00:07.14 | *** join/#tomcat awilliams (b8aa39d9@gateway/web/freenode/ip.184.170.57.217) |
00:07.37 | awilliams | whartung: sorry my wimax is buncing all over today |
00:07.55 | whartung | no worries... |
00:08.44 | awilliams | I know that container based login is sopposed to be seamless but I am working with an app that was not orriginally written for it |
00:09.03 | whartung | ok |
00:09.37 | awilliams | I have written a servlet that update the user in the application internal db based on the user/role that it finds in the request |
00:09.56 | awilliams | I would like to call that servlet everytime a login takes place |
00:10.13 | whartung | ah |
00:10.45 | whartung | that's tricky |
00:11.07 | whartung | using Servlet 2.x? |
00:11.12 | awilliams | So I'm gathering from my research |
00:11.14 | awilliams | yes |
00:11.58 | whartung | <PROTECTED> |
00:14.08 | awilliams | I've come across some saying to write a filter that monitors a session flag and if not present (its a new login) it redirects to home page or whatever |
00:14.46 | whartung | the only thing I could suggest, and it MAY work (it may not….) is, assuming you always create a session, have a Servlet Filter that puts a note in to the session (like notloggedin=yes, or seomthing). Then, each request is checks principal and sees if it's not anonymous (which is typically the default, it may be null). If it's not anonymous, then that implies someone has logged in. If the "notloggedin" attribute is still in the session |
00:14.46 | whartung | then they JUST logged in - so, remove the entry from the session and create your log entry. |
00:15.00 | whartung | yea..that :) |
00:15.05 | awilliams | heh |
00:15.12 | awilliams | :) |
00:16.27 | awilliams | What would you say are the drawbacks to using the filter> |
00:16.27 | awilliams | ? |
00:16.34 | awilliams | What would make it NOT work? |
00:18.22 | whartung | maybe some silent container dependency. The minor issue is that in T7 (I believe), when you authenticate, it changes your session ID. Now I believe that is all it does -- change the id, but does not wipe and create a new session. So it maybe be transparent to you. Otherwise you may lose your session information. If that's the case, then just do the opposite. Add a flag "have_logged_user" when you see a principal and don't see |
00:18.23 | whartung | "have_logged_user". |
00:18.44 | whartung | the nice part is that you should be able to do this with an existing app with no changes, it'll never know what happened. |
00:18.55 | whartung | since you're just running for a side effect |
00:19.24 | whartung | Another option is to write your own Tomcat realm, and have it do the logging -- then the application never changes at all. |
00:20.14 | whartung | Oh, yea, obviously with a filter you need to add this to the application web.xml etc. Shouldn't be a big deal. If that's unpossible, then you can write it as a Tomcat Valve instead…perhaps. I've not done that. Valves are basically tomcat specific filters. |
00:23.30 | whartung | does that make any sense? |
00:23.53 | awilliams | Yes it does, thanks |
00:24.01 | whartung | okies |
00:24.30 | awilliams | I think I will go with the filter option as I have full source access to the app in question |
00:24.40 | whartung | ok |
00:24.55 | whartung | it's simple. You don't NEED the source, but it's nice if you can integrate it. |
00:25.30 | awilliams | Do you have an example handy? |
00:26.11 | awilliams | whartung: btw, I did get the authentication working the way I wanted it |
00:26.32 | awilliams | I dont know if you remember our conversation last week |
00:26.35 | whartung | no, but any simple filter example/tutorial that google coughs up will work. Since you're just working with side affects, it's super simple. More advanced filters get to play with input and output streams and readers/writers and crap :). Yours is super simple. |
