Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
On 6/23/2009 5:04 PM, John Caron wrote:
Pid wrote:
Filip Hanik - Dev Lists wrote:
John Caron wrote:
Tomcat 6.0.18 automatically adds the session cookie like:
Set-Cookie
Pid wrote:
Filip Hanik - Dev Lists wrote:
John Caron wrote:
Tomcat 6.0.18 automatically adds the session cookie like:
Set-Cookie: JSESSIONID=6D839FF3B960947CC6FD41B98CD02E0D; Path=/thredds
How can I change the path part of the cookie?
the only thing you can do is set it to
Tomcat 6.0.18 automatically adds the session cookie like:
Set-Cookie: JSESSIONID=6D839FF3B960947CC6FD41B98CD02E0D; Path=/thredds
How can I change the path part of the cookie?
thanks...
-
To unsubscribe, e-mail: users-unsubscr
Filip Hanik - Dev Lists wrote:
> John Caron wrote:
>> My application is a scientific data server that transfers large
>> amounts of binary data. I am looking to make it as fast as possible
>> and have been experimenting with the NIO FileChannel.transferTo()
>> meth
My application is a scientific data server that transfers large amounts of
binary data. I am looking to make it as fast as possible and have been
experimenting with the NIO FileChannel.transferTo() method. This appears to be
much faster (3-10X) than using an OutputStream, under some circumstanc
It seems bizarre, but it appears that the "Accept-Encoding" header is
being lost somewhere on route from my home computer. running this test
on my work computer works fine. sorry for the noise.
Caldarale, Charles R wrote:
>> From: John Caron [mailto:[EMAIL PROTECTED]
>>
I tried to enable compression in Tomcat 6.0.10:
Now I am trying to see if that is working. I am using the Live HTTP Headers
plugin for Firefox, which shows me the HTTP headers. For simplicity, I just
make a request for a static html page, namely one of the tomcat docs:
http://motherlode.u
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
John Caron wrote:
We plan on using SSL to do the initial authentication, but then use
session ids without SSL for the data transfer.
Okay, thanks for clarifying that. This is definitely a good thing to do
Hi Peter:
Peter Stavrinides wrote:
Do you use Java?
yes
We are a financial institution, we use a Java Framework based on
servlets with SSL, but if you ask my opinion SSL is not the big issue.
The vast majority of hacked sites are social engineering attacks. Secure
your database (do not s
Hi Christopher:
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
John Caron wrote:
Our application is serving large amounts of scientific data over HTTP.
The user needs to login to access the data. We would like to use session
ids to reduce the login overhead
ce or pointers (or code!) to get started.
Thanks for any help.
John Caron
Unidata/UCAR
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
thank you, I will investigate securityfilter
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John,
John Caron wrote:
Instead of declaring which URLs need to be secure in web.xml, I would
like to determine this when the URL comes in, but then use Tomcat to
deal with
Hello:
Instead of declaring which URLs need to be secure in web.xml, I would like to
determine this when the URL comes in, but then use Tomcat to deal with the
authentication if it is needed. Can anyone give me any pointers on where to get
started with that?
thanks,
John Caron
Christopher Schultz wrote:
Also, you could set the error page that is used when a user doesn't have
the proper credentials to something that gives you the opportunity to
re-login in order to access the forbidden resource. When you want to log
someone out of BASIC authentication, you have to sen
Nicholas Sushkin wrote:
On Wednesday 28 June 2006 14:05, John Caron wrote:
I assume I need to get a session established, so that the authorization
need only be done once. It would also be nice if I recieve a
unauthorized request, that I could pass it to Tomcat's 401 challeng
nal
message without making a copy. Thank you.
- Original Message - From: "John Caron" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Tuesday, June 27, 2006 9:01 PM
Subject: Programmatic Security
I need to implement fine-grained security access, so it looks to me
li
I need to implement fine-grained security access, so it looks to me like
"Programmatic Security" (Servlet spec 12.3) is called for. I want to recieve
the request in my servlet, then decide what access rights are needed for it.
In this case, if I understand correctly, the "user must already be
17 matches
Mail list logo
