tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: [OT] can't connect to manager application
Date Fri, 18 Oct 2013 16:55:49 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

André,

On 10/18/13 12:53 PM, André Warnier wrote:
> Edoardo Panfili wrote:
>> Il 18/10/13 18:38, André Warnier ha scritto:
>>> Edoardo Panfili wrote:
>>>> Il 18/10/13 18:17, Christopher Schultz ha scritto:
>>>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
>>>>> 
>>>>> Edoardo,
>>>>> 
>>>>> On 10/18/13 12:04 PM, Edoardo Panfili wrote:
>>>>>> Il 18/10/13 16:40, André Warnier ha scritto:
>>>>>>> Edoardo Panfili wrote:
>>>>>>>> Il 18/10/13 08:43, Ognjen Blagojevic ha scritto:
>>>>>>>>> On 18.10.2013 7:34, Edoardo Panfili wrote:
>>>>>>>>>>> To rule out faulty upgrade, could you try to
>>>>>>>>>>> reproduce the problem on clean Tomcat 7.0.42
>>>>>>>>>>> install?
>>>>>>>>>> the problem was surely present with 7.0.39, the
>>>>>>>>>> 7.0.42 is a fresh installation for me.
>>>>>>>>> 
>>>>>>>>> Could you please clarify: does the problem exists
>>>>>>>>> on 7.0.42, 7.0.39 or both?
>>>>>>>> both
>>>>>>>> 
>>>>>>>>> Could you provide steps to reproduce the problem on
>>>>>>>>> fresh 7.0.42 installation?
>>>>>>>> - unpack tomcat - modify listen port - modify
>>>>>>>> tomcat-users.xml - copy jmxremote.access and
>>>>>>>> jmxremote.password (setting permissions) - build jsvc
>>>>>>>> - copy configuration files for applications (in
>>>>>>>> $tomcat/conf/Catalina/localhost)
>>>>>>>> 
>>>>>>>> thank you for you question: also jmx remote access is
>>>>>>>> not working (in both tomcat 7.0.39 and 7.0.42), maybe
>>>>>>>> the two problems are related?
>>>>>>>> 
>>>>>>>> 
>>>>>>>>> I tried to reproduce with the information you
>>>>>>>>> provided so far, but I was unable. It works for
>>>>>>>>> me.
>>>>>>>> Also on my local machine, where jmx is not
>>>>>>>> configured.
>>>>>>>> 
>>>>>>>> 
>>>>>>> 
>>>>>>> Usually, a good place to look first, are the Tomcat
>>>>>>> logfiles. What do they say ?
>>>>>> 
>>>>>> searching for "java.lang.SecurityException: Restricted 
>>>>>> (ContainerServlet) class 
>>>>>> org.apache.catalina.manager.ManagerServlet"
>>>>>> 
>>>>>> seem that the solution is to add privileged="true" at 
>>>>>> $tomcat/conf/context.xml... and the "reoload" command now
>>>>>> works.
>>>>> 
>>>>> No no no no no no no no no do not do that: you will make
>>>>> every webapp deployed on Tomcat privileged.
>>>> ok, right, context.xml is back to the original.
>>>> 
>>>> 
>>>>> Tomcat's manager should already be set to
>>>>> privileged="true". Are you sure you didn't change anything
>>>>> else?
>>>> setenv.sh but... removing it nothing changes from this point
>>>> of view.
>>>> 
>>> 
>>> Do you need to run with the Java Security Manager enabled ?
>> no, there are only trusted applications.
>> 
>> 
>>> As far as I know, it only really helps when you allow the
>>> installation of apps of which you do not know if they are
>>> secure or not.
>> but the only thing that I changed (for java security management)
>> is setenv.sh and removing it nothing changes. Am I missing
>> something?
>> 
>> I will try a step by step install on another machine (can't do
>> this on production server)
>> 
> 
> By the way (and nothing to do with your current problem), I see
> the arguments : -Xmx8192m -Xms2048m It is usually recommended to
> set them at the same value, for a server. It gains some efficiency,
> by stopping Java from resizing the Heap regularly.

He's using jsvc anyway, so setenv.sh pretty much has no meaning.

I think there's a lot more going on than Edoardo is telling us. I
think lots of things are changing between reports and we cannot keep
up. A fresh install is the way to go and to see some up-to-date error
messages. It's clear that his current install is a shambles at this point.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJSYWgTAAoJEBzwKT+lPKRYrxAP/3mEjsYODfDlj6sogIHSNIPn
wV0Z9dSa/ffbFty73cgRC5H/CTM1UqizYkpUSWH3eP1ydFTM3ZnzsAS1eA+YQ0nJ
vhPvHB4J/htKsjzL36LE8FPNO2Ug8ckIfknBF6TJwGFkTjWUA76fnGIRLzxo53qL
dn7bCoXXRY08PA4eQKQDQXv6YYlP/or5bRFphRVQOKezQ8/nl26Y4MyzGg33detp
/U0rJVCVii52uVEnbwDL9N7UD4ErQB96+qO814+9Kk94ClbcgSJMsuuJQI24rh0J
CsY0fsy8LHXqvnGQi61cCD8uAsn5Hf5fOOdPa7HAdzr7e4v5o1dKguhg076mBfrX
WBDL09sck874d3YVEb0gR+UnDpmUxoUMeOfqdqK0cw28h8I6QmX/v2wrJ/xhwFbU
IlRHlRLsLzgnCsE4vXuTp+/nEfGqUDnQD+JyGM5FCzrQTQJquUmZXFOBDPwLnX73
jqHebAtDnZCEZ4p0w26Wr74u8XuWU0ndq3CrnowfhOdFC9NhprceOba3E+pvgM0E
7yakxmPCiYWJTSvnEYYm4WxOiSJoZVDrHEcEMncP/D8Ce9HjrwG8hASM5qitcX6/
Wfhcz5Clh3+3H+cSeh6axnKsG+NDTuIbUfzQObJXcwIuFM8cSi9tSX1m2fHRNUoP
z+EaU4uElI3IWKcvs43y
=HJgi
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message