Re: Tomcat security handling spec non-compliance

2003-03-27 Thread Jeff Tulley
More info: Pre-existing bug in bugzilla, 10229. It seems to be a connector issue. As the bug states, I can use the old org.apache.catalina.connector.http.HttpConnector and get the desired correct behavior. Since the Coyote Connector is used widely and is the default, any chance of getting this f

Re: Tomcat Security

2001-05-11 Thread cmanolache
On Fri, 11 May 2001, Benjamin Chad wrote: > Hi, > What security development still needs to be done on Tomcat? Depends on what you mean by "security" :-) If you're talking about authentication -> we need to better integrate tomcat with auth mechanisms in the web server ( that should be part of t

RE: Tomcat Security

2001-05-10 Thread Chen, Hao Han
Hello Ben, A good thorough security audit of Tomcat can be a good project. cheers... -Original Message- From: Benjamin Chad [mailto:[EMAIL PROTECTED]] Sent: Friday, May 11, 2001 11:28 AM To: [EMAIL PROTECTED] Subject: Tomcat Security Hi, What security development still needs to be don