Re: AW: AW: AW: Password in Tomcat 9.x

ing it, there may not *be* a way to specify "no encryption" of the PKCS12 structure itself, only ways to express a zero-length password. Of course I pay strict attention to file and directory permissions. -- Mark H. Wood Lead Technology Analyst University Library Indiana Universit

Re: AW: AW: Password in Tomcat 9.x

different means. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Re: Mod_JK vs Mod_Proxy

well but I very much prefer the way mod_proxy_ajp integrates with the proxy configuration in HTTPD. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Re: Encryption of Tomcat AJP

simple and straightforward. > > Would it make sense to create a solution with less caveats and up to date > security requirements? If the OP's cyber security group insists, then maybe they would care to give him their requirements and suggestions for setting up IPSEC. -- Mark H.

Re: correct usage of properties to supply database port

uot;5" >   logAbandoned="true" >   username="shoc" >   password="password" >   /> > >   >         className="org.apache.catalina.valves.AccessLogValve" >     prefix="s

Re: javax.servlet vs jakarta.servlet?

t. You may wish to have a look at https://stackoverflow.com/a/12160863/2916377 -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Re: How to *properly* create and use a CATALINA_BASE installation

The Gentoo Linux packaging of Tomcat does a nice job of laying out separate CATALINA_HOME and one or more CATALINA_BASE trees, if you'd like something to study. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan S

Re: Re-Use TCP Source Ports if the Socket is Unique?

ase knows which distant hosts should be reachable via each local address. 'connect' should use this to pick an address that can reach the distant host, assign an unallocated port, and send SYN to request a connection. So the answer to your question is "it depends on the service

Re: Most recent security-related update to 8.5? And setting up access to Manager?

. https://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Remote_CIDR_Valve I got so tired of those eye-watering IP address REs that I wrote my own CIDR-based Valve some years ago, but I'm happy to discover that I can now throw it away and use one that ships with Tomcat. -- Mark H. Wood Lead

Re: Problem posting to Tomcat ssl connector ..

going on!? I suppose there's nothing useful in the logs? Can anyone suggest adjustments that might log relevant observations? -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Re: [EXTERNAL] Re: tomcat timeout

I decided that just lengthening timeouts was a losing strategy, because these particular reports can be requested over any portion of a record set that steadily grows in size, and can thus take longer to generate every month. Your situation may be different. -- Mark H. Wood Lead Technolog

Re: [OT] programming style or mental process ?

I've appreciated this discussion. It's caused me to think a bit more about my use of this pattern. [regarding tests for null references] This has got me wondering why there is no operator for such an irritatingly common need: if (my_reference isNull) { ... } -- Mark H. Wood Lead

Re: Browser complains of "weak signature algorithm" in cert on a new Tomcat installation. Does anybody here know anything about that sort of thing

rtified public key was signed by hashing it with SHA1 and then encrypting the hash with the CA's RSA private key. I just remembered that your browser probably has a way to display details of a certificate, too. BTW that certificate above was issued in 1999, when SHA1 was considered sufficient.

Re: Session attribute disappears across requests

wrong place to clean it up anyway. Sorry for the noise. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Session attribute disappears across requests

s proxied through Apache HTTPD via AJP.) -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Re: JNDI match of LDAP hashed passwords fail against cleartext

e clever uses they hadn't thought of. One result is a rather Wild West approach to using directory services for authentication. (I see this also in services dedicated to authentication: seemingly no two organizations use CAS in the same way.) -- Mark H. Wood Lead Technology Analyst Unive

Re: bind Tomcat to IPv4 and IPv6 loopback, Tomcat 9.0.31

1 (IPv6 loop back address), whereas IIS connector tries to bind to > the IPv4 loopback. Two things I would try: 1. Two connectors, one with address='::1' and the other with address='127.0.0.1', both with port='8014'. 2. Configure the other end explicitly

Re: no temp directory creation wanted when embedding Tomcat

It seems to me that the problem may be, that you are trying to use Tomcat but cut away most of its raison d'etre. Asking Google for "embedded web server java" will give you a lot of other possibilities to explore, some of them extremely simple. -- Mark H. Wood Lead Tec

Re: log4j app logging

gt; (But if someone has a hint on my mess I wouldn't mind.) If this happens to be a project built with Maven then 'mvn dependency:tree' should tell you which artifacts are pulling in SLF4J. You may need to run this more than once as you comb out transitive dependencies one by one.

