Hi,
Dne 05.12.2018 v 16:39 Christopher Schultz napsal(a):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jan,
On 12/5/18 06:59, Jan Vávra wrote:
Hi,
Dne 04.12.2018 v 17:49 Christopher Schultz napsal(a): Jan,
On 12/4/18 10:10, Jan Vávra wrote:
Hello, I'm using Apache Tomcat/8.5.35
Hi,
Dne 04.12.2018 v 17:49 Christopher Schultz napsal(a):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jan,
On 12/4/18 10:10, Jan Vávra wrote:
Hello, I'm using Apache Tomcat/8.5.35, jvm 1.8.0_192-b12, Windows
Server 2012 R2 and at Complete Server Status page I can see list of
all htt
Hello,
I'm using Apache Tomcat/8.5.35, jvm 1.8.0_192-b12, Windows Server 2012
R2 and at Complete Server Status page I can see list of all http-nio
threads and I can see a header of ajp-nio threads. But there is
displayed only a label Max threads:
and nothing more.
In the localhost.log is an
Hello,
I have written a custom Realm and I need to access to the request
headers. The authentication should be computed from client certificate +
id from custom http header X-IdUser. Can I somehow access to the
HTTPServletRequest instance ?
Jan.
Hello,
Hi,
I'd like to suggest the addition of an option that would allow reading the
keystore password (the password protecting the private key used by secure
connectors) from file.
for such things I use java define for tomcat process:
-Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=MyProp
Hello,
I'm facing a problem of tomcat7.exe crash (from win64 Tomcat 7.0.54
distribution) installed as a Windows service on Windows 2012 x64, x64
jdk 1.7.0.65.
In the Widows event log is message (translated from Czech) :"Windows
service Apache Tomcat 7 was unexpectedly ended."
Interresting is
Hello.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 5/20/14, 4:28 AM, Mark Thomas wrote:
On 20/05/2014 09:11, Jan Vávra wrote:
Hello.
I write my own realm implementation for Tomcat 7.x. In the
method Principal authenticate(X509Certificate[] certs) I'd like
to read re
Hello.
I write my own realm implementation for Tomcat 7.x. In the method
Principal authenticate(X509Certificate[] certs)
I'd like to read request headers. My authentication would be based on
client certificate + custom http request value.
Is it possible?
The method authenticate is called in
Hello,
is really cutting of the /myapp the thing you want to do? Isn't it
turned-up?
Now from url http://myip/myapp/smthg
you redirect client to
http://myip/smthg
You wrote : "In one of the servlets POST method i am redirecting the
request to a JSP page"
So the scenatio is.
1. client makes
Maybe it'd helpful not using the java key store (JKS).
Personally on Linux Tomcat installations without native APR I use the
.p12 files with this config
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile=${catalina.hom
|Hello,
on http://support.mozilla.org/cs/questions/952242 there is described
smthg about ssl protocol settings for Firefox. It seems like you
have configured ||in server.xml||eg. only SSLv2 protocol that is
disabled in the client browser
http://tomcat.apache.org/tomcat-7.0-doc/config/htt
Well,
the original cert will be revoked and you can create new CSR and
reapply new cert.
With Thawte we did this one year ago without a problem. Contact Thawte
support.
Jan.
Sorry I am a beginner about ssl cert.
according to
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Create_a
Hi.
I've solved my problem. The correct attitude is to have all contexts
unauthenticated and only few restrict. In my case restricted urls are
/index.jsp, /admin/*, /user/*
In the original web.xml I had all contexts restricted and static context
/common/* was masked out. Although the /common
2. It seems me that checking of revocation of client certificate is done
via "static" crl files located in APR's SSLCARevocationPath or JSSE's
crlFile. If I write a cron task that periodically downloads crl list(s),
will the Tomcat react on this change of CRL file(s)? I've found in
org.apache.ht
Hi all.
I've studied the documentation at
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support and
I have several questions on it.
1. While the APR/Native has config option SSLCACertificateFile that
defines the set of allowed client cert authorities the JSSE SSL has no
analog
Hi.
Note that Cache-Control:private does not disable caching. Instead, it
disables public-caching for proxies. The browser is still free to
cache the document in certain ways.
True disabling of the cache would be to set Cache-Control to
"no-cache" or "no-store" (though no-store is usually more a
Hello,
If I use auth-method FORM, all requests return with headers denying
caching on the browser side although I have excluded some part of my app
from authentication.
