Hi shivani,
reading the thread from beginning I would say that the easiest way to
fix your particular problem is to write your own version of the jsp
servlet which can than behave as you need. Take the source, make
limitations adaptions (load jsps from own classloader for example,
limit the number
Hi,
i have the following in bin/catalina.sh
JAVA_OPTS="$JAVA_OPTS -server -Xms512M -Xmx1024M -XX:MaxPermSize=1024M
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
still i get the permgen error exception everyday, pl. someone help, i have
about 7 applications in struts running
On 15/09/2010 04:18, viola lu wrote:
> Hi, Mark:
> thanks, i already opened a bug :
> https://issues.apache.org/bugzilla/show_bug.cgi?id=49925.
Are you sure this is a Tomcat bug?
p
> On Tue, Sep 14, 2010 at 2:49 PM, Mark Thomas wrote:
>
>> On 14/09/2010 06:00, viola lu wrote:
>>> Is this a bu
On 15/09/2010 04:46, Alec Swan wrote:
> Could anybody explain what is the advantage of configuring JNDI resources
> using GlobalNamingResources in server.xml over configuring them in
> TOMCAT/conf/context.xml?
If configured in global, 1 db pool is created and then referenced/shared
by multiple app
On Wed, Sep 15, 2010 at 5:53 AM, shivanic wrote:
> was searching for quick short term alternatives.
>
Short term increae permgen size again. Discuss your problem with the
external company,
If they refuse then look at buying more hardware as a medium term solution
Wes
---
Hello,
Thanks all for the inputs :)
Chris,Wesley: I did suggest to review the design of the app - which is not
developed in house - but as stated by the product owner - the application is
kind of a content management system that would require to display different
pages generated as per the ne
Could anybody explain what is the advantage of configuring JNDI resources
using GlobalNamingResources in server.xml over configuring them in
TOMCAT/conf/context.xml?
Thanks!
Alec
On Tue, Sep 14, 2010 at 4:36 PM, Mark Thomas wrote:
> On 14/09/2010 23:33, Alec Swan wrote:
> > Thanks, I'll give i
Hi, Mark:
thanks, i already opened a bug :
https://issues.apache.org/bugzilla/show_bug.cgi?id=49925.
On Tue, Sep 14, 2010 at 2:49 PM, Mark Thomas wrote:
> On 14/09/2010 06:00, viola lu wrote:
> > Is this a bug of EL implementation? Parse number as Long, not type of
> > ManagedBean defined?
>
>
waited an extra long time to test out the web page again, but it's still
not timing out. I've asked InetSoft about the heartbeat requests. I'll
update you all with what they say.
Thanks! :-)
Debbie Shapiro, Data Warehouse Manager
Office: 425.402.2233
-Original Message-
From: D
Debbie Shapiro wrote:
You guys are so awesome! And extremely helpful! :-)
Oh wow then, I want to be in this group too..
One question which does not appear to have been asked, is *which* session is or is not
timed out. I mean that this is happening with a specific application's page. The
a
On 14/09/2010 23:33, Alec Swan wrote:
> Thanks, I'll give it a try.
>
> Still kind of curious if GlobalResources override resources in
> META-INF/context.xml, but I guess I will find that out soon.
They are in different JNDI name spaces so no. (which is why you need to
use a ResourceLink)
Mark
You guys are so awesome! And extremely helpful! :-)
Debbie Shapiro, Data Warehouse Manager
Office: 425.402.2233
-Original Message-
From: Pid [mailto:p...@pidster.com]
Sent: Tuesday, September 14, 2010 3:00 PM
To: Tomcat Users List
Subject: Re: session-timeout not taking effect
> From: Debbie Shapiro [mailto:dshap...@cardiacscience.com]
> Subject: RE: session-timeout not taking effect
> I don't see any setting for session-timeout in the
> WEB-INF/web.xml, only in the conf/web.xml.
Not unusual.
> I haven't configured the manager piece at all yet with
> user id's, etc
On 14/09/2010 23:27, André Warnier wrote:
> Debbie Shapiro wrote:
>> Hi Wesley -
>> I logged in to my web app, ran a report and then left it alone for 45
>> minutes. Came back and tried to run another report. I was expecting to
>> receive a prompt to login again, but instead it runs the second repo
Pid wrote:
On 14/09/2010 16:17, Steve Ryder wrote:
java.security.AccessControlException: access denied (java.io.FilePermission
/home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties read)
When I first noticed this I added the java.io.FilePermission
to catalina.policy under WEB A
> From: Debbie Shapiro [mailto:dshap...@cardiacscience.com]
> Subject: RE: session-timeout not taking effect
> What I'm seeing in the access log are heartbeat requests?
