Apache/SSL Tomcat config weirdness...
I thought I read a post related to this recently, but I can't find it (the forum search is flaky lately), so I'm making my own post...
We have Apache 1.3 with mod_ssl for SSL, Tomcat 4.1.24 and mod_jk set up. Things work fine for most of this setup, except this weird thing happening with our pushlet servlet. The pushlet is a servlet that never closes and we push data to an applet client in the browser.
The JSP and other servlets (one that creates a chart image, for example) work fine. The weird thing is the pushlet servlet, on the other hand, will not work fine. It has multiple output modes: Javascript, Serialized Object and XML, and we use the Serialized Object mode with the client applet, but for some reason it is disregarding what mode we ask for only when using SSL. When we connect to Tomcat directly (we have port 8080 open for testing) without SSL, the pushlet stuff works fine as well. It seems that when we connect to the pushlet (testing by typing the URL in the browser) with SSL, it defaults to the Javascript mode no matter what we put in the query string of the URL, and Javascript not being serialized objects, the client barfs. (XML mode doesn't work either.)
It's made more weird because the debug statements we put in the doGet method of the pushlet servlet don't get written either in SSL mode, but they do in non-SSL mode. Very strange, cuz basically we figured the pushlet servlet is somehow not getting the parameters of the query string in the request (which is what I thought I saw a thread about that I mentioned before).
So clearly the obvious answer is that something isn't configured correctly between Apache and Tomcat. But I can't seem to figure out what. Any ideas?
I wouldn't say most... you've been pretty busy yourself...
One possible conclusion we've come up with is: We are using RedHat Linux 9, and I rebuilt Apache, mod_ssl and mod_jk myself on that system. But someone else installed it, and I recall (vaguely, and the someone else no longer around) that he had some issue running them with the mod_jk I built for RH9, so he ended up using the one we had from a RH7.2 installation (which the whole thing on a RH7.2 system works fine, SSL or not). He had said it was working with the RH7.2 mod_jk, but maybe he didn't check the right things, and I didn't follow up on it at the time cuz it wasn't important at the time.
So the thought is that maybe it's the mod_jk that's really causing a problem for some reason. Some incompatability in the builds for the OS versions. Why it's only during SSL connections, I don't know, but the rest of the config seems to be correct.
As for the SSL How-To, yes, I've looked thru it again (as I said, though, we have the same thing on an RH7.2 system is working fine, and in both cases I built Apache, mod_ssl and mod_jk from source for both systems). I'm considering setting up stand-alone SSL on Tomcat and taking Apache out of the loop to see if it works that way.
We have, however, pretty much ruled out the pushlet servlet (it's 3rd party code) as the problem. We have the source, and it's too simple in what it does to be messed up, and debug statements we put in don't seem to indicate any problem.
Well, more investigations tomorrow.
Similar Messages
-
Which is better for servers, Apache or Tomcat?
Which is better for servers, Apache or Tomcat?
For some reason that link I gave you isn't working right now, but it was today, weird. I would get Tomcat simple because sun uses it in its examples and recommends it. Here's sun's link then, it's probably more useful anyway. http://java.sun.com/products/jsp/
-
Client authentication with apache+mod_ssl+tomcat
Hello.
My question is a little bit off topic.
I try to read client certificates with request.getAttribute("javax.servlet.request.X509Certificate"), but the result is always null.
Probably it's null because I have nothing on the session. So my tomcat does not have the certificate. I use apache + mod_ssl + mod_jk + tomcat.
And here is my question: how did you configured apache and tomcat so that tomcat has the client cert ?
Thanks.usually u generate a keystore for client, and mention that in ur SSL connector of tomcat
in apache, we need to configure things in ssl.conf -
I'm seeing a similiar issue as reported against apache in Tomcat 5.5
http://www.merchantpal.net/modules.php?name=News&file=article&sid=91
The fix for this IE 6 bug in apache is to add
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
to httpd.conf.
Does anyone know how to fix this in Tomcat?