The headers for a png image are:
HTTP/1.1 304 Not Modified
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Thu,
Hello,
When I create user with password with czech String "ŽežUlička.1" the
browser sends correctly this string as:
POST http://localhost:70/myapp/j_security_check HTTP/1.1
Content-Type: application/x-www-form-urlencoded
j_username=p&j_password=%C5%BDe%C5%BEUli%C4%8Dka.1
The browser is not sen
n xml file ?
____
De : Jan Vávra [va...@602.cz]
Envoyé : lundi 24 juin 2013 13:36
À : Tomcat Users List
Objet : FORM based authentication and utf-8 encoding of credentials
Hello,
I'm successfully using form based authenntication when login or
password contains only letters from E
Hello,
I'm successfully using form based authenntication when login or
password contains only letters from English alphabet. I have also
written own realm.
When I create user with password with czech String "ŽežUlička.1" the
browser sends correctly this string as:
POST http://localhost:70/
Is there a RFC that describes best behaviour of server and client in
this situation?
On my opinion Tomcat behaves correctly. If client doesn't send proper
credentials it is dangerous and useless to read all input data.
I've switched off the connection keep alive at Connector config. And now
cl
Hello,
I have a METRO web service at Tomcat 7.0.39 (S). The service is under
http basic authentication.
I have written own realm for http basic authentication. The realm's
implementation is very small. It's something like read ini file with
username with passwords. Few lines ...
Our customer
-
$bcode = $row['Bar Code'] ;
$beginurl = "";
echo $beginurl . $bcode . $endurl;
Steve Spence, KK4HFJ
http://arduinotronics.blogspot.com
http://www.essnmag.com
---Original Message---
From: Jan Vávra
To: Tomcat Users List
Subject: Re:
Hello,
I take care about an app that is a combination of Apache Server+php
Drupal app and Apache Tomcat jsp app.
Apache Server listens on the ports 80/443 and requests are reverse
proxied to Apache Tomcat.
Let's say that the tomcat app resides on/testca
The apache server config will be
On 02/02/2012 15:00, Christopher Schultz wrote:
Jan,
On 2/2/12 6:26 AM, Jan Vávra wrote:
Is it possible to configure tomcat to call both variants of
functions? I'd like to write something like
CLIENT-CERT or BASIC.
The servlet spec doesn't support anything like this. I think w
Hello,
I have implemented own realm. I extended RealmBase, overrided methods
(1) public Principal authenticate(X509Certificate[] certs),
(2) public Principal authenticate(String username, String credentials).
I have Tomcat 6 that runs behind Apache Server over AJP. In the
situation (1) client c
Hello,
thanks for a long response.
As I see everybody are againts my proposal. Ok.
Yes, some kind of restarting can be done via some scripts. In the best
in a cluster environment...
Personally I don't trust /etc/init.d/tomcat scripts that comes in wg.
SLES linux.
Sometimes this script didn't
Hello,
I use ajp, because on tomcat I make authentication based on client
certificate. That you cannot do via http connector.
Jan.
Hi,
Is there any document which I can refer to which states if tomcat's built in
http connector (Coyote) can be used for production ? And also a comparison
betw
Hello,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jan,
On 11/18/11 10:35 AM, Jan Vávra wrote:
is there any way how to tell tomcat: Recycle after X minutes OR Y
requests like it is eg. on the IIS server?
Tomcat does not come with any mechanism for doing that. IIS has hacks to
work-around
Hello,
is there any way how to tell tomcat: Recycle after X minutes OR Y requests like
it is eg. on the IIS server?
IIS can reboot itself after N requests?
That's awesome. What could possibly go wrong?
Yes, IIS can do recycling
See eg. at
http://www.microsoft.com/technet/prodtechnol/Windows
Hello,
when I started my project others told me to use apache for static
content and tomcat for java/jsp.
It works quite good. Tomcat is hidden under reverse proxy (mod_ajp). So
static content gives apache, dynamic tomcat.
Jan.
I have a spring project (web app), in my project where should I
Hello,
is there any way how to tell tomcat: Recycle after X minutes OR Y
requests like it is eg. on the IIS server?
If I add my own script containing "/etc/init.d/tomcat restart" to the
crontab I loose the user sessions and users have to relogin.
I experience some problems with OutOfMemory e
Hello,
I have a problem with loading bouncy castle.
My code snippet is:
int position = Security.addProvider(new BouncyCastleProvider());
KeyStore store = KeyStore.getInstance("PKCS12", "BC");
In the application log I have message that BouncyCastleProvider is
already loaded (position== -1).
33 matches
Mail list logo
