Dear all,
as tomcat version 9.0.31 has some security fixes included I tried to do
an upgrade.
On the IIS tomcat connector version 1.2.46 is installed.
As secret I use a 32 character long alpha numeric string, I name it here
token.
In the workers.properties I tried to define it on the load bal
Hi Mark,
Apologies for the very late reply here. I had to set the upgrade aside
temporarily...
Steps to reproduce:
server.xml snippet
java options:
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.password.file=.
Thank you " You want SSLCertificateChainFile for the intermediate and root CA
certs" was the issue. The intermediate and root certs are now being pulled in.
-John
-Original Message-
From: Mark Thomas
Sent: Tuesday, March 3, 2020 2:01 AM
To: users@tomcat.apache.org
Subject: Re: OpenSSL
Thanks, Chris. As I said it was hypothetical but I appreciate the help!
On Tue, Mar 3, 2020 at 2:42 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Richard,
>
> On 3/3/20 09:14, Richard Monson-Haefel wrote:
> > Thank you for y
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jerry,
On 3/3/20 11:46, Jerry Malcolm wrote:
> Where are the stdout and stderr log files written for tomcat in
> AWS Linux?
Are you talking about a Tomcat installed from the package-manager
(yum), or one you installed yourself from an ASF distribut
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Richard,
On 3/3/20 09:14, Richard Monson-Haefel wrote:
> Thank you for your reply, Chris.
>
> I think I know where you are coming from when you say:
>
> "Why would you override the authorization decisions made by the
> application developers?
>
> To
On Tue, Mar 3, 2020 at 11:59 AM calder wrote:
>
> On Tue, Mar 3, 2020, 10:46 Jerry Malcolm wrote:
>>
>> Where are the stdout and stderr log files written for tomcat in AWS
>> Linux? On windows, they are just part of the logs folder. But in AWS
>> Linux /var/log/Tomcat I get all of the other log
On Tue, Mar 3, 2020, 10:46 Jerry Malcolm wrote:
> Where are the stdout and stderr log files written for tomcat in AWS
> Linux? On windows, they are just part of the logs folder. But in AWS
> Linux /var/log/Tomcat I get all of the other log files. But no
> stdout/stderr. Most of the info is als
Where are the stdout and stderr log files written for tomcat in AWS
Linux? On windows, they are just part of the logs folder. But in AWS
Linux /var/log/Tomcat I get all of the other log files. But no
stdout/stderr. Most of the info is also in Catalina.out. But just
curious where stdout and
Ok. That makes sense. Thanks again, Mark.
On Tue, Mar 3, 2020 at 8:18 AM Mark Thomas wrote:
> On 03/03/2020 13:50, Christopher Schultz wrote:
> > Richard,
> >
> > On 3/3/20 08:26, Richard Monson-Haefel wrote:
> >> Thank you, Mark. I was actually aware of how to do it using the
> >> web.xml.
> >
On 03/03/2020 13:50, Christopher Schultz wrote:
> Richard,
>
> On 3/3/20 08:26, Richard Monson-Haefel wrote:
>> Thank you, Mark. I was actually aware of how to do it using the
>> web.xml.
>
>> I was looking for a valve that could do the same thing, and here is
>> the reason:
>
>> If I, as the T
Thank you for your reply, Chris.
I think I know where you are coming from when you say:
"Why would you override the authorization decisions made by the
application developers?
To be transparent: I'm a developer not an operations person nor do I work
for a large company so my use-case is hypothe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Richard,
On 3/3/20 08:26, Richard Monson-Haefel wrote:
> Thank you, Mark. I was actually aware of how to do it using the
> web.xml.
>
> I was looking for a valve that could do the same thing, and here is
> the reason:
>
> If I, as the Tomcat admin,
Thank you, Mark. I was actually aware of how to do it using the web.xml.
I was looking for a valve that could do the same thing, and here is the
reason:
If I, as the Tomcat admin, want to manage access permissions
(authorization) I can use the /tomcat/conf/web.xml file. However, this file
is ove
On 03/03/2020 12:27, Richard Monson-Haefel wrote:
> I've tried to find this but keep running into the three remote address
> valves (address, IP, and CIDR) what I'm looking for is an access valve that
> uses roles from a realm that checks roles to either path or web application
> identifiers - not
I've tried to find this but keep running into the three remote address
valves (address, IP, and CIDR) what I'm looking for is an access valve that
uses roles from a realm that checks roles to either path or web application
identifiers - not remote address. This is classic authorization -
role-base
On 02/03/2020 17:40, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK
INFORMATION INC at Cisco) wrote:
> Below are the two connector configs I have tested with.
>
> port="8443"
> scheme="https"
> secure="true"
> protocol="org.apache.coyote.http11.Http11AprProto
17 matches
Mail list logo
