hi,
1. i decide to take up tomcat 6.0 .but how do i make the credit
card page secure.i am coding in java and is it possible to code the
transactions without storing information and pass it to the API's from
payment processor.
2.when i launch this site how do i ensure it's security ..so t
"Rusty Wright" wrote in message
news:49aece04.8040...@gmail.com...
> jsvc is part of Apache Commons isn't it? Have you tried their mailing
> list?
>
> http://commons.apache.org/daemon/mail-lists.html
>
Won't be much of a help, since the committers that work on jsvc hang out
here as well.
>
Rick Schafer wrote:
> I have a need to force SSL on one (1) virtual host so they are always SSL.
>
> I am not using Apache HTTP, so port 80 traffic goes to tomcat 5.x and
> routes to virtual hosts via name. I do have separate ip adresses for each
> domain or virtual host.
> Four (4) out of the f
I have a need to force SSL on one (1) virtual host so they are always SSL.
I am not using Apache HTTP, so port 80 traffic goes to tomcat 5.x and
routes to virtual hosts via name. I do have separate ip adresses for each
domain or virtual host.
Four (4) out of the five (5) virtual hosts are port
Hi,
I have a quick question regarding the configuration of jmx monitoring.
Once I add the following line to the server.xml:
http://host/someApp, is never responding.
How do I make the app responding and the JMX Management consle work at
the same time.
Stanley
check your Connectors:
are you using the tomcatThreadPool executor?
or are you using the NIOConnector?
?
Martin
__
Disclaimer and confidentiality note
Everything in this e-mail and any attachments relates to the official business
of Sender.
Hi.
After daemon starting parenting process creayes too many threads. I
would like to know if they are useful and if not how to lessen their
number.
$ pstree -p -a tomcat
java,10869 -server -Xms128M
-Xmx256M-Djava.util.logging.manager=org.apache.juli.Cl
|-{java},10877
|-{java},10883
|-{jav
On 04.03.2009 14:30, Andrew Feller wrote:
QUESTION(S):
1. Are there any general philosophies to tuning Tomcat to support
a high number of maxThreads (1000+)?
64 Bit system
2. Is there any rule of thumb for determining the appropriate number
of open file descriptors?
If your applica
see following reply.
2009/3/5 Christopher Schultz
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Yves,
>
> On 3/3/2009 12:51 PM, Yves Yu wrote:
> > I'm developing two projects, one of them need reload daily
>
> Ugh. Why?
I'm using Nutch to search, it should be recrawl and reindex the pa
jsvc is part of Apache Commons isn't it? Have you tried their mailing list?
http://commons.apache.org/daemon/mail-lists.html
Jeffrey Trimble wrote:
I'm running an IBM POWER server, AIX 5.3 and having the following error
appear when configuring
jsvc.
checking for gcc option to accept ISO C89
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrew,
On 3/4/2009 8:30 AM, Andrew Feller wrote:
> 2. Is there any rule of thumb for determining the appropriate number
>of open file descriptors?
As Chuck points out, this will be application-dependent but there is at
least a place to start: if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yves,
On 3/3/2009 12:51 PM, Yves Yu wrote:
> I'm developing two projects, one of them need reload daily
Ugh. Why?
> But when I deploy two project into a tomcat using virtual host, it cannot be
> reloaded properly.
How do you attempt to trigger an a
Sorry if I'm not clear enough, many of these things are new to me in so
I don't always have the right words to explain myself clearly...
I was talking about the Tomcat logging that are now missing by my
webapp, however my conf files are exactly the same on both tomcat!
I`m just trying to understa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 3/4/2009 11:23 AM, Caldarale, Charles R wrote:
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Subject: Re: security-constraint in conf/web.xml
>>
>> sf is expected to be used from within a web application, so
>> it has
Thanks for the help.
I followed David's suggestions to install Tomcat on another machine and
the JNDI JDBC works finally.
The Tomcat version from the original machine should miss something that
causes the failure of JNDI-JDBC.
Stanley
-Original Message-
From: Martin Gainty [mailto:m
I'm running an IBM POWER server, AIX 5.3 and having the following
error appear when configuring
jsvc.
checking for gcc option to accept ISO C89... none needed
checking for ranlib... ranlib
*** Host support ***
checking C flags dependant on host system type... failed
configure: error: Unsupporte
at last count there are 16 different supported drivers for Postgres
http://jdbc.postgresql.org/download.html#current
which driver are you implementing?
