On 29/08/2012 13:22, Mark Thomas wrote:
> On 29/08/2012 08:29, Awdhesh Kumar wrote:
>> I am working with Tomcat 7.0.X.
>
> Just to be clear, do you mean Tomcat 7.0.x built from tc7.0.x/trunk in
> svn or do you mean some unknown Tomcat 7 version?
I have started some work to improve the cluster inf
2012/8/27 Sérgio :
> Hi.
>
> I am trying to use the Tomcat Maven Plugin to create an executable jar file
> with an embedded Tomcat7, but I am having two issues when trying to do so.
>
> The first one, is that I am not getting how I can stop my executable jar. I
> want to run it in from a script (li
> -Original Message-
> From: Olivier Lamy [mailto:ol...@apache.org]
> Sent: Friday, August 31, 2012 6:58 AM
> To: Tomcat Users List
> Subject: Re: tomcat7-maven-plugin doesn't understand Maven filtering of
> context files?
>
> 2012/8/30 Knute Snortum :
> > See below:
> >
> >> -Origin
2012/8/31 Konstantin Kolinko :
> Hi!
>
> Just noting that Java 6u35, 7u07 were released by Oracle a day ago
> http://www.oracle.com/technetwork/java/javase/downloads/
>
> Those contain security fixes for issues exploitable when running Java
> from within a web browser. (Those running it on server o
In case it's not clear, Oracle normally strictly alternates between
security-only (or very, very nearly security only) and
performance/bug-fix updates.
In this particular case they had to alter their plans -- as they had to
get a security fix out the door immediately.
On 8/31/2012 10:31 AM,
Thanks Everyone. I agree on the security issue just seemed the last couple of
updates had no substance beyond just security. MS sends updates quite often but
I look forward to advances in other areas like performance ect.
Regards,
-Tony
--- On Fri, 8/31/12, Jess Holle wrote:
From: Jess Holl
On 31/08/2012 16:22, Jess Holle wrote:
Well, don't give Oracle too much credit -- or grief.
According to various articles (look them up, I didn't save the URLs),
they were notified of these vulnerabilities ~4 months ago.
Unfortunately several days ago serious attacks in the wild using these
Well, don't give Oracle too much credit -- or grief.
According to various articles (look them up, I didn't save the URLs),
they were notified of these vulnerabilities ~4 months ago.
Unfortunately several days ago serious attacks in the wild using these
vulnerabilities were discovered -- after
Just my smarmy reply to Tony's "when Sun owned Java" comment...
Used to be when Sun owned Java you got security updates months, not days, after
a vulnerability like this was discovered. :-)
Not saying I like Oracle (I loathe it most days); just making the point that
they were REALLY good about
Read the second link and you have quite a reason for upgrading :)
Actually all teamlers at GameForge was told to disable java in browsers
because of this security issue...
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 31-08-2012 17:02, Tony Anecito skrev:
Hi All,
I looked at the rel
On 31/08/2012 16:02, Tony Anecito wrote:
Hi All,
I looked at the release notes and there was nearly nothing there. So justification to update was impossible. Oracle needs to realize that releases with just one security and one time clock change makes it impossible to explain to anyone why we n
On 8/31/2012 11:02 AM, Tony Anecito wrote:
Hi All,
I looked at the release notes and there was nearly nothing there. So
justification to update was impossible. Oracle needs to realize that releases
with just one security and one time clock change makes it impossible to explain
to anyone why w
Hi All,
I looked at the release notes and there was nearly nothing there. So
justification to update was impossible. Oracle needs to realize that releases
with just one security and one time clock change makes it impossible to explain
to anyone why we need to update an Enterprise.
Just my in
Hi!
Just noting that Java 6u35, 7u07 were released by Oracle a day ago
http://www.oracle.com/technetwork/java/javase/downloads/
Those contain security fixes for issues exploitable when running Java
from within a web browser. (Those running it on server or standalone
are said to be unaffected).
ht
2012/8/30 Knute Snortum :
> See below:
>
>> -Original Message-
>> From: Knute Snortum [mailto:ksnor...@catalystitservices.com]
>> Sent: Wednesday, August 29, 2012 3:05 PM
>> To: Tomcat Users List
>> Subject: RE: tomcat7-maven-plugin doesn't understand Maven filtering of
>> context files?
