tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: HTML 508 error with container authentication and virtual host
Date Tue, 07 Jul 2015 14:55:59 GMT
David Hoffer wrote:
> 1. Apache Tomcat/7.0.55 (Ubuntu)
> 2. Hum I don't think so...it works fine when using the full URL, e.g.
> www.mycompany.com:8080/myapp its only when we use Apache 

wait.. what, how ? you are using an Apache httpd front-end ? you never mentioned that 
before.  We have no crystal ball here, so we are trying to guess your configuration, to 
try to guess what the problem may be.
But if you are hiding things for us, this could take a long time.

We may also need to know how exactly you are proxying from Apache httpd to Tomcat then.
Anyway, also send your webapp's web.xml.

 From your (incomplete) description so far, it looks as if your may re-directing to the 
wrong place, which re-directs to the wrong place, which re-directs to the wrong place and

so on.  You are probably doing your very own DOS attack on your own server. :-)

You may be able to figure this out by yourself, if you think about what really happens, 
step by step.

so users can get
> to this same app via myapp.mycompany.com that we get the 508 error from
> Tomcat.
> 3. I don't think we have made any changes to Tomcat's server.xml but here
> is a copy.
> 
> <?xml version='1.0' encoding='utf-8'?>
> 
> <Server port="8005" shutdown="SHUTDOWN">
>   <Listener className="org.apache.catalina.core.JasperListener" />
>   <Listener
> className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
>   <Listener
> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
>   <Listener
> className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
> 
>   <GlobalNamingResources>
>     <Resource name="UserDatabase" auth="Container"
>               type="org.apache.catalina.UserDatabase"
>               description="User database that can be updated and saved"
>               factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>               pathname="conf/tomcat-users.xml" />
>   </GlobalNamingResources>
> 
>   <Service name="Catalina">
>     <Connector port="8080" protocol="HTTP/1.1"
>                connectionTimeout="20000"
>                URIEncoding="UTF-8"
>                redirectPort="8443" />
> 
>     <Engine name="Catalina" defaultHost="localhost">
>       <Realm className="org.apache.catalina.realm.LockOutRealm">
>         <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
>                resourceName="UserDatabase"/>
>       </Realm>
> 
>       <Host name="localhost"  appBase="webapps"
>             unpackWARs="true" autoDeploy="true">
> 
>         <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs"
>                prefix="localhost_access_log." suffix=".txt"
>                pattern="%h %l %u %t &quot;%r&quot; %s %b" />
> 
>       </Host>
>     </Engine>
>   </Service>
> </Server>
> 
> 
> 
> On Tue, Jul 7, 2015 at 8:28 AM, André Warnier <aw@ice-sa.com> wrote:
> 
>> Hi.
>>
>>
>> David Hoffer wrote:
>>
>>> I've added FORM container authentication with Tomcat and everything works
>>> fine as long as users use the full URL to the app (URL in Tomcat's manager
>>> app).
>>>
>>> However users want to use a different URL based on a virtual host, e.g.
>>> myapp.mycompany.com.  It brings the users to the app no problem but then
>>> when they try to login Tomcat reports a 508 error, how do I solve this?
>>>
>>> The URL in the browser when this happens is
>>> myapp.mycompany.com/j_security_check
>>>
>>>
>> 1) to save time to everyone in the end, please provide at least the full
>> version of Tomcat that you are using.
>> 2) HTTP status code 508 indicates that some server resource limit has been
>> reached.  That points to some kind of infinite loop. That would tend to
>> hint at the fact that whatever your login form is pointing to, maybe itself
>> is a protected location and so on..
>> 3) Anyway, your question above would be a lot clearer (and it would also
>> save time), if you copy and paste the content of your Tomcat's "server.xml"
>> file, below here :
>> (please remove any comments and confidential information)
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message