ThanksHello,
I am trying to setup a ldap-client app that connects
throught an SSL connection. I can make unsecure
connections, but when I try to connect through SSL I
get the following:
Exception in thread "main"
javax.naming.CommunicationException: anonymous bind
failed: localhost:636. Root exception is
javax.net.ssl.SSLHandshakeException: Signature does
not match.
at
at
t
com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA1275
Does anybody have an idea what is wrong??Hi,
Try using the SSL provider that comes along with some webservers. or the JSSE which is packaged along with jdk1.4 beta(even available as a separate download).
Regards,
Sathya Sayee.S -
Right problem with apache and tomcat
Bonjour;
I use a user login "apache" to stop/start Apache and tomcat. Because never launching apache et tomcat as root.
But I have the following problem with apache (file error.log) :
[Tue May 6 17:26:22 2003] [error] Connection "warpConnection" cannot connect
[Tue May 6 17:26:22 2003] [error] Cannot open connection "warpConnection"
[Tue May 6 17:27:01 2003] [error] Re-Trying to deploy connections
As root the error msg does'nt exists (lost)
Best regards;
A+;Run it from the shell to see whats wrong:
# httpd -
Apache 2, Tomcat 5, mod_jk2 configuration problem
I am setting up a Web Server on a RedHat Enterprise Linux box. I installed the RedHat Application Server that installs Apache 2, Tomcat 5 and Mod_JK2. I can't get the mod_jk2 configured properly. I've searched the internet and haven't found any documentation that will work with this.
I need to know how to configure the mod_jk2 with Apache2 and Tomcat 5.
PLEASE HELP!!! Nothing I've tried from the Internet has helped. The best site that I've found is ::
http://www.johnturner.com/howto/apache2-tomcat4127-jk-rh9-howto.html
but its for tomcat 4 so it doesn't work for me.
Has anyone does this before that can help me????
Thanks in advance.Ended up downloading and installing the mod_jk instead of the mod_jk2 that came with RedHat Application Server.
-
Apache - mod_jk - tomcat site filesystem question
hi all
we finished today to set up apache+mod_jk+tomcat togheter
we done it because in this way apache will serve static pages and tomcat jsp + servlet right?
now, a (maybe stupid) question:
how to make apache serve static pages and tomcat jsp & servlets? shall we divide our site into two directories (one, with static pages and the other with servlet and jsp) or there is a way to map our site under tomcat and apache in order to avoid such a division?
thanx a lot
sandrothanx a lot for your answer
but i need another suggestion:
lets imagine i have my little site with this directory sistem:
directory "mysite"
here a lot of *.htm files and a directory named "dinamic" containing all the dinamic content (*.jsp and the WEB-INF/classes/*.class files)
now my question is:
can I leave this structure intact or shall i divide the *.htm files from the dinamic content?
what do the standard tell?
thanx a lot
sandro -
Apache 2, Tomcat 4 and Oracle's XSQLServlet not working together
Hi
I cannot even get the basic demos in ./demo/java/xsql to work with this combination of technologies.
I am running this on Red Hat Linux 8. Apache and Tomcat work fine, the CLASSPATH is set and I have created the Alias etc.
I believe that the .xsql type is not being processed by my XSQLServlet, because calling up http://localhost/xsql/ brings up 3 raw xsql files in the browser.
All the documentation I have found describes using XSQL with older Apaches and JServ. JServ is now replaced by Tomcat and Tomcat 4 is much different from earlier versions of Tomcat. Despite that I believe I have guessed and made the correct changes to httpd.conf and web.xml to make the XSQLServlet work.
Has anyone got these to work ? I've been at this for days and am driven half mad by it ! All that has kept me at it is that this seems like a magnificent combination of technologies. Many thanks in advance... for any advice at all.
- DesAndyRTR wrote:Please check the new libreoffice version in testing. It should work with openjdk6 and jre7-openjdk. Not sure if closed
Oracle jre7 from AUR will also get detected.
