> Why getContext("/app") ??
>
> HTTP Sessions are local to each web application.
>
> If "protected.html" belongs to a different web application, it would
> not (and cannot) know that you invalidated session in this webapp.
Hi
You're right: protected.html belongs another web application.
But my To
2011/9/7 Chema :
> ServletContext context = this.getServletContext().getContext("/app");
> if (context != null)
> response.sendRedirect(context.getContextPath() + "/protected.html" );
>
> I hoped that login.html was return but protected.html is
>
Why getContext("/app") ??
HTTP Sessions are
2011/9/27 ilyal levin :
> Hi
>
> I should mention that i'm new to tomcat and the servlet idea.
> i'm using tomcat v6 and eclipse 3.7.
> I installed a tomcat plugin to eclipse,
Which one and why?
There is "Eclipse for Java EE developers" that includes support for
Tomcat (and other web servers) th
Hi
I should mention that i'm new to tomcat and the servlet idea.
i'm using tomcat v6 and eclipse 3.7.
I installed a tomcat plugin to eclipse, set the necessary configuration and
wrote a simple java program for the tomcat to run, and it works fine - all
i'm doing to activate tomcat is the start but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pid,
On 9/23/2011 5:59 AM, Pid wrote:
> Your code could request.forward() to another Servlet which
> actually returned the image, or could read the image from where it
> was stored & serve it directly into the outputstream.
Direct-serving would be be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chema,
On 9/23/2011 6:49 AM, Chema wrote:
>>
>> In your code, you would examine the Principal & see if it had
>> permission to proceed. Then return the resource or an error,
>> accordingly.
>>
>
> On my way , I would put "your code that examine t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexis,
On 9/23/2011 5:40 PM, alexis wrote:
> Hello, sorry to post OT, im facing an issue to handle some xml
> using jaxb and i would like to know if somebody can help on this.
>
> Again, sorry to bother on this, but is important.
If it was that imp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Casey,
On 9/22/2011 3:33 PM, Casey Burk wrote:
> First and foremost, forgive me if my method of delivery hasn't
> followed the normal protocol (this is my first time doing this).
Welcome.
> Secondly, the server I'll be deploying my web apps to is a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 9/26/2011 11:30 AM, André Warnier wrote:
> Leo Donahue - PLANDEVX wrote:
>> In light of the recent announcement, is securing Tomcat Manager
>> with org.apache.catalina.valves.RemoteAddrValve enough if we are
>> using 127.0.0.1 or should I co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 9/26/2011 9:29 AM, André Warnier wrote:
> You may also want to have a look at SecurityFilter, which could
> well be an easier way for you
> (http://securityfilter.sourceforge.net/) I do not think that it has
> provisions for "automatically"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bruce,
On 9/26/2011 9:34 AM, Wilde, Bruce R. wrote:
> Great! Now, when is the Security update going to release the change
> for 6.0.34 baseline?
Nobody has been talking about it on the dev list.
If you're talking about a fix for CVE-2011-3190, there
Remon Sadikni wrote:
Dear Tomcat developers and users,
I managed to restrict a web application by IP-adress with
RemoteAddrValve and to restrict another one by basic authentication. Now
I would like to restrict the same web application by both methods:
- If the user is inside a specific networ
Leo Donahue - PLANDEVX wrote:
In light of the recent announcement, is securing Tomcat Manager with
org.apache.catalina.valves.RemoteAddrValve enough if we are using 127.0.0.1 or should I
consider changing the manager auth-method from BASIC to FORM and enable HTTPS as well?
Is running Tomcat a
In light of the recent announcement, is securing Tomcat Manager with
org.apache.catalina.valves.RemoteAddrValve enough if we are using 127.0.0.1 or
should I consider changing the manager auth-method from BASIC to FORM and
enable HTTPS as well? Is running Tomcat as a Windows service considered
Great!
Now, when is the Security update going to release the change for 6.0.34
baseline?
V/R,
Bruce
-Original Message-
Sent: Friday, September 23, 2011 7:22 AM
To: Tomcat Users List
Subject: Re: Availability of Tomcat 5.5.34
Tomcat 5.5.34 was released and announced yesterday...
-
Remon Sadikni wrote:
Dear Tomcat developers and users,
I managed to restrict a web application by IP-adress with
RemoteAddrValve and to restrict another one by basic authentication. Now
I would like to restrict the same web application by both methods:
- If the user is inside a specific networ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST
authentication
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.11
- - Tomcat 6.0.0 to 6.0.32
- - Tomcat 5.5.0 to 5.5.33
- - Earlier
Dear Tomcat developers and users,
I managed to restrict a web application by IP-adress with
RemoteAddrValve and to restrict another one by basic authentication. Now
I would like to restrict the same web application by both methods:
- If the user is inside a specific network (e.g. 134.134.*.*),
18 matches
Mail list logo
