2013/11/8 Leo Donahue - OETX :
> Tomcat 7.0.47
>
> Reading over the security benchmark I posted a link to earlier, there is one
> that suggests to separate out the web content directory from the Tomcat
> system files. Reading the Tomcat docs for appBase, I see I can set this
> value.
>
> Readin
On Nov 8, 2013, at 12:29 PM, Daniel Mikusa wrote:
> … it is always nice to be able to adjust and customize things.
If there's value in doing so, certainly. But customizability generally comes at
a cost. In addition to a more complicated implementation it tends to increase
the potential for pro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Leo,
On 11/8/13, 12:18 PM, Leo Donahue - OETX wrote:
> Tomcat 7.0.47
>
> Reading over the security benchmark I posted a link to earlier,
> there is one that suggests to separate out the web content
> directory from the Tomcat system files. Reading
On 09/11/2013 6:41 AM, wrote:
>
> > If you need
> > sessions replicated as changes occur then you'll want to look
> > at a different solution, like the built-in cluster support.
>
> Unfortunately it does not work on AWS, no multicast.
>
Cant you use static membership instead mcast?
> I think I wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 11/8/13, 11:40 AM, Martin wrote:
> Thank you Christopher for your in depth annotations. We just
> downgraded from v6.0.34 to .20 and the problem has vanished. We
> obviously have some changes to do before we can upgrade to v7 as
> far as
> Multicast is not a requirement, that just defines how Tomcat
> nodes will locate each other. Since multicast is not
> available for you, you could statically list your Tomcat
> nodes in your configuration.
>
>
> https://tomcat.apache.org/tomcat-7.0-doc/config/cluster-interc
> eptor.html#
On Nov 8, 2013, at 2:41 PM, wrote:
>> If you need
>> sessions replicated as changes occur then you'll want to look
>> at a different solution, like the built-in cluster support.
>
> Unfortunately it does not work on AWS, no multicast.
Multicast is not a requirement, that just defines how Tomc
On Nov 8, 2013, at 1:54 PM, Milo Hyson wrote:
> The term that immediately comes to mind is YAGNI. How many of these things
> have legitimate use-cases and how many are simply there because it was
> thought somebody somewhere someday *might* want to adjust them?
> /dev/null
I disagree with thi
> If you need
> sessions replicated as changes occur then you'll want to look
> at a different solution, like the built-in cluster support.
Unfortunately it does not work on AWS, no multicast.
I think I will fix the DynamoDB-Sessionmanager.
Thank you
-
On Nov 8, 2013, at 2:14 PM, spr...@gmx.eu wrote:
> Hi,
>
> is it possible to use the PersistentManager + JdbcStore to enable a 100%
> failover/cluster solution for sessions?
You could, but I'm not sure that's it's intended purpose. As I understand it,
the PersistentManager is for pushing sessi
Hi,
is it possible to use the PersistentManager + JdbcStore to enable a 100%
failover/cluster solution for sessions?
As far as I can see not, because the session data is written async into the
database and only in a min. interval of 1 s.
Is this right?
Thank you
The term that immediately comes to mind is YAGNI. How many of these things have
legitimate use-cases and how many are simply there because it was thought
somebody somewhere someday *might* want to adjust them?
- Milo Hyson
Chief Scientist
CyberLife Labs, Inc.
On Nov 8, 2013, at 9:18 AM, Leo Don
Tomcat 7.0.47
Reading over the security benchmark I posted a link to earlier, there is one
that suggests to separate out the web content directory from the Tomcat system
files. Reading the Tomcat docs for appBase, I see I can set this value.
Reading further down in the Tomcat docs for Host, ot
Thank you Christopher for your in depth annotations. We just downgraded
from v6.0.34 to .20 and the problem has vanished. We obviously have some
changes to do before we can upgrade to v7 as far as the session handling
is concerned. Your post will help us along the way. Thanks again.
Martin
Am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Leo,
On 11/8/13, 10:41 AM, Leo Donahue - OETX wrote:
> Does anyone know if there is a newer benchmark?
>
> https://benchmarks.cisecurity.org/downloads/show-single/?file=tomcat.100
I
>
immediately thought "duh, OWASP probably has something newer t
Does anyone know if there is a newer benchmark?
https://benchmarks.cisecurity.org/downloads/show-single/?file=tomcat.100
Leo
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Karthik,
On 11/8/13, 3:34 AM, N.s.Karthik wrote:
> server Jdk1.6.20 Tomcat : 6.0.26 o/s : suse10
Upgrade. Everything. Seriously.
> client visual vm 1.3.5 O/s windows jdk :1.6.20
>
> I need to use the Visual VM GC to monitor remote JVM's GC
> acti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 11/8/13, 9:59 AM, Martin wrote:
> Recently we moved our application from an old ubuntu to a newer
> centos box. We upgraded our JAVA version, tomcat (from v5 to latest
> v6) and basically all server components.
I would highly recommend t
Recently we moved our application from an old ubuntu to a newer centos
box. We upgraded our JAVA version, tomcat (from v5 to latest v6) and
basically all server components. Local tests of our application showed
no problems with these newer versions, in fact it has been developed
with these sinc
On Nov 7, 2013, at 11:58 PM, Anu Prab wrote:
>>> I am using Tomcat 7.0.42 and Tomcat jdbc pool.
>
>> Just to be perfectly clear, how are you using this? With a
> tag in your Tomcat >configuration or are you creating the pool in your
> code? Either way, include the necessary >config or code wh
On 08/11/2013 09:47, Marek Jagielski wrote:
> Hi,
> Is it possible somehow to insert custom trustmanagers into SSLContext. I
> see that in the code of WsWebsocketContainer in private SSLEngine
> createSSLEngine(Map userProperties)
> thet now it depends of default implementation.
> Is the only way
Hi,
Is it possible somehow to insert custom trustmanagers into SSLContext. I
see that in the code of WsWebsocketContainer in private SSLEngine
createSSLEngine(Map userProperties)
thet now it depends of default implementation.
Is the only way is to change default algorithm of the TrustManagerFactor
Hi
spec
server
Jdk1.6.20
Tomcat : 6.0.26
o/s : suse10
client
visual vm 1.3.5
O/s windows
jdk :1.6.20
I need to use the Visual VM GC to monitor remote JVM's GC activity.
this requires the following
"jstatd -J-Djava.rmi.server.hostname=192.168.4.32
-J-Djava.security.policy=/tmp/KARTHIK/jdk1.7.0
23 matches
Mail list logo