Re: Number of Web Applications in one Tomcat

til fixed (or replaced). o An additional problem with multiple applications per container: ill-designed dependencies which are only configurable using system properties, when different applications need different configurations. -- Mark H. Wood Lead Technology Analyst University Li

Re: JVM keystores and CA

u must remove X from all systemwide truststores of every type, and then configure a custom truststore for every application except A. Which is more error-prone? It shouldn't be difficult to write a script that makes a copy of the systemwide store and adjusts it to your application&#

Re: Error Regarding RFC 7230 and RC 3986

f the problem. Some link is improperly encoded. I would say it is debatable whether browsers should be "correcting" hrefs which are handed to them by some site. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan

Re: Updating a working installation

store stays where it was. I also tend to install the webapp.s elsewhere and just drop in external Context files to point to them, so copying these is a snap. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indian

Re: Security of AJP

". Also by recalling that "Apache" is a huge array of various projects (including Tomcat!), while "Apache HTTP Server" refers to a specific web server daemon that can front-end Tomcat. One could even link "Apache HTTP Server" to 'http://httpd.apache.org/

Re: Using Environment variables instead of Java -D properties for context.xml substitution

own code, you'll also wish to ensure that you obliterate (not just discard) secrets as soon as you have no further need for them. That means that, within the JVM, they should only ever exist in mutable objects (not String, for example). -- Mark H. Wood Lead Technology Analyst Univers

Re: internalProxies regex

> > It was never merged into Tomcat, but if it got some additional interest and > testing, perhaps it could be added. > > - -chris There's also this: https://github.com/mwoodiupui/tomcat-extras -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature

Re: taglibs

s are > taglibs. Simply look in each JAR file to see if there are any ".tld" > files. That's what I thought, too. I looked, and the jstl-api JAR doesn't contain any TLDs. The corresponding jstl-impl JAR does, though. -- Mark H. Wood Lead Technology Analyst Uni

Re: [External] Re: Security Headers Implementation in Tomcat 6.x version

't work." Too much information is better than too little. o My recollection is that this list does not forward attachments. If the evidence is too large to simply copy into an email body, you could post it on something like Pastebin or Github Gist and refer to the URL in your mess

Re: Where Tomcat webapp contexts live on Debian

like conf -> /etc/tomcat-7, as Gentoo does it, to explain the few things that can't be relocated by configuration. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-

Re: Automatically compressing localhost_access_log after rotation

ript, so I ought to make one into a function and just call it N times with various arguments, but this works for me. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 ww

Re: This is weird: can't bind to 443

quire protected resources, drop privilege, run. This *is* mentioned in RUNNING.txt, but somehow manages to be overlooked. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274

Re: sendFiles vs. compression

n of bandwidth and CPU power across your user community, the amount of data to be sent per request, and the shape of traffic over time, you can make some shrewd guesses, but in the end the best solution is the one that does the job best, and the only way to know that is to test and see. -- M

Re: Tomcat base directory layout

pful, because I always struggle what directories are > minimum necessary to start a new instance. Not in the standard Tomcat kit, I think. Gentoo Linux has its own tomcat-instance-manager.bash script which does this. You might be able to adapt it. https://wiki.gentoo.org/wiki/Apache_Tomcat --

Re: Tomcat log files - Strict permissions - setuid

d by root with permissions 600? > I understand that this is done by starting the tomcat process as root > and then dropping privileges using setuid() , but was unable to find > something already built / well documented. That is what the Commons Daemon tool (jsvc) is for. That should be a lot si

Re: Tomcat Conflicting with Group Policy Client

how many connections it accepts at the same time ? > or maybe the PostgreSQL server is just overloaded ? There is. It is in postgresql.conf: max_connections. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan

