Jeremy Wilkinson

Yes... I have watched the existing apps run in the manager and I have seen garbage collection work. Do you have any idea why one instance on one machine will work fine when deploying 13+ apps with a max heap of 64meg for memory, but those on another with 512 meg will not deploy those same 13 apps. The only difference really is the fact that I use AJP13 to connect my Apache web server to the Tomcat. Do you know anything about AJP holding threads?

I have been developing web applications, bundling as WAR's, and deploying to Tomcat version 6. My production server is configured to receive requests on a Apache server and redirect to Tomcat with AJP1.3. Aside from a few configuration changes to support higher volumes, virtual hosts, and different listener ports, I am baffled by the amount of memory being consumed at deployment or restart of my tomcat instance. I have 13 different web apps I would like to deploy on this Tomcat instance, but keep running out of memory when trying to deploy more than 9. I have increased the memory options to a max of 512m but am wondering if I am missing something or have configured something wrong because my test server Tomcat instance is configured with a 64m max and has all 13 apps deployed and starts just fine.

Can anyone point me in an direction that will help me better understand why 64 meg will allow for deployment of 13 web apps, but those same 13 will not deploy with an instance setup for 512 meg?

Also, I have created another instance to support the apps that I can not deploy on my primary instance but assume I will run into the same problem once I start adding more web apps to that one too. So I started setting up another instance of Tomcat and it will not start and fails with the following error.

Caused by: java.lang.OutOfMemoryError: unable to create new native thread
at java.lang.Thread.start0(Native Method)
at java.lang.Thread.start(Unknown Source)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.<init>(ThreadPool.java:649)
at org.apache.tomcat.util.threads.ThreadPool.openThreads(ThreadPool.java:521)
at org.apache.tomcat.util.threads.ThreadPool.start(ThreadPool.java:150)
at org.apache.jk.common.ChannelSocket.init(ChannelSocket.java:436)
at org.apache.jk.server.JkMain.start(JkMain.java:370)
at org.apache.jk.server.JkCoyoteHandler.start(JkCoyoteHandler.java:144)
at org.apache.catalina.connector.Connector.start(Connector.java:1087)
at org.apache.catalina.core.StandardService.start(StandardService.java:534)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
... 6 more

Any help would be greatly appreciated.

After searching the apache documentation I did find custom authentication information using JAASRealm. Looks like I'm going to have to do a little studying to get this working.

Yes, I do have a session listener setup to remove the token when the session times out or the user clicks on logout. I like the idea of authenticating with a custom Realm. Can you point me in the right direction to get this coded, maybe an example I can use as a model?

When a user logs in successfully I write an entry to a database table with their session id and login id. I want to limit the number of times a user can login with the same user id. Is there a way to add additional authentication checks to the j_security_check process?

Found it...
It was kind of tricky because header names that are not passed via the request are not populated in the Enumeration object. Here is the code I used to list out the headers from the request.

Enumeration e = request.getHeaderNames();
String name = "";
while (e.hasMoreElements()) {
name = (String) e.nextElement();
System.out.println(name + ": " + request.getHeader(name));
}

... and here is how to get the header that returns the link back URL.
request.getHeader("referer")

You will need to convert your date object to a timestamp object before inserting it. For example...

Calendar cal = Calendar.getInstance();
java.util.Date now = new Date(cal.getTimeInMillis());
java.sql.Timestamp currentTimestamp = new java.sql.Timestamp(now.getTime());

It is much easier to compare dates and check differences when using milliseconds. I use this online utility to help me figure out my time conversions

If someone puts a link back to my site on there site, is there a way to tell where they came from with out using url parameters. For example, website www.xyz.com has link on their site that links to my site www.abc.com. Is there something in the request header that will tell me that the incoming request came through www.xyz.com?

I use Web Alert Now to monitor all of my websites. It's easy to use, and it will send email and text messages when you websit is down. They also send monthly reports and I can monitor my sites every 5 minutes if I want. Plus its only 12 bucks a year...

Thanks for the info. I will keep it the way it is which is requiring users to login after they complete the registration process.

I see... But my goal is to continue using the container based approach, hence I want to emulate a j_security_check with out really doing it. I may have asked the question wrong. I don't want to manage access in the application, but will if it is the only way.

I want to authenticate a user after they register on my site with out having to send them to a login page. Is there a way to take the user id and password from my registration form and use that to authenticate the user instead of using the j_security_check action.

I want to authenticate a user after they register on my site with out having to send them to a login page. Is there a way to take the user id and password from my registration form and use that to authenticate the user instead of using the j_security_check action.