iit
asked on
tomcat 5- dns lookup- jvm params
Hello Experts,
I am writing a filter to restrict access to the parts of the web application based on domain name.
In my doFilter method I added this code:
HttpServletRequest req = (HttpServletRequest) request;
String id = req.getSession().getId();
String ipaddress = req.getRemoteAddr();
String remoteHost=req.getRemoteHo
unfortunately remoteHost contains IP address when the application is accessed via IIS-Tomcat integration. If it is accessed using http://localhost:8080 (without IIS) I get domain name in remoteHost. I have enabled lookups=true in both AJP 1.3 connector also
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
enableLookups="true" redirectPort="8443" debug="0"
protocol="AJP/1.3" />
Still I get ip address via req.getRemoteHost(). So I thought of using java.net package to do it:
String hostname = InetAddress.getAllByName( "199.93.4.15" ) .getHostName();
From java doc:
InetAddress Caching
The InetAddress class has a cache to store successful as well as unsuccessful host name resolutions. The positive caching is there to guard against DNS spoofing attacks; while the negative caching is used to improve performance.
By default, the result of positive host name resolutions are cached forever, because there is no general rule to decide when it is safe to remove cache entries. The result of unsuccessful host name resolution is cached for a very short period of time (10 seconds) to improve performance.
"host name resolutions are cached forever"--> cached forever
To rectify this I would like to set a default time period for caching using jvm parameter "networkaddress.cache.ttl (default: -1) "
but how do I set this parameter for Tomcat 5 started as service in windows 2000. One option is to set the JAVA_OPTS environment variable... which our system admin do not want to use. Is there an alternative way to set the parameter.
Also, is there an easy way to access jvm parameters in Filter or servlet?
Thank you in advance for your help!!!
I am writing a filter to restrict access to the parts of the web application based on domain name.
In my doFilter method I added this code:
HttpServletRequest req = (HttpServletRequest) request;
String id = req.getSession().getId();
String ipaddress = req.getRemoteAddr();
String remoteHost=req.getRemoteHo
unfortunately remoteHost contains IP address when the application is accessed via IIS-Tomcat integration. If it is accessed using http://localhost:8080 (without IIS) I get domain name in remoteHost. I have enabled lookups=true in both AJP 1.3 connector also
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
enableLookups="true" redirectPort="8443" debug="0"
protocol="AJP/1.3" />
Still I get ip address via req.getRemoteHost(). So I thought of using java.net package to do it:
String hostname = InetAddress.getAllByName( "199.93.4.15" ) .getHostName();
From java doc:
InetAddress Caching
The InetAddress class has a cache to store successful as well as unsuccessful host name resolutions. The positive caching is there to guard against DNS spoofing attacks; while the negative caching is used to improve performance.
By default, the result of positive host name resolutions are cached forever, because there is no general rule to decide when it is safe to remove cache entries. The result of unsuccessful host name resolution is cached for a very short period of time (10 seconds) to improve performance.
"host name resolutions are cached forever"--> cached forever
To rectify this I would like to set a default time period for caching using jvm parameter "networkaddress.cache.ttl (default: -1) "
but how do I set this parameter for Tomcat 5 started as service in windows 2000. One option is to set the JAVA_OPTS environment variable... which our system admin do not want to use. Is there an alternative way to set the parameter.
Also, is there an easy way to access jvm parameters in Filter or servlet?
Thank you in advance for your help!!!
ASKER
Thank you TimYates for your comments!!
>>Unfortunately, I don't think so... I think that number is set when the jvm loads tomcat, so you would have to set it in the JAVA_OPTS
I suppose in the earlier version of Tomcat (I am using tomcat 5) you can set JAVA_OPTS in catalina.bat
From: http://jakarta.apache.org/tomcat/faq/misc.html
How do I set system properties at startup?
Set JAVA_OPTS to be something BEFORE calling startup.bat or before calling catalina.bat. (or you can edit those files, but it isn't advised)
Example (windows): SET JAVA_OPTS='-DpropName=prop
Example (UNIX): export JAVA_OPTS='-DpropName=prop
Windows service users - use http://web.bvu.edu/staff/david/index.jsp?section=software&subsection=tcservcfg&page=overview
It looks like the Tomcat Service Manager is making some registry changes or something else. I did not try this yet. I am not sure if it works with Tomcat 5.
I am assuming there might be some option to pass jvm parameters to the tomcat service in windows 2000. I can set the environment variable (instead of system variable) if I am starting the Tomcat using startup.bat. But we need to set that up as a service that runs all times even when user is not logged in.
