I have found the cause of the problem. It seems that there is no null
checking in the DataSourceRealm in Tomcat. What I mean is that if a
particular user does not exist in the database and is credentials are
returned as a null string then no null checking is specified.
I would like to open this as
Yes but what happens when the user passes a user-id that is not present in
the DB. Or a password that is incorrect. How would the server handle that ?
If I pass an incorrect user I am getting a NPE. And if I pass an invalid
password but a valid user a am not being redirected to the form-login-erro
Hi ,
I have few attributes saved in session they seems to living for close to 30
minutes which is session timeout in web xml.
I need to kill the session once the browser closes on the client side.
Is their a way to do it on server side rather than doing via some kind of
ajax handler.
Doing it v
Yup I solved this , just not deleting anything, I am not just setting flag
to yes or no.
Thanks Chris.
On Fri, Sep 4, 2015 at 3:44 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Kiran,
>
> On 9/4/15 3:19 PM, Kiran Badi wrote
Hi Chris,
You were right. The issue was with the code our vendor supplied for the
Tomcat client webapp making outbound HTTPS connections. This was not
correctly overriding classes with the result that the truststore and
keystore environment settings were being completely ignored.
Thanks for your
Hi.
I have notv really followed this thread from the beginning, but maybe I can contribute
something here..
On 07.09.2015 15:56, Sreyan Chakravarty wrote:
..
Also can I webapp have different realms ? If so how do you distinguish them
? I was looking at the RealmBase source and I haven't noti
I did what you said. That is pointing the web browser to a protected
resource without authentication and then logging in. It works perfectly IF
AND ONLY IF the credentials are ABSOLUTELY correct. Otherwise I am getting
undefined behavior an thats where I need your help now.
First-: If I provide an
Hi,
sorry for the confusion, I made a mistake with the class name, it does
work as described! :)
kind regards
Am 04.09.2015 19:35 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Juls,
On 9/4/15 10:01 AM, juls wrote:
thanks, I guess that was the right hint.
On 07/09/2015 04:45, Richard Morey wrote:
>
> Hi --
>
> I have just installed Tomcat 8 on Windows 2008 R2. I go into the host
> manager and add two virtual hosts. However, the server.xml file does not
> get updated. When I restart the Tomcat service the two virtual hosts no
> longer appear in the
