I've just upgraded to Glassfish 3.1.2 and I'm having problems with file downloads getting truncated:
Glassfish has a jk-listener configured and I'm running it behind Apache with mod_proxy_ajp.
ProxyPass / ajp://www.mydomain.com:8009/
ProxyPassReverse / ajp://www.mydomain.com:8009/
My app generates a zip file on-the-fly and this file is now getting truncated to 256Kb when I download via the ajp proxy. However if I bypass Apache and use the Glassfish http port directly the download completes fully (around 700Kb).
I'm seeing these errors in the Apache logs:
ajp_check_msg_header() got bad signature 2c69
ajp_ilink_receive() received bad header
ajp_read_header: ajp_ilink_receive failed
(120007)APR does not understand this error code: proxy: dialog to xxx.xxx.xxx.xxx:8009 (www.mydomain.com) failed
Any ideas what's going on here?
In our setup with Apache and mod_jk, after upgrading from GlassFish 3.0.1 to 3.1.2, I had to disable chunking in the HTTP tab of the JK network listener.
See this: http://java.net/jira/browse/GLASSFISH-18446
Related
I have a configuration problem that has me stumped. I have a couple webapps that run in Tomcat and are connected and accessed through Apache httpd. I previously used Tomcat 7 and Apache 2.2, and I installed Tomcat 9 and Apache 2.4 and loaded my webapps. I read up on the configuration changes, and I thought I adjusted as needed, but for some reason only one of my two apps is accessible. That should rule a lot of things out, since the one works just fine.
I will add below my abbreviated Apache httpd config. I did adjust the Order deny,allow stuff to Require all granted in the conf file. I wonder if it's related to the JkMount directives, but this is how it worked in Apache 2.2. Could it be related to one of the webapps running as ROOT /? I do see some errors in my mod_jk.log such as:
[info] jk_open_socket::jk_connect.c (817): connect to 127.0.0.1:8010 failed (errno=61)
[info] ajp_connect_to_endpoint::jk_ajp_common.c (1068): (worker1) Failed opening socket to (127.0.0.1:8010) (errno=61)
[error] ajp_send_request::jk_ajp_common.c (1728): (worker1) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=61)
[info] ajp_service::jk_ajp_common.c (2778): (worker1) sending request to tomcat failed (recoverable), because of error during request sending (attempt=1)
..
[info] ajp_service::jk_ajp_common.c (2778): (worker1) sending request to tomcat failed (recoverable), because of error during request sending (attempt=2)
[error] ajp_service::jk_ajp_common.c (2799): (worker1) connecting to tomcat failed (rc=-3, errors=1, client_errors=0).
[info] jk_handler::mod_jk.c (2995): Service error=-3 for worker=worker1
Any help is greatly appreciated!
Apache 2.4 httpd.conf
Listen 80
LoadModule ssl_module modules/mod_ssl.so
LoadModule jk_module modules/mod_jk.so
JkWorkersFile conf/workers.properties
JkShmFile "logs/mod_jk.shm"
JkLogFile "logs/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkMount / worker1
JkMount /* worker1
JkMount /webapp2 worker1
JkMount /webapp2/* worker1
ServerName sub.mydomain.com:80
Include conf/extra/httpd-ssl.conf
Apache 2.4 httpd-ssl.conf
Listen 443
Protocols h2 http/1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:C:/Program Files/Apache Software Foundation/Apache24/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost *:80>
ServerName sub.mydomain.com
Redirect permanent / https://sub.mydomain.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName sub.mydomain.com:443
<Location />
Require all granted
</Location>
<Location /webapp2>
Require all granted
</Location>
SSLEngine on
SSLCertificateFile "C:/ssl/mycert.crt"
SSLCertificateKeyFile "C:/ssl/mykey.key"
SSLCertificateChainFile "C:/ssl/mycabundle.crt"
</VirtualHost>
Apache 2.4 workers.properties
worker.list=worker1
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8010
Tomcat 9 server.xml
<Connector port="8010" URIEncoding="utf-8" protocol="AJP/1.3" redirectPort="8443" />
By the way, this is in Windows.
Ok I finally figured this out. I was looking in the wrong place. I tested a different way and it seemed like the Apache to Tomcat connection was actually working for the second webapp as well. The problem actually occurred in PHP code on another server trying to access a resource in this second webapp (and that is this second webapp's sole purpose). Apparently when I switched from Apache httpd 2.2 to 2.4, the method used in that remote PHP code was no longer able to successfully POST to the webapp resource and retrieve a result. The code hadn't changed at all. That made it look at first like the webapp was inaccessible. When I changed the PHP method used for POST from fsockopen()/fwrite()/fgets()/etc. to file_get_contents(), then it worked. More granular error reporting a more thorough test early on would have helped, but wow what a bugger of a problem. I never would have guessed that would be a problem and I wonder why that didn't work after the change... something else to research or perhaps another question. I don't know how to explain the errors in the mod_jk.log. Perhaps I had something wrong temporarily. But there aren't more errors currently.
