Message-ID: <1125592891.1349.1495537046346.JavaMail.confluence@gw81> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_1348_482666230.1495537046344" ------=_Part_1348_482666230.1495537046344 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html Troubleshooting Tomcat

Troubleshooting Tomcat

=20 =20
=20

Tomcat 5.5 or later is required!  Tomcat6 is recommended.  Are= you are using an older version of Tomcat?

=20

General troubleshoo= ting

=20

The first thing to do when troubleshooting tomcat is to check the tomcat= logs. They are found at C:\Program Files\Apache Software Foundation\Tomcat= 6.0\logs - look for the one named stdout_yyyymmdd.txt where yyyymmdd is to= day's date. If this log is too long and you can't find the relevant part, y= ou can stop the tomcat service (in Windows using control panel, administrat= ive tools, services), rename the file to stdout_yyyymmdd_old.txt, restart t= omcat and it will start writing a new log at stdout_yyyymmdd.txt.

=20

Sluggish performance=20

Confirm that you have installed tomcat from the tomcat.apache.org websit= e. The apt-get install of Ubuntu tomcat6 has terrible performance consequen= ces.

=20

Running To= mcat as a Service on Ubuntu

=20

If you're trying to run Tomcat as a serving on Ubuntu, you will likely r= un into permission issues. The easiest way to solve this issue is to disabl= e the Java security manager in /etc/init.d/tomcat6.

=20

Error:

=20
=20
java.security.AccessControlException: access denied (java.io.FilePermission=
 /usr/share/tomcat6/webapps/openmrs/WEB-INF/dwr-modules.xml delete)
=20
=20

Solution:

=20
=20
# Use the Java security manager? (yes/no)
TOMCAT6_SECURITY=3Dno
=20
=20

Error: prunsrv.c Failed creating ... jvm.dll=20

If you cannot start the Tomcat service, try checking the tomcat logs at = C:/Program Files/Apache Software Foundation/Tomcat/logs. If these logs give= errors like "Failed creating java C:\Program Files\Java\jre1.6.0\bin\= client\jvm.dll" then do the following:

=20 =20

Tomcat hangs and stops responding when uploading the war file=20

When uploading the war file, Tomcat hangs and stops responding. This typ= ically occurs if you have not defined a MySQL user account that OpenMRS can= use to access the database or if you have not granted this user full acces= s to the OpenMRS database.

=20

The default username is test with password test= . The default username/password can be overridden in the o= penmrs_runtime_properties.properties configuration file.

=20

To fix this: use Navicat or the MySQL administration tool (available fro= m MySQL) to verify that you have a user with username test and password test and this user has full access to the= OpenMRS database.

=20

Tomcat error when uploading war file - File= UploadBase$SizeLimitExceededException

=20

When uploading the war file, you can get the following error message wit= h Tomcat's default settings.

=20
=20
description The server encountered an internal error () that prevented it f=
rom fulfilling this request.
exception
java.lang.IllegalStateException: org.apache.tomcat.util.http.fileupload.Fil=
eUploadBase$SizeLimitExceededException: the request was rejected because it=
s size (54624465) exceeds the configured maximum (52428800)
=20
=20

To fix this: Go to the web.xml of the manager application (for instance = it could be under /tomcat7/webapps/manager/WEB-INF/web.xml).
Increase= the max-file-size and max-request-size:

=20
=20
<multipart-config>
<!=E2=80=93 50MB max =E2=80=93>
<max-file-size>52428800</max-file-size>
<max-request-size>52428800</max-request-size>
<file-size-threshold>0</file-size-threshold>
</multipart-config>
=20
=20

Cannot con= nect to Tomcat on port 8080

=20

This port is sometimes used by other programs, such as Popfile and TivoS= erver. You can use the Windows "netstat -ao" command to discover = if another process is using port 8080.

=20

In one case, software for a HP Laserjet 2840 printer was trying to use p= ort 8005, which conflicts with Tomcat startup.