Re: Tomcat 8 reliability/performance on Windows 2008 R2 Server vs. RHEL/CentOS

ws I found it frequently getting in my way, embodying invalid assumptions, and generally resistant to being used in the way I want to operate a host. Others will have the opposite experience. So, which kind do you have? -- Mark H. Wood Lead Technology Analyst University Library Indiana Univers

Re: Configuring E-Mail Session via JNDI

the output WAR. Or you can just manually remove mail.jar from the built application before deployment. I have to do that with a community project that I haven't yet had time to fully adapt to injection. Doing it this way might be a good quick proof-of-concept for a nicer solution. In s

Re: [OT] FileNotFoundException for existing JAR files

On Fri, Feb 13, 2015 at 01:21:13PM -0500, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Mark, > > On 2/13/15 1:02 PM, Mark H. Wood wrote: > > On Fri, Feb 13, 2015 at 11:46:37AM -0500, Christopher Schultz > > wrote: > >>

Re: [OT] FileNotFoundException for existing JAR files

s' that comes as part of Gnu Coreutils will, when built that way, add a "+" to the mask to show that there is an ACL on the object. (But that's all it does -- I still have to remember to use 'getfacl' to see what the ACL actually *says*.) -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: Digital signature

Re: Restricting SSL access within webapp

t; > prohibit it, it should be the user's call on whether to use HTTP or HTTPS. > > I don't think the problem is so much bandwidth as it is server CPU. > Encryption and decryption are very cpu-intensive tasks. Negotiating the session key is expensive, but it happens once per s

Re: environment-based properties files

s for an external one in tomcat first. > You can incorporate a checksum if you are worried about modifications to the > properties file. I guess you don't want to just set some Context parameters https://mhw.ulib.iupui.edu:8443/docs/config/context.html#Context_Parameters or Environmen

Re: preserving content not in the war

on > war deployment I tried symlinks and it nuked all the sym linked data on > deploy I would place the content elsewhere -- outside of Tomcat's directories altogether -- and pass its path in through the environment. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines sh

Re: Where can I store data files in a tomcat war

information to the webapp as to where it should find the index. Your huge index doesn't have to live in the WAR then. I have *very* little experience with AWS, so it's quite possible I'm missing something. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: Any recommendations on heap settings for Tomcat on an AS/400?

I recommend that, whatever settings you use, don't just set and forget them. Monitor your memory usage and tune it to match the characteristics of your load. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signatur

Re: Should validationQuery commit ?

y in the module language and embedded SQL, where a statement delimiter is needed. It's not part of an SQL statement, so it probably doesn't belong in a query string. Commandline tools need a statement delimiter, but statements fed to the DBMS programmatically are delimited by end-of-string. --

Re: Tomcat-user versus StackOverflow

eminded of the repairman's story of arriving at a site and discovering he'd been entered in a race: the customer had called two other repair shops as well, and apparently whoever arrived first got the job. He was unhappy about that. I can understand why. -- Mark H. Wood, Lead System Prog

Re: Tomcat-user versus StackOverflow

o find an ML for the product in question if my need is unusual. I'd probably ask on SO if I couldn't find an ML or the ML proved unhelpful. Neither of which is true of this list. But then I'm such an old fossil that I think email is still useful. :-) -- Mark H. Wood, Lead System Pr

Re: Tomcat and Spring Framework

On Mon, Mar 10, 2014 at 09:32:05PM -0400, Rossen Stoyanchev wrote: > On Mon, Mar 10, 2014 at 3:58 PM, Mark H. Wood wrote: > > > It's probably worth asking what "full-fledged enterprise applications" > > means. I'm not aware of any specification with th

Re: Tomcat and Spring Framework

It's probably worth asking what "full-fledged enterprise applications" means. I'm not aware of any specification with that title. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc

Re: Tomcat v6.0.20 - Cannot Remove Date From JULI Log File Names

On Wed, Jan 29, 2014 at 10:27:13AM -0500, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Mark, > > On 1/29/14, 9:49 AM, Mark H. Wood wrote: > > On Tue, Jan 28, 2014 at 12:32:22PM -0500, Daniel Mikusa wrote: > >> On Jan

Re: Tomcat v6.0.20 - Cannot Remove Date From JULI Log File Names

ently than any external tool. Cleaning up old log files is easily done with a simple cron job, if the application does not trim old files. That operation can be done just as well externally as internally. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly.