Yup - so it's InetSoft's code running *in the browser* that's keeping the
session alive.
> I'm not touching the page and I di
Thanks, I'll give it a try.
Still kind of curious if GlobalResources override resources in
META-INF/context.xml, but I guess I will find that out soon.
On Tue, Sep 14, 2010 at 4:13 PM, Pid wrote:
> On 14/09/2010 23:10, Alec Swan wrote:
> > GlobalResources sounds like what I am looking for. Acco
I don't see any setting for session-timeout in the WEB-INF/web.xml, only
in the conf/web.xml.
I haven't configured the manager piece at all yet with user id's, etc...
As far as I can tell, I'm using version 7.0.0.
Debbie Shapiro, Data Warehouse Manager
Office: 425.402.2233
-Origi
Debbie Shapiro wrote:
Hi Wesley -
I logged in to my web app, ran a report and then left it alone for 45
minutes. Came back and tried to run another report. I was expecting to
receive a prompt to login again, but instead it runs the second report.
I also have a case open with InetSoft on this, but
I tested out navigating to another web page in a different window and
coming back to the web app page after it should have timed out, but no
go.
I just removed the comments for the access log as you mentioned below.
What I'm seeing in the access log are heartbeat requests? Like follows.
I'm not
Mark Thomas wrote:
On 14/09/2010 15:16, Christopher Schultz wrote:
I'm in the middle of some major re-factoring so I don;t have time to
actually test this...
0. [Browser has two JSESSIONID cookies: one secure=true and one
secure=false]
This I doubt. When testing load-balancing on a single ma
On 14/09/2010 23:10, Alec Swan wrote:
> GlobalResources sounds like what I am looking for. According this page (
> http://tomcat.apache.org/tomcat-6.0-doc/config/globalresources.html) it
> seems like I need to just add the following configuration in server.xml:
>
>
> ...
>type="
> From: Debbie Shapiro [mailto:dshap...@cardiacscience.com]
> Subject: RE: session-timeout not taking effect
> I'm not sure how to determine that the session-timeout
> is anything other than 30 minutes aside from looking at
> the web.xml file.
Note that there are _two_ web.xml files of interest:
GlobalResources sounds like what I am looking for. According this page (
http://tomcat.apache.org/tomcat-6.0-doc/config/globalresources.html) it
seems like I need to just add the following configuration in server.xml:
...
...
If I understand correctly, this will make jdbc/EmployeeDB JND
Unfortunately, I can't outsource this. :-( Trying to learn as I go...
Debbie Shapiro, Data Warehouse Manager
Office: 425.402.2233
-Original Message-
From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
Sent: Tuesday, September 14, 2010 2:51 PM
To: Tomcat Users List
Subject:
> From: Alec Swan [mailto:alecs...@gmail.com]
> Subject: Re: Virtual host deployment
> So, the database credentials should be stored somewhere
> in the server configuration.
Then place the element in conf/Catalina/[host]/[appName].xml. Should
you really need multiple elements, your deployme
On 14/09/2010 22:50, Wesley Acheson wrote:
> I'm guessing the only reason you run tomcat is to run this single
> application. It may be wise just to get a hosting company to do this
> for you they'll know a lot more about the security and configuration
> of the environment.
Nah, we can probably fi
On 14/09/2010 22:52, Alec Swan wrote:
> Hi Chris,
>
> Thank you for the defaultHost recommendation.
>
> The deployment scenario I would like to support requires deploying the same
> WAR file on the development server first and then on the production server.
> Development and production servers us
Hi Chris,
Thank you for the defaultHost recommendation.
The deployment scenario I would like to support requires deploying the same
WAR file on the development server first and then on the production server.
Development and production servers use different database credentials, so I
cannot packag
I'm guessing the only reason you run tomcat is to run this single
application. It may be wise just to get a hosting company to do this
for you they'll know a lot more about the security and configuration
of the environment.
Wes
-
On Tue, Sep 14, 2010 at 11:39 PM, Debbie Shapiro
wrote:
> I should add that I am neither a Java nor a Tomcat expert by any means.
> Where would I find some of these settings?
hmm may be a bit tricky
>
> I'm using IE to access this application.
>
> Where would one enable the access log? I essentia
I should add that I am neither a Java nor a Tomcat expert by any means.
