We are using protocol="org.apache.coyote.http11.Http11NioProtocol" and I have a question as to what the max concurrent sessions Tomcat can handle?
As per my understanding http11.Http11NioProtocol Tomcat can handle 10000 connection with 200 Threads.
Looking below, can I consider my Tomcat will handle around 70000 Sessions at a time?
<Connector executor="tomcatThreadPool"
port="8080" protocol="org.apache.coyote.http11.Http11NioProtocol"
connectionTimeout="20000"
maxThreads="1500"
clientAuth="false"
SSLEnabled="false"
scheme="https"
secure="true"
proxyPort="443"
maxHttpHeaderSize="65536"
sessionCacheSize="16384"
sessionTimeout="120"
proxyName="test.com"
redirectPort="443" />
Related
My Spring web is facing with net::ERR_INCOMPLETE_CHUNKED_ENCODING in chrome
Environment:
Client: Chrome 54 (latest)
Server: CentOS 7, Tomcat 9.0.0.M11
Spring 4.1.1.RELEASE
Web app WAS OK. But after I added a filter to add Cache-Control, after some days, this problem came with me in Chrome ONLY:
net::ERR_INCOMPLETE_CHUNKED_ENCODING .... example.com/js/bundle.js
<filter>
<filter-name>CacheFilter</filter-name>
<filter-class>com.example.filter.CacheFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CacheFilter</filter-name>
<url-pattern>/js/*</url-pattern>
<url-pattern>/css/*</url-pattern>
</filter-mapping>
As you see, I made a cache filter for js and css-es and problem came with all of them.
Current tomcat configuration:
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
useSendfile="false"
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml, application/javascript, text/css"
/>
After I removed the filter, the problem gone, but this is just a temporary fix.
Any better solution?
Thanks for read.
Some more research:
I am not using any antivirus
I am not using any adblock
I am not using any chrome extension
I want to host multiple applications on different ports on single instance of tomcat.
I have gone through the following link and made the following changes in my /etc/tomcat/server.xml file and added the following lines.
How to run different apps on single Tomcat instance behind different ports?
Server.xml
<Service name="app1">
<Connector port="8082" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
<Engine name="Catalina1" defaultHost="localhost">
<Host name="localhost" appBase="app1"
unpackWARs="true" autoDeploy="true">
</Host>
</Engine>
</Service>
<Service name="app2">
<Connector port="8083" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
<Engine name="Catalina2" defaultHost="localhost">
<Host name="localhost" appBase="app2"
unpackWARs="true" autoDeploy="true">
</Host>
</Engine>
</Service>
In the appBase I have provided both the ways.
1. direct folder name.
2. path : webapps/temp.
The problem is when I hit the port 8082 and 8083, I dont get the default page It works for tomcat.
and I am not able to make call to my url.
Eg : ip:8082/temp/xyz/abc/param1=hello¶m2=world
ip:8083/temp/xyz/abc/param1=hello¶m2=world
When I see in network I am getting 404 error for my url.
But if Call the same url using port 8081 (Default configuration in server.xml) it works perfectly fine I get the response correctly.
What I am doing wrong here.
Also If possible please tell me the drawbacks and problems if I proceed in this way, to host multiple application on single tomcat instance.
Thanks
There are multiple issues with your current configuration. I recommend that you read though the other question you linked to carefully.
Specifically:
Service names must be unique
Engine names must be unique
appBase values must be unique
appBase values must not overlap
Personally, I wouldn't do it this way. I'd run everything under a single service/engine and use virtual hosting. You need to set up a DNS name for each service but with virtual hosting you avoid users having to include the port number in the URL they use to access the service.
For my application I have a combination of a REST service; and a web site. Both of which are within the same web app.
To secure both I added this security domain to my standalone.xml. (MyAuthClass is a basic authentication extension that reaches out to a third party system for authentication)
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="my-authentication" cache-type="infinispan">
<authentication>
<login-module code="com.myAuthClass.Impl" flag="required"/>
</authentication>
</security-domain>
<security-domain name="other" cache-type="default">
...
I was using cache-type="default" but then I adapted to infinispan, so I can set a life span. As I understand it I set up a special cache like so.