If you are in Linux. You should try issuing "setenforce 0".
Then to check if it was successfull if you issue "getenforce" you should get "Permissive".
I mean All of this in the linux shell.
I went this way 2 months ago.
I have an issue setting up an rmi port on Apache Tomcat server
(set JAVA_OPTS=%JAVA_OPTS% -DlocalRmiRegistryPort=9401)
Here are the steps i have done and getting the error respectively.
Issue with MoSKito tool while configuring RMI port on Tomcat
I am also tried to configure MoSkito inspect on my java web application. as part of it, i have been trying to make RMI port using "set JAVA_OPTS=%JAVA_OPTS% -DlocalRmiRegistryPort=9401" on catalina.bat. there is no error as such but 9401 is not getting connected.
Steps followed:
1) My OS is Windows 7
2) I have installed Apache Tomcat v7
3) I have downloaded Moskito inspect .war file from http://www.moskito.org/download.html and
4) Installed Moskito inspect on my tomcat server, the MoSKito inspect web UI is loading good.
5) I have created a sample java web application and deployed on same tomcat server. and web application also working good.
6) Now i have taken step to configure RMI port 9041 using below command on \bin\catalina.bat file(since i am on Windows OS).
I have put the below command on top of the file in \bin\catalina.bat
set JAVA_OPTS=%JAVA_OPTS% -DlocalRmiRegistryPort=9401
7) and started tomcat server, and then opened Moskito application on browser and gone to Quick Connect option on and given localhost and rmi port 9401 to call remote invocation.
Its failed.... its always giving error as MoSKito encountered an error:
Cannot connect to localhost#localhost:9401, due: Can not resolve manually set reference. Server at localhost, port: 9401 is down or not properly configured
[net.anotheria.moskito.webui.util.APILookupUtility.findRemote(APILookupUtility.java:168), net.anotheria.moskito.webui.util.APILookupUtility.findRemote(APILookupUtility.java:142), net.anotheria.moskito.webui.util.APILookupUtility.getAdditionalFunctionalityAPI(APILookupUtility.java:113),
Q1: How to set -DlocalRmiRegistryPort=9401 on tomcat on Windows OS.
Q2: Once we set port, how to ensure port is set properly and its up and ready state for connection.
Q3: Once port is set properly, then how to set / configure specified java web application needs to be configured for MoSKito, since we could have more than one java web application on same tomcat server.
Please guide me, thank you :)
in order to be able to connect to a MoSKito monitored application you have to enable an agent that binds itself to port 9401 and answers your replies. To do so, you have to add a dependency to your pom (if you are using maven):
<!-- Enabling MoSKito Inspect Embedded -->
<dependency>
<groupId>net.anotheria</groupId>
<artifactId>moskito-inspect-remote</artifactId>
<version>${moskito.version}</version>
</dependency>
Please keep in mind that the current MoSKito version is 2.5.4
If you are using a servlet 3.0 compatible container (tomcat 7, jboss wildfly) you are done. If you are using an older container you may need to add following to your web.xml:
<listener>
<listener-class>net.anotheria.moskito.webui.embedded.StartMoSKitoInspectBackendForRemoteListener</listener-class>
</listener>
If you are using no container at all, you can start it manually:
net.anotheria.moskito.webui.embedded.StartMoSKitoInspectBackendForRemote.startMoSKitoInspectBackend()
Now for you questions:
Q1: via catalina.bat. You were doing it correctly.
Q2: if the agent is configured everything will work correctly.
Q3: You may want to check out step by step guide here:
http://blog.anotheria.net/msk/the-complete-moskito-integration-guide-step-1/
Regards
Leon
I have installed tomcat server on my eclipse and started it but when i hit the url i am getting error. I have set the port number as 8080.
The error message is :
HTTP Status 404 - /Basic_Struts2_Ant/index.action
type Status report
message /Basic_Struts2_Ant/index.action
description The requested resource is not available.
Apache Tomcat/7.0.34
Check the tomcat logs for any errors.
Also check if the application is deployed in the path specified in -Dwtp.deploy. You can find this property in the VM argument of the server.
Hi
We started to create our applications with J2EE. We now created a Webservice and deployed it to the Glassfish Server. We have written an apache proxy rule to access it via https://our.server.com/webservice-war (only https port is open to that server):
ProxyRequests Off
ProxyPass /webservice-war http://our.server.com:8080/webservice-war
ProxyPassReverse /webservice-war http://our.server.com:8080/webservice-war
Now everything works fine, but when we go to the to the ServiceEndpoint page (which is automatically generated) there is a link to the WSDL page:
http://our.server.com:8080/webservice-war/HostaliasSearchImplService?wsdl
which is obously wrong (Glassfish listens to port 8080). and also https is changed to http
Anyone an idea how I can fix it, that the automatically generated link is:
https://our.server.com/webservice-war/HostaliasSearchImplService?wsdl
BR, Rene
I discovered what I consider to be a very simple and elegant way to deal with the issue: use mod_substitute. Since those of us with this problem are already using Apache, and it's built in and simple, I liked this approach best.