Thanks for the info. Yaourt -Syu will be my friend
Java7 is recognized, great. Too bad java web plugin could be blacklisted because of security matters.
Last edited by fredbezies (2011-10-05 14:58:07) -
Apache + 2 Tomcats session replication problem.
Greetings everyone.
Before stating the problem, let me explain how my environment is set.
I have two machines. One (PC1) running Apache (HTTP server 2.0.58)
and one instance of Tomcat (5.0.28) and another machine (PC2) with
another instance of Tomcat(5.0.28).
The Apache server
It is configured to handle static content, to redirect dynamic content to a
Tomcat instance through AJP 1.3 connector.
This process is done through the mod_jk and the workers.properties
The workers.properties file is configured to have sticky_session = True
so it assigns a SESSION_ID to the same Tomcat it was first assigned.
The workers.properties file is configured to have
sticky_session_force = True so if the Tomcat the SESSION_ID was
assigned is not available, the server answers with a 500 error.
The Tomcat servers
Both have only the AJP 1.3 connector enabled
Both have the Cluster tag from the server.xml file uncommented
and the useDirtyFlag flag set to false, for not to allow SESSION
replication between Tomcats.
The workers.properties file
workers.apache_log=C:/Apache2/logs
workers.tomcat_home=C:/Tomcat5
workers.java_home=C:/j2sdk1.4.2_13
ps=/
#Defining workers -----------------------------
worker.list=balancer,jkstatus
#Defining balancer ---------------------------
worker.balancer.type=lb
worker.balancer.balance_workers=tel1, tel2
worker.balancer.sticky_session=True
worker.balancer.sticky_session_force=True
worker.balancer.method=B
worker.balancer.lock=O
#Defining status -----------------------------
worker.jkstatus.type=status
worker.jkstatus.css=/jk_status/StatusCSS.css
#Workers properties ---------------------------
worker.tel1.type=ajp13
worker.tel1.port=8009
worker.tel1.host=127.0.0.1
worker.tel1.lbfactor=1
worker.tel1.socket_keepalive=False
worker.tel1.socket_timeout=30
worker.tel1.retries=20
worker.tel1.connection_pool_timeout = 20
#worker.tel1.redirect=tel2
worker.tel1.disabled=False
worker.tel2.type=ajp13
worker.tel2.port=8009
worker.tel2.host=199.147.52.181
worker.tel2.lbfactor=1
worker.tel2.socket_keepalive=False
worker.tel2.socket_timeout=30
worker.tel2.retries=20
worker.tel2.connection_pool_timeout = 20
#worker.tel2.redirect=tel1
worker.tel2.disabled=False
THE PROBLEM
I open a browser in the jk-status page to see how the Tomcat instances are
working, and both are working fine: Stat -> OK, now as the
loadbalancing factor is 1 on both Tomcats, an even alternating session
distribution is set.
While this browser is open to keep an eye on the status, I open a new
browser (B1)to connect to my Web Application, Apache answers
correctly and gives me a SESSION_ID for Tomcat instance 1 [both
instances are OK], if I make a simple refresh, my SESSION_ID is still the
same so I'm assigned to Tomcat instance 1 but this time I get an
ERROR 503 - Service unavailable but looking at the status of the
Tomcat instances both instances are still OK, no-one is down. And it
stays throwing this error for as many refreshes i do.
Now, I open a new browser (B2)and do the same process as before,
as expected, Apache now gives me a SESSION_ID for Tomcat instance 2,
repeating the same refreshing process, the error is thrown again, but still at
the jk-status page, both instances are fine.
Without closing these windows, I make a new refresh try on B1 and
even though the jk-status says both Tomcat instances are OK, the error
is still thrown. I open a third one (B3), and Apache again, correctly
gives me a new SESSION_ID for Tomcat instance 1 and answers
correctly on the first call. But once again if i repeat the refreshing process, the
error is thrown again.
Note: Using a different resolution to always keep and eye on the
instances status and using a refresh rate of 1 second for status, both
servers always were OK.
