You are viewing a plain text version of this content. The canonical link for it is here.
Posted to general@jakarta.apache.org by Gunther Schadow <gu...@aurora.rg.iupui.edu> on 2000/02/09 18:43:49 UTC
Apache Tomcat and SSL?
Hi,
sorry for asking so many questions. Has anyone gotten Tomcat to work under
Apache/mod_ssl? When I try it, my ajp server throws an exception:
HANDLER THREAD PROBLEM: java.io.IOException: Stream broken
...
at org.apache.tomcat.service.connector.AJP12RequestAdapter.readNextRequest
I suppose this is a bug since everything works fine without SSL.
Tracked down the problem a little more and found that if I use the
pre-built mod_jserv.so from the jakarta-apache web site (linux/i386/)
it does work with https. So, I suppose something is broken in
mod_ssl source code that come with ApacheJServ-1.1? I wanted to
use the self-compiled code as it doesn't spit out the warning:
"this module might crash under EAPI!", and, "please recompile with
-DEAPI." Yes, I'd like to recompile, but from what sources was that
lonely mod_jserv.so built?
Any ideas?
regards
-Gunther
Re: Please Help Me!!
Posted by Fernando Salazar <fe...@metatel.com>.
isNew() indicates whether the session is new in the scope of a single
client invocation of doGet() or doPost(). So, while processing 1
go-through of doGet(), isNew() will always return the same thing,
regardless of how many times you have called getSession() in that
method. Whether you have set any attributes has nothing to do with what
isNew() will return.
With your test code below, it should print different things when the same
browser client hits your servlet the 2nd time.
BTW, this is a pretty basic servlet concept. I suggest you might want to
go back to the JSDK docs and review the stuff on sessions.
- Fernando
At 12:08 PM 2/11/00 -0500, you wrote:
>I posted this once before and got no response. Could someone please
>help me with this or at least point me in the right direction or tell me
>this makes no sense at all or something :-)
>
>I am trying to do some work with sessions and I am trying to make sure
>that the session is established with isNew() but it always returns
>true. In my case the session should not be new because I put data in
>the session and was able to retrieve the data from within in the same
>servlet but the isNew() call always returns true. Any ideas??
>
>Here is a snippet of code
>---------------------------------------------------------------------------
>-------
>HttpSession TestSession = request.getSession(true);
>TestSession.setAttribute("testing","this is a test");
>System.out.println("id=" +TestSession.getId()) ;
>
>HttpSession TestSession2 = request.getSession(true);
>System.out.println("isNew=" +TestSession2.isNew()) ;
>System.out.println("id=" +TestSession2.getId()) ;
>System.out.println("attribute testing = " +
>TestSession2.getAttribute("testing") );
>------------------------------------------------------------
>
>here is the output of the code
>------------------------------------------------------
>id=To1010mC5245131899080997At
>isNew=true
>id=To1010mC5245131899080997At
>attribute testing = this is a test
>---------------------------------------------------------
>
>Thanks,
>John
>
>--
>********************************
>** John Thorhauer
>** Web Developer
>** jthorhauer@phoenixcolor.com
>********************************
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: general-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: general-help@jakarta.apache.org
Please Help Me!!
Posted by John Thorhauer <jt...@phoenixcolor.com>.
I posted this once before and got no response. Could someone please
help me with this or at least point me in the right direction or tell me
this makes no sense at all or something :-)
I am trying to do some work with sessions and I am trying to make sure
that the session is established with isNew() but it always returns
true. In my case the session should not be new because I put data in
the session and was able to retrieve the data from within in the same
servlet but the isNew() call always returns true. Any ideas??
Here is a snippet of code
----------------------------------------------------------------------------------
HttpSession TestSession = request.getSession(true);
TestSession.setAttribute("testing","this is a test");
System.out.println("id=" +TestSession.getId()) ;
HttpSession TestSession2 = request.getSession(true);
System.out.println("isNew=" +TestSession2.isNew()) ;
System.out.println("id=" +TestSession2.getId()) ;
System.out.println("attribute testing = " +
TestSession2.getAttribute("testing") );
------------------------------------------------------------
here is the output of the code
------------------------------------------------------
id=To1010mC5245131899080997At
isNew=true
id=To1010mC5245131899080997At
attribute testing = this is a test
---------------------------------------------------------
Thanks,
John
--
********************************
** John Thorhauer
** Web Developer
** jthorhauer@phoenixcolor.com
********************************
Re: Apache Tomcat and SSL?
