thijssss | ? |
21:13.14 | aixenv | apache is on 443, but we just care about having 8443 working |
21:13.22 | aixenv | brain fart |
21:13.34 | Thijssss | oh you have apache infront of tomcat? |
21:13.47 | aixenv | no clue why they have apache on this server |
21:13.57 | aixenv | i think we originally built it out for apache and then they go hey put tomcat 6 on there |
21:14.03 | aixenv | theres 0 config on the vhosts for apache |
21:14.18 | aixenv | just phpmyadmin lol |
21:14.22 | Thijssss | no connector installed either? |
21:14.29 | aixenv | yea theres no mod_jk stuff |
21:14.36 | aixenv | it's just there |
21:14.40 | Thijssss | rm -Rf apache? :P |
21:14.42 | aixenv | haha |
21:14.43 | Thijssss | odd |
21:14.49 | aixenv | apt-get remove apache2 :P |
21:14.55 | Thijssss | make a security incident ticket.. remove apache ;p |
21:15.00 | aixenv | they are kinda odd though they like stuff like that |
21:15.11 | aixenv | not as bad as one of our new clients |
21:15.18 | Thijssss | or be sure to close the port up with iptables :) |
21:15.32 | aixenv | python/django/nginx/cherokee/apache/lighthttpd on the same server |
21:15.48 | Thijssss | sounds like a machine with a root kit along with it ;p |
21:15.58 | aixenv | ya cherokee i still dont see why they use that |
21:16.13 | aixenv | i setup pseudostreaming on apache |
21:16.13 | Thijssss | wasn't that some kind of search thing from apache foundation? |
21:16.26 | aixenv | and did some tests comparing it to lighty/nginx and didnt see a big dif |
21:16.29 | Thijssss | i'm lost with all the software they use nowdays heh |
21:16.34 | Thijssss | ah |
21:16.39 | aixenv | cherokee is some new ghetto supposed to be good at streaming webserver |
21:16.48 | Thijssss | hrm |
21:17.01 | aixenv | http://www.cherokee-project.com/ |
21:17.03 | aixenv | just check out the website |
21:17.07 | aixenv | that tells u all u need to know |
21:17.08 | aixenv | lol |
21:17.27 | Thijssss | I rather stick with apache :) |
21:17.28 | aixenv | at least i found it hokey |
21:17.29 | aixenv | nods |
21:17.40 | aixenv | long as it isnt iplanet tho im good |
21:17.51 | aixenv | i hate iplanet with a passion |
21:17.51 | Thijssss | but anyway we too get such requests |
21:17.57 | Thijssss | some weird ass servers out there in our datacenters heh |
21:18.04 | aixenv | but kinda how u said earlier.. money is money |
21:18.12 | Thijssss | yeah as long as I don't have to touch windows :P |
21:19.07 | *** join/#tomcat rabbit7 (n=rabbit7@ds1789722.dedicated.solnet.ch) |
21:19.11 | aixenv | amen |
21:19.26 | aixenv | that what the windows admin team is for lol |
21:19.51 | aixenv | ok brb, gonna configure this loadblaancer crap |
21:20.08 | Thijssss | ;p |
21:20.13 | Thijssss | right haha |
21:21.53 | *** join/#tomcat Techdeck (n=Techdeck@bzq-84-110-159-92.red.bezeqint.net) [NETSPLIT VICTIM] |
21:21.53 | *** join/#tomcat rabbit7_ (n=rabbit7@ds1789722.dedicated.solnet.ch) [NETSPLIT VICTIM] |
21:21.53 | *** join/#tomcat JiYu (n=jiyu@m56s07.vlinux.de) [NETSPLIT VICTIM] |
21:21.53 | *** join/#tomcat Odin_ (n=dlm@host86-128-79-197.range86-128.btcentralplus.com) [NETSPLIT VICTIM] |
21:22.59 | Thijssss | i'm going to do some gaming. . it's 22:22 over here ;p |
21:23.08 | Thijssss | i'll be back to check here later this evening |
