>Am 10.02.2016 um 15:23 schrieb Rémy Maucherat:
>> 2016-02-10 15:06 GMT+01:00 Joe Aldrich :
>>
Am 29.01.2016 15:34, schrieb Joe Aldrich:
> Hello,
>
> I am using Tomcat 8.0.28 on Windows 10 and am having a problem with
> the Rewrite Value. I must include the escaped form of an
On Fri, Feb 12, 2016 at 5:46 PM, Dougherty, Gregory T., M.S. <
dougherty.greg...@mayo.edu> wrote:
> Chris,
>
>
> On 2/12/16, 5:27 PM, "Christopher Schultz"
> wrote:
>
> >Gregory,
> >
> >On 2/12/16 4:19 PM, Dougherty, Gregory T., M.S. wrote:
> >> On 2/12/16, 3:08 PM, "Leo Donahue" wrote:
> >>
> >
On Fri, Feb 12, 2016 at 5:33 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gregory,
> >
> > The web app needs a DB password so it can connect to the
> > DB.
>
> I disagree that the web app needs a password
Chris,
It appears I’ve done a poor job explaining the situation, so let me try
again.
We have multiple apps running on a production Tomcat server. Each one of
those apps has one or more passwords that belong to the app developers.
Generally we’re talking about DB passwords.
If you’re willing t
Chris,
On 2/12/16, 5:27 PM, "Christopher Schultz"
wrote:
>Gregory,
>
>On 2/12/16 4:19 PM, Dougherty, Gregory T., M.S. wrote:
>> On 2/12/16, 3:08 PM, "Leo Donahue" wrote:
>>
>>
>>> On Feb 12, 2016 2:58 PM, "Dougherty, Gregory T., M.S." <
>>> dougherty.greg...@mayo.edu> wrote:
>> My definitio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregory,
On 2/12/16 4:49 PM, Dougherty, Gregory T., M.S. wrote:
> On 2/12/16, 3:29 PM, "Leo Donahue" wrote:
>
>
>> On Feb 12, 2016 3:19 PM, "Dougherty, Gregory T., M.S." <
>> dougherty.greg...@mayo.edu> wrote:
>>>
>>> On 2/12/16, 3:08 PM, "Leo Do
Chirs,
On 2/12/16, 5:19 PM, "Christopher Schultz"
wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>Gregory,
>
>On 2/12/16 3:35 PM, Dougherty, Gregory T., M.S. wrote:
>> You are correct, I¹m trying to authorize the web app, not the
>> user.
>>
>> Goal: I am trying to come up with a way
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregory,
On 2/12/16 4:19 PM, Dougherty, Gregory T., M.S. wrote:
> On 2/12/16, 3:08 PM, "Leo Donahue" wrote:
>
>
>> On Feb 12, 2016 2:58 PM, "Dougherty, Gregory T., M.S." <
>> dougherty.greg...@mayo.edu> wrote:
>>>
>>> The web app needs a DB passw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregory,
On 2/12/16 3:35 PM, Dougherty, Gregory T., M.S. wrote:
> You are correct, I¹m trying to authorize the web app, not the
> user.
>
> Goal: I am trying to come up with a way for a Tomcat app to
> securely store and retrieve the password it need
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lesley and Rémy,
On 2/12/16 5:50 PM, Rémy Maucherat wrote:
> 2016-02-12 23:32 GMT+01:00 Lesley Kimmel
> :
>
>> Thanks, Chris and Remy. Your comments got me thinking about
>> something I hadn't considered...EPEL. tc-native is available on
>> EPEL as t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregory,
On 2/12/16 2:49 PM, Dougherty, Gregory T., M.S. wrote:
> You can honestly tell who¹s calling you, since you can throw an
> exception, catch it, then look at the stack trace.
Sure. There are easier ways to do that (see Chuck's post), but it
d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/12/16 3:10 PM, André Warnier (tomcat) wrote:
> On 12.02.2016 20:49, Dougherty, Gregory T., M.S. wrote:
>> You can honestly tell who¹s calling you, since you can throw an
>> exception, catch it, then look at the stack trace.
>>
>> If you
2016-02-12 23:32 GMT+01:00 Lesley Kimmel :
> Thanks, Chris and Remy. Your comments got me thinking about something I
> hadn't considered...EPEL. tc-native is available on EPEL as tomcat-native.
