Re: 400 Bad Request - where do I find the detailed reason for the bad request so I can fix it?

On 28 Nov 2023, at 21:10, Graham Leggett wrote: > So the reason we get a 400 Bad Request with no error detail is that we arrive > at this line with throwable set to null: > > https://github.com/apache/tomcat/blob/9.0.x/java/org/apache/catalina/valves/ErrorReportValve.java#L129

Re: 400 Bad Request - where do I find the detailed reason for the bad request so I can fix it?

On 29 Nov 2023, at 07:18, Thomas Hoffmann (Speed4Trade GmbH) wrote: >> I’m in dependency hell - java8 to java17, JAXB as used by Jersey2 broke. No >> idea why, but an internal Oracle implementation is hardcoded somewhere. >> >> java.lang.ClassNotFoundException: oracle.xml.jaxp.JXSAXParserFactor

Re: 400 Bad Request - where do I find the detailed reason for the bad request so I can fix it?

On 28 Nov 2023, at 19:11, Graham Leggett wrote: >> In your debugger, when you break-on-exception, what happens if you allow the >> exception to propagate up to the first exception-handler? Does Tomcat >> swallow the exception? Or it it caught elsewhere? > > The exce

Re: 400 Bad Request - where do I find the detailed reason for the bad request so I can fix it?

On 28 Nov 2023, at 18:42, Christopher Schultz wrote: > In your debugger, when you break-on-exception, what happens if you allow the > exception to propagate up to the first exception-handler? Does Tomcat swallow > the exception? Or it it caught elsewhere? The exception eventually ends up insi

Re: 400 Bad Request - where do I find the detailed reason for the bad request so I can fix it?

On 28 Nov 2023, at 09:41, Mark Thomas wrote: >> What do I need to do to see the exception that generated the bad request, so >> that I know specifically what’s wrong and can fix it? > > Enabling debug logging for > > org.apache.coyote.http11.Http11Processor may help. > > It is probably the ti

400 Bad Request - where do I find the detailed reason for the bad request so I can fix it?

Hi all, Long running webapps, tomcat recently updated from tomcat7 to tomcat v9.0.65. One webapp sends a request to another. The request fails with a 400 Bad Request, with the detail message "The server cannot or will not process the request due to something that is perceived to be a client er

Re: Tomcat9 silently ignores web application

On 08 Jul 2023, at 11:20, Graham Leggett wrote: > In summary, the client hits tomcat, tomcat returns 404 on the request, and > there is no trace in the access logfile that the client was ever there. I've traced it to one level up - there is an httpd above this that was routin

Re: Tomcat9 silently ignores web application

On 08 Jul 2023, at 10:08, Graham Leggett wrote: > Another data point - when starting the application up under tomcat9 in > eclipse, there is also no mention in the logs of the web application having > been deployed, however I am able to hit the application with curl and receive >

Re: Tomcat9 silently ignores web application

On 07 Jul 2023, at 23:23, Graham Leggett wrote: >> When you start Tomcat, do you get a message about /foo/bar being >> deployed in catalina.out? For example, I get this for every deployment: >> >> Jul 06, 2023 4:09:33 PM org.apache.catalina.startup.HostConfig &g

Re: Tomcat9 silently ignores web application

On 2023/07/07 13:44:07 Christopher Schultz wrote: > When you start Tomcat, do you get a message about /foo/bar being > deployed in catalina.out? For example, I get this for every deployment: > > Jul 06, 2023 4:09:33 PM org.apache.catalina.startup.HostConfig > deployDirectory > INFO: Deploying w

Tomcat links application at the root of the server?

Hi all, Is there is application out there that will provide, at / (or a path of your choosing), a list of links of applications currently deployed and running under tomcat? Ideally I want tomcat to tell me what applications have been deployed and if they have been deployed successfully, prefer

Re: Tomcat9 silently ignores web application

Hi, > 1. Please read > https://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Defining_a_context > > > > You are injecting a Context into a Host at the time when the > server.xml file is parsed. It does not

Tomcat9 silently ignores web application

Hi all, I have for a while now been moving various web applications onto a new machine running tomcat9, and things have been working great. I have suddenly reached one web application which is silently ignored. Tomcat starts up without any error, makes no mention of the webapp. If the webapp p

Re: Need help understanding support for Unix Domain Sockets in Tomcat 7.0.x

On 25 Sep 2015, at 10:33 PM, Christopher Schultz wrote: > While I obviously agree with the sentiment, I do feel bad for the OP > who has to fight this battle. It is important however to clarify that this isn’t a typical scenario, lest someone cites this thread as to why they should be doing th

Re: Need help understanding support for Unix Domain Sockets in Tomcat 7.0.x

On 23 Sep 2015, at 22:05, André Warnier (tomcat) wrote: > - you convince whoever wrote that requirement, that an internal TCP > connection within the same host, is no less secure than a Unix Domain socket +1. Regards, Graham --

Re: Need help understanding support for Unix Domain Sockets in Tomcat 7.0.x

On 23 Sep 2015, at 5:55 PM, Srinivasan Raman wrote: > Sorry, I should have provided more details while posting the query. > Due to a security policy that mandates that a certain type of sensitive data > flowing over a communication channel must be encrypted, we are using SSL. If > the communica

Re: java.lang.NullPointerException at org.apache.jasper.JspCompilationContext.getTldResourcePath(JspCompilationContext.java:536) when starting Embedded Tomcat Instance

On 16 Mar 2015, at 11:48 AM, Thusitha Thilina Dayaratne wrote: >>> ERROR {org.apache.catalina.core.ApplicationDispatcher} - >>> Servlet.service() for servlet bridgeservlet threw exception >>> java.lang.NullPointerException >>> at >>> > org.apache.jasper.JspCompilationContext.getTldResourcePath(

Re: Tomcat7: debugging realms - a howto?