21:23.09 | Thijssss | idles |
21:45.00 | *** join/#tomcat uwe_guenther (n=Notebook@p5B28433B.dip.t-dialin.net) |
21:48.49 | *** join/#tomcat RichW (n=richie@78.33.149.220) |
21:52.25 | RichW | 6.0.20, openjdk 1.6.1, Ubuntu 9.10. I am rather new to jsp programming and tomcat does not seem to have jstl support out the box. I want to deploy it server wide so I dont have to fiddle with any WEB-INF witchcraft. How can I do this? |
21:53.49 | RichW | Or maybe if I knew how to generate a servlet with the jstl stuff done for me then that will be ok, the examples servlet that comes with tomcat has jstl support. |
21:54.31 | RichW | either way would be fine if I knew how. |
21:55.28 | RichW | Will wait for answer, it is rather important! |
21:55.55 | Thijssss | the black art of witchcrap is essential for any admin and coder ;p |
21:56.07 | aixenv | Thijssss: does it matter if the jks is owned by root or should it be owned by tomcat |
21:56.11 | Thijssss | oh I meant craft ;p |
21:56.34 | Thijssss | aixenv : well tomcat should be able to read the file .. best to make it owned by tomcat |
21:56.35 | aixenv | i was gonna chown -R tomcat:tomcat but wanted to check first |
21:56.39 | aixenv | k |
21:57.13 | RichW | sometimes I edit the web.xml and add in the jstl stuff and it doesnt seem to have any effect |
21:57.15 | Thijssss | chown tomcat:tomcat your.jks; chmod 640 your.jks |
21:57.25 | RichW | all this is so confusing! |
21:57.29 | Thijssss | RichW : sorry I can't help you with that stuff |
21:57.49 | RichW | wow! i thought this was common knowlege for you guys. |
21:59.14 | RichW | Is there such thing as a servlet generator, how do they make the fancy directory layouts? |
21:59.21 | Thijssss | no idea |
21:59.24 | RichW | surly theres some kind of script to do it? |
21:59.31 | Thijssss | I just admin stuff .. I don't make the applications heh |
21:59.46 | RichW | Where do I get help on this stuff? |
21:59.49 | RichW | I feel like a n00b |
22:00.04 | Thijssss | maybe here, google? I don't know |
22:00.07 | Thijssss | perhaps #java? not sure if it exists and if they know this particulair kind of stuff |
22:00.11 | RichW | Ive read manuals and stuff and can find nothing that helps me. |
22:00.22 | Thijssss | what exactly was your problem again? |
22:00.37 | RichW | Well I have a script that uses taglib + jstl |
22:00.46 | RichW | and I put it in ROOT |
22:00.52 | RichW | doesnt work out the box |
22:01.01 | RichW | so I need to do some fiddling to get it going. |
22:01.06 | jiska | you just copied the files...? |
22:01.16 | RichW | yeah copied script in there |
22:01.26 | RichW | I tried to copy web-inf stuff from examples |
22:01.29 | RichW | no luck with that |
22:01.35 | jiska | did that with netbeans and some funny plugins for jsp stuff |
22:01.38 | RichW | nothing seems to work |
22:01.46 | Thijssss | errr... i'm sorry I don't want to get involved with that kind of stuff right now heh |
22:02.08 | Thijssss | but there is plenty on google to go around it seems |
22:02.18 | RichW | I go to university and dont teach me this stuff, they chuck me into jsp without teaching any tomcat :P |
22:02.32 | Thijssss | uni shouldn't teach you this kind of stuff anyway |
22:02.47 | RichW | they use it internally though. |