> It turns out that this may not need to be compiled against a FIPS-capable
> OpenSSL so long as the Ope
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/12/16 2:35 PM, André Warnier (tomcat) wrote:
> On 12.02.2016 20:08, Christopher Schultz wrote:
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>
>> André,
>>
>> On 2/12/16 1:11 PM, André Warnier (tomcat) wrote:
>>> Sorry, I lost the or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 2/12/16 3:06 PM, Caldarale, Charles R wrote:
>> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com]
>> Subject: Re: Does Tomcat need a non-ssl connector?
>
>> On 2/12/16, 11:40 AM, m...@kimwana.com wrote:
>
>>> Perhaps I should ha
Thanks, Chris and Remy. Your comments got me thinking about something I
hadn't considered...EPEL. tc-native is available on EPEL as tomcat-native.
It turns out that this may not need to be compiled against a FIPS-capable
OpenSSL so long as the OpenSSL installation on the target system is
FIPS-capab
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rémy,
On 2/12/16 2:35 PM, Rémy Maucherat wrote:
> 2016-02-12 20:13 GMT+01:00 Lesley Kimmel
> :
>
>> I am using Red Hat which provides the FIPS-enabled OpenSSL. I
>> have been doing some more reading and it appears that I also now
>> have to build the
On 2/12/16, 3:40 PM, "Tim Watts" wrote:
>On Fri, 2016-02-12 at 20:35 +, Dougherty, Gregory T., M.S. wrote:
>> You are correct, I¹m trying to authorize the web app, not the user.
>>
>> Goal: I am trying to come up with a way for a Tomcat app to securely
>>store
>> and retrieve the password i
On 2/12/16, 3:29 PM, "Leo Donahue" wrote:
>On Feb 12, 2016 3:19 PM, "Dougherty, Gregory T., M.S." <
>dougherty.greg...@mayo.edu> wrote:
>>
>> On 2/12/16, 3:08 PM, "Leo Donahue" wrote:
>>
>>
>> >On Feb 12, 2016 2:58 PM, "Dougherty, Gregory T., M.S." <
>> >dougherty.greg...@mayo.edu> wrote:
>> >>
On Fri, 2016-02-12 at 20:35 +, Dougherty, Gregory T., M.S. wrote:
> You are correct, I¹m trying to authorize the web app, not the user.
>
> Goal: I am trying to come up with a way for a Tomcat app to securely store
> and retrieve the password it needs to access a DB.
>
> My definition of ³sec
On Feb 12, 2016 3:19 PM, "Dougherty, Gregory T., M.S." <
dougherty.greg...@mayo.edu> wrote:
>
> On 2/12/16, 3:08 PM, "Leo Donahue" wrote:
>
>
> >On Feb 12, 2016 2:58 PM, "Dougherty, Gregory T., M.S." <
> >dougherty.greg...@mayo.edu> wrote:
> >>
> >> The web app needs a DB password so it can connec
On 2/12/16, 3:08 PM, "Leo Donahue" wrote:
>On Feb 12, 2016 2:58 PM, "Dougherty, Gregory T., M.S." <
>dougherty.greg...@mayo.edu> wrote:
>>
>> The web app needs a DB password so it can connect to the DB.
>
>I disagree that the web app needs a password.
The web app has to be able to read and write
On Feb 12, 2016 2:58 PM, "Dougherty, Gregory T., M.S." <
dougherty.greg...@mayo.edu> wrote:
>
> The web app needs a DB password so it can connect to the DB.
I disagree that the web app needs a password.
> None of the
> users have direct access to the DB.
Nor should they.
> The web app uses LDAp
On 2/12/16, 2:54 PM, "Leo Donahue" wrote:
>On Feb 12, 2016 2:50 PM, "Dougherty, Gregory T., M.S." <
>dougherty.greg...@mayo.edu> wrote:
>>
>> How does it validate itself to that common location, without a password
>>
>
>A. Stop top posting. You're killing me on my Android phone backspacing
>to
On Feb 12, 2016 2:50 PM, "Dougherty, Gregory T., M.S." <
dougherty.greg...@mayo.edu> wrote:
>
> How does it validate itself to that common location, without a password
>
A. Stop top posting. You're killing me on my Android phone backspacing to
where I want to reply.
B. What is "it"? The web a
How does it validate itself to that common location, without a password?
--
Gregory Dougherty
Sr. Analyst/Programmer | Information Technology
Information Technology
(507) 284-8493 | dougherty.greg...@mayo.edu
On 2/12/16, 2:46 PM, "Leo Donahue" wrote:
>On Feb 12, 2016 2:35 PM, "Dougherty
Oh, one thing I left out: Tomcat is running multiple web apps, each which
needs its own password(s).