So the main problem is that somehow when the session is replicated
to the same tomcat, Apache confuses and thinks it is not available, when
asking it through the jk-status it tells it is OK
I've been trying different configurations with both Apache and Tomcat,
but there must be something missing since I don't get it to work correctly
Thanks in advance for all your helping comments.
- @alphazygmaWhew... that was quite an answer... definitely is going to help him a lot. Yeah any n00b by now should know how to use google, but that's not the point in this forums, here we are to help each other. and wether you like it or not many of us deploy applications to tomcat and stumble on this. So dont try to be cool posting this kind of answers like google this or google that if you dont have an answer please dont comment you will appear to be more noobish than you aparently are.
Well enough talking.
I found the following useful: (it comes in the server.xml of the tomcat configuration)
<!-- You should set jvmRoute to support load-balancing via JK/JK2 ie :
<Engine name="Standalone" defaultHost="localhost" debug="0" jvmRoute="jvm1">
-->
Enabling that entry on both machines should be enough.
Aparently the problem is not with apache. is with tomcat since it can't retain the session apache gives.
more information in the Tomcat help at:
http://tomcat.apache.org/tomcat-5.0-doc/balancer-howto.html#Using%20Apache%202%20with%20mod_proxy%20and%20mod_rewrite -
Integrating Apache with Tomcat?
Anyone have a guide to integrating Apache with Tomcat using mod_jk?
I followed some guides online, but they all seem really dated with some obscure references. This seems like it should be on the top of the list....Hi Alan.
I've discovered the exact same problem.... 0.0.0.0 instead of 127.0.0.1
You've obviously not had any replys here, but di you end up working it out on your own? -
Apache with Tomcat and dispatcher class.
I have a MVC design set up with a controller and dispatcher class. I am trynig to forward the results to a specific JSP. If I run the design completely within Tomcat, then everything works great. I have a tomcat site set up called /jsp. My servlet is within the jsp site. So if I do http://localhost:8080/jsp/mypage.jsp it will bring up the page fine. I then submit to and action of /myservlet?action=test. The servlet/dispatcher classes process and forward the request to "/jsp/mypage_result.jsp". All is fine and dandy.
However, when I try to run this through Apache first let the MOD_JK2 send the JSP/servlet requests to Tomcat the dispatcher doesn't work. I alway get the ERROR 404 page within tomcat (see note 1 below). Even if I use a "./mypage_result.jsp", because the pages are in the same directory, I still the get the error. Can anyone help?
What I think is happening is that when I make the inital request of http://localhost/jsp/mypage.jsp the request gets sent to Tomcat from Apache. Tomcat processes the jsp page and displays the result to the client. The user submits the data to the servlet (through Apache which pushes it to Tomcat). The servlet/dispatcher code runs and then gets ready to forward the request on. Where I get confused or I am completely guessing is that when the forward method gets called. Does it forward the request on as a HTTP request or as a request within Tomcat? I would guess it is an http request and the request comes in through Apache which (depending on the worker2.properties file) will or will not forward the request to Tomcat. This is where the problem happens. On this forward in the dispatcher class.
Please help.
NOTE 1:
HTTP Status 404 - /mypage_result.jsp
type Status report
message /mypage_result.jsp
description The requested resource (/mypage_result.jsp) is not available.
Apache Tomcat/4.1.24After reading the documentation for the getRequestDispatcher method it seems that the file you are forwarding to must be in the same context. Well if it is in the same context within Tomcat, does it mean it is the same when I am trying to use Apache?
Anyone out there go this to work?
Thank you in advance for reading my post. -
Hi, I integrated Apache with Tomcat Cluster on Windows 2000. I instalated mod_jk2.dll, created workers2.properties and configurated server.xml in Tomcat instances. If I try to reach my .jsp file, e.g. http://localhost/root/main.jsp, I get follow message from Tomcat: source root/main.jsp is not available. What�s wrong? Can anybody help me? Apache version: 2.0.47, Tomcat: 1.4.27
Well, the first order of business is to determine exactly where main.jsp is located. If it is at <CATALINA_HOME>/webapps/main.jsp, then it should be at http://localhost:8080/main.jsp. Bypass Apache and verify that you can get to the Tomcat specific pages first.