22:03.16 | RichW | yeah they have a server that works even with a empty web-inf |
22:03.21 | RichW | i want to know how they do it :D |
22:03.23 | Thijssss | http://www.developer.com/java/ejb/article.php/1447551/An-Introduction-to-JSP-Standard-Template-Library-JSTL.htm |
22:03.29 | jiska | if you take an ide like eclipse or netbeans it'll work out of the box |
22:03.31 | Thijssss | looks like what you want I think |
22:03.39 | RichW | ahhh |
22:03.43 | Thijssss | well ask the guy who set that up? |
22:03.46 | RichW | i use netbeans/eclipse at uni |
22:03.55 | Thijssss | what!? |
22:04.01 | Thijssss | what happends to like.. text editors and pure skills? |
22:04.02 | Thijssss | haha |
22:04.03 | jiska | you can create projects with all the required folders like web-inf etc. |
22:04.17 | Thijssss | feels so old school |
22:04.22 | RichW | im currently just using plain text editor |
22:04.26 | Thijssss | and I only finished uni like.. just over a year ago heh |
22:04.30 | RichW | only been using netbeans for normal java apps |
22:04.33 | RichW | that you compile |
22:04.40 | Thijssss | I rather know exactly how it all works.. no black magic netbeans for me |
22:05.03 | jiska | RichW, there is a online plugin search thing in netbeans |
22:05.04 | Thijssss | just javac or gcc or g++ or any compiler I need will do for me |
22:05.05 | Thijssss | heh |
22:05.06 | RichW | the lecturer is a big netbeans evangelist |
22:05.21 | Thijssss | http://java.sun.com/products/jsp/jstl/ ? |
22:05.25 | Thijssss | just read the url I just now posted |
22:05.28 | Thijssss | it says what to install and modify |
22:05.50 | RichW | oh ok |
22:14.25 | RichW | woo got it going http://www.javaworld.com/javaworld/jw-02-2003/jw-0228-jstl.html |
22:14.32 | RichW | its like the only decent article on the net |
22:14.40 | RichW | and a page on there linked to it :) |
22:15.01 | RichW | couldnt find that on google |
22:19.29 | aixenv | yay finally given the thumbs up to restart |
22:19.31 | aixenv | lol |
22:20.29 | aixenv | watching the out file |
22:27.07 | aixenv | Thijssss: 8443 isnt listening |
22:38.08 | aixenv | there we go |
22:38.13 | aixenv | was a perms issue on the jks |
22:38.23 | aixenv | Nov 19, 2009 10:37:50 PM org.apache.coyote.http11.Http11Protocol init |
22:38.23 | aixenv | INFO: Initializing Coyote HTTP/1.1 on http-1.2.3.4-8443 |
22:39.14 | *** join/#tomcat arricherekk (n=Owner@75-120-145-167.dyn.centurytel.net) |
22:42.04 | *** part/#tomcat arricherekk (n=Owner@75-120-145-167.dyn.centurytel.net) |
22:43.06 | aixenv | woot! |
22:43.15 | aixenv | it works <3 Thijssss u r da man |
22:44.16 | *** join/#tomcat km (n=km@adsl-99-4-79-191.dsl.pltn13.sbcglobal.net) |
22:59.38 | *** join/#tomcat deebo (i=globe@stonebay32.com) [NETSPLIT VICTIM] |
23:02.22 | aixenv | yay |
23:04.43 | *** join/#tomcat lonecoder (n=lonecode@91.198.24.10) [NETSPLIT VICTIM] |
23:14.13 | Thijssss | aixenv : ok, good to hear :) |
23:15.11 | Thijssss | idles for sleep |
23:25.02 | *** join/#tomcat dvayanu (n=another@ppp-82-135-3-109.dynamic.mnet-online.de) |
23:29.40 | *** join/#tomcat dvinchi (n=dvinchi_@148.245.35.9) |
23:46.50 | *** join/#tomcat acarbs12 (n=acarbone@173-9-89-1-NewEngland.hfc.comcastbusiness.net) |
23:59.35 | *** join/#tomcat dvinchi (n=dvinchi_@148.245.35.9) |