Tomcat is run by the sys admin, who is presumed to be trusted. The sys
admin will be creating the public:private key pair in step 1.
The encryption code will be checked by multiple people, and is
On Feb 12, 2016 2:35 PM, "Dougherty, Gregory T., M.S." <
dougherty.greg...@mayo.edu> wrote:
>
> You are correct, I¹m trying to authorize the web app, not the user.
>
> Goal: I am trying to come up with a way for a Tomcat app to securely store
> and retrieve the password it needs to access a DB.
>
>
You are correct, I¹m trying to authorize the web app, not the user.
Goal: I am trying to come up with a way for a Tomcat app to securely store
and retrieve the password it needs to access a DB.
My definition of ³secure² includes ³there exist no files with an
unencrypted copy of the password². II
On Fri, Feb 12, 2016 at 10:53:12AM -0700, George Sexton wrote:
>
>
> On 2/11/2016 11:30 AM, m...@kimwana.com wrote:
> >On Thu, Feb 11, 2016 at 12:28:40PM -0500, Christopher Schultz wrote:
> >>-BEGIN PGP SIGNED MESSAGE-
> >>Hash: SHA1
> >>
> >>Msh,
> >>
> >>On 2/10/16 7:04 PM, m...@kimwana
On 12.02.2016 21:00, Leo Donahue wrote:
On Feb 11, 2016 4:56 PM, "Dougherty, Gregory T., M.S." <
dougherty.greg...@mayo.edu> wrote:
I would like to have a jar file in tomcat/lib that can be called from any
of the running web apps. I need for the code in the jar to behave
differently depending
> From: Dougherty, Gregory T., M.S. [mailto:dougherty.greg...@mayo.edu]
> Subject: Re: Is there a way for code running on Tomcat 7+ to determine the
> URL of the Web App it's running under?
> You can honestly tell who¹s calling you, since you can throw an exception,
> catch it, then look at the
On 12.02.2016 20:49, Dougherty, Gregory T., M.S. wrote:
You can honestly tell who¹s calling you, since you can throw an exception,
catch it, then look at the stack trace.
If you have an object, you can get its class, you can get what methods it
implements, and you can get its parent class and re
> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com]
> Subject: Re: Does Tomcat need a non-ssl connector?
> On 2/12/16, 11:40 AM, m...@kimwana.com wrote:
> > Perhaps I should have phrased this differently. I want to force
> > clients to ssl. When they hit http://app.myurl.com their brow
On Feb 11, 2016 4:56 PM, "Dougherty, Gregory T., M.S." <
dougherty.greg...@mayo.edu> wrote:
>
> I would like to have a jar file in tomcat/lib that can be called from any
of the running web apps. I need for the code in the jar to behave
differently depending on which web app called it.
I would agr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lesley,
On 2/12/16 2:13 PM, Lesley Kimmel wrote:
> I am using Red Hat which provides the FIPS-enabled OpenSSL.
Excellent. That's the worst part of the whole process: building a
FIPS-capable library.
> I have been doing some more reading and it appea
You can honestly tell who¹s calling you, since you can throw an exception,
catch it, then look at the stack trace.
If you have an object, you can get its class, you can get what methods it
implements, and you can get its parent class and recurse.
So that should let you figure out which class will
It is what I¹m looking for, except I need a way to get an object that I
can trust that implements that interface.
--
Gregory Dougherty
Sr. Analyst/Programmer | Information Technology
Information Technology
(507) 284-8493 | dougherty.greg...@mayo.edu
On 2/12/16, 12:11 PM, "André Warnier (tom
On 2/12/16, 11:40 AM, m...@kimwana.com wrote:
Perhaps I should have phrased this differently. I want to force
clients to ssl. When they hit http://app.myurl.com their browser
should load https://app.myurl.com
Wouldn't mind knowing that myself. All the Tomcat installations I'm
responsible for a
On Thu, Feb 11, 2016 at 02:33:06PM -0500, m...@kimwana.com wrote:
> On Thu, Feb 11, 2016 at 07:19:10PM +, Mark Thomas wrote:
> > On 11/02/2016 19:17, m...@kimwana.com wrote:
> > > If I want to run Tomcat using ssl only do I still need to set up a
> > > non-ssl connector and redirect the port?