>System.getProperty( "propname" ) ;
Thanks. I just didn't recall this method. It's been a while I used it...
Thanks again for your comments!!
>>Unfortunately, I don't think so... I think that number is set when the jvm loads tomcat, so you would have to set it in the JAVA_OPTS
I suppose in the earlier version of Tomcat (I am using tomcat 5) you can set JAVA_OPTS in catalina.bat
From: http://jakarta.apache.org/tomcat/faq/misc.html
How do I set system properties at startup?
Set JAVA_OPTS to be something BEFORE calling startup.bat or before calling catalina.bat. (or you can edit those files, but it isn't advised)
Example (windows): SET JAVA_OPTS='-DpropName=prop
Example (UNIX): export JAVA_OPTS='-DpropName=prop
Windows service users - use http://web.bvu.edu/staff/david/index.jsp?section=software&subsection=tcservcfg&page=overview
It looks like the Tomcat Service Manager is making some registry changes or something else. I did not try this yet. I am not sure if it works with Tomcat 5.
I am assuming there might be some option to pass jvm parameters to the tomcat service in windows 2000. I can set the environment variable (instead of system variable) if I am starting the Tomcat using startup.bat. But we need to set that up as a service that runs all times even when user is not logged in.
>System.getProperty( "propname" ) ;
Thanks. I just didn't recall this method. It's been a while I used it...
Thanks again for your comments!!
> I suppose in the earlier version of Tomcat (I am using tomcat 5) you can set JAVA_OPTS in catalina.bat
You can still do that in Tomcat 5 :-)
But I am not sure whether the Service wrapper goes through catalina.bat to run tomcat, or if it runs it via another route :-(
You can still do that in Tomcat 5 :-)
But I am not sure whether the Service wrapper goes through catalina.bat to run tomcat, or if it runs it via another route :-(
ASKER
>>You can still do that in Tomcat 5 :-)
Sure. But that way I have to start tomcat at the command prompt using the startup batch file. But I do not want to start it this way. Instead I want to configure the Apache Tomcat as automatic service to start it automatically. This way if anyone restarts the server Tomcat service will be started automatically and it seems to be a good idea.
How about adding this in init() method of a custom Filter that I developed:
System.setProperty("networ
Thanks much!!
Sure. But that way I have to start tomcat at the command prompt using the startup batch file. But I do not want to start it this way. Instead I want to configure the Apache Tomcat as automatic service to start it automatically. This way if anyone restarts the server Tomcat service will be started automatically and it seems to be a good idea.
How about adding this in init() method of a custom Filter that I developed:
System.setProperty("networ
Thanks much!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks TimYates!!
that's a very good idea!!
I did not find the exact same line in service.bat file. What version of tomcat are you using? I have tomcat 5.0
It appears to me I do not need to uninstall/install the service completely. These is doInstall from Tomcat5 service.bat :
:doInstall
rem Install the service
rem Use the environment variables as an exaple
rem Each command line option is prefixed with PR_
set PR_DISPLAYNAME=Apache Tomcat
set PR_DESCRIPTION=Apache Tomcat Server - http://jakarta.apache.org/tomcat
set PR_INSTALL=%EXECUTABLE%
set PR_LOGPATH=%CATALINA_HOME%
set PR_CLASSPATH=%CATALINA_HOM
rem***********************
"%EXECUTABLE%" //IS//%SERVICE_NAME% --Jvm auto --StartClass org.apache.catalina.startu
rem Clear the environment variables. They are not needed any more.
set PR_DISPLAYNAME=
set PR_DESCRIPTION=
set PR_INSTALL=
set PR_LOGPATH=
set PR_CLASSPATH=
rem Set extra parameters
rem***********************
rem***********************
"%EXECUTABLE%" //US//%SERVICE_NAME% --JvmOptions "-Dcatalina.base=%CATALINA
rem More extra parameters
set PR_STDOUTPUT=%CATALINA_HOM
set PR_STDERROR=%CATALINA_HOME
rem***********************
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Djava.io.tmpdir=%CATALIN
So just running these command at the prompt might be enough:
set EXECUTABLE=%CATALINA_HOME%
rem Set default Service name
set SERVICE_NAME=Tomcat5
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Djava.io.tmpdir=%CATALIN
Any comments? If you do not have service.bat from Tomcat 5, I can paste it here.
There must be a place where the service stores these jvm parameters. Is it in registry?
I appreciate your help very much !!
that's a very good idea!!