Where would I find some of these settings?
I'm using IE to access this application.
Where would one enable the access log? I essentially have the entire
Tomcat installation using the defaults at installation, with the
excepti
On 14/09/2010 21:54, Christopher Schultz wrote:
> I encourage others to test other browsers. This was exhausting. :)
To add to the 'fun', recent Tomcat versions will change the session ID
(but not the session object) on authentication to prevent session
fixation attacks.
Mark
---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alec,
On 9/14/2010 5:04 PM, Alec Swan wrote:
> I have a WAR file which I distribute to multiple servers with multiple
> virtual hosts. On each server I have a database, which is accessed by all
> virtual host apps on this server.
I'm interested: is t
On 14/09/2010 22:01, Steve Ryder wrote:
> Thanks for your response, I really do need some help. After lots of
> testing (when mail was working), I migrated my production workload to a
> new server. Yesterday, Java Mail stopped working, I suspect because I
> added the wrong permission in the wrong
Hello,
I have a WAR file which I distribute to multiple servers with multiple
virtual hosts. On each server I have a database, which is accessed by all
virtual host apps on this server.
Is it the right approach to put database access credentials in
$TOMCAT/conf/context.xml which will then be load
Thanks for your response, I really do need some help. After lots of testing
(when mail was working), I migrated my production workload to a new server.
Yesterday, Java Mail stopped working, I suspect because I added the wrong
permission in the wrong place. (see #2).
I have tried removing that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pid,
On 9/14/2010 4:21 PM, Pid wrote:
> On 14/09/2010 20:42, Caldarale, Charles R wrote:
>>> From: Vincent DELHOMMOIS [mailto:vinc...@free.fr]
>>> Subject: Tomcat 6.0.26 64 bits = CPU 100%
>>
>>> On these days, the CPU are stuck at 100% and doesn't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wesley,
On 9/14/2010 4:21 PM, Wesley Acheson wrote:
> On Tue, Sep 14, 2010 at 10:15 PM, Christopher Schultz
> wrote:
> Wesley,
>
> On 9/14/2010 2:44 PM, Wesley Acheson wrote:
I'm not saying your structure is wrong but I think you might want to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 9/14/2010 12:30 PM, Mark Thomas wrote:
> On 14/09/2010 15:16, Christopher Schultz wrote:
>
> I'm in the middle of some major re-factoring so I don;t have time to
> actually test this...
>
>> 0. [Browser has two JSESSIONID cookies: one secur
On 14/09/2010 16:17, Steve Ryder wrote:
> java.security.AccessControlException: access denied (java.io.FilePermission
> /home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties read)
>
> When I first noticed this I added the java.io.FilePermission
> to catalina.policy under WEB APP P
On 14/09/2010 15:36, shivanic wrote:
> 2. As of now, for version Tomcat 5.5.9
FAIL
(or Tomcat 5.X)
(FAIL)
I'm curious: I didn't spot in the thread so far, are you precompiling
your JSPs or is Tomcat doing that for you?
p
0x62590808.asc
Description: application/pgp-keys
signature.asc
De
On 14/09/2010 14:35, Alexander Diedler wrote:
> Hello,
> The target should be, to have the possibillity to restart every webapp
> through the Tomcat Manager. So for my understanding I have to map every App
> als path="/appname" in the context file.
I'm not sure I understand what you're saying.
On 14/09/2010 20:42, Caldarale, Charles R wrote:
>> From: Vincent DELHOMMOIS [mailto:vinc...@free.fr]
>> Subject: Tomcat 6.0.26 64 bits = CPU 100%
>
>> On these days, the CPU are stuck at 100% and doesn't
>> decrease. Do you have any idea ?
>
> I'm tempted to just answer "yes", and let it go at
On Tue, Sep 14, 2010 at 10:15 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Wesley,
>
> On 9/14/2010 2:44 PM, Wesley Acheson wrote:
>> I'm not saying your structure is wrong but I think you might want to
>> take a look at it anyway.
>
> ...and possibly switch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wesley,
On 9/14/2010 2:44 PM, Wesley Acheson wrote:
> I'm not saying your structure is wrong but I think you might want to
> take a look at it anyway.
...and possibly switch to Velocity/Freemarker/whatever, which won't bust
your PermGen space.