BTW here the url should be
jdbc:postgresql://host:port/database
contents of %POSTGRES_HOME%/data/postgresql.conf:
listen_addresses = 'localhos
> From: Paul Maxted [mailto:paul.max...@aricent.com]
> Subject: CAS on tomcat 6.0.18
>
> Before you say ask the spring or cas forum, I've trawled
> there forums and found a thread that indicates a bug in tomcat 5.5.25
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460839
This is not a bug in T
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Servlet API loggin in tomcat 5.5 vs. tomcat 6
>
> He's complaining that JspServlet and ContainerBase are no longer
> logging. That sounds like Tomcat logging to me.
It did to me as well, but he keeps insisting that it
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: security-constraint in conf/web.xml
>
> sf is expected to be used from within a web application, so
> it has to be deployed along with the webapp. So, the WAR file
> would have to be modified in this case.
Sorry, I wa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Guillaume,
On 3/4/2009 9:52 AM, Guillaume Cauchon wrote:
> You're right, I forgot to mention that I did rebuild tomcat-juli.jar
> and tomcat-juli-adapters.jar from the tomcat source distribution as
> mentionned in the tomcat 6 doc.
>
>> This does not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 3/4/2009 9:52 AM, Caldarale, Charles R wrote:
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Subject: Re: Servlet API loggin in tomcat 5.5 vs. tomcat 6
>>
>> Did you read http://tomcat.apache.org/tomcat-6.0-doc/logging
Hello again,
I have a new problem.
I am trying to deploy CAS Version 3.3 Release on and Ubuntu 8.10.
I have had a whole series of errors some of which I have removed by adding
permissions to catalina.policy but I'm left wth the following stubborn set ...
SEVERE: SafeContextLoaderListener:
The
Thank you. In fact, I did follow it step-by-step. The someApp is the
actual app that I use.
And, the server that I use is the one with Google Earth Enterprise. It
is possible that some settings may have been overidden.
Thanks for your help!!
Stanley
-Original Message-
From: David Smi
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 3/4/2009 10:01 AM, Caldarale, Charles R wrote:
From: Jurn Ho [mailto:j...@magicmonster.com]
Subject: Re: security-constraint in conf/web.xml
ok, is there an easy way to require authentication to access a
par
Stanley Wong wrote:
> Thanks, David.
>
> Unfortunately, it still fails.
>
> Does it have other tools that we may use to get more clues?
>
> Thank you,
>
> Stanley
>
>
Unfortunately I'm out of ideas at this point. Everything in front of me
suggests this should be working at this point. If I
Thanks, David.
Unfortunately, it still fails.
Does it have other tools that we may use to get more clues?
Thank you,
Stanley
-Original Message-
From: David Smith [mailto:d...@cornell.edu]
Sent: Tuesday, March 03, 2009 7:50 PM
To: Tomcat Users List
Subject: Re: FW: Cannot create JD
The PCI security requirements for doing your own credit card processing (where
your system touches the credit card number in any way, and doesn't even store
it) are quite extreme. You can easily avoid all those issues if you use
CyberSource's Hosted Order Page, or Auth.net's.
Caldarale, Char
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 3/4/2009 10:01 AM, Caldarale, Charles R wrote:
>> From: Jurn Ho [mailto:j...@magicmonster.com]
>> Subject: Re: security-constraint in conf/web.xml
>>
>> ok, is there an easy way to require authentication to access a
>> particular webapp, wit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Uma,
On 3/3/2009 9:00 PM, uma...@comcast.net wrote:
> We have a bunch of web applications packed into a single VM tomcat (6.0.14).
> I am looking to segregating the contexts in distinct VMs based on IP address
> based virtual hosts.
If you want diffe
Application logging, but I tried almost everything that was related to logging
in tomcat doc while trying to figure what the
différence/issue/mis-configuiration is...
Guillaume Cauchon | DataDirect Technologies inc.