Posted by Danno Ferrin <sh...@earthlink.net>.
Gunther Schadow wrote:
>
> Jan Labanowski wrote:
>
> > Will it work? I have no idea... I will probably know in a week, since
> > I will be installing this thing in about that time. If you get to it
> > earlier, please LET US KNOW...
>
> one nasty problem with tomcat is that you can not configure where it
> dumps its work and log files into. This is pretty brain dead.
Code up a solution and submit a patch. We would love to have the
contributions.
> I am trying to configure mod_jserv with manual off (autostart tomcat)
> but I'm running into problems that apache runs as nobody and tomcat
> will not be able to write things. There is a real problem that we
> can not do a suid from within a Java thread!
That is what JNI is for, although behavior for SUIDing a thread may vary
from jvm to jvm. Some may suid the whole jvm (probably solaris and
single process jvms) while with IBM on linux you may get a
per-java.lang.Thread alteration (because each thread is a linux
process) But then again, java wasn't meant to be that tight with the OS
it runs on anyway.
--Danno
Re: Apache Tomcat and SSL?
Posted by Gunther Schadow <gu...@aurora.rg.iupui.edu>.
Jan Labanowski wrote:
> Will it work? I have no idea... I will probably know in a week, since
> I will be installing this thing in about that time. If you get to it
> earlier, please LET US KNOW...
one nasty problem with tomcat is that you can not configure where it
dumps its work and log files into. This is pretty brain dead.
I am trying to configure mod_jserv with manual off (autostart tomcat)
but I'm running into problems that apache runs as nobody and tomcat
will not be able to write things. There is a real problem that we
can not do a suid from within a Java thread!
regards
-Gunther
Re: OFFTOPIC: Tomcat/VisualAge integration - JSP classpath error
Posted by Adam Rossi <ad...@platinumsolutions.com>.
> > In the JSP page, I have a line like this at the beginning:
> > <%@ page import="com.javacorporate.db.*" %>
>
> This smells, no stinks, like a CLASSPATH problem!
Yep.
>
> I was wondering myself how one could set a context-specific classpath,
> just as one could use the "repository" in the old ApacheJServ zone
> properties. Unless this works you have to either put your every dependency
> into the global CLASSPATH used to start tomcat or you can throw the
> classes into the WEB-INF/classes directory of your web application.
It works fine if I drop the classes into the WEB-INF/classes directory
(either the *.java files or the *.class files). I can debug beans while they
are used in the JSP page right from VisualAge, and everything works really
nicely. The only problem is, when I change a class, I have to export it from
the IDE to the filesystem each time. The funny thing is, If I only use
servlets, I do not have to export ANY classes to the filesystem - they are
picked up from within the IDE. I added all of the class dependencies to the
VisualAge properties page of the tomcat startup class (per the IBM
tutorial). That satisfies the servlet engine, but the JSP compilation
process does not seem to use these classpath entries.
>
> regards
> -Gunther
>
----------------------------------------------------------------------------
----
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: general-help@jakarta.apache.org
Re: OFFTOPIC: Tomcat/VisualAge integration - JSP classpath error
Posted by Gunther Schadow <gu...@aurora.rg.iupui.edu>.
Adam Rossi wrote:
> org.apache.jasper.JasperException: Unable to compile class for
> JSPwork\8080\_0002fpromptnewstaff_0002ejsp_0002fpromptnewstaff_jsp_0.java:13
> : Package com.javacorporate.db not found in import.
> import com.javacorporate.db.*;
> ^
>
> In the JSP page, I have a line like this at the beginning:
> <%@ page import="com.javacorporate.db.*" %>
This smells, no stinks, like a CLASSPATH problem!
I was wondering myself how one could set a context-specific classpath,
just as one could use the "repository" in the old ApacheJServ zone
properties. Unless this works you have to either put your every dependency
into the global CLASSPATH used to start tomcat or you can throw the
classes into the WEB-INF/classes directory of your web application.
regards
-Gunther
OFFTOPIC: Tomcat/VisualAge integration - JSP classpath error
Posted by Adam Rossi <ad...@platinumsolutions.com>.
