I'm new to Tomcat, Fuseki and the Shiro.ini file, so forgive me for asking silly questions.
System:
MacMini ==> OS.X 10.13 (acts as dev-server)
Java ==> 8
Tomcat ==> 9.0.10
Workflow:
Via a Plist file, the Tomcat instance gets started on each boot of the server.
in /Users/username/tomcat/webapps I've put the fuseki.war file which got extracted successfully.
I inserted a custom made RDF-file, which gets loaded after reboots and served
(this is where the good things end)
Problem:
I can access the RDF file through: http://localhost:8080/fuseki, I can perform SPARQL-queries and everything else I need to get done. However, when connecting the dev-server to a PC and accessing it through it's IP: e.g.http://192.168.0.112:8080/fuseki; I end up seeing the server which has a green status, and the entire web-interface works except for the datasets. When I go to http://192.168.0.112:8080/fuseki/dataset and press 'query' (or any other button) it displays: "Please select a database"
**Cause:
I found this thread fuseki webinterface does not show datasets (SO), which lead me to investigate the shiro.ini file. As it turns out I don't have one.
I then searched for shiro.ini and found a reference in /Users/username/tomcat/webapps/fuseki/WEB-INF/web.xml:
<context-param>
<param-name>shiroConfigLocations</param-name>
<!-- Try a path in: FUSEKI_BASE, FUSEKI_HOME, war resource
If a "file:" then look there and there only.
-->
<param-value>shiro.ini</param-value>
</context-param>
This made me think that I'd need to put the shiro.ini file in my root folder (Users/username/tomcat/webapps/fuseki/shiro.ini) and not in (Users/username/tomcat/webapps/fuseki/run/shiro.ini). However neither work.
I also looked in a logfile: catalina.out, based from that it seems that the shiro.ini file gets loaded (or at least there are no indiciations that there's an error with it.)
Here's the relevant extract from that log:
[2018-07-31 09:18:54] Config INFO FUSEKI_HOME=unset
[2018-07-31 09:18:54] Config INFO FUSEKI_BASE=/etc/fuseki
[2018-07-31 09:18:54] Config INFO Shiro file: file:///etc/fuseki/shiro.ini
[2018-07-31 09:18:55] Config INFO Context path = /fuseki
[2018-07-31 09:18:55] Config INFO Configuration file: /etc/fuseki/config.ttl
I can't find however any folder etc/fuseki/? So what's up with this to start with?
Here is the shiro.ini file:
[users]
admin=passXXX #non-default
[main]
#localhost=org.apache.jena.fuseki.authz.LocalhostFilter
[roles]
[urls]
##control open to anyone
/$/status = anon
/$/ping = anon
##rest restricted to Localhost
## see above for localhost
#/$/** = localhost
/**=anon
I'm not sure what's going on at this point, so any pointers are more than welcome.
Turns out the issue had more to do with my unfamiliarity with the MAC OS, than with Tomcat or Fuseki.
The folder /etc/fuseki which was referenced in the catalina.out file is tightly locked and it's actual path is /private/etc/fuseki (though this doesn't seem to matter)
By default you can't enter the fuseki folder due to no rights at all. Even doing:
sudo cd /private/etc/fuseki
or
sudo cd /etc/fuseki
won't work. I needed to give myself read/write access to the folder via getinfo (though I think you could achieve this as well via chown.
Now I could view that folder's content, yet all files and folders in there had the same issue and required the same solution. So now I could customize the shiro.ini and configuration/rdf.ttl file.
If I do
sudo cd /private/etc/fuseki
or
sudo cd /etc/fuseki
now, then I can successfully view the content.
Related
I have installed RD 4.8 CE on a Windows 2019 server + MariaDB. The application is up and I can login with the admin account. Service is Windows integrated.