Re: [OT] Out of memory exception - top posting

conforming UA could remember them from the subscription response or latest-read message and at least give the user some suggestions. Rules like "no attachments" could be acted on by the UA; rules like "no top-posting" require human judgment but could be advertized by the UI. -- Mark H.

Re: [OT] Out of memory exception - top posting

he content. So the UA punts, leaving the cursor at the top of the message, and the trusting user thinks this is what should happen. The *adept* user knows that editing and composition make his work more effective, and is guided by training and experience rather than the UA. -- Mark H. Wood, L

Re: how to reply

il list? cheez. I sincerely hope not. I'd have to write something to scrape the messages out of the forum and turn them into email. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: problem with Remote Address Filter

the String, because they are string escapes in Java and must themselves be escaped. The Tomcat configuration files are not Java and the conventions are different. Single backslashes work just fine for me with the RemoteAddrValve, and I don't see why they should not work in configuring the RemoteA

Re: Option to allow "\" in hardcoded file paths

On Tue, Aug 06, 2013 at 03:05:44PM +, Jeffrey Janner wrote: > Had a programmer build a filepath using "\" instead of "/" , because he's > windows centric (duh). Probably should be using java.io.File.separator. -- Mark H. Wood, Lead System Programmer mw...@i

Re: 6.0.16 vs 6.0.37 puzzle

It might be instructive to look at the browser's error console too. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: Delayed WAR expansion, timeout on context startup?

rsion of infrastructure, we need to learn to write less-brittle code. This should not be a big deal. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: Why is context.xml no longer copied to Catalina/localhost/myapp.xml?

On Tue, May 07, 2013 at 04:45:39PM +, Jeffrey Janner wrote: > > -Original Message- > > From: Mark H. Wood [mailto:mw...@iupui.edu] > > Sent: Tuesday, May 07, 2013 8:41 AM > > To: users@tomcat.apache.org > > Subject: Re: Why is context.xml no longer co

Re: Why is context.xml no longer copied to Catalina/localhost/myapp.xml?

On Tue, May 07, 2013 at 01:17:40PM -0400, Jesse Barnum wrote: > On May 7, 2013, at 9:40 AM, "Mark H. Wood" wrote: > > Well, the developer can simply pack into the app. whatever internal > > configuration is needed, since he has ready access to the interior of > >

Re: Why is context.xml no longer copied to Catalina/localhost/myapp.xml?

od way for the container to make up for incorrect design in this area. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: proper context usage

maybe deploy the app in a different way that retains the > app-specific context file? None that I could ever discover. When an app. is placed in appBase, Tomcat feels free to extract its own context descriptor and destroy same as needed. It can't tell our hand-built ones from its own extra

Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404

ry. Even if the limits on these are infinitely adjustable, we might not want to adjust them that high because they are doing another job for us. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404

's tactical options. At that point a smart enemy will give up and go home, while a stupid (or desperate) one will come on and be destroyed. Either way, you win. But this is very hard to arrange. So we have to consider what going active will cost, and how the enemy's behavior will ch

Re: practical scenarios

iguration data applied from the outside. I think that muddling the concerns of developers and installers is asking for trouble. (I also feel that an app. should be able to function without any configuration at all, at least to the point of telling me what I forgot to configure.) -- Mark H. Wo

Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404

If bots were killed at a much higher rate, that *would* affect the botnet masters. I have no idea how to make bots more visible by messing with their attacks, just wondering. Then again, my experience shows that when a computer slows down most people either just live with the problem or buy a fas

Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404

negative > side-effects. Search for "tarpit". There should be a lot of discussion. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature

Re: RE : Tomcat 6.0.35 Crashed again

ing system. A well-tuned servlet container running in a poorly-tuned OS or undersized hardware will still underperform. The general plan here is the same: start with an educated guess, observe, adjust, monitor -- Mark H. Wood, Lead System Programmer mw...@iupui.edu There's

Re: tomcat 6.0.35 in production maintaince

On Thu, Mar 14, 2013 at 07:13:20AM -0700, fachhoch wrote: > every few seconds a new session is begin created from an ipaddress , I have > no clue who owns that ipaddress , how can I find more about that > ipaddress? 'whois'. -- Mark H. Wood, Lead System Programmer mw..