-email:guillaume.cauc...@dat
> From: l...@work [mailto:surya...@gmail.com]
> Subject: RE: can tomcat 5.0 run ejb's and support online
> credit cardpayments
> what do you suggest ..better to use ejb's with
> jboss or write servlet in tomcat..which will have
> less problems when it comes to integration with
> the payment proce
> From: Guillaume Cauchon [mailto:guillaume.cauc...@datadirect.com]
> Subject: RE: Servlet API loggin in tomcat 5.5 vs. tomcat 6
>
> You're right, I forgot to mention that I did rebuild
> tomcat-juli.jar and tomcat-juli-adapters.jar from the tomcat
> source distribution as mentionned in the tomcat
hi,
thanks for the reply.what do you suggest ..better to use ejb's with
jboss or write servlet in tomcat..which will have less problems when it
comes to integration with the payment processr and security issues.
Caldarale, Charles R wrote:
>
>> From: l...@work [mailto:surya...@gmail.com]
>>
> From: Jurn Ho [mailto:j...@magicmonster.com]
> Subject: Re: security-constraint in conf/web.xml
>
> ok, is there an easy way to require authentication to access a
> particular webapp, without modifying the war file?
You can try using this:
http://securityfilter.sourceforge.net/
- Chuck
THIS
> From: Andrew Feller [mailto:afel...@lsu.edu]
> Subject: Management philosophies in regards to MaxThreads and
> limit on openfile descriptors
>
> 1. Are there any general philosophies to tuning Tomcat to support
>a high number of maxThreads (1000+)?
Use 64-bit hardware, OS, and JVM.
> 2. Is
You're right, I forgot to mention that I did rebuild tomcat-juli.jar and
tomcat-juli-adapters.jar from the tomcat source distribution as mentionned in
the tomcat 6 doc.
> This does not seem to be the proper configuration for Tomcat 5.5,
> either. It appears that commons-logging.properties it ign
On March 4, 2009 09:34:29 am Caldarale, Charles R wrote:
> You'll need to contact your OS supplier
> for support for a repackaged one.
thx Chuck - will seek support elsewhere.
--
-=-=-=-=-=-=-+-=-=-=-=-=-=-
Rick Chisholm
Manager Information Technology
Southland Insurance
t. 519-326-4455 x.
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Servlet API loggin in tomcat 5.5 vs. tomcat 6
>
> Did you read http://tomcat.apache.org/tomcat-6.0-doc/logging.html? Did
> you get the Tomcat 6.0.x source? Did you "build the commons-logging
> additional component usin
ok, is there an easy way to require authentication to access a
particular webapp, without modifying the war file?
Caldarale, Charles R wrote:
From: Jurn Ho [mailto:j...@magicmonster.com]
Subject: security-constraint in conf/web.xml
Is it possible to move this config into the conf/web.xml inste
> From: Jurn Ho [mailto:j...@magicmonster.com]
> Subject: security-constraint in conf/web.xml
>
> Is it possible to move this config into the conf/web.xml instead?
> I have tried this but the security-constraint affects other webapps.
Which is exactly what conf/web.xml is supposed to do - it provi
> From: l...@work [mailto:surya...@gmail.com]
> Subject: RE: can tomcat 5.0 run ejb's and support online
> credit cardpayments
>
> can you tell me which version of tomcat willl
> support the online payment handling without
> using EJB's
I think you're confused about what Tomcat does. It's not a s
> From: Rick Chisholm [mailto:rchish...@southlandonline.com]
> Subject: Re: tomcat + SSL
>
> define repackaged... this is what apt-get install tomcat5.5
> gave me
That's repackaged. A real Tomcat is one downloaded from tomcat.apache.org.
The 3rd-party repackagers are notorious for changing Tomc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ambarish,
On 3/4/2009 6:11 AM, Ambarish Mitra wrote:
> The external system does not store the tomcat realm roles.
Why don't you do what I suggested and override the hasRole() method in
your Realm to return true unconditionally? Or, you could include
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Guillaume,
On 3/4/2009 8:42 AM, Guillaume Cauchon wrote:
> I'm talking about application logging...
>
> In tomcat 5.5, when the level is set to DEBUG, a lot of messages are
> added in different situation (I'm only setting the root level for now to
>
hi,
thanks for the reply.can you tell me which version of tomcat willl
support the online payment handling without using EJB's .if any
documentation on this on the net please guide me.
thanks in advance.