>>
Felix:
Aha, you're suggesting a firewall issue, which I've been speculating
on. Thanks for confirmation about the persistent connection that
JDBCRealm tries to keep.
I'll look into the DataSourceRealm. Thanks for the tip.
David
On 2012-08-31 03:16, Felix Schumacher wrote:
Am 31.08.2012 0
Joseph:
I've bumped up application logging in a couple of places as early in the
login process as I can, but nothing's shown up. The delay occurs
between the submit on the login page but before any more of the
application's code gets run.
I'm looking into enabling logging on my Oracle JDBC
See comments inline
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 31-08-2012 13:18, Léa Massiot skrev:
The user doesn't shift from "WEBAPP_1" to "WEBAPP_2" for good.
The user will go on with "WEBAPP_1" after "WEBAPP_2" has done what it has to
do after the form ("F1") submission.
That dep
> >
> > Would it be possible for you to set up a simple test case and package
> > it as a WAR? Also, write-up a set of URLs and your expectations about
> > whether they should work or not and attach all that to a Bugzilla
> > report:
> > https://issues.apache.org/bugzilla/enter_bug.cgi?product=Tomc
Have a look here:
http://onjava.com/pub/a/onjava/2007/01/03/discovering-java-security-require
ments.html?page=2
On 31/08/12 8:44 PM, "Ragini" wrote:
>Dear Darryl Lewis,
>
>Thanks for your quick response..I corrected that silly mistake..As I
>told I am able to profile tomcat when I start and sto
The user doesn't shift from "WEBAPP_1" to "WEBAPP_2" for good.
The user will go on with "WEBAPP_1" after "WEBAPP_2" has done what it has to
do after the form ("F1") submission.
Best regards.
--
View this message in context:
http://tomcat.10.n6.nabble.com/Pass-an-object-from-one-Webapp-to-anoth
Dear Darryl Lewis,
Thanks for your quick response..I corrected that silly mistake..As I
told I am able to profile tomcat when I start and stop by (startup.sh
and shutdown.sh). I tried to start it with security manager as following:
./startup.sh -security
it runs fine and also the application
2012/8/31 Ragini :
> Hi all,
>
> I am trying to run JSF-JAAS based sample application which is here.
> (http://www.ixtendo.com/secure-your-jsf-application-with-jaas/)
>
> I want to just use the application so just deployed jjwa.war file in
> web-apps directory of tomcat.
>
> Profiling tomcat:-
> I
catalina.sh run -security
Basically runs tomcat with the Security Manager.
I think the "talina.sh" command is missing the "ca" in front of it :-). If
not paste the script here, as it might be custom.
On 31/08/12 8:18 PM, "Ragini" wrote:
>Hi all,
>
>I am trying to run JSF-JAAS based sample app
Hi all,
I am trying to run JSF-JAAS based sample application which is here.
(http://www.ixtendo.com/secure-your-jsf-application-with-jaas/)
I want to just use the application so just deployed jjwa.war file in
web-apps directory of tomcat.
Profiling tomcat:-
I use tomcat 7.0 version. I try t
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 31-08-2012 11:42, Léa Massiot skrev:
(Warning: there is some "raw text" in this post.)
Hello Casper. Hello list.
Thank you for your answer and your advices.
Here is some interesting litterature related to my problem:
"Redirecting fro
(Warning: there is some "raw text" in this post.)
Hello Casper. Hello list.
Thank you for your answer and your advices.
Here is some interesting litterature related to my problem:
"Redirecting from a servlet to an exterior URL using a POST"
http://www.mail-archive.com/servlet-interes
Am 31.08.2012 04:01, schrieb David A. Rush:
We've got two different machines (both Windows Server something)
running Tomcat 7.0.22, and each running a webapp that uses user
authentication. We're using a couple of different schemes (LDAP and
database using JDBCRealm with hashed pwords, just datab
28 matches
Mail list logo
