restriction/limit of keystorePass in server.xml for TC7

Hi everyone, I know this maybe more of Java than Tomcat but in case it's coded somewhere... Anyway, is there a limit to number of characters (30 - 50) and limit to certain characters, symbols included, for the keystorePass? I only thing I can find for "keystorePass limit tomcat 7" are how to setu

Re: Tomcat, REMOTE_USER, getRemoteUser()

Sorry, I was reading the latest Tomcat 8.0.24 source to verify how it worked (it hasn't changed in some time it seems). The flag to which you refer is for AJP only, hence the inconsistency (as AJP becomes less common and reverse proxying HTTP becomes the norm). On Thu, Jul 23, 2015, at 08:05 PM,

Re: Tomcat, REMOTE_USER, getRemoteUser()

Hi, 2015-07-23 21:54 GMT+03:00 John Baker : > > Hello, > > I note the HTTP connector does the following when > Request.getRemoteUser() is called: > > public String getRemoteUser() { > if (userPrincipal == null) { > return null; > } > return userPrincipal.get

Re: Tomcat-7.0.61 and SFlow_Valve.jar issue

I see that in SFlow_Valve Source code it’s already “long”: long bytes_read = (request.getCoyoteRequest()).getBytesRead(); Then what’s wrong and how can I fix this issue? Thanks! Sergey > On Jul 23, 2015, at 11:52 AM, Violeta Georgieva wrote: > > Hi, > > 2015-07-23 21:36 GMT+03:00 Sergey

Tomcat, REMOTE_USER, getRemoteUser()

Hello, I note the HTTP connector does the following when Request.getRemoteUser() is called: public String getRemoteUser() { if (userPrincipal == null) { return null; } return userPrincipal.getName(); } I understand what it's trying to do but it's not c

Re: Tomcat-7.0.61 and SFlow_Valve.jar issue

Hi, 2015-07-23 21:36 GMT+03:00 Sergey : > > We updated Tomcat from 7.0.10 to 7.0.61. > In previous version we collected Tomcat metrics using Sflow_Valve.jar module. > Now it looks like Coyote Connector can't call Request.getBytesRead() method. > Here is the Catalina log error: > > org.apache.coyot

Re: confirm subscribe to users@tomcat.apache.org

On Thu, Jul 23, 2015, at 07:46 PM, users-h...@tomcat.apache.org wrote: > Hi! This is the ezmlm program. I'm managing the > users@tomcat.apache.org mailing list. > > I'm working for my owner, who can be reached > at users-ow...@tomcat.apache.org. > > To confirm that you would like > >jba...

Tomcat-7.0.61 and SFlow_Valve.jar issue

We updated Tomcat from 7.0.10 to 7.0.61. In previous version we collected Tomcat metrics using Sflow_Valve.jar module. Now it looks like Coyote Connector can't call Request.getBytesRead() method. Here is the Catalina log error: org.apache.coyote.http11.AbstractHttp11Processor process SEVERE: Erro

RE: iis isapi redirect problem

Hi, > -Original Message- > From: Andrew Geery [mailto:andrew.ge...@gmail.com] > Sent: Saturday, July 18, 2015 3:16 PM > To: users@tomcat.apache.org > Subject: iis isapi redirect problem > > I have successfully gotten Tomcat 8 to work with IIS 8.5 using these > directions: https://tomcat.a

Re: If there a security hardened / production ready binary distribution?

On Thu, Jul 23, 2015 at 10:50 AM, Mark Thomas wrote: > On 23 July 2015 15:07:01 CEST, Jim Sellers wrote: > >Hi all. > > > >Sorry if this has already been answered, but I couldn't find it. > > > >I'm looking at using tomcat in a docker container and I was wondering > >why > >there isn't a binary

Re: If there a security hardened / production ready binary distribution?