2016-02-12 20:13 GMT+01:00 Lesley Kimmel :
> I am using Red Hat which provides the FIPS-enabled OpenSSL. I have been
> doing some more reading and it appears that I also now have to build the
> Tomcat Native libraries against APR and OpenSSL. It does not appear that
> Red Hat provides a pre-compil
On 12.02.2016 20:08, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/12/16 1:11 PM, André Warnier (tomcat) wrote:
Sorry, I lost the original message, so I can't respond in-thread. I
only saw the last message, but to that, isn't this what the Op is
asking fo
On Fri, Feb 12, 2016 at 10:53:12AM -0700, George Sexton wrote:
>
> On 2/11/2016 11:30 AM, m...@kimwana.com wrote:
> >On Thu, Feb 11, 2016 at 12:28:40PM -0500, Christopher Schultz wrote:
> >>-BEGIN PGP SIGNED MESSAGE-
> >>Hash: SHA1
> >>
> >>Msh,
> >>
> >>On 2/10/16 7:04 PM, m...@kimwana.co
I am using Red Hat which provides the FIPS-enabled OpenSSL. I have been
doing some more reading and it appears that I also now have to build the
Tomcat Native libraries against APR and OpenSSL. It does not appear that
Red Hat provides a pre-compiled version of these tc-native libraries.
On Fri, Fe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Qadeer,
On 2/12/16 1:55 PM, Qadeer Khan wrote:
> I have a few sample applications installed on two machines. One my
> local and the other on a server. When I run an application via
> manager UI, on my local, it increments the session
Good.
> But i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/12/16 1:11 PM, André Warnier (tomcat) wrote:
> Sorry, I lost the original message, so I can't respond in-thread. I
> only saw the last message, but to that, isn't this what the Op is
> asking for :
>
> http://tomcat.apache.org/tomcat-7.0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lesley,
On 2/12/16 1:31 PM, Lesley Kimmel wrote:
> I am looking into how to enable FIPS in Tomcat. The way I interpret
> is that I can either use APR connectors with a FIPS-enabled OpenSSL
> or configure the java installation to utilize a 3rd party FI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brian,
On 2/12/16 12:45 PM, Paquin, Brian wrote:
>
>> On Feb 12, 2016, at 12:06 PM, Mark Thomas
>> wrote:
>>
>> On 12/02/2016 16:14, Paquin, Brian wrote:
>>> On Feb 12, 2016, at 10:20 AM, Paquin, Brian
>>> mailto:brian.paq...@yale.edu>> wrote:
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 2/12/16 12:06 PM, Mark Thomas wrote:
> On 12/02/2016 16:14, Paquin, Brian wrote:
>> On Feb 12, 2016, at 10:20 AM, Paquin, Brian
>> mailto:brian.paq...@yale.edu>> wrote:
>>
>> I have used
>> https://urldefense.proofpoint.com/v2/url?u=http-3A_
I have a few sample applications installed on two machines. One my local and
the other on a server. When I run an application via manager UI, on my local,
it increments the session
But if the same application run on another server, session remains a 0.
My assumption here and everybody at client
I am looking into how to enable FIPS in Tomcat. The way I interpret is that
I can either use APR connectors with a FIPS-enabled OpenSSL or configure
the java installation to utilize a 3rd party FIPS library (e.g. JSafe). Is
that correct?
Sorry, I lost the original message, so I can't respond in-thread.
I only saw the last message, but to that, isn't this what the Op is asking for :
http://tomcat.apache.org/tomcat-7.0-doc/servletapi/javax/servlet/http/HttpServletRequest.html
No matter which jar these things are in, if these metho
On 2/11/2016 11:30 AM, m...@kimwana.com wrote:
On Thu, Feb 11, 2016 at 12:28:40PM -0500, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Msh,
On 2/10/16 7:04 PM, m...@kimwana.com wrote:
I have the fillowing problem to solve for a job interview.
A few thoughts:
(1)
> On Feb 12, 2016, at 12:06 PM, Mark Thomas wrote:
>
> On 12/02/2016 16:14, Paquin, Brian wrote:
>> On Feb 12, 2016, at 10:20 AM, Paquin, Brian
>> mailto:brian.paq...@yale.edu>> wrote:
>>
>> I have used
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.malisphoto.com_tips_tomcatonosx
Perhaps I¹m naïve, but I was looking for a Tomcat provided ³getCurrentURL
()² call, and assumed that nothing else could have that. :-)
Thank you for the SecurityManager suggestion, I hadn¹t thought about that.
I¹ll look in to how much of a pain that is.
