tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: [OT] can't connect to manager application
Date Fri, 18 Oct 2013 16:53:11 GMT
Edoardo Panfili wrote:
> Il 18/10/13 18:38, André Warnier ha scritto:
>> Edoardo Panfili wrote:
>>> Il 18/10/13 18:17, Christopher Schultz ha scritto:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA256
>>>>
>>>> Edoardo,
>>>>
>>>> On 10/18/13 12:04 PM, Edoardo Panfili wrote:
>>>>> Il 18/10/13 16:40, André Warnier ha scritto:
>>>>>> Edoardo Panfili wrote:
>>>>>>> Il 18/10/13 08:43, Ognjen Blagojevic ha scritto:
>>>>>>>> On 18.10.2013 7:34, Edoardo Panfili wrote:
>>>>>>>>>> To rule out faulty upgrade, could you try to reproduce
>>>>>>>>>> the problem on clean Tomcat 7.0.42 install?
>>>>>>>>> the problem was surely present with 7.0.39, the 7.0.42
is a
>>>>>>>>> fresh installation for me.
>>>>>>>>
>>>>>>>> Could you please clarify: does the problem exists on 7.0.42,
>>>>>>>> 7.0.39 or both?
>>>>>>> both
>>>>>>>
>>>>>>>> Could you provide steps to reproduce the problem on fresh
>>>>>>>> 7.0.42 installation?
>>>>>>> - unpack tomcat - modify listen port - modify tomcat-users.xml
>>>>>>> - copy jmxremote.access and jmxremote.password (setting
>>>>>>> permissions) - build jsvc - copy configuration files for
>>>>>>> applications (in $tomcat/conf/Catalina/localhost)
>>>>>>>
>>>>>>> thank you for you question: also jmx remote access is not
>>>>>>> working (in both tomcat 7.0.39 and 7.0.42), maybe the two
>>>>>>> problems are related?
>>>>>>>
>>>>>>>
>>>>>>>> I tried to reproduce with the information you provided so
>>>>>>>> far, but I was unable. It works for me.
>>>>>>> Also on my local machine, where jmx is not configured.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Usually, a good place to look first, are the Tomcat logfiles.
>>>>>> What do they say ?
>>>>>
>>>>> searching for "java.lang.SecurityException: Restricted
>>>>> (ContainerServlet) class
>>>>> org.apache.catalina.manager.ManagerServlet"
>>>>>
>>>>> seem that the solution is to add privileged="true" at
>>>>> $tomcat/conf/context.xml... and the "reoload" command now works.
>>>>
>>>> No no no no no no no no no do not do that: you will make every webapp
>>>> deployed on Tomcat privileged.
>>> ok, right, context.xml is back to the original.
>>>
>>>
>>>> Tomcat's manager should already be set to privileged="true". Are you
>>>> sure you didn't change anything else?
>>> setenv.sh but... removing it nothing changes from this point of view.
>>>
>>
>> Do you need to run with the Java Security Manager enabled ?
> no, there are only trusted applications.
> 
> 
>> As far as I know, it only really helps when you allow the installation
>> of apps of which you do not know if they are secure or not.
> but the only thing that I changed (for java security management) is 
> setenv.sh and removing it nothing changes. Am I missing something?
> 
> I will try a step by step install on another machine (can't do this on 
> production server)
> 

By the way (and nothing to do with your current problem), I see the arguments :
-Xmx8192m -Xms2048m
It is usually recommended to set them at the same value, for a server.  It gains some 
efficiency, by stopping Java from resizing the Heap regularly.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message