Caldarale, Charles R wrote:
>
>> From: l...@work [mailto:surya...@gmail.com]
>> Su
Hello,
I've successfully added a security-constraint into the web.xml of a
webapp so the user has to use a login to use the webapp.
Is it possible to move this config into the conf/web.xml instead?
I have tried this but the security-constraint affects other webapps.
I've tried changing the url-
> From: l...@work [mailto:surya...@gmail.com]
> Subject: can tomcat 5.0 run ejb's and support online credit
> card payments
>
> i am developing an online system where payments are
> made via credit card.can tomcat 5.0 support this?
1) Tomcat 5.0 is no longer supported, so that's a poor choice to i
hi,
i am developing an online system where payments are made via credit
card.can tomcat 5.0 support this? if any of u have worked on similar
application please guide me.
thanks a lot.
--
View this message in context:
http://www.nabble.com/can-tomcat-5.0-run-ejb%27s-and-support-online-
I'm talking about application logging...
In tomcat 5.5, when the level is set to DEBUG, a lot of messages are added in
different situation (I'm only setting the root level for now to trace
everything) : rendering jsp page, using the StAX xml parser, modify the
context, parsing request, writing
QUESTION(S):
1. Are there any general philosophies to tuning Tomcat to support
a high number of maxThreads (1000+)?
2. Is there any rule of thumb for determining the appropriate number
of open file descriptors?
3. What costs are associated with granting higher amounts of open
file descr
On March 3, 2009 05:04:48 pm Caldarale, Charles R wrote:
> Real Tomcat, or a repackaged one?
define repackaged... this is what apt-get install tomcat5.5 gave me, it's not
something that came along with another app, if that's what you're asking.
> There's no lack of logging in a real Tomcat...
Ambarish Mitra wrote:
>>> The custom valve talks with an external authentication system and gets
> the
>>> username. The external system does not store the roles.
>>>
>>> The authenticated username is then read in the Valve - it is one of the
>>> usernames in the tomcat Realm. Now, from here in th
Does anyone have suggestions on the best free or inexpensive tomcat log
analyzer? I'm specifically looking for a tool that can help me spot
performance problems such as requests that take a long time, errors,
timeouts, and so on. If the tool can centrally monitor multiple servers,
all the better!
>>
>> The custom valve talks with an external authentication system and gets
the
>> username. The external system does not store the roles.
>>
>> The authenticated username is then read in the Valve - it is one of the
>> usernames in the tomcat Realm. Now, from here in the Valve, how do I get
> t
Ambarish Mitra wrote:
>> How do I get the roles of the user in the custom Valve?
>>
>> The custom valve talks with an external authentication system and gets the
>> username. The external system does not store the roles.
>>
>> The authenticated username is then read in the Valve - it is one of the
> From: Robinson, Eric [eric.robin...@psmnv.com]
> Is there a way to tell what the optimal
> heap size is for our application, and whether the current small size is
> effecting performance (aside from trial-and-error or repeated
> benchmarking with tools like jmeter)?
Smaller heap sizes may lead t
One of our application servers has a small heap size, 64MB. The status
page seems to indicate that the heap usage is somewhere around 48MB,
with 16MB free. Most people these days suggest setting the heap size
much higher, at least 512MB. Is there a way to tell what the optimal
heap size is for our
>
> What is not working is: The external system has no role for the user. So,
> the valve sets the GenericPrincipal with no roles. Therefore, the
principal
> is getting authorization denied (although authentication succeeds) because
> we have granted to roles=role1, tomcat in web.xml file.
>
> (T
uma...@comcast.net wrote:
> We have a bunch of web applications packed into a single VM tomcat (6.0.14).
> I am looking to segrgating the contexts in distinct VMs based on IP address
> based virtual hosts.
So you want to run entirely separate Tomcat instances?
> I assume that to keep this segrega
Ambarish Mitra wrote:
> On 3/3/2009 7:57 AM, Ambarish Mitra wrote:
>> Goal: I have a web-app which I have protected with an external
>> authentication engine. To achieve this, I have written a custom valve
> which
>> sets a principal.
>
> I'm not sure you need a Valve. Why not just write a custom
61 matches
Mail list logo