Re: Nagios plugin script for use with JMXProxy

nt :( > 4. Host it on my own website Maybe Nagios has a third-party plugins corral? -- Mark H. Wood, Lead System Programmer mw...@iupui.edu I don't do "doorbusters". pgpnNSX0H6LHV.pgp Description: PGP signature

Re: tomcat6 with crl doesn't load

or "open source OCSP responder" and found some, so it shouldn't be too costly to put up your own if you have availability concerns. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu I don't do "doorbusters". pgpLNCz9kvV07.pgp Description: PGP signature

Re: ConnectionPoolMBean should not expose plain-text DB password

know some of the secrets required to run our operation. OTOH I agree that Tomcat is not set up to give you a heterarchial access structure. Very few products are. I'm sure I never heard of most of them and suppose that few of you all have either. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpJKCQyXtpu7.pgp Description: PGP signature

Re: Not sure what to make of this, Re: bringing up HTTPS on Tomcat

o ingest a private key. But the KeyStore class it manipulates seems to have the necessary methods, so you should be able to write something to do that. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpsj9A6LWcQ8.pgp Description: PGP signature

Re: very basic question about apache and tomcat

d think in terms of GSSAPI/Kerberos. Searching for "firefox kerberos authentication" showed me a lot of hits that might help you on the client side. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgp9LAw8gVbpY.pgp Description: PGP signature

Re: High load from tomcat, no users, no errors

Not just Debian; I had several Gentoo boxes get into this state. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpQqvHnxfAYd.pgp Description: PGP signature

Re: Initializing webapps in a certain order

analysis in a servlet container; the app.s start in any order the container may choose and then stumble over missing dependencies. I think it could be argued that the servlet spec. makes startup ordering by the container an explicit non-requirement, so you couldn't count on it at another si

Re: Tomcat advantages

But does it also walk dogs? -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpavqdMWRTQY.pgp Description: PGP signature

Re: Running Tomcat on Port 80 with Fedora 16 without IP tables redirect

the arcane scripting that I've seen employed. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgp77CHMbG39e.pgp Description: PGP signature

Re: Regarding compatibility

Nah, just fork it off of FreeQuantumLoopGravity. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpqF1xStOMTh.pgp Description: PGP signature

Re: Please somebody can translate this configuration in tomcat form for server.xml or another xml config file?

ccess to the entire Context, Host, or Engine from clients at any address. The HTTPD config fragment above keeps all clients out of a single directory (and its subdirectories, unless overridden by another Directory element). -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Aski

Re: About certificates in Tomcat SSL support

user. If you coin your own cert.s then anyone who uses the affected servers will have to add those cert.s to their truststores or put up with the "are you sure you want to trust these guys?" dialog every time they visit. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpKV6HHHE0Jj.pgp Description: PGP signature

Re: Tomcat memory allocation

est load, then monitor its resource utilization and make further adjustments to give it enough headroom for unexpected load spikes without wasting resources which will never be used. Then monitor periodically to be sure you haven't missed anything. -- Mark H. Wood, Lead System Programm

Re: [OT]RE: Maximum memory that can be assigned to Tomcat on windows platform

else going on?" -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpIowkiM39ep.pgp Description: PGP signature

Re: [OT]RE: Maximum memory that can be assigned to Tomcat on windows platform

o oversimplify a bit). For how it does that, track down a little story called The Paging Game. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpjKSIiRF27q.pgp Description: PGP signature

Re: [OT] JspServlet - Unexpected behavior, possible bug...