I'm trying now to allow AD users to login and perform activities. I haven't found much documentation on how to configure RD on Windows. So I'm grabbing from here and there. So far I have done the following:
Created a file called jass-multiauth.conf in server/config/ folder as listed below:
multiauth {
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule sufficient
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
providerUrl="ldaps://xxxxxxxxxxx:636"
bindDn="CN=xxxxxx,OU=Service Accounts,OU=Admin Users and Groups,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
bindPassword="x$xx<x>xx"
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="OU=Admin Users,OU=Admin Users and Groups,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
userRdnAttribute="sAMAccountName"
userIdAttribute="sAMAccountName"
userPasswordAttribute="unicodePwd"
userObjectClass="user"
roleBaseDn="OU=Groups,OU=Admin Users and Groups,OU=xxxx,DC=xxx,DC=xxx,DC=xxx"
roleNameAttribute="cn"
roleMemberAttribute="member"
roleObjectClass="group"
cacheDurationMillis="300000"
timeoutRead="10000"
reportStatistics="true"
supplementalRoles="user";
org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
debug="true"
file="E:/rundeck/server/config/realm.properties";
};
when I restart rundeck service the AD users are not recognized and no error at all is displayed in the log. I can however login with the admin account. So to troubleshoot this I added:
java %RDECK_CLI_OPTS% %RDECK_SSL_OPTS% -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-multiauth.conf -Djava.security.auth.login.config=E:\rundeck\server\config\jaas-multiauth.conf -Dloginmodule.name=multiauth -jar rundeck.war --skipinstall -d >> %CURDIR%\var\logs\service.log 2>&1
to the start-rundeck.bat file and in fact when I launch it I see an error which is quite weird:
[2022-12-22T18:58:09,409] ERROR config.GrailsApplicationPostProcessor - Error loading spring/resources.groovy file: java.io.IOException: E:\rundeck\server\config\jaas-multiauth.conf (No such file or directory)
java.lang.SecurityException: java.io.IOException: E:\rundeck\server\config\jaas-multiauth.conf (No such file or directory)
the file is there, path is correct and permission is set as on any other file in same directory. I deleted the file and created it again, but same error.
Also, I have a question: I understand that I should not edit the profile file. Hence, when the problem above is fixed, considering that the rundeck service is Windows integrated, where shall I put the line:
java %RDECK_CLI_OPTS% %RDECK_SSL_OPTS% -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-multiauth.conf -Djava.security.auth.login.config=E:\rundeck\server\config\jaas-multiauth.conf -Dloginmodule.name=multiauth -jar rundeck.war --skipinstall -d >> %CURDIR%\var\logs\service.log 2>&1
to refer the jass-multiauth.conf file?
Your multiauth config file is saved as jass-multiauth.conf but the launcher script is looking for jaas-multiauth.conf (jass =! jaas). That is the reason of "No such file or directory" error. Rename the file as jaas-multiauth.conf and relaunch the Rundeck service.
I'd like for my webapp which is deployed as a war ROOT.war to have write access to /var/www/html/static/images so that it can write uploaded and converted images to that folder so nginx can serve it statically. Currently it doesn't work and triggers a java.nio.file.FileSystemException exception together with the Filesystem is read-only message.
But the filesystem is not read-only and is in great condition. The folder has already been chmodded 777.
Extra info:
The tomcat setup is running on an Ubuntu 18.04 Azure VM with managed disk. The folder is residing on an Ext4 formatted drive
Let's start with: chmod 777 is great for testing, but absolutely unfit for the real world and you shouldn't get used to this setting. Rather set the owner/group correctly, before you give world write permissions.