I know this is offtopic, but this problem is driving me crazy and I think it
might have something to do with the Tomcat JSP compilation engine.
I am having a problem running JSP's with VisualAge 3.0 and Tomcat 3.0. I
followed the IBM instructions meticulously, and servlets are working fine.
However, when I try to run a JSP, The JSP cannot find the packages specified
in the import statements. I get problems like this:
org.apache.jasper.JasperException: Unable to compile class for
JSPwork\8080\_0002fpromptnewstaff_0002ejsp_0002fpromptnewstaff_jsp_0.java:13
: Package com.javacorporate.db not found in import.
import com.javacorporate.db.*;
^
In the JSP page, I have a line like this at the beginning:
<%@ page import="com.javacorporate.db.*" %>
The weird thing is, if I export the *.java files from visualage to the
project_resources directory corresponding to the project (classes folder),
the JSP page is usable and I can set break points in the corresponding
visualage class. It is almost as if the JSP compilation engine is using a
different classpath and getting an error, but once the JSP page is compiled,
the visualage debugger works fine.
Any help would be greatly appreciated. My hats off to IBM for the
tutorial...I know it has helped a lot of people. Thanks.
Re: Apache Tomcat and SSL?
Posted by Jan Labanowski <jk...@osc.edu>.
On Wed, 9 Feb 2000, Gunther Schadow wrote:
> Thanks, instructions were clear and worked for me.
>
> What I'm yet failing to see is the configuration. It's a mess with
> all those .conf files and these buzzy words "context," "zone" and
> what have you. Is there some tutorial, manual, specification that
> describes this stuff so that one can actually master it in a few
> days? I am wildly hacking in the conf and xml files (ah! how I hate
> XML here) but seem to walk in the dark.
>
> What is the <Location /servlet> ?
>
> Seems to me that there are just too many redirections and overloadings
> of Unix pathnames. What is this /root in
>
> AJPServMount /examples /root
>
> I after hours of hacking, am completely confused (may need a break)
>
> This is all very new stuff that's not well documented, right?
>
> thanks for your help!
> -Gunther
>
I am also blind... {:-)}
AJPServMount /examples /root
Location means the local URL path to which you refer.
So, you need to put here the examples, in your case.
<Location /examples>
Now, remember that you need to put the JServ thing within the block for
vurtual server running https, i.e., after line:
<VirtualHost _default_:443>
but before line:
</VirtualHost>
you put the line
Include /usr/local/apacheXXXX/sources/build/tomcat/etc/tomcat.conf
(I believe)...
Any gurus here?
As I said, I did not do it yet, and I am planning to have sex with this
on the weekend...
Jan
jkl@osc.edu
>
>
> Jan Labanowski wrote:
> >
> > you may want to look at:
> > http://www.ccl.net/cca/software/UNIX/apache/
> > which provides instructions to instal Tomcat + mod_ssl + EAPI + MM module.
> > If the instructions are not clear, please bug me, since I want to make
> > them usefull eventually.
> >
> > As to protecting the /servlets (or whatever) zone (or whatever is the
> > term now), put something like:
> >
> > <Location /servlet>
> > AuthType Basic
> > AuthName "For internal users only"
> > AuthUserFile /usr/local/apache/auth/htpasswd
> > AuthGroupFile /usr/local/apache/auth/htgroup
> > AuthType Basic
> >
> > <Limit GET POST>
> > require group demo
> > </Limit>
> > </Location>
> >
> > into tomcat.conf and of course, create some htpasswd/group files.
> >
> > Will it work? I have no idea... I will probably know in a week, since
> > I will be installing this thing in about that time. If you get to it
> > earlier, please LET US KNOW...
> >
> > Jan
> > Jan K. Labanowski | phone: 614-292-9279, FAX: 614-292-7168
> > Ohio Supercomputer Center | Internet: jkl@osc.edu
> > 1224 Kinnear Rd, | http://www.ccl.net/chemistry.html
> > Columbus, OH 43212-1163 | http://www.osc.edu/
>
Jan K. Labanowski | phone: 614-292-9279, FAX: 614-292-7168
Ohio Supercomputer Center | Internet: jkl@osc.edu
1224 Kinnear Rd, | http://www.ccl.net/chemistry.html
Columbus, OH 43212-1163 | http://www.osc.edu/
Re: Apache Tomcat and SSL?
