WebPage not came up even tomcat is up and running

Hi Friends, today i come across a situation where my tomcat was up and running but after extraction of war file it is giving error due to this my web page was not coming up. Please find the below error for reference.

java.lang.IllegalArgumentException: taglib definition not consistent with specification version
        at org.apache.catalina.startup.TaglibLocationRule.begin(WebRuleSet.java:1274)
        at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1276)
        at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:501)
        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1363)
        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2755)
        at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:511)
        at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:808)
        at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
        at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119)
        at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
        at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
        at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1537)
        at org.apache.catalina.startup.ContextConfig.parseWebXml(ContextConfig.java:1883)
        at org.apache.catalina.startup.ContextConfig.webConfig(ContextConfig.java:1252)
        at org.apache.catalina.startup.ContextConfig.configureStart(ContextConfig.java:878)
        at org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:376)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90)
        at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5322)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:633)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:976)
        at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1653)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
        at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
        at java.util.concurrent.FutureTask.run(FutureTask.java:138)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)


Solution:-

The error which it is giving related to tag lib. We checked the web.xml that got extracted from the war file under the folder webapps and searched for that tag lib in the web.xml. We enclosed the tag-lib with <jsp-config> like below and restarted again tomcat. Bingo it came up.

<jsp-config>
         <taglib>
               <taglib-uri>
                     /projsp
               </taglib-uri>
               <taglib-location>
                     /WEB-INF/tags/taglib.tld
               </taglib-location>
         </taglib>
</jsp-config>

FTP Configuration

Below steps are applicable where vsftd is not enabled yet.

Pre Requisite:
------------------------
vsftpd rpm should be installed in server.

rpm -qa | grep -i vsftpd
vsftpd-2.0.5-12.el5


Method Of Procedure
---------------------------------
Step 1: Create User  with password
           Ex: useradd fbftp
                 passwd fbftp

Step 2: Changing its default home directory from "/home/fbftp"
usermod -d "/var/fbftp" fbftp

Note - Its default home directory gets changed from "/home/fbftp" to "/var/fbftp"

Step 3: Create home directory path for ftp user
             mkdir -p /var/fbftp

Step 4: Change ownership of user's home directory:
            Ex: chown -R fbftp:fbftp fbftp

Step 5: Change ftp user  privileges
            /etc/vsftpd/vsftpd.conf

Enable below param:
chroot_list_enable=YES (This is used to restrict user to that path)
chroot_list_file=/etc/vsftpd/chroot_list

Step 6: Add the user in chroot_list file.
            /etc/vsftpd/chroot_list

Note - Just add user in single new line. For example column wise as below.
fbftp
fbftp1
fbftp2

Step 7: Disable ssh login for ftp user using below command:
              usermod -s /sbin/nologin <user>
      Ex:  usermod -s /sbin/nologin fbftp

Step 8: Restart vsftpd
service vsftpd restart

Testing -
Login to ftp from any other server and try to navigate to other path (like /opt,/var,/etc)
Try to ssh to the server using fbftp as user. Login should get failed

How to configure SSL/TLS support on Tomcat

To install and configure SSL/TLS support on Tomcat, you need to follow these simple steps.

Unix:
=====
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
and specify a password value of "changeit".

Uncomment the "SSL HTTP/1.1 Connector" entry in $CATALINA_BASE/conf/server.xml and modify as described in the Configuration section below.

Tomcat currently operates only on JKS, PKCS11 or PKCS12 format keystores. The JKS format is Java's standard "Java KeyStore" format, and is the format created by the keytool command-line utility. This tool is included in the JDK. The PKCS12 format is an internet standard, and can be manipulated via (among other things) OpenSSL and Microsoft's Key-Manager.

Each entry in a keystore is identified by an alias string. Whilst many keystore implementations treat aliases in a case insensitive manner, case sensitive implementations are available. The PKCS11 specification, for example, requires that aliases are case sensitive. To avoid issues related to the case sensitivity of aliases, it is not recommended to use aliases that differ only in case.

To import an existing certificate into a JKS keystore, please read the documentation (in your JDK documentation package) about keytool. Note that OpenSSL often adds readable comments before the key, but keytool does not support that. So if your certificate has comments before the key data, remove them before importing the certificate with keytool.

To import an existing certificate signed by your own CA into a PKCS12 keystore using OpenSSL you would execute a command like:

openssl pkcs12 -export -in mycert.crt -inkey mykey.key
                        -out mycert.p12 -name tomcat -CAfile myCA.crt
                        -caname root -chain
For more advanced cases, consult the OpenSSL documentation.

To create a new JKS keystore from scratch, containing a single self-signed Certificate, execute the following from a terminal command line:


Unix:

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
(The RSA algorithm should be preferred as a secure algorithm, and this also ensures general compatibility with other servers and components.)

This command will create a new file, in the home directory of the user under which you run it, named ".keystore". To specify a different location or filename, add the -keystore parameter, followed by the complete pathname to your keystore file, to the keytool command shown above. You will also need to reflect this new location in the server.xml configuration file, as described later. For example:

Unix:

$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
  -keystore /path/to/my/keystore
After executing this command, you will first be prompted for the keystore password. The default password used by Tomcat is "changeit" (all lower case), although you can specify a custom password if you like. You will also need to specify the custom password in the server.xml configuration file, as described later.

Next, you will be prompted for general information about this Certificate, such as company, contact name, and so on. This information will be displayed to users who attempt to access a secure page in your application, so make sure that the information provided here matches what they will expect.

Finally, you will be prompted for the key password, which is the password specifically for this Certificate (as opposed to any other Certificates stored in the same keystore file). The keytool prompt will tell you that pressing the ENTER key automatically uses the same password for the key as the keystore. You are free to use the same password or to select a custom one. If you select a different password to the keystore password, you will also need to specify the custom password in the server.xml configuration file.

If everything was successful, you now have a keystore file with a Certificate that can be used by your server.

How to free Inode ?

Inode is full how to make it free

Recently I come across the situation where I am unable to create a empty file on server even though space is available on server. Then i checked the inode by below command

df -i

It showed that my inode is 100% full due to this i am unable to create anything on the server.

Then we did du -sh * for all directories. During running the command du -sh * some directory is taking too much time to give output. When we checked inside that directory it contained lot of empty files.When we cleared those files we checked the inode it is free now. WOW!