tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fran Boon <>
Subject proxy:ajp 'client denied by server configuration' when too many simultaneous requests happen
Date Fri, 18 Feb 2011 19:24:04 GMT
httpd error log:
client denied by server configuration:

This happens under 'high' load only: 1st few requests of a batch are
answered but then they start dying - there are no bad URLs here.

httpd snippet:
ProxyPreserveHost on
RewriteRule ^/geoserver/(.*)$ ajp://localhost:8009/geoserver/$1 [P]
ProxyPassReverse /geoserver ajp://localhost:8009/geoserver/

<LocationMatch "^(/[\w_]*/geoserver/.*)">
   Order Allow,Deny
   Allow from all

I have tried these configuration options without any apparent difference:
<Proxy ajp://localhost:8009>
   ProxySet keepalive=On timeout=15 ttl=60

Happens even with 'Allow from all' in proxy.conf (in fact nothing in
that file makes any difference, presumably as it only affects Forward

I have tried with both the default prefork MPM & also the worker MPM.

Back-end is GeoServer in Tomcat 6 (exactly same thing happened with
5.5) on Debian Squeeze 64-bit & current Sun JVM.
Nothing in the logs at the back-end, though, seems to be a problem
with the Connector.
Same thing whether or not using the 'APR based Apache Tomcat Native
library 1.1.20' or not.
I tried putting in a connectionTimeout into server.xml, but it makes
no difference:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
connectionTimeout="60000" />

Same with setting the minSpareThreads="32" maxThreads="256"
to match those in apache.conf
<IfModule mpm_worker_module>
    StartServers          2
    MaxClients          256
    MinSpareThreads      32
    MaxSpareThreads     128
    ThreadsPerChild      32
    MaxRequestsPerChild 1024

None of these tuning options seem to make much difference.

Only web posts I've seen are the on/off conditions rather than erratic ones.

Many thanks, for any suggestions :)


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message