=20

jav= a.lang.OutOfMemoryError PermGen space

=20

This error will appear after Tomcat has exhausted all of its memory. Thi= s is typically caused by using the "Update" or "Reload"= function on a webapp too many times. Currently, Tomcat and/or the JVM isn'= t releasing all of the memory when a webapp is destroyed/recreated. After s= everal reloads Tomcat is out of its allotted memory and will hang or freeze= . Read more at ?Tro= ubleshooting Memory Errors.

=20

Can't deploy appli= cations

=20

This solution assumes you are using a Linux machine. If you are not, you= may have to "translate" the general method into a Windows enviro= nment. First, undeploy the application from the Tomcat web interface. Next,= log into the server's command line interface as root and find the process = id using

=20
=20

ps ax | grep tomcat

=20
=20

It will likely be the first item returned and you will know because it's= about three or four lines long. Find the process id (the first number on t= hat line), and kill it with

=20
=20

kill -9 processid

=20
=20

Now restart the service with

=20
=20

service tomcat6 start

=20
=20

Log back into the Tomcat web interface and deploy your application.

= =20

Reporting Op= enMRS Errors by Email

=20

OpenMRS logs all errors using the log4j framework and while this is usef= ul, serious errors are often written to file and forgotten. Fortunately, lo= g4j supports email alerts through the SMTPAppender.

=20

Find your log4j.xml file, add the following.

=20
=20
<appender name=3D"EMAIL"  class=3D"org.apache.log4j.net.S=
MTPAppender">
=09<param name=3D"BufferSize" value=3D"512" />
=09<param name=3D"SMTPHost" value=3D"localhost" />=
;
=09<param name=3D"From" value=3D"log4j@openmrs.org" =
/>
=09<param name=3D"To" value=3D"errors@openmrs.org" /=
>
=09<param name=3D"Subject" value=3D"OpenMRS Error" /=
>
=09<layout class=3D"org.apache.log4j.PatternLayout">
=09=09<param name=3D"ConversionPattern"
=09=09=09value=3D"%p - %C{1}.%M(%L) |%d{ISO8601}| %m%n" />
=09</layout>
=09<filter class=3D"org.apache.log4j.varia.LevelRangeFilter"&g=
t;
=09=09<param name=3D"LevelMin" value=3D"ERROR"/>
=09=09<param name=3D"LevelMax" value=3D"FATAL"/>
=09</filter>
</appender>
=20
=20

You will also have to modify the root.

=20
=20
<root>
=09<level value=3D"WARN" />
=09<appender-ref ref=3D"CONSOLE" />
=09<appender-ref ref=3D"EMAIL" />
</root>
=20
=20

Be sure to change SMTPHost, From, To, and Subject to reflect your enviro= nment. The layout of the email can be controlled using ConversionPattern (a= lthough there seems to be a bug with now stack traces are printed). LevelMi= n and LevelMax changes which log messages are emailed. In the above example= , WARN messages are passed to CONSOLE and EMAIL. Only log messages that are= classified between ERROR and FATAL (inclusive) are emailed.

=20

For more information on log4j and email, check out
Reporting Application Errors by Email and AuthSMTPAppender.

=20

En= abling secure (SSL) data transfer in Tomcat

=20

SSL, or Secure Socket Layer, is a technology which allows web browsers a= nd web servers to communicate over a secured connection. This means that th= e data being sent is encrypted by one side, transmitted, then decrypted by = the other side before processing. This is a two-way process, meaning that b= oth the server AND the browser encrypt all traffic before sending out data.= On the web, unsecure data arise often passed over HTTP (port 80) while sec= ure data is passed over HTTPS (port 443).

=20

Because the security of medical information is essential, it is importan= t for all OpenMRS data to be passed over HTTPS. Of course, in addition to s= ecuring internet communication, implementers must also ensure the local net= work is secure, security patches are applied, strong passwords are used, an= d the OpenMRS machine physically secured.