I did not find the exact same line in service.bat file. What version of tomcat are you using? I have tomcat 5.0
It appears to me I do not need to uninstall/install the service completely. These is doInstall from Tomcat5 service.bat :
:doInstall
rem Install the service
rem Use the environment variables as an exaple
rem Each command line option is prefixed with PR_
set PR_DISPLAYNAME=Apache Tomcat
set PR_DESCRIPTION=Apache Tomcat Server - http://jakarta.apache.org/tomcat
set PR_INSTALL=%EXECUTABLE%
set PR_LOGPATH=%CATALINA_HOME%
set PR_CLASSPATH=%CATALINA_HOM
rem***********************
"%EXECUTABLE%" //IS//%SERVICE_NAME% --Jvm auto --StartClass org.apache.catalina.startu
rem Clear the environment variables. They are not needed any more.
set PR_DISPLAYNAME=
set PR_DESCRIPTION=
set PR_INSTALL=
set PR_LOGPATH=
set PR_CLASSPATH=
rem Set extra parameters
rem***********************
rem***********************
"%EXECUTABLE%" //US//%SERVICE_NAME% --JvmOptions "-Dcatalina.base=%CATALINA
rem More extra parameters
set PR_STDOUTPUT=%CATALINA_HOM
set PR_STDERROR=%CATALINA_HOME
rem***********************
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Djava.io.tmpdir=%CATALIN
So just running these command at the prompt might be enough:
set EXECUTABLE=%CATALINA_HOME%
rem Set default Service name
set SERVICE_NAME=Tomcat5
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Djava.io.tmpdir=%CATALIN
Any comments? If you do not have service.bat from Tomcat 5, I can paste it here.
There must be a place where the service stores these jvm parameters. Is it in registry?
I appreciate your help very much !!
ASKER
Typo:
So just running these command at the prompt might be enough:
set EXECUTABLE=%CATALINA_HOME%
rem Set default Service name
set SERVICE_NAME=Tomcat5
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Dnetworkaddress.cache.tt
Actually, I found some settings in registry: HKLM\software\Apache Software Foundation\Tomcat5\Paramet
Key Options:
Value:
-Dcatalina.home=C:\Program
-Djava.endorsed.dirs=C:\Pr
-Djava.io.tmpdir=C:\Progra
I added -Dnetworkaddress.cache.ttl
I got this idea from Tomcat Service Manager I mentioned before:
http://web.bvu.edu/staff/david/index.jsp?section=software&subsection=tcservcfg&page=overview
I didnt want to install it and change using this tool as I am not sure for what version of Tomcat it is designed for.
Thanks much for your help again!!
So just running these command at the prompt might be enough:
set EXECUTABLE=%CATALINA_HOME%
rem Set default Service name
set SERVICE_NAME=Tomcat5
"%EXECUTABLE%" //US//%SERVICE_NAME% ++JvmOptions "-Dnetworkaddress.cache.tt
Actually, I found some settings in registry: HKLM\software\Apache Software Foundation\Tomcat5\Paramet
Key Options:
Value:
-Dcatalina.home=C:\Program
-Djava.endorsed.dirs=C:\Pr
-Djava.io.tmpdir=C:\Progra
I added -Dnetworkaddress.cache.ttl
I got this idea from Tomcat Service Manager I mentioned before:
http://web.bvu.edu/staff/david/index.jsp?section=software&subsection=tcservcfg&page=overview
I didnt want to install it and change using this tool as I am not sure for what version of Tomcat it is designed for.
Thanks much for your help again!!
ASKER
Actually, the reason behind doing all this is to avoid setting environment parameters... to make the installation of web application easier.
> System.setProperty("networ
>>That will work if the property is not read before this point (as I think it caches it)...
Do you mean, if the property is set using the above statement after it has been initalized then it wouldn't/(may not) make any difference or that the jvm wil continue to cache lookup values? that's an interesting pont. But how do we verify? just curious...
Thank you!!
> System.setProperty("networ
>>That will work if the property is not read before this point (as I think it caches it)...
Do you mean, if the property is set using the above statement after it has been initalized then it wouldn't/(may not) make any difference or that the jvm wil continue to cache lookup values? that's an interesting pont. But how do we verify? just curious...
Thank you!!
Unfortunately, I don't think so... I think that number is set when the jvm loads tomcat, so you would have to set it in the JAVA_OPTS
> Also, is there an easy way to access jvm parameters in Filter or servlet?
System.getProperty( "propname" ) ;