I put a block similar to the below in one of my Apache conf files and found joy:
<Location />
AddOutputFilterByType SUBSTITUTE text/xml
Substitute "s|http://internal:8080/foo|https://external/foo|ni"
</Location>
Found the solution!
Anonym gave me a good hint about mod_jk. So here the complete configuration (for RHEL5).
First of all Download the mod_jk module for apache: http://archive.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/linux/jk-1.2.31/x86_64/
Put in in the modules directory /etc/httpd/modules and make it executeable:
chmod +x mod_jk-1.2.31-httpd-2.2.x.so
After that create /etc/httpd/conf/workers.properties:
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
The Port 8009 is the where the Glassfish jk connector listens (we come to that later).
No we have to configure mod_jk, therefore create the file: /etc/httpd/conf.d/mod_jk.conf with the following content:
LoadModule jk_module modules/mod_jk-1.2.31-httpd-2.2.x.so
JkWorkersFile /etc/httpd/conf/workers.properties
# Where to put jk logs
JkLogFile /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel debug
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
# Send everything for context /atsi-war to worker named worker1 (ajp13)
JkMount /yourapp-war/* worker1
(This means everything from your http://apache.webserver.com/yourapp-war/ will bi redirected to Glassfish yourapp-war application context)
Important, if you are using virtual hosts on apache, you have to set the option:
JkMountCopy On
for your virtual servers. Explication:
If this directive is set to "On" in
some virtual server, the mounts from
the global server will be copied to
this virtual server, more precisely
all mounts defined by JkMount or
JkUnMount.
Now we have to create the jk connecter in glassfish:
asadmin create-http-listener --listenerport 8009 --listeneraddress 0.0.0.0 --defaultvs server jk-connector
asadmin set configs.config.server-config.network-config.network-listeners.network-listener.jk-connector.jk-enabled=true
Restart Glassfish, and everything sould work.
As for rewriting the https -> http, I'm not sure that's possible(yet) without using mod_jk, see here
, but see also this little guide
Though, generally, you'll need configure Glassfish and set http.proxyPort (and probably http.proxyHost too). Hopefully that should reflect in the autogenerated WSDL URL.
Here's 3 different ways to do this:
1
Use asadmin (in the Glassfish bin/ directory, run
asadmin create-jvm-options "-Dhttp.proxyPort=80"
asadmin create-jvm-options "-Dhttp.proxyHost=our.server.com"
2
Edit domain.xml and add under the <java-config> element
<jvm-options>-Dhttp.proxyPort=80</jvm-options>
<jvm-options>-Dhttp.proxyHost=our.server.com</jvm-options>
3.
Open the Glassfish admin web page, under Application Server -> VM Settings -> JVM Options and add these options
http.proxyPort=80
http.proxyHost=our.server.com
Setting
server-config.network-config.protocols.protocol.http-listener-1.http.server-name=MyHost:80
on GlassFish Server Open Source Edition 3.1.2.2 (build 5) solved problem to me.
I am trying to deploy a simple WebService in Netbeans 6.7.1 and Glassfish v2.1.1 and am getting the following error. I am using GlassfishESBv2.2 and windows 7 machine. I have tried googling and implemented things as shown in
http://forums.netbeans.org/topic10055-0-asc-0.html . Still unable to deploy. Though the message says that application server is not started, from the Server tab , I am able to see a message which indicates Glassfish has started.Also , doing a netstat after trying to deploy returns this, which means that Glassfish is running.
C:>netstat -an | findstr "4848"
TCP 0.0.0.0:4848 0.0.0.0:0 LISTENING
I have been trying real hard to get this resolved. Any help is highly appreciated.
Error Message :
The Sun Java System Application Server could not start.
More information about the cause is in the Server log file.
Possible reasons include:
- IDE timeout: refresh the server node to see if it's running now.
- Port conflicts. (use netstat -a to detect possible port numbers already used by the operating system.)
- Incorrect server configuration (domain.xml to be corrected manually)
- Corrupted Deployed Applications preventing the server to start.(This can be seen in the server.log file. In this case, domain.xml needs to be modified).
- Invalid installation location.
C:\Users\xyz\Documents\NetBeansProjects\HWebService\nbproject\build-impl.xml:564: Deployment error:
The Sun Java System Application Server could not start.
More information about the cause is in the Server log file.
Possible reasons include:
- IDE timeout: refresh the server node to see if it's running now.
- Port conflicts. (use netstat -a to detect possible port numbers already used by the operating system.)
- Incorrect server configuration (domain.xml to be corrected manually)
- Corrupted Deployed Applications preventing the server to start.(This can be seen in the server.log file. In this case, domain.xml needs to be modified).
- Invalid installation location.
See the server log for details.
BUILD FAILED (total time: 29 seconds)
I've described the solution please visit here...
http://forums.netbeans.org/post-65058.html