On 14 Mar 2015, at 3:43 PM, Graham Leggett wrote: > Changing the auth-type to CLIENT-CERT shows that the username has been > replaced by the subject-DN of the cert, which is progress. Reverse engineering tomcat showed that the tomcatAuthentication parameter solved half the problem - wh

Re: Getting tomcat to honour REMOTE_USER as provided via mod_proxy_ajp

On 14 Mar 2015, at 4:15 PM, Graham Leggett wrote: > I have reached the point where with an auth-method of CLIENT-CERT is > returning the Subject DN of the certificate as the username. > > What I need to achieve is for tomcat to honour the REMOTE_USER environment > variable a

Getting tomcat to honour REMOTE_USER as provided via mod_proxy_ajp

Hi all, I have reached the point where with an auth-method of CLIENT-CERT is returning the Subject DN of the certificate as the username. What I need to achieve is for tomcat to honour the REMOTE_USER environment variable as set by Apache httpd. I have noticed the tomcatAuthentication flag can

Re: Tomcat7: debugging realms - a howto?

On 14 Mar 2015, at 1:04 AM, Konstantin Kolinko wrote: > You are using JRE's default java.util.logging.LogManager. > > You need to configure JRE to use the Tomcat JULI implementation of log > manager with > -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager > > The JRE class is us

Re: Switching basic auth to client-cert with realms - how?

On 13 Mar 2015, at 10:34 PM, Neven Cvetkovic wrote: >>> What doesn’t seem to fit is the realm definition - specifying userCredCol >>> is marked as mandatory, but this is obviously not present with a client >>> certificate. What do you specify in this field? >>> >> > You define the password colu

Re: Tomcat7: debugging realms - a howto?

On 13 Mar 2015, at 9:58 PM, Neven Cvetkovic wrote: > Just to confirm, the 403 Forbidden page was rendered by Tomcat, not Apache > HTTPD? Yes, it is branded tomcat and appears in the tomcat access log. > I don't expect it is an Apache issue here - because you mentioned your > application worked

Switching basic auth to client-cert with realms - how?

Hi all, I have a basic authentication setup that works great as below. BASIC Patricia administrator underwriter accountant

Tomcat7: debugging realms - a howto?

Hi all, I have a working realm installation using basic authentication, which I need to switch to client certificate authentication. Having done so it doesn’t work, I just get “forbidden”, with no indication of the error involved. Back in the day there was a simple “debug” flag that turned on d

Re: Apache and Tomcat

On Mon, April 10, 2006 9:59 am, Franck Borel said: > The Apache Web Server and mod_jk are written in C++ Small detail, they are both written in C. Regards, Graham -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional

Making an LDAP connection available to a web application

Hi all, There are lots of tutorials available explaining how to make a JDBC database pool available to a web application. I cannot however find any tutorials explaining how to do the same thing with a JNDI/LDAP connection. Sure, there are lots of tutorials explaining how to secure your weba

Re: Tomcat 5.5 and Logging - any plain english instructions anywhere?

Larry Isaacs wrote: You could try modifying common/classes/logging.properties to see if you can increase the output. Tomcat doesn't ship with such a config file, but it gives a sample one in the logging docs. Having tried to do some semi intelligent cut and pasting to create a logging config

Re: Tomcat 5.5 and Logging - any plain english instructions anywhere?

Larry Isaacs wrote: You mention Eclipse. Are you using a version of WebTools? No (or not that I am aware of). Tomcat is launched using the Sysdeo plugin. Assuming you are, be aware that the launch configuration created for Tomcat v5.5.x is missing the JVM argument: -Djava.util.logging.mana

Tomcat 5.5 and Logging - any plain english instructions anywhere?

Hi all, I am in the process of trying to build a Struts project from scratch, and from the browser perspective it doesn't work, giving the vague error "Servlet action is not available". No worries, I look for catalina.out and/or the localhost_log*, or as a last resort the output of tomcat as

Re: Config problem: AAA and LDAP

Klotz Jr, Dennis wrote: What are your security constraints within your web.xml? There were no security constrints in the web.xml, I had not checked them :( Thank you for pointing this out, I had looked everywhere except here. Regards, Graham -- smime.p7s Description: S/MIME Cryptographic

Config problem: AAA and LDAP

Hi all, I have just created a simple webapp hosted with Tomcat v5.0.28, and I want to add container managed security against an LDAP server. Following the Tomcat instructions for adding a realm against JNDI does not seem to have had any effect: Attempts to access the webapp are always succes