Posted by Gunther Schadow <gu...@aurora.rg.iupui.edu>.
Thanks, instructions were clear and worked for me.
What I'm yet failing to see is the configuration. It's a mess with
all those .conf files and these buzzy words "context," "zone" and
what have you. Is there some tutorial, manual, specification that
describes this stuff so that one can actually master it in a few
days? I am wildly hacking in the conf and xml files (ah! how I hate
XML here) but seem to walk in the dark.
What is the <Location /servlet> ?
Seems to me that there are just too many redirections and overloadings
of Unix pathnames. What is this /root in
AJPServMount /examples /root
I after hours of hacking, am completely confused (may need a break)
This is all very new stuff that's not well documented, right?
thanks for your help!
-Gunther
Jan Labanowski wrote:
>
> you may want to look at:
> http://www.ccl.net/cca/software/UNIX/apache/
> which provides instructions to instal Tomcat + mod_ssl + EAPI + MM module.
> If the instructions are not clear, please bug me, since I want to make
> them usefull eventually.
>
> As to protecting the /servlets (or whatever) zone (or whatever is the
> term now), put something like:
>
> <Location /servlet>
> AuthType Basic
> AuthName "For internal users only"
> AuthUserFile /usr/local/apache/auth/htpasswd
> AuthGroupFile /usr/local/apache/auth/htgroup
> AuthType Basic
>
> <Limit GET POST>
> require group demo
> </Limit>
> </Location>
>
> into tomcat.conf and of course, create some htpasswd/group files.
>
> Will it work? I have no idea... I will probably know in a week, since
> I will be installing this thing in about that time. If you get to it
> earlier, please LET US KNOW...
>
> Jan
> Jan K. Labanowski | phone: 614-292-9279, FAX: 614-292-7168
> Ohio Supercomputer Center | Internet: jkl@osc.edu
> 1224 Kinnear Rd, | http://www.ccl.net/chemistry.html
> Columbus, OH 43212-1163 | http://www.osc.edu/
Re: Apache Tomcat and SSL?
Posted by Jan Labanowski <jk...@osc.edu>.
you may want to look at:
http://www.ccl.net/cca/software/UNIX/apache/
which provides instructions to instal Tomcat + mod_ssl + EAPI + MM module.
If the instructions are not clear, please bug me, since I want to make
them usefull eventually.
As to protecting the /servlets (or whatever) zone (or whatever is the
term now), put something like:
<Location /servlet>
AuthType Basic
AuthName "For internal users only"
AuthUserFile /usr/local/apache/auth/htpasswd
AuthGroupFile /usr/local/apache/auth/htgroup
AuthType Basic
<Limit GET POST>
require group demo
</Limit>
</Location>
into tomcat.conf and of course, create some htpasswd/group files.
Will it work? I have no idea... I will probably know in a week, since
I will be installing this thing in about that time. If you get to it
earlier, please LET US KNOW...
Jan
Jan K. Labanowski | phone: 614-292-9279, FAX: 614-292-7168
Ohio Supercomputer Center | Internet: jkl@osc.edu
1224 Kinnear Rd, | http://www.ccl.net/chemistry.html
Columbus, OH 43212-1163 | http://www.osc.edu/
On Wed, 9 Feb 2000, Gunther Schadow wrote:
> Hi,
>
> sorry for asking so many questions. Has anyone gotten Tomcat to work under
> Apache/mod_ssl? When I try it, my ajp server throws an exception:
>
> HANDLER THREAD PROBLEM: java.io.IOException: Stream broken
> ...
> at org.apache.tomcat.service.connector.AJP12RequestAdapter.readNextRequest
>
> I suppose this is a bug since everything works fine without SSL.
>
> Tracked down the problem a little more and found that if I use the
> pre-built mod_jserv.so from the jakarta-apache web site (linux/i386/)
> it does work with https. So, I suppose something is broken in
> mod_ssl source code that come with ApacheJServ-1.1? I wanted to
> use the self-compiled code as it doesn't spit out the warning:
> "this module might crash under EAPI!", and, "please recompile with
> -DEAPI." Yes, I'd like to recompile, but from what sources was that
> lonely mod_jserv.so built?
>
> Any ideas?
> regards
> -Gunther
>