Tomcat-embed and Tomcat Vulnerabilities

2022-11-16 Thread David Alejandro Christensen Arreola
Hi Users, My question is about whether a vulnerability applies to my particular application. My application is using tomcat-embed. Being tomcat-embed derived from Tomcat server, could tomcat-embed has the vulnerabilities that Tomcat server has? In affirmative case, is disclosure of vulnerabilit

Re: Tomcat in Netbeans 11.1

2019-10-30 Thread alejandro . vargas
Well if you're developping in Netbeans, Netbeans always make a copy of tomcat in other folder. When you run the project, Netbeans deploy the project in its working directory and that deploy stays there until you cleaned or undeploy it or undeploy them. In Netbeans there's a tab named Servi

Re: tomcat 6 vulnerability scan default error page help

2018-05-02 Thread alejandro . vargas
You need to unpack catalina.jar in tomcat lib directory, then go to org\apache\catalina\util\, open ServerInfo.properties and edit it server.info=Apache Tomcat server.number= server.built= You need to set to empty these variables, as shown above. Save the file. Pack as jar again Put in the tom

Re: security headers

2017-11-03 Thread Alejandro Vargas M.
You can help with an example of this url-rewrite to add this header, Please, Thanks in advance. On 11/01/2017 02:03 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alejandro, On 11/1/17 3:37 PM, Alejandro Vargas M. wrote: Hello, I recently used on web.xml

security headers

2017-11-01 Thread Alejandro Vargas M.
Hello,     I recently used on web.xml        httpHeaderSecurity org.apache.catalina.filters.HttpHeaderSecurityFilter     true                 httpHeaderSecurity         /*     to enable some security headers, but it won't enable Content Security Policy header. Is there anyway t

Re: tomcat ssl setup

2017-09-19 Thread Alejandro Vargas M.
ECFDA.65B42CD0 http://biz-e.io -- Alejandro Vargas Mayorga /*Gerente Desarrollo C.A. & C.*/ *Tel. 506- 7232-3366* *Email:**alejandro.var...@kymsolutions.com* <mailto:%20alejandro.var...@kymsolutions.com>* **www.kymsolutions.com* <http://www.kymsolutions.com/>* Visite nuestra aula virtual! *

Session delete

2017-09-07 Thread Alejandro Vargas M.
t works on every refresh, not when close button on the browser is clicked. -- Alejandro Vargas Mayorga /*Gerente Desarrollo C.A. & C.*/ *Tel. 506- 7232-3366* *Email:**alejandro.var...@kymsolutions.com* <mailto:%20alejandro.var...@kymsolutions.com>* **www.kymsolutions.com* <http

web.xml

2017-09-05 Thread Alejandro Vargas M.
Good afternoon, I have a website on a client, and they ran a vulnerability test, and it throws a vulnerability that any user can see web.xml from a web browser, how can I hide to see web.xml or any other file from the browser? Thanks. -- Alejandro Vargas Mayorga /*Gerente Desarrollo

Please, I need to understand how apache tomcat finds taglib files with .tld and .xml extensions

2013-08-06 Thread Alejandro Soto
find this file with a .tld or .xml extension?. I would like to know whether in older versions of apache tomcat, the name of taglib.xml was required, so today there is no problem with .tld or .xml extension. Is this part documented in somewhere? Thanks a lot. Regards. -- Alejandro

Re: Catalina.policy java.security.AllPermission

2013-05-09 Thread Alejandro Garcia
Thanks! It is because I am run my app in a Web Hosting that runs with SM enable. --- Mensaje Original --- Desde: "André Warnier" Enviado: 9 de mayo de 2013 04:46 Para: "Tomcat Users List" Asunto: Re: Catalina.policy java.security.AllPermission Alejandro Garcia wrote: >

Catalina.policy java.security.AllPermission

2013-05-08 Thread Alejandro Garcia
Hi, I have a problem with the Catalina’s security manager. We are using Tomcat 6, with JDK 6 and JSF 2.1 with Spring, JPA and ICEFaces. My app works very well when I run my app with the security manager disable. The problem presents when I enable the security manager of Tomcat. My app fails whe

