TomCat/ updating/ errors

I am running Lucee Tomcat 8 and want to update lately have windows process Commons Daemon Service Runner / Having high CPU uses.
I just updated to Lucee version (5.3.4.80) and run on Windows 2016 using IIS.
What is the latest Tomcat version supported by Lucee?
Is there a recommend update process?
I tried downloading Tomcat placing files, etc. But got the error in the browser:

Generic Connector Communication Error:
Please check and adjust your setup:
Ensure that Tomcat is running on given host and port.
If this is a timeout error consider adjusting IIS timeout by changing executionTimeout attribute in web.config (see manual).

Not sure what I missed. I am not familiar for Tomcat, only experience is using for Luccee.
Any thoughts? Or troubleshooting suggestions?

Thanks!!!

Java Version: Where do I find this?

You can find everything to servlet container/os/java versions by logging into your lucee server admin page on http://localhost:8888/lucee/admin/server.cfm in the “overview” section.

This Error is a connector error. That is very probably because you’ve overwritten tomcats configuration files, changing port/connector/host settings and now your IIS can’t connect to your tomcat. Upgrading and pitfalls depends very much on your setup (boncode version/tomcat version/java versiom), but in most cases (and probably yours) the easiest way to upgrade tomcat is:

  1. Stop IIS and Tomcat (Lucee) services.
  2. Make a backup of your working tomcat folder (e.g. named tomcat_backup)
  3. Make a second copy of your working tomcat folder, that will later serve as the new tomcat folder (e.g. named tomcat_new)
  4. download the latest tomcat version from apache, unpack it and copy the content of the lib folder to your tomcat_new/lib folder
  5. rename your acutal working tomcat folder from tomcat in tomcat_old
  6. Rename your new tomcat folder from tomcat_new into tomcat
  7. Make sure your server.xml connector attribute for AJP is in accordance with the new tomcat default settings ( see this topic here https://lucee.daemonite.io/t/tomcat-cve-2020-1938-ghostcat-ajp/6650/25 )
  8. Start tomcat/lucee services and watch out for any error logs.

Please see also this link here…instructions for upgrading Tomcat to the latest point release 16, thankfully posted by @Julian_Halliwell in the other topic mentioned above.

1 Like

Thanks!
I did all of the above but not only the lib folder.
I looked for the configs in the xml files and tried to bring over custom attributes. Must have missed something. On the TomCat service I see it still points to Tomcat 8. The file reference was static and could not be changed. How would we have the TomCat service point to the new version of TomCat? Thanks!!!

Still having issues/ errors:

I brought over just the lib files from the latest version of TomCat.

Made sure the mod_cfml jar was brought over as well.
I updated value for “secret” in C:\Windows\BonCodeAJP13.settings
Settings>
Server>localhost Server>
Port>8009 Port>
EnableRemoteAdmin>True EnableRemoteAdmin>
EnableHeaderDataSupport>True EnableHeaderDataSupport>
ForceSecureSession>False ForceSecureSession>
AllowEmptyHeaders>False AllowEmptyHeaders>
ModCFMLSecret>89a2dbf8ec4f~~ ModCFMLSecret>
Secret>“NewSecret” Secret>
Settings>

I updated C:\lucee\tomcat\conf\server.xml
added:
//Connector port=“8009” protocol=“AJP/1.3” redirectPort=“8443” secret=“NewSecret” //

Getting the error in the browser:
////////////////

403 - Forbidden: Access is denied.

You do not have permission to view this directory or page using the credentials that you supplied.

/////////////

I see this in the application.log:
“INFO”,“Thread-15”,“03/08/2020”,“14:11:46”,“lucee.runtime.engine.Controler”,“check size of directory [C:\inetpub\wwwroot\site\WEB-INF\lucee\cache]; current size [0];max size [104857600]”

Any thoughts as to what else needs to be done???
Any help is much appreciated!!!

Did you already try it the way described by just copying the lib files (after making a backup)? If you don’t do it that way, you’ll probably will miss more (not only config files, but for example also needed jar-files that are not in apaches tomcats default distros). There shouldn’t be any need to change the service also. If you want to do it by downloading tomcats original distro and use it just as downloaded, you’ll have to go through lucees docs and cross check all settings:

And

1 Like

For service settings, see

1 Like

What happens if you set up secretRequired=“false” (there must not be set a secret=“yoursecret” because of a tomcat bug then) in the connector of tag for ajp in the server.xml? And one last thing… When updating boncode setting, make sure your boncode version supports secret, and make also sure to restart IIS service. Your 403 error is because of secret settings for sure. Wish you the best luck.

Thanks.
After trying everything had no further progress.
Stayed up to 3am then woke up a few hours later trying to debug.
I ultimately uninstalled Lucee, , Tomcat, and all components in between.
Went through rough reinstall attempts, spent time with Java, Tom Cat and Lucee.
Finally got where I was with the errors.~~
Looks like last change was on server.xml:
<Connector protocol=“AJP/1.3”
Removing default reference to addres=“127.0.0.1”.
Now rebuilding all my sites.
Many tears and sweat been shed this day…
Thanks all.

1 Like