Basically, we're trying to determine a) the correct URL and b) whether the problem is with Tomcat itself, or with the connections between Apache and Tomcat.
Essentially, we can't tell you where your configuration is incorrect until you tell us what your configuration is. :) -
Adv. of using apache with tomcat??
can anyone pl tell me the advantages of using Apache with Tomcat in comarison to other web servers?
ThanksThe biggest advantages are that they are open source, so you don't have to pay a huge licence fee, and they are very stable. I don't know how they compare for speed - I know Apache is lightning when it comes to serving flat pages, there are no benchmarks yet for the new Tomcat because it was only released last monday. You can run them on linux or another unix variant, so they are more likely to be secure (windows servers are horrendously open to attack) and stable.
-
Have seen throughout the newsgroups references to the segmenation faults occuring with Apache-SSL and the WLS module. The fix in most instances was to was to remove a PathTrim statement, and the segfaults went away.I do not have any PathTrim statements, and only have to add the LoadModule and AddModule lines to the httpd.conf and any attempted SSL connection will generaet a segfault (I have not even added the IfModule mod_weblogic.c statement)I am running Apache 1.3.9, mod_ssl, Weblogic 6 SP1.Any help would be greatly appreciated.ThanksMark Parker
Is there a tentative list of accelerators that will be supported? If the
Sun accelerators are not on that list, please add them.
-chris
"Michael Young" <[email protected]> wrote in message
news:[email protected]..
whoops - got ahead of myself.
I don't know that there are plans to have the plugin use hardwareaccelerators. I was
writing about the WLS server supporting hardware ssl accelerators in thefuture.
>
Michael
Michael Young wrote:
Hi.
Currently there is no support for ssl hardware accelerators. There are
plans for this
in the next major release of WLS due out next year.
Thanks.
Michael
Lloyd Sher wrote:
Does anyone know if the apache ssl weblogic plug-in supports hardware
accelerators
(ie nCipher)?
If so how would this work? If not, are there any plans?
Thanks,
Lloyd--
Developer Relations Engineer
BEA Support--
Developer Relations Engineer
BEA Support -
What is difference between Apache server and Apache tomcat.
And Apache is the Web server or Application server.
please help me..My understanding is that Tomcat is a web container
rather than a full-blown app server. It can be run
standalone as a web server, i.e. it is not necessary
to pair off Apache and Tomcat. See here for a
discussion on the subject
http://saloon.javaranch.com/cgi-bin/ubb/ultimatebb.cgi
?ubb=get_topic&f=56&t=004273What that thread is saying is that it didnt used to be a full blown web-server, it is now. The fact that it can be run standalone, serving both static and dynamic content makes it so.
Maybe you are looking for
-
Need advice on how to approach interactive timeline/chart Component
For my application I need a component (or combination of components) that shows a number of different types of events along a timeline, displays them in different ways as specified and allows you to click/hover along the timeline to add/modify/get de
-
Sum of the sql query after a control break
Hi all, I need some help about getting the final sum of the sql query after doing a control break in a dynamic report, ( the control break make me the sum of each report but didn't leave me the sum of all the query) Thanks in andvance for your help !
-
Is a simple question. I have a KT3 Ultra2 series mb with a via kt333 chip series. I am running an Athlon xp2400 cpu on Windows XP. The infoview reports the processor to be only an xp1800+. How and where do i fix this??????? (I am bios friendly) thanx
-
Not all drives available for export?
Hi, I'm new to Lightroom (3.2 on Windows 7 64 Bit) so please bear with me if it should be a known problem - couldn't find an answer in the forum or help so far: When I want to export images, more often than not I only see my user folder in the window
-
How do you change the lettering style of a adobe document that has been sent to you?
How do you change the lettering style of a adobe document that has been sent to you?