In addition to enriching the community (which helps *you* when we all treat it as the norm) and helping out others who may come along with similar problems, explaining how you worked it out gives you a chance to show how clever you were. :-) -- Mark H. Wood, Lead System Programmer mw

Re: Configure tomcat using init.d

IT wants? That has implications for memory demand, port and address space, and linking among app.s. Maybe the IT guy understands how Tomcat works, but I think I would explore the possibility that he doesn't. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpvyER2Qn4t8.pgp Description: PGP signature

Re: Denying IPs using the Valve command in context.xml

t always need to write all the fiddly escaped dots and stuff. (If you think SNOBOL is ancient: I'm trying to recall whether COMIT II embodied all of these concepts. :-) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpk3QsMKeVYM.pgp Description: PGP signature

Re: Denying IPs using the Valve command in context.xml

styles out of my head. Again, I should try writing a DNS-style globber. It might be fun. (But don't hold your breath waiting for it.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. pgpBlPBdN6hmN.pgp Descri

Re: Apache Tomcat 5.5.34 Question (UNCLASSIFIED)

Consider something like: $ openssl rand -base64 32 DJaLgg+fcT8ygQVCd1uKcpLAuxGPmEWhv7j+aorobVs= if you want help coming up with reasonably hard-to-guess secrets. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are

Re: How to configure a web app

On Wed, Jun 09, 2010 at 05:20:22PM +0200, Thomas Kloeber wrote: > Mark H. Wood wrote on 09.06.2010 17:03: > > On Wed, Jun 09, 2010 at 04:19:17PM +0200, Thomas Kloeber wrote: > > > >> the problems I have are: > >> > >> * the IP address of the

Re: How to configure a web app

arate Parameters, but I would keep them separated from configuration of the servlet container (which the above is) if possible. Tastes vary. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 pe

Re: Keeping tomcat up-to-date on linux

27;t.have.versions.anymore is on 6.0.26 since around 30-Mar-2010. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 percent of world population has broadband. -- Ledford and Tyler, _Google An

Re: Tomat monitoring

, so long as you find or create a relevant MIB and implementation. Such as: https://mhw.ulib.iupui.edu/Java/technotes/guides/management/snmp.html Take a look at the JVM-MANAGEMENT-MIB. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the r

Re: snort detecting ICMP traffic, tomcat?

sted. I find it interesting that there are two PTR records in DNS for that address, and the other one is to "jk-dc96425b8e." That's not the sort of name you expect from DNS. You might want to report that to someone at Pitzer College. A 'whois' query for pitzer.edu retur

Re: Log4j logging doesn't work when a web application is moved outside Tomcat/webapps directory

preciated, and save you loads of time in the long run. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 percent of world population has broadband. -- Ledford and Tyler, _Google An

Re: Tomcat 6.0.26 startup scripts changed from 6.0.18

Any chance that the stock scripts might someday use 'jsvc', since Tomcat is set up to run that way? Then Tomcat can be easily started as root (and won't have to worry about permission to create PID files) but run as someone else. -- Mark H. Wood, Lead System Programmer mw...@iu

Re: [OT] Batch-processing of emailed log4j log messages

An alternative approach: you could pump the messages through a mailing-list digest builder. You may get 100 messages in five minutes, but you only get interrupted once. Sorry, I've never run a digested list so I don't have a name handy. -- Mark H. Wood, Lead System Progr

Re: [OT] Tomcat dies suddenly

classes were in session the EMI was picked up by my keyboard. (Written from one of my xterms.) -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Friends don't let friends publish revisable-form documents. pgpu1LttJE0ti.pgp Description: PGP signature

Re: JSP Page "hangs"... clues?

all that memory back and continue as if nothing had happend. Maybe you've found a way to do something similar with Tomcat, but it takes 16 minutes to cycle. Just waiting until you think it's been long enough is not a very strong test. What's it doing while you wait? is a question

Re: [OT] Re: Securing Tomcat Applications from Reverse Engineering

On Thu, Jan 21, 2010 at 03:02:41PM +, Peter Crowther wrote: > 2010/1/21 Mark H. Wood > > > Reverse engineering is not a technical problem; it is a legal > > problem. You need a lawyer, not a program. > > > > Mmm, yes and no. Burglary is also a legal problem, b

  1   2   >