<subsystem xmlns="urn:jboss:domain:infinispan:2.0">
<cache-container name="security" default-cache="auth-cache" module="org.wildfly.clustering.web.infinispan" aliases="standard-security-cache">
<local-cache name="auth-cache" batching="true">
<expiration lifespan="10000"/>
</local-cache>
</cache-container>
The behavior I am now getting is frustrating. When I use a REST test tool, like Poster, I see a 10 second expiration on the principal I have stored. However, when I visit the website and browse around and hit those same REST endpoints, I don't see any timeout.
I am fairly new to this configuration effort and so I think I am just missing something, or my browser is doing some tricky keep alive I don't know about.
Has anyone seen this behavior and knows the solution to enforcing a timeout in the browser when using infinispan and a basic auth extension?
I solved this almost immediately after writing this question...
Also in the Standalone.xml there is a cache container which the web site is using. Cleverly named web
<cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan"> ...
What I ended up doing was setting the cache expiration on this as well and now I seem to get the expected behaviors. I left the expiration in the security context as well, because that is what is driving the REST timeouts when someone is just using our services.
Final Web Cache configuration:
<cache-container name="web" default-cache="passivation" module="org.wildfly.clustering.web.infinispan">
<local-cache name="passivation" batching="true">
<expiration lifespan="10000"/>
<file-store passivation="true" purge="false"/>
</local-cache>
<local-cache name="persistent" batching="true">
<expiration lifespan="10000"/>
<file-store passivation="false" purge="false"/>
</local-cache>
</cache-container>
I am retriving data from oracle11g and displaying the data on IE8 and IE9 browser, but the couldn't display some special characters (eg. é)
In my webpage, I have explicitly declare 'UTF-8' encoding.
For my tomcat webserver, the server.xml
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" URIEncoding="UTF-8" useBodyEncodingForURI="true"/>
I read some other questions in stackflow, they mentioned to also ensure the database connection is using 'UTF-8' too.
<Resource name="jdbc/AppDB"
auth="Container"
type="javax.sql.DataSource"
maxActive="20" maxIdle="10" maxWait="10000"
username="foo"
password="bar"
driverClassName="com.mysql.jdbc.Driver" url="jdbc:mysql://localhost:3306/ ID_development?useEncoding=true&characterEncoding=UTF-8"
/>
The solution given is for mysql.
How can i set the encoding if im using oracleDriver?
<Resource name="jdbc/AppDB"
auth="Container"
type="javax.sql.DataSource"
driverClassName="oracle.jdbc.OracleDriver"
url="jdbc:oracle:thin:#127.0.0.1:1521:ora11"
username="foo"
password="bar"
maxActive="20"
maxIdle="1000"
maxWait="-1" />
Please review this answer. Regardless of fact that it's focused on SQL Developer, it contains information about tuning JDBC driver and points out how to properly handle unicode character types in Oracle.
Update
Troubles with displaying characters on the client may be caused by wrong NLS_LANG settings on the database client (Tomcat in your case). For thin JDBC driver NLS_LANG value derived from java locale settings.
For possible variants you can look through the answers on this question and check Oracle documentation.
If a real source of the problem lies to character set of Oracle database connection, then there are only two possible end points to check: NLS_LANG and oracle.jdbc.defaultNChar . So you need to examine if both set properly to figure out what is happened.
We are currently using Spring x509 support for client-auth. The app server is JBoss in which the verify-client="want" has been set.
However what I observe is once I add the x509 element to the spring configuration file, it will try to load a digital certificate for every http request. However I dont want it to do that for the login page. Unless the user clicks on a specific button (say 'Login with Certificate') on the login page, I dont want the certificate to be loaded and used.
Is there a way to exclude any particular URLs? Or once you have an x509 element in the element for Spring configuration, it will try to load the certificate for every http request?
Here is part of my spring configuation:
<security:http create-session="always">
<x509 subject-principal-regex="CN=(.*?)," user-service-ref="myUserDetailsService" />
<intercept-url pattern= ..... // not relevant to this question
<intercept-url pattern= ..... // not relevant to this question
<security:form-login
login-page="myLoginPage"
authentication-failure-url="/myErrorPage"
default-target-url="/mySuccessPage"
always-use-default-target="true"/>
</security:http>
Also if not in Spring, is there a way to specify an exclude URL on JBOSS:
Here is the element configured in the JBOSS standalone.xml
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="ssl" key-alias="alias" certificate-key-file="keystore" verify-client="want" ca-certificate-file="truststore"/>
</connector>