Edit: A similar question just came up on the Tomcat mailing list, and Emmanuel Bourg pointed out that Debian Tomcat is sandboxed by systemd. Read your /usr/share/doc/tomcat9/README.Debian which contains this paragraph:
Tomcat is sandboxed by systemd and only has write access to the
following directories:
/var/lib/tomcat9/conf/Catalina (actually /etc/tomcat9/Catalina)
/var/lib/tomcat9/logs (actually /var/log/tomcat9)
/var/lib/tomcat9/webapps
/var/lib/tomcat9/work (actually /var/cache/tomcat9)
If write access to other directories is required the service settings
have to be overridden. This is done by creating an override.conf file
in /etc/systemd/system/tomcat9.service.d/ containing:
[Service]
ReadWritePaths=/path/to/the/directory/
The service has to be restarted afterward with:
systemctl daemon-reload
systemctl restart tomcat9
Edit 2022: Note that these are the 2019 paths - validate the file locations for later versions. From the comments to this answer (thank you to V H and Ng Sek Long) here are some updates:
In current Ubuntu file is here: sudo vi /etc/systemd/system/multi-user.target.wants/tomcat9.service – V H Feb 26, 2022 at 19:55
Mine (Ubuntu 20) is installed here /lib/systemd/system/tomcat9.service smh everybody use a different path. – Ng Sek Long Mar 28, 2022 at 8:36
End of edit, continuing with the passage that didn't solve OP's problem, but should stay in:
If - all things tested - Tomcat should have write access to that directory, but doesn't have it, the error message points me to an assumption: Could it be that
Tomcat is running as root?
The directory is mounted through NFS?
The default configuration for NFS is that root has no permissions whatsoever on that external filesystem (or was it no write-permission? this is ancient historical memory - look up "NFS root squash" to get the full story)
If this is a condition that matches what you are running, you should stop running Tomcat as root, and rather run it as an unprivileged user. Then you can set the permissions on the directory in question to be writeable by your tomcat-user, and readable by nginx, and you're done.
Running Tomcat as root is a recipe for disaster: You don't want a process that's available from the internet to run as root.
If these conditions don't meet your configuration: Elaborate on the configuration. I'd still stand by this description for others who might find this question/answer later.
UPDATE 8/12/2020 approx. 11:00 AM - I checked my logs folder catalina.2020-08-12.log log in the tomcat9 ($CATALINA_BASE) folder and I found three exceptions "org.apache.catalina.LifecycleException: Protocol handler intialization failed", "java.net.BindException: Address already in use (bind failed)","java.lang.IllegalArgumentException: Invalid character found in the HTTP protocol [HTTP/1.10x0aHost:]".
Here is the full error log here: https://drive.google.com/file/d/1pSk5ESHLIRP5Srxwr4R1Tp_1TTcYMf2Y/view?usp=sharing and https://drive.google.com/file/d/1C-RALR3066_hYKeoo4dIJqTKwNDOQ0R0/view?usp=sharing.
UPDATE 8/12/2020 approx. 11:30 AM - I found that there are two servlet dispatchers running by checking the localhost.2020-08-12.log log when I restarted tomcat and tried to access my api again: https://drive.google.com/file/d/1GFKUIDLtZrAraHyMjyyWV9kXK33gQ-Mu/view?usp=sharing.
UPDATE 8/12/2020 approx. 11:35 AM - HA HAAAA I looked in the catalina.out log (finally some of you guys were probably yelling at the screen like "CHECK THE CATALINA.OUT FILE"). I checked it and I found the exception: "java.lang.IllegalArgumentException: dataSource or dataSourceClassName or jdbcUrl is required": https://drive.google.com/file/d/1A7ZLh70IHOmWXfQ56bgtq951EE_AX68P/view?usp=sharing. Now if I go to my PostgresDataSource class which is where my Hikari config is: https://drive.google.com/file/d/1lYN1dTqiAM4ZqliRGC5J5_VWhNeN-k2d/view?usp=sharing, and I review my application.yaml file from earlier: https://drive.google.com/file/d/1xvPhPneVjMU4BoN6F0Q63l2wCnF20BYq/view?usp=sharing, the jdbc url is present because it is the same one I used for developing. Now postgres is already set up and I manually made all of the tables on the ubuntu droplet. I did not download the jdbc postgresql driver for tomcat yet.