- -ch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shivani,
On 9/14/2010 12:21 PM, shivanic wrote:
> We have already increased the max perm gen size - but that is not a
> permanent solution. As in, if the count of jsp's in the application which is
> already in a few thousands - increases twicefold - a
> From: Vincent DELHOMMOIS [mailto:vinc...@free.fr]
> Subject: Tomcat 6.0.26 64 bits = CPU 100%
> Hi everybody,
You don't get extra credit for posting the exact same message twice...
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for us
> From: Wesley Acheson [mailto:wesley.ache...@gmail.com]
> Subject: Re: session-timeout not taking effect
> Check if the session timeout is indeed set to half an hour. (Maybe
> this info is in jconsole I'm sure others on this list will know)
Might be easier to look at the sessions with Tomcat's
> From: Vincent DELHOMMOIS [mailto:vinc...@free.fr]
> Subject: Tomcat 6.0.26 64 bits = CPU 100%
> On these days, the CPU are stuck at 100% and doesn't
> decrease. Do you have any idea ?
I'm tempted to just answer "yes", and let it go at that.
However, let's try a bit more detail:
1) What do r
Hi everybody,
We have several virtual machines on Windows 2008 server with Tomcat 6.0.26
64 bits (JDK 1.6 64 bits). The servers have 6 Go of RAM and we declare 4 Go
for the Tomcat. Our application works fine except some days. On these days,
the CPU are stuck at 100% and doesn't decrease. Do you hav
Hi everybody,
We have several virtual machines on Windows 2008 server with Tomcat 6.0.26
64 bits (JDK 1.6 64 bits). The servers have 6 Go of RAM and we declare 4 Go
for the Tomcat. Our application works fine except some days. On these days,
the CPU are stuck at 100% and doesn't decrease. Do you hav
On Tue, Sep 14, 2010 at 6:21 PM, shivanic wrote:
>
> Hello,
>
> We have already increased the max perm gen size - but that is not a
> permanent solution. As in, if the count of jsp's in the application which is
> already in a few thousands - increases twicefold - again the same problem
> would ari
On Tue, Sep 14, 2010 at 7:17 PM, Debbie Shapiro
wrote:
> Hi Wesley -
> I logged in to my web app, ran a report and then left it alone for 45
> minutes. Came back and tried to run another report. I was expecting to
> receive a prompt to login again, but instead it runs the second report.
> I also h
Hi Wesley -
I logged in to my web app, ran a report and then left it alone for 45
minutes. Came back and tried to run another report. I was expecting to
receive a prompt to login again, but instead it runs the second report.
I also have a case open with InetSoft on this, but they are pointing me
to
On 09/14/2010 07:21 PM, shivanic wrote:
We have already increased the max perm gen size - but that is not a
permanent solution. As in, if the count of jsp's in the application which is
already in a few thousands - increases twicefold - again the same problem
would arise.
JSPs do not appear unco
On Tue, Sep 14, 2010 at 6:29 PM, Debbie Shapiro
wrote:
> I am using Tomcat 7.0 on a Windows 2003 Server 64-bit OS. I'm using the
> default settings for the web.xml file for session-timeout (30 minutes),
> but for some reason, the sessions aren't timing out at this point for
> users of the web app.
On 14/09/2010 17:29, Debbie Shapiro wrote:
> I am using Tomcat 7.0 on a Windows 2003 Server 64-bit OS. I'm using the
> default settings for the web.xml file for session-timeout (30 minutes),
> but for some reason, the sessions aren't timing out at this point for
> users of the web app. Is there som
On 14/09/2010 17:21, shivanic wrote:
>
> Hello,
>
> We have already increased the max perm gen size - but that is not a
> permanent solution. As in, if the count of jsp's in the application which is
> already in a few thousands - increases twicefold - again the same problem
> would arise.
>
> He
I am using Tomcat 7.0 on a Windows 2003 Server 64-bit OS. I'm using the
default settings for the web.xml file for session-timeout (30 minutes),
but for some reason, the sessions aren't timing out at this point for
users of the web app. Is there some reason why this setting would be
ignored? I'm usi
On 14/09/2010 15:16, Christopher Schultz wrote:
I'm in the middle of some major re-factoring so I don;t have time to
actually test this...
> 0. [Browser has two JSESSIONID cookies: one secure=true and one
> secure=false]
This I doubt. When testing load-balancing on a single machine, I have
seen
Hello,
We have already increased the max perm gen size - but that is not a
permanent solution. As in, if the count of jsp's in the application which is
already in a few thousands - increases twicefold - again the same problem
would arise.