00:26.40 | whartung | no, I don't lol |
00:26.41 | whartung | :) |
00:26.41 | whartung | sorry |
00:26.47 | whartung | did we talk about this before? |
00:26.48 | whartung | hH |
00:26.50 | whartung | haha |
00:26.52 | awilliams | it ok :) |
00:27.14 | whartung | but "Good!" |
00:27.38 | awilliams | I wanted layered auth, use this db or that |
00:27.54 | awilliams | I just used CombinedRealm |
00:27.59 | awilliams | works great |
00:28.00 | awilliams | I may have been mistik1 |
00:28.02 | whartung | wow -- yea, no memory…was I here? |
00:28.16 | awilliams | lol |
00:28.52 | awilliams | I don't know about you but I have to process so much code in a day I flush as well |
00:29.05 | awilliams | I remember because i'm still working on the same project |
00:29.08 | awilliams | :) |
00:29.21 | whartung | I am obligated to remember my wife's name, her birthday and our anniversary. Everything else is up for grabs. |
00:29.39 | awilliams | you betcha :) |
00:31.02 | whartung | I must cast off…good luck with your filter. |
00:31.48 | *** join/#tomcat dan64 (dan64@2600:3c03::f03c:91ff:fedf:7dc0) |
00:35.42 | awilliams | whartung: Thanks again |
02:06.54 | *** join/#tomcat awilliams (b8aa39d9@gateway/web/freenode/ip.184.170.57.217) |
02:07.36 | awilliams | whartung: still around? |
02:09.53 | *** join/#tomcat acidjnk22 (~havenone@p57B8C6FD.dip.t-dialin.net) |
02:22.36 | *** join/#tomcat caveat- (hoax@gateway/shell/bshellz.net/x-mybbjxhrrqdfxtib) |
02:49.35 | *** join/#tomcat Asterix (~Romi@unaffiliated/burebista) |
03:26.21 | *** join/#tomcat factor (~factor@r74-195-185-157.msk1cmtc01.mskgok.ok.dh.suddenlink.net) |
04:11.41 | *** join/#tomcat guntha (~rmerritt@guntha.thecagedog.com) |
04:44.06 | *** join/#tomcat hybridpollo (~bertomegu@50.56.228.16) |
04:59.46 | *** join/#tomcat SJS (~stremler@kernel-panic/member/ThunderChicken) |
05:12.22 | *** join/#tomcat t4nk595 (31f8107a@gateway/web/freenode/ip.49.248.16.122) |
05:12.32 | t4nk595 | Hi |
05:13.26 | t4nk595 | I m getting this error while stopping tomcat - org.apache.catalina.startup.Catalina stopServer SEVERE: Catalina.stop: java.net.ConnectException: Connection refused |
05:13.34 | t4nk595 | I m using tomcat7 |
05:13.38 | t4nk595 | any help ?? |
05:42.00 | *** join/#tomcat nucleomite (~nucleomit@50708101.static.ziggozakelijk.nl) |
05:46.20 | t4nk595 | I m getting this error while stopping tomcat - org.apache.catalina.startup.Catalina stopServer SEVERE: Catalina.stop: java.net.ConnectException: Connection refused |
05:46.26 | t4nk595 | I m using tomcat7 |
05:46.36 | t4nk595 | any help ?? |
06:18.09 | *** join/#tomcat papegaaij (~papegaaij@5ee53fc2.ftth.concepts.nl) |
06:34.50 | *** join/#tomcat jenue (~jenue@15.211.153.74) |
06:37.23 | *** join/#tomcat chrisp (~chrisp@196.213.221.202) |
06:37.23 | *** join/#tomcat SJS (~stremler@kernel-panic/member/ThunderChicken) |
06:37.24 | *** join/#tomcat chrisp (~chrisp@196.213.221.202) |
07:28.54 | *** join/#tomcat alcir (~alcir@159.213.59.135) |
07:32.26 | *** join/#tomcat lkoranda (lkoranda@nat/redhat/x-kagfdyniqmemlods) |
07:33.35 | *** join/#tomcat _Qman (~Q@213.177.160.238) |
08:33.18 | *** join/#tomcat opalka (~ropalka@redhat/jboss/opalka) |
08:36.37 | *** join/#tomcat mofox (~Liviu@adsl-ull-172-10.49-151.net24.it) |
08:41.06 | *** join/#tomcat Romeo- (~Romi@unaffiliated/romeo/x-000000001) |
09:00.07 | *** join/#tomcat andrigis_ (~andrigis@182.11.58.74) |
09:09.51 | *** join/#tomcat alcir (~alcir@159.213.59.135) |
10:46.47 | *** join/#tomcat bodziec (~Bodzio@91.230.17.4) |
11:23.40 | *** join/#tomcat acidjnk22 (~havenone@pD9F86EE2.dip.t-dialin.net) |
11:24.09 | *** join/#tomcat sveajobb (~tommy@77.72.100.245.c.fiberdirekt.net) |
11:28.15 | *** join/#tomcat jamespage_ (~jamespage@host81-154-14-24.range81-154.btcentralplus.com) |
11:39.07 | *** join/#tomcat jamespage_ (~jamespage@host81-154-14-24.range81-154.btcentralplus.com) |
12:11.05 | *** join/#tomcat alcir (~alcir@159.213.59.135) |