UPDATE 8/12/2020 approx. 1:20 PM - After setting up the jdbc driver now I get this error from catalina.out logs: " Failed to get driver instance for jdbcUrl=java:/comp/env/jdbc:postgresql://localhost:5432/****" and then I get "Caused by: java.sql.SQLException: No suitable driver". I used the postgresql section of this link to set it up: https://tomcat.apache.org/tomcat-9.0-doc/jndi-datasource-examples-howto.html.
Hi I am using Digital Ocean with apache tomcat 9 to deploy a war file that is generated using IntelliJ. I have the war file generated using mvn clean install and I get the default tomcat page when I go to the droplet IP address on port 8080. I am not sure why I get a 500 error with no stack trace information even though my spring boot application works fine when I run it in IntelliJ. My CSS styling also does not show up when I go to my hosted application I have tried to configure a few things in my application.yml file and it still does not work. I figured it might have to do with a spring security issue with CORS, but I am not knowledgeable enough in that area to know for sure. I started my server by using sudo $CATALINA_HOME/bin/startup.sh and it said tomcat started and it showed the default tomcat page when I went there in the browser. I used the hobynapi.war file in my target folder a picture of my target folder directory can be viewed here https://drive.google.com/file/d/1XXga1Bgf5-_81gceuWjpvVIX6J0jiNgQ/view?usp=sharing. I copied the war file that was generated after using mvn clean install to the /var/lib/tomcat9/webapps folder. I then ran sudo $CATALINA_HOME/bin/startup.sh again and it ran tomcat successfully again. Then the error happened as I tried to log in with the admin account with spring security basic authentication where I get the 500 error. I also have no artifacts in the artifact section of the project structure settings if that means anything.
UPDATE 8/12/2020 approx. 10:00 AM - I've removed the exclusions tag in the pom.xml file as well as the profiles tag at the bottom of the file. This is because I read here that using the spring-boot-starter-tomcat dependency removes the embedded server for you: https://developer.okta.com/blog/2019/04/16/spring-boot-tomcat.
This is the screen without the CSS styling that should be there:
https://drive.google.com/file/d/1CEKuB556ek8pTZspvprNTa9M5XCI7qtT/view?usp=sharing
This is the error I get without a stack trace:
https://drive.google.com/file/d/19gYGQFhZdZ_4IwwGE5tQzb4dTqlBpg9L/view?usp=sharing
These are pictures of my pom.xml file:
https://drive.google.com/file/d/1ir5uBuBuJqCb_U8Jarly9mraO468QA_y/view?usp=sharing
https://drive.google.com/file/d/1ma1_EPro4NvJiOy8lWPrAmGLMrVWHZPS/view?usp=sharing
https://drive.google.com/file/d/11NDIwA9g02zkCKnsmYSLSNF5R-BrFpgt/view?usp=sharing
https://drive.google.com/file/d/1p6T9-oOwyfj7NUsLxTRLtqXKHU4qHrZx/view?usp=sharing
https://drive.google.com/file/d/1spD7KT-3WBo7KFF0Hb_WgJ5dVKRHF-un/view?usp=sharing
https://drive.google.com/file/d/16QtJQtT9zaU7nGcpnm2KXJ6jiLywNt5s/view?usp=sharing
https://drive.google.com/file/d/1cnZJshFS5xW-HbeaH_C_e6KcDo9xYRdY/view?usp=sharing
This is my application.yml file:
https://drive.google.com/file/d/1xvPhPneVjMU4BoN6F0Q63l2wCnF20BYq/view?usp=sharing
https://drive.google.com/file/d/1B9_5WueRvqQv4ODsJAfbUzGIm-xaaSYV/view?usp=sharing
This is my main application java file:
https://drive.google.com/file/d/1K9lzzlzIKT8irqXsPY1WeiBvN-9vsoWT/view?usp=sharing
This is my web config file in my config package:
https://drive.google.com/file/d/19EYa2kkqqPu9Wh8nN-U02szSVBT30lOP/view?usp=sharing
https://drive.google.com/file/d/11Zw8dLrAu6c_OI29j0NsljvXdeDam0-t/view?usp=sharing
This is my spring security config file in my config package:
https://drive.google.com/file/d/1inqlTjfxahcF6ZeJ_xkJM18UgsDu119n/view?usp=sharing
https://drive.google.com/file/d/1nTeYiKhiNOH71Km-s_T4IT1BKRyJG4mS/view?usp=sharing
I hope that these pictures help for diagnosing the issue.
