2

We have installed Tomcat server where our web application is currently hosted and along with this we have Siteminder installed for SSO. The setup works perfectly fine with version 9.0.20 but lately we are having problems accessing the web application URL version 9.0.31 and 9.0.33 where it is not possible to access web application post Siteminder authentication and we just get loading page without any error. One thing I noticed is the permission on Tomcat9 folder while installation is getting changed even though we have inherit permission from parent enabled. This I have checked by creating empty folder before using the folder for Tomcat9 installation. As soon the installation is complete, the folder permissions are getting changed.

I have already checked with Siteminder team and there is no issue at their end and they suspect that issue is the inability of the application to respond to the request. I have not see any logs getting generated as well to find the root cause.

Is there anyone who has faced similar issue? Any help would be appreciated.

The only error/warning I see in tomcat9-stderr logs looks like below.

SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to start component [Connector[AJP/1.3-8009]]
    org.apache.catalina.LifecycleException: Protocol handler start failed
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1038)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.core.StandardService.startInternal(StandardService.java:438)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:633)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:343)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:474)
    Caused by: java.lang.IllegalArgumentException: The AJP Connector is configured with secretRequired="true" but the secret attribute is either null or "". This combination is not valid.
        at org.apache.coyote.ajp.AbstractAjpProtocol.start(AbstractAjpProtocol.java:264)
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1035)

Please note that if I revert back to Tomcat 9.0.20, everything works fine. So there should be something wrong with Tomcat itself. Please let me know.

Thanks!

user1194310
  • 129
  • 1
  • 4
  • 14

2 Answers2

2

Apparently the issue seems to be with missing configuration of AJP connector in 9.0.31 and 9.0.33. The change was to add missing parameter "secret" to AJP connector section in server.xml and also added this secret attribute in Workers.properties file which was used for Siteminder redirection. Post Tomcat restart the issue was resolved.

user1194310
  • 129
  • 1
  • 4
  • 14
0

In your case, connector port itself is not initiated . Did you check the Tomcat properties

Under Java Options section check the properties, might be missing some parameters.

Thank you

Hari Prassad Kannan
  • 58
  • 8