--
Gregory Dougherty
Sr. Analyst/Programme
On 12/02/2016 16:14, Paquin, Brian wrote:
> On Feb 12, 2016, at 10:20 AM, Paquin, Brian
> mailto:brian.paq...@yale.edu>> wrote:
>
> I have used
> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.malisphoto.com_tips_tomcatonosx.html-23Anchor-2DNative&d=AwIGaQ&c=-dg2m7zWuuDZ0MUcV7Sdqw&r=jc-
On 12/02/2016 15:57, Qadeer Khan wrote:
> so if an application is installed on webapps directory, and if we run that
> app, it does not increment the session automatically? Where we have to
> configure that so that one can see the session increment.
>
> Obviously I am new to tomcat so bear with
On Feb 12, 2016, at 10:20 AM, Paquin, Brian
mailto:brian.paq...@yale.edu>> wrote:
I have used
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.malisphoto.com_tips_tomcatonosx.html-23Anchor-2DNative&d=AwIGaQ&c=-dg2m7zWuuDZ0MUcV7Sdqw&r=jc-EqZyK6fWys6oTdMgtt9CjzHj-k5sGu3EHT7qx4Jg&m=0LOe6lb2c
so if an application is installed on webapps directory, and if we run that app,
it does not increment the session automatically? Where we have to configure
that so that one can see the session increment.
Obviously I am new to tomcat so bear with me ...
- Original Message -
From: "Mark
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 6.0.45.
Apache Tomcat is an open source software implementation of the Java
Servlet, JavaServer Pages and Java Expression Language technologies.
This release contains a number of bug fixes and improvements compared to
ve
On 12/02/2016 15:34, Qadeer Khan wrote:
> There is a running applications on tomcat server but the 'session' field on
> the Manager screen always show a '0". only for /manager it shows a '1'.
>
> How to fix that?
Fix what? Why assume that an application uses sessions?
Mark
--
There is a running applications on tomcat server but the 'session' field on the
Manager screen always show a '0". only for /manager it shows a '1'.
How to fix that?
Thanks
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.ap
I have used http://www.malisphoto.com/tips/tomcatonosx.html#Anchor-Native to
setup Native with Tomcat successfully.
Specifically, I create /usr/lib/java and then do:
# Copy the native library to /usr/lib/java
sudo cp .libs/libtcnative-1.0.dylib /usr/lib/java
# Create a symbolic link in /usr/lib/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 2/11/16 2:46 PM, Mark Thomas wrote:
> On 11/02/2016 19:20, Edward Hart (c) wrote:
>> Q1: Can Tomcat be configured to 'roll back' if a patch update
>> causes a TC failure on a production server?
>
> The question makes no sense since there is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Msh,
On 2/11/16 2:33 PM, m...@kimwana.com wrote:
> On Thu, Feb 11, 2016 at 07:19:10PM +, Mark Thomas wrote:
>> On 11/02/2016 19:17, m...@kimwana.com wrote:
>>> If I want to run Tomcat using ssl only do I still need to set
>>> up a non-ssl connecto
2016-02-12 15:18 GMT+01:00 Andrew King :
> In our new Tomcat 8.0.30 site “http://NewServer.MyDomain/Site/” I can only
> log in if the trailing “/” is present even though it correctly redirects me
> to the login page when the "/" is missing.
>
> You should upgrade to 8.0.32, or use the mapperContex
In our Tomcat 7.0.61 site “http://OldServer.MyDomain/Site/” I can log into
the application with or without the trailing “/”.
In our new Tomcat 8.0.30 site “http://NewServer.MyDomain/Site/” I can only
log in if the trailing “/” is present even though it correctly redirects me
to the login page wh
Hi,
I need some help in setting up a haproxy in front of tomcat (platform
Ubuntu 14.04). For one I cannot get any logging
into /var/log/haproxy.log. Instead of spoiling this list with my
questions I'd rather register in a forum or mailing list
dedicated to haproxy. Thank you.
--
Christoph
-
Hi Marina,
did you manage to solve your problem?
I'm running into the same issue that relative URLs are note resolved while
loading the XSD Definitions in Tomcat 8.0.30.
Below you'll find my stacktrace.
Thanks in advance
Joern
java.lang.IllegalArgumentException: The resource path
[/./../../me
I have several webapps on tomcat, and in ROOT I have a login.jsp and
login-error.jsp.
Is it possible to have that one login jsp referenced by the
elements of other webapps on the same server? If so,
how would I reference it?
???/login.jsp
???/login-error.jsp
-
70 matches
Mail list logo