12:16.03 | *** join/#tomcat jamespage_ (~jamespage@host81-154-14-24.range81-154.btcentralplus.com) |
12:46.42 | *** join/#tomcat opalka (~ropalka@redhat/jboss/opalka) |
12:59.33 | *** join/#tomcat miono (~miono@irc.lagga.se) |
13:00.08 | *** part/#tomcat miono (~miono@irc.lagga.se) |
13:12.29 | LizardK|ng | if i have a tomcat app fronted by apache with apache proxying to http://tomcathost:8080, will there be any advantages to proxy to ajp://tomcathost:8009 in terms of response time or load or response time under load? |
13:43.09 | *** join/#tomcat rbanffy (~ricardo@189-38-238-233.static-corp.ajato.com.br) |
14:12.03 | *** join/#tomcat eidolon (~penk@waltham-nat.ma.lycos.com) |
14:31.16 | *** join/#tomcat oconnore (~eric@38.111.17.138) |
14:45.17 | bodziec | LizardK|ng, I recently made a localhost test serving a static file. I got a sligtly better results with ajp |
14:46.09 | bodziec | I hit 2900 transactions/s vs. 2371tr/s |
14:57.35 | *** join/#tomcat rbanffy (~ricardo@189-38-238-233.static-corp.ajato.com.br) |
14:59.38 | *** join/#tomcat lkoranda (lkoranda@nat/redhat/x-kwhvchnlbuukegar) |
15:11.47 | *** join/#tomcat mofox (~Liviu@adsl-ull-172-10.49-151.net24.it) |
15:22.31 | *** join/#tomcat konadr (~konadr@unaffiliated/konadr) |
15:23.59 | konadr | hi all, I am using tomcat 6.0.18 on rhel5 with java 1.6.24, I am just wondering, when I am trusting user certificates I only need to add them to my truststore? what would happen if I added a root CA cert to my truststore? would it accept all certs generated from that? or just that cert? |
16:08.36 | *** join/#tomcat CodeNinjaSD (~codeninja@108-80-118-9.lightspeed.sndgca.sbcglobal.net) |
16:09.08 | CodeNinjaSD | How can I modify tomcat config to use a custom 401 error page? |
16:09.24 | CodeNinjaSD | Running tomcat 7 on centos |
16:15.50 | *** join/#tomcat ianbrandt (~ianbrandt@99-111-99-153.uvs.sndgca.sbcglobal.net) |
16:21.25 | *** join/#tomcat nucleomite (~nucleomit@50708101.static.ziggozakelijk.nl) |
16:23.27 | whartung | CodeNinjaSD: The web.xml lets you specify error pages for specific error conditions. |
16:30.41 | CodeNinjaSD | i have 401 setup in there but tomcat doesn't seem to be using it |
16:31.19 | CodeNinjaSD | <error-page> |
16:31.19 | CodeNinjaSD | <PROTECTED> |
16:31.19 | CodeNinjaSD | <PROTECTED> |
16:31.19 | CodeNinjaSD | <PROTECTED> |
16:39.00 | *** join/#tomcat cjz (~Adium@173-13-190-57-sfba.hfc.comcastbusiness.net) |
16:43.26 | *** join/#tomcat kimou (~kimou@197.28.20.48) |
16:44.23 | *** join/#tomcat jasonb (d871a88d@gateway/web/freenode/ip.216.113.168.141) |
16:48.04 | kimou | hi all |
16:50.53 | *** join/#tomcat lkoranda (~lkoranda@ip4-83-240-110-182.cust.nbox.cz) |
16:53.01 | kimou | lkoranda, hi |
16:58.27 | whartung | yea that should work CodeNinjaSD |
17:32.07 | *** join/#tomcat lkoranda (~lkoranda@ip4-83-240-110-182.cust.nbox.cz) |
17:44.35 | *** join/#tomcat loddafnir (~mike@91-66-226-230-dynip.superkabel.de) |
18:01.49 | *** join/#tomcat Falados (~falados@207.86.141.138) |
18:26.24 | *** join/#tomcat awilliams (45a06677@gateway/web/freenode/ip.69.160.102.119) |
18:27.06 | awilliams | whartung: ping |
18:27.46 | awilliams | whartung: The filter works man, thanks so much for the advise |
19:00.57 | whartung | good to hear awilliams |
19:35.46 | *** join/#tomcat hybridpollo (~bertomegu@50.56.228.16) |
19:37.31 | *** join/#tomcat hybridpollo (~bertomegu@50.56.228.16) |
19:49.28 | *** join/#tomcat yassine (~yassine@unaffiliated/yassine) |
20:06.53 | *** part/#tomcat CodeNinjaSD (~codeninja@108-80-118-9.lightspeed.sndgca.sbcglobal.net) |
20:11.49 | *** join/#tomcat dan64 (dan64@2600:3c03::f03c:91ff:fedf:7dc0) |
21:29.01 | *** join/#tomcat rmckee (~rmckee@203.166.49.1) |
21:44.47 | *** join/#tomcat wizzdog8 (~wizzdog8@108-69-225-177.lightspeed.lsvlky.sbcglobal.net) |
22:54.47 | *** join/#tomcat mofox_ (~Liviu@adsl-ull-22-61.49-151.net24.it) |