I figured it out. First I changed the postgres jdbc url back to the original one that I had and then I altered my data source config file to the following: https://drive.google.com/file/d/1Zmv8cfnVzW8NcQfjNxN14D4aKFaXpdfU/view?usp=sharing. One important thing I also messed up on was not setting a password for the default user "postgres" when downloading postgresql. I did this my calling "ALTER USER postgres PASSWORD 'myPassword';" in the postgresql command line. Also make sure that you use systemctl restart postgresql after any changes are made to postgresql in the postgresql command line.
I want to write logging-messages to a defined file into the tomcat's log-folder, using eclipse, maven, tinylog.
Problem: There is no webapp.log as soon as I run the app in tomcat.
In eclipse everything works fine.
What I did:
add Maven-dependency tinylog-1.2.jar
set configuration-parameter in Run Configuration (Main-Tab) so the tinylog-properties can be found for the build-process:
name: -Dtinylog.configuration
value: C:\Program
Files\Tomcat\apache-tomcat-9.0.0.M13\webapps\folder\subfolder\tinylog.properties
in Java-Class:
import org.pmw.tinylog.Logger;
...
Logger.info(message);
tinylog.properties looks like:
tinylog.writer = file
tinylog.writer.filename = webapp.log
tinylog.writer.buffered = true
tinylog.writer.append = true
tinylog.level = info
I also tried different file-references but none of them worked:
tinylog.writer.file = C:\Program Files\Tomcat\apache-tomcat-9.0.0.M13\logs\webapp.log
tinylog.writer.file= "C:\Program Files\Tomcat\apache-tomcat-9.0.0.M13\logs\webapp.log"
Does anybody know how to write the logs into the named path-file?
Thanks for any valuable hint.
I propose to use the tinylog-jul artifact instead of the usual tinylog artifact. tinylog-jul provides the tinylog API, but uses the Tomcat logging back end. So, you don't need to configure tinylog. All log entries will be automatically output as you are used to with other logging APIs on Tomcat.
I am following the tutorial "Running Nutch and Solr on Windows Tutorial" (Part 1) from Youtube and trying to configure properly Solr. I make the change in the C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\solr\WEB-INF\web.xml file as explained in the tutorial - putting the solr home path:
<env-entry-value>C:\cygwin64\home\solr\example\solr</env-entry-value>
And I gain in the browser:
HTTP Status 500 - {msg=SolrCore 'collection1' is not available due to init failure: Error opening new searcher,
trace=org.apache.solr.common.SolrException: SolrCore 'collection1' is not available due to init
failure: Error opening new searcher at
org.apache.solr.core.CoreContainer.getCore(CoreContainer.java:745) at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:307) at ...
When I copy the content of the folder C:\cygwin64\home\solr\example\solr to a new folder at C:\solr and the change the solr path to:
<env-entry-value>C:\solr</env-entry-value>
it works fine. It is the same situation when I Set the Java system property solr.solr.home my Solr Home:Windows > Start > Monitor Tomcat > Java Tab > Java Options -> Enter the following entry:
-Dsolr.solr.home=c:\solr
It works fine in this cae, but not when I put:
-Dsolr.solr.homeC:\cygwin64\home\solr\example\solr
I want solr to work under cygwin as in the tutorial, since it might be needed in that folder later, and I can't get it where could be the problem. Thanks in advance.
I solved the problem, it was about file permissions at Cygwin folder, the Solr coludn't create folders. I changed manually the access rights.