=20

To enable SSL in Tomcat, follow the instructions at Apache's Tomcat SSL Configuration page. InstallCert.java can help you install your self-creat= ed certificate on your client machines. GoDaddy/Verisign certificates work = out of the box.

=20

Once SSL is running, implementers may wish to redirect all unsecure requ= ests to secure channels. To do this, a few configuration files in Tomcat mu= st be changed.

=20

First, make sure all Tomcat applications require HTTPS to operate. Find = the $TOMCAT_HOME/conf/web.xml file. At the bottom of the file, immediately = before make sure the following is uncommented (or added).

=20
=20
<!-- =3D=3D Force all applications to use SSL =3D=3D -->
=09<security-constraint>
=09    <web-resource-collection>
=09        <web-resource-name>All applications</web-resource-name&=
gt;
=09        <url-pattern>/*</url-pattern>
=09    </web-resource-collection>
=09    <user-data-constraint>
=09        <description>Redirect all requests to HTTPS</descriptio=
n>
=09        <transport-guarantee>CONFIDENTIAL</transport-guarantee&=
gt;
=09    </user-data-constraint>
=09</security-constraint>

</web-app>
=20
=20

Then, ensure all requests to the HTTP port are forwarded to the HTTPS po= rt. Find the $TOMCAT_HOME/conf/server.xml file. In the HTTP connector secti= on, ensure the redirectPort is pointing towards your HTTPS connector. Final= ly, ensure the HTTPS connector has SSL enabled. An example minimum configur= ation is below.

=20
=20
<Connector port=3D"8080" protocol=3D"HTTP/1.1"
           connectionTimeout=3D"20000"
           redirectPort=3D"8443" />

<Connector port=3D"8443" protocol=3D"HTTP/1.1" SSLEn=
abled=3D"true"
           maxThreads=3D"150" scheme=3D"https" secure=
=3D"true"
           clientAuth=3D"false" sslProtocol=3D"TLS" /&g=
t;
=20
=20

Lost tomcat password=20

You can retrieve the tomcat admin password from C:\Program Files\Apache = Software Foundation\Tomcat 6.0\conf\tomcat-users.xml

=20

"SEVERE: Error listenerStart" in tomcat logfile

= =20

You deploy the openmrs.war, but it fails to start, with the only clue tw= o simple messages in the tomcat logfile...

=20
=20
SEVERE: Error listenerStart
SEVERE: Context [/openmrs] startup failed due to previous errors
=20
=20

Well, it is most likely a problem with the application_data_directory. I= nvestigate these questions:

=20
    =20
  • have you created the runtime propert= ies file?
  • =20
  • have you specified application_data_directory in the runtime properties= ?
  • =20
  • does the directory exist?
  • =20
  • does tomcat have read/write permissions to the directory?
  • =20
=20

If that all checks out, then you probably have security violations with = your tomcat configuration.

=20

Error Loadin= g Persisted Sessions

=20

Tomcat tries to restore the exact memory state after each restart. OpenM= RS does not depend on this, so you can ignore the annoying warnings printed= to the logs that look like this:

=20
=20

SEVERE: IOException while loading persisted sessions: java.io.WriteAbort= edException: writing aborted; java.io.NotSerializableException:

=20
=20

To turn off session persistence, Go to tomcathome/conf/server.xml and un= comment the "<Manager pathname=3D"" />" line

= =20

ElException in p= arsing some JSP pages (Updated tomcat 7 and may be other servlet containers= that conform to EL Spec 2.2)

=20

In the latest version of EL S= pec v2.2, Java identifiers and reserved keywords cannot be used in EL e= xpression. In OpenMRS we have some parts in JSP that do not conform to this= new spec. To workaround this problem, you can add "-Dorg.apache.el.pa= rser.SKIP_IDENTIFIER_CHECK=3Dtrue" to CATALINA_OPTS environment variab= le - See discussion: Identifier creation doesn't work i= n trunk

=20

Troubleshootin= g Installation

=20

For more troubleshooting tips see Troubleshooting Installation.

------=_Part_1348_482666230.1495537046344--