Some help with Security Manager

2013-05-04 Thread Alejandro Garcia
descriptor de configuración C:\Users\Alejandro\AppData\Roaming\NetBeans\7.2.1\apache-tomcat-7.0.27.0_base\conf\Catalina\localhost\web-root.xml may 04, 2013 1:57:06 PM org.apache.catalina.core.ContainerBase addChildInternal SEVERE: ContainerBase.addChild: start: org.apache.catalina.LifecycleException

Re: Problems upgrading to Tomcat 7

2012-07-31 Thread Alejandro Mehring
Thank you, Mark! I'll look into the container and let you know when i find the solution. Cheers, Ale On Tue, Jul 31, 2012 at 11:57 AM, Mark Thomas wrote: > On 31/07/2012 15:07, Alejandro Mehring wrote: > > Thank you very much for your help! > > > > Digging a bit mo

Re: Problems upgrading to Tomcat 7

2012-07-31 Thread Alejandro Mehring
I'm very sorry! I forgot to mention that i tried what he suggested, but got the same result. That's why I started digging more into it and got to that point and what helped me find this other issue. Thanks again! Ale On Tue, Jul 31, 2012 at 11:31 AM, André Warnier wrote: > Alej

Re: Problems upgrading to Tomcat 7

2012-07-31 Thread Alejandro Mehring
in Java 1.6 as of getRequestURL in 1.4. Thank you very much for your kind help. Ale On Tue, Jul 31, 2012 at 10:55 AM, André Warnier wrote: > Alejandro Mehring wrote: > ... > > >> The base url of the application is of the form >> >> http://host/app/servlets/**Front

Re: Problems upgrading to Tomcat 7

2012-07-31 Thread Alejandro Mehring
of! Cheers! Ale On Tue, Jul 31, 2012 at 5:10 AM, André Warnier wrote: > Christopher Schultz wrote: > >> -----BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> Alejandro, >> >> On 7/30/12 5:48 PM, Alejandro Mehring wrote: >> >>> I'm mi

Problems upgrading to Tomcat 7

2012-07-30 Thread Alejandro Mehring
"); So i can't figure out why the rendering process is removing the '../' bit of the link! Has anyone faced this problem before? I haven't found any parent directory restriction configuration or something that would point me in that direction. Thanks for your time and help!! Alejandro

Re: control of session timed out with tomcat

2011-10-20 Thread Alejandro Soto
sessions, but what the user was doing before relogin, must be on hold, if the authentication is successful, then the request of the user is committed. Any advice will be welcome. Thanks. On Thu, Oct 20, 2011 at 10:52 AM, André Warnier wrote: > Alejandro Soto wrote: > >> Hi, tha

Re: control of session timed out with tomcat

2011-10-20 Thread Alejandro Soto
t 6:51 AM, Alejandro Soto > wrote: > > Hi my friends, I want to ask you all, If there is a way to control the > timed > > out of sessions with tomcat, what I need is when the session timed out, > > automatically the user is redirected to the login page, Is this possible > to >

control of session timed out with tomcat

2011-10-20 Thread Alejandro Soto
in advance. -- Alejandro Soto M.

Re: filters on j_security_check

2011-10-13 Thread Alejandro Soto
ord); if (principal == null) { // some tasks } else { // } But this give me problems with catalina.jar library inside of my .war file. Thanks. Alejandro On Thu, Oct 13, 2011 at 2:11 PM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote:

Re: filters on j_security_check

2011-10-13 Thread Alejandro Soto
servlet. Any suggestions about how resolve my requirement? Thanks in advance. Alejandro On Thu, Oct 13, 2011 at 12:50 PM, Pid wrote: > On 13/10/2011 15:09, Alejandro Soto wrote: > > Hi, my name is Alejandro, I am working with Tomcat 7.0.20 and I need to > know > > how can

filters on j_security_check

2011-10-13 Thread Alejandro Soto
Hi, my name is Alejandro, I am working with Tomcat 7.0.20 and I need to know how can I apply filters to j_security_check to verify the status of login before continue with my authentication process. I was thinking to use valves, but I read on internet that valves will be replaced with Filters

Re: Problem with threads in stage Service (Tomcat 7.0.14)

