Hello,
I would like to open multiple concurrent session in a web-application
for one user. As far as I understand, the sessionid is stored in the
cookie and the cookie is associated to the server (http://localhost:8080/).
So if I open a new browser window with the URL, I reach the same page
some users forgot to commit
(or rollback) their work, on several parallel connections... As I was
doing the first runs of a new JS application at the same time, I though
it was this new application.
Stephane
Le 2022-07-06 à 23:37, Christopher Schultz a écrit :
Stephane,
On 7/6/22 07:12, Step
: missing finally { java.sql.Connection.close(); }
-chris
On 29/06/2022 19:36, Stephane Passignat wrote:
Hello,
I'm creating a SAP application performing REST call on an API
running on Tomcat. Tomcat runs behind an apache reverse-proxy and
communication between them use http. The call
Hello,
I'm creating a SAP application performing REST call on an API running on
Tomcat. Tomcat runs behind an apache reverse-proxy and communication
between them use http. The calls are executed with axios using a basic
authentication.
Everything runs fine for a moment, but for an unknown r
thank you Mark
Le 2022-06-22 à 11:52, Mark Thomas a écrit :
On 22/06/2022 10:18, Stephane Passignat wrote:
Hello,
I'm trying to understand this CVE and EncryptInterceptor.
So far my understanding is EncryptInterceptor is used in clustered
environment. Am I right ?
Reading the conte
Hello,
I'm trying to understand this CVE and EncryptInterceptor.
So far my understanding is EncryptInterceptor is used in clustered
environment. Am I right ?
Reading the content of the commit and release content, that's only look
like a documentation issue. Are there really any DDOS weakness
I guess it's for OAuth2. I'm using apache OAuth2 module and AJP in
Tomcat.
That's just great to externalize authentication out of the
application, it works well, avoid bad design by nature ... but :
- OAuth2 is mostly defined for an application authentication while in
JEE the authentication mecani
Hi
Which vulnerability are you mentioning ?
Thanks
Envoyé par BlueMail
Le 10 avr. 2020 à 17:45, à 17:45, David Cleary a écrit:
>Some of our customers are currently using the AJP connector. Given the
>vulnerability and breaking change to address it, now may be a good time
>to prompt them look
Ok thanks André and Luis for your helps and feedbacks.
Message initial
De: André Warnier (tomcat/perl)
Répondre à: Tomcat Users List
À: users@tomcat.apache.org
Objet: Re: OpenId with apache and tomcat
Date: Fri, 13 Mar 2020 23:47:08 +0100
On 13.03.2020 17:53, Stephane
Hi,
Actually I have Apache2 operating as proxy and authenticate layer (HTTP
Form and HTTP Basic), in front of several Tomcat instances and webapps.
Apache pushes the userId to tomcat through AJP.
On tomcat side, the webapp has a Basic login-module in web.xml.
I'm quite satisfied of the result, au
If you don't know at all about your users (like a public website) you'll need a
non protected page for the selft registration. But if you know a little about
your users, like for an intranet, extranet application; when users are already
registered in an LDAP or any kind of Authentication Provid
I may misread the catalina.sh (else instead of elif).
I try to add a setenv.sh in the catalina_home.
-Original Message-
From: Stephane Passignat
mailto:stephane%20passignat%20%3cpassig...@hotmail.com%3e>>
Reply-To: Tomcat Users List
mailto:tomcat%20users%20list%2
Hi,
I would like to add a jar to tomcat system classloader (applicable to tomcat
instance and its applications but not to all tomcat instances).
I read the catalina.sh files but I can't find a solution. Are there any ?
thanks
stephane
Hello,
Just load ajp module at least one. No matter if it appears in several file.
Apache raised some warning. I didn't see side effect on tomcat or apache if
it's loaded several time. Be sure to set it up only once per vhost.
My experience is, my apache servers have mostly standard conf setup
Hello,
I've seen this non compliancy. In TC 7.042 and 7.0.72. How, who can fix
this ?
The case is related to web-fragment loading and SCI initialization.
In Tomcat 7.0.42 and 7.0.72 at least, SCI (with @HandlesTypes
annotation) are initialized web-fragments per web-fragments, with the
classes
Hi
I've seen this non compliancy. In TC 7.042 and 7.0.72. How, who can fix
this ?
@HandlesTypes classes implementations. The mecanism in place only accept
classes implementing an the type but doesn't accept classes inheriting
from class implementing the @HandlesTypes classes. The
(Servlet 3.0 s
Hello,
I've seen this non compliancy. In TC 7.042 and 7.0.72. How, who can fix this ?
Servlet 3.0 spec 8.2.2 2b: Duplicate name exception: if, when traversing the
web-fragments, multiple members with the same element are encountered,
the application must log an informative error message includ
Hi
I've seen this non compliancy. In TC 7.042 and 7.0.72. How, who can fix this ?
@HandlesTypes classes implementations. The mecanism in place only accept
classes implementing an the type but doesn't accept classes inheriting from
class implementing the @HandlesTypes classes. The
(Servlet 3.0 sp
Hello,
I've seen this non compliancy. In TC 7.042 and 7.0.72. How, who can fix this ?
The case is related to web-fragment loading and SCI initialization.
In Tomcat 7.0.42 and 7.0.72 at least, SCI (with @HandlesTypes annotation) are
initialized web-fragments per web-fragments, with the classes p
Hello,
I've seen this non compliancy. In TC 7.042 and 7.0.72. How, who can fix this ?
Servlet 3.0 spec 8.2.2 2b: Duplicate name exception: if, when traversing the
web-fragments, multiple members with the same element are encountered,
the application must log an informative error message includ
20 matches
Mail list logo