Hence, was looking for something similar to what Mark sug
Hi Christopher,
On 14/09/2010 16:02, Christopher Schultz wrote:
[...]
I'm not sure what you're asking. "The session" refers to an HttpSession
object, which should be obvious from the spec and the API itself. "The
request" should also be obvious, since we're talking about HTTP and a
HttpServletR
On Tue, 2010-09-14 at 07:50 +0200, Mladen Turk wrote:
> On 09/14/2010 12:28 AM, Brett Delle Grazie wrote:
> >>
> >> Detaching AJP streams from the servlet and using them
> >> as a OutputStream is not very well handled in Tomcat.
> >> I suppose if using APR the entire thing would even crash the JVM.
java.security.AccessControlException: access denied (java.io.FilePermission
/home/sryder/JsrSystems.info/ROOT/WEB-INF/classes/logging.properties read)
When I first noticed this I added the java.io.FilePermission
to catalina.policy under WEB APP PERMISSIONS
grant {
// Added by JSR 2010-09-13
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anurag,
On 9/14/2010 11:07 AM, Mehrotra, Anurag wrote:
> -XX:MaxPermSize=512M
I can't imagine any of your other proposed settings changing anything at
all about the PermGen space. It doesn't matter what GC you use if your
PermGen space is too small.
I used to constantly get out of memory perm gen space error until about
a month back -
Then I read in detail the various garbage collectors for JDK 1.6
*Throughput Collector
*Concurrent Low Pause Collector
*Incremental Low Pause Collector
I decided to use the concurrent collector as described i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wesley,
On 9/14/2010 10:50 AM, Wesley Acheson wrote:
> Also you do know you can increase permGen size. I don't know if that's
> an option for you or not.
That seems like the right move given the requirements.
- -chris
-BEGIN PGP SIGNATURE-
V
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brian,
On 9/14/2010 9:51 AM, Brian McBride wrote:
>https request: get session returns ?
Heh. I should have read your question before I posted my own.
> i.e. will the newly created session B replace session A, or will A
> continue to be returned
On Tue, Sep 14, 2010 at 4:36 PM, shivanic wrote:
>
> 3. Is there any way to setup unloading of JSP's in the 5.X versions - either
> by using the custom classloader or any other way?.
>
> Thanks.
> Shivani
>
>
I've heard of people unloading classes via a custom garbage collector.
I don't have muc
Hello Mark,
Unfortunately we would not be able to move to the new version of tomcat.
For my understanding, please confirm the following:
1. The number of JSP's loaded would directly result in that number of
classes loaded in JVM.
2. As of now, for version Tomcat 5.5.9 (or Tomcat 5.X) there is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 9/14/2010 7:55 AM, Mark Thomas wrote:
> On 14/09/2010 10:40, Brian McBride wrote:
>> The javadoc states this call returns the "session associated with the
>> request". I'm trying to figure out what "the session associated with
>> the reques
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brian,
> I'm fumbling about seeking the hardness knob that controls my
> thinking ... I know its there somewhere ... :)
Me, too. You can never be too paranoid about authentication code.
> I'm learning from the discussion on this list that DIGEST is
Hi Mark,
Thanks for this. I didn't quite fully grock your reply. Given:
https request: get session returns session A.
https request: get session returns session A.
http request: get session (no create) returns null
http request: get session(create) returns session B != A.
ht
Hello,
The target should be, to have the possibillity to restart every webapp through
the Tomcat Manager. So for my understanding I have to map every App als
path="/appname" in the context file.
In your configuration, I have to open for every App a dedicated manager to
restart them?
I will test
On 14/09/2010 12:42, shivanic wrote:
>
> In my application there are over a thousands of jsp pages existing. So,
> consequently over a period of time we run out of perm gen space. I have read
> that classes are only unloaded if there are no references to the classes or
> the classloader and both c
In my application there are over a thousands of jsp pages existing. So,
consequently over a period of time we run out of perm gen space. I have read
that classes are only unloaded if there are no references to the classes or
the classloader and both can be removed.
>From my understanding, in Tomc
On 14/09/2010 10:40, Brian McBride wrote:
> The javadoc states this call returns the "session associated with the
> request". I'm trying to figure out what "the session associated with
> the request" actually means.
>
> Specifically, if I have the same client sending https and http requests
> in
The javadoc states this call returns the "session associated with the
request". I'm trying to figure out what "the session associated with
the request" actually means.
Specifically, if I have the same client sending https and http requests
intermixed in time, will there be two sessions objec
79 matches
Mail list logo