2011-08-03 Thread Alejandro Henao González
ads in stage Service (Tomcat 7.0.14) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alejandro, On 7/29/2011 11:55 AM, Alejandro Henao González wrote: > public class HTMLEncoder { private static Map mapChar2HTMLEntity; > > private final static char [] characters = { > 'á',

Re: Problem with threads in stage Service (Tomcat 7.0.14)

2011-07-29 Thread Alejandro Henao González
Para: "Tomcat Users List" Enviados: Viernes, 29 de Julio 2011 12:36:21 Asunto: Re: Problem with threads in stage Service (Tomcat 7.0.14) Alejandro Henao González wrote: > ummm... > The option -XX:-DisableExplicitGC not solves the problem, may be with the > +DisableExplicitGC, i w

Re: Problem with threads in stage Service (Tomcat 7.0.14)

2011-07-29 Thread Alejandro Henao González
ummm... The option -XX:-DisableExplicitGC not solves the problem, may be with the +DisableExplicitGC, i will try it. The method HTMLEncoder.encode is static and uses a HashMap static. this is the class. public class HTMLEncoder { private static Map mapChar2HTMLEntity; private final static c

Re: Problem with threads in stage Service (Tomcat 7.0.14)

2011-07-28 Thread Alejandro Henao González
, in the meantime, add in this option to your startup options -XX:-DisableExplicitGC Filip On 7/28/2011 1:07 PM, Alejandro Henao González wrote: > I dont believe that have GC running all the time, but the GC is called in the > above line to HTMLEncoder.encode. as follows. >

Re: Problem with threads in stage Service (Tomcat 7.0.14)

2011-07-28 Thread Alejandro Henao González
nid=0x47b2 runnable [0x436ab000] java.lang.Thread.State: RUNNABLE at java.util.HashMap.get(HashMap.java:303) at sae.HTMLEncoder.encode(HTMLEncoder.java:46) this should not be a stage where you're stuck, unless you have a loop problem. On 7/28/2011 9:09 AM, Alejandro Henao Gonzále

Re: Problem with threads in stage Service (Tomcat 7.0.14)

2011-07-28 Thread Alejandro Henao González
runnable "GC task thread#1 (ParallelGC)" prio=10 tid=0x40deb800 nid=0x1ede runnable "GC task thread#2 (ParallelGC)" prio=10 tid=0x40ded800 nid=0x1edf runnable "GC task thread#3 (ParallelGC)" prio=10 tid=0x40def800 nid=0x1ee0 runnable &

Problem with threads in stage Service (Tomcat 7.0.14)

2011-07-28 Thread Alejandro Henao González
Good day. I have the following problem with my tomcat. Sometimes, some threads are keep in service stage for a long time (really never exit from this stage), this causes that tomcat uses a hight percentage of the CPU (100 % of 2 or 3 cores) thus the webapp executes very slow. I have a Tomca

Trying to mix db connection pooling on web and desktop applications

2008-07-22 Thread Alejandro Hernandez Angeles
Hello, this is the scenario: I have an application that must have two interfaces: as a desktop application and as a web application I've put the business logic inside a JAR library (client_bpm.jar), which must connect to an Oracle 9i database I configured the web application so it can use a db po

getting the start time of Tomcat server.

2008-02-19 Thread Alejandro
There is a java Class in tomcat api to get the start time of Tomcat? Thanks :-D -- View this message in context: http://www.nabble.com/getting-the-start-time-of-Tomcat-server.-tp15562340p15562340.html Sent from the Tomcat - User mailing list archive at Nabble.com.

Re: problem with tomcat clusters sso with apache load balancer

2007-05-04 Thread Alejandro Fernandez
application b Regards, Alejandro - Original Message - From: "Peter Rossbach" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Thursday, May 03, 2007 3:16 PM Subject: Re: problem with tomcat clusters sso with apache load balancer > Hi, > > the clusterSSO im

problem with tomcat clusters sso with apache load balancer

2007-05-02 Thread Alejandro Fernandez
Hi, I am Alejandro from Argentina. I am having an issue with tomcat 6.0.10 using clusters and single sign on, while performing load balance with apache 2.2 When I am accessing a secured page, I try to login (the login form is shown correctly) but I receive the following: HTTP Status 400