On 23 July 2015 15:07:01 CEST, Jim Sellers wrote: >Hi all. > >Sorry if this has already been answered, but I couldn't find it. > >I'm looking at using tomcat in a docker container and I was wondering >why >there isn't a binary distribution that has most / all of the steps >already >done from the s

TOMCAT 7 , Native CORS FILTER and Spring Security

Hi,  I am using TOMCAT 7, and I have enable the CORS FILTER as per the explanation on the official website:  https://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter I use the actual configuration:  CorsFilter org.apache.catalina.filters.CorsFilter cors.allowed.origi

Fw: TOMCAT 7 , Native CORS FILTER and Spring Security

--  Maatari Daniel Okouya Sent with Airmail On July 23, 2015 at 10:49:19 AM, Maatari Daniel Okouya (okouy...@yahoo.fr) wrote: Hi,  I am using TOMCAT 7, and I have enable the CORS FILTER as per the explanation on the official website:  https://tomcat.apache.org/tomcat-7.0-doc/config/filter.htm

If there a security hardened / production ready binary distribution?

Hi all. Sorry if this has already been answered, but I couldn't find it. I'm looking at using tomcat in a docker container and I was wondering why there isn't a binary distribution that has most / all of the steps already done from the security how to? https://tomcat.apache.org/tomcat-7.0-doc/sec

Re: Tomcat 7 (7.0.54) Login URL is Passing with JSESSION ID. | why there is different behaviour in Tomcat 6 and Tomcat 7

2015-07-23 11:32 GMT+03:00 Rahul Kumar Singh : > Dear Christopher, > > On further debugging, I found out the difference is seen between 6.0.32 (same > behavior as in 6.0.28 reported earlier) and 6.0.33 (same as in 7.0.54 > reported earlier ) I could not figure out which change ( as mentioned in l

Re: Tomcat initialize SelectorContext twice when lookup for JNDI defined in web application (META-INF/context.xml)

Hi all On Tue, Jul 21, 2015 at 7:27 PM, Niranjan Karunanandham < niranjan.k...@gmail.com> wrote: > Hi Tomcat Team, > > On Tue, Jul 21, 2015 at 4:21 PM, Konstantin Kolinko < > knst.koli...@gmail.com> wrote: > >> 2015-07-21 8:35 GMT+03:00 Niranjan Karunanandham > >: >> > [sending to users list] >>

RE: Tomcat 7 (7.0.54) java.lang.ClassFormatError: Truncated class file

Dear Konstantin, Sorry for the inconvenience caused due to the below!! We will take care this in future post. -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Thursday, July 23, 2015 2:09 PM To: Tomcat Users List Subject: Re: Tomcat 7 (7.0.54) java.lang.C

RE: Tomcat 7 (7.0.54) Login URL is Passing with JSESSION ID. | why there is different behaviour in Tomcat 6 and Tomcat 7

Dear Konstantin, On further debugging, I found out the difference is seen between 6.0.32 (same behavior as in 6.0.28 reported earlier) and 6.0.33 (same as in 7.0.54 reported earlier ) I could not figure out which change ( as mentioned in link https://tomcat.apache.org/tomcat-6.0-doc/changelog.h

Re: Tomcat 7 (7.0.54) java.lang.ClassFormatError: Truncated class file

2015-07-23 8:49 GMT+03:00 Rahul Kumar Singh : > Dear Christopher, > > The solution is fine, but first thing we need to identify the root cause. > If it is the problem of "loading a JSP-based class file." Why it is happened > in production environment? > Any solid reason ? Who knows? It is your

RE: Tomcat 7 (7.0.54) Login URL is Passing with JSESSION ID. | why there is different behaviour in Tomcat 6 and Tomcat 7

Dear Christopher, On further debugging, I found out the difference is seen between 6.0.32 (same behavior as in 6.0.28 reported earlier) and 6.0.33 (same as in 7.0.54 reported earlier ) I could not figure out which change ( as mentioned in link https://tomcat.apache.org/tomcat-6.0-doc/changelog.