Hello.
Just to double-check.
By writing own login-handler, do you mean, overriding
FormAuthenticator.authenticate() (looks risky since it's a big method
which can change from one to another Tomcat version)?
Or are there more painless ways to inject such custom login handler?
On Thu, May 28, 2015
Hi.
I need update the SSL certificate in Tomcat 6.x.
First I did:
1) Generate keystore
keytool -genkeypair -alias repository -keyalg RSA -keysize 2048 -sigalg
SHA256withRSA -keystore /usr/local/tomcat6/keystore/keystore2015.jks
2) Generate CSR
keytool -certreq -alias repository -keyalg RSA -key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chedana,
On 6/11/15 12:42 AM, chedana jayasinghe wrote:
> HI, In my web application, in a jsp there is a javascript which
> sends request to a servlet every twenty seconds, so it kills my
> applications user idle time tracking by resetting the last
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Leonid,
On 6/11/15 4:18 AM, Leonid Rozenblyum wrote:
> Hello. Just to double-check. By writing own login-handler, do you
> mean, overriding FormAuthenticator.authenticate() (looks risky
> since it's a big method which can change from one to another
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 7:18 AM, Adriano Matos Meier wrote:
> I need update the SSL certificate in Tomcat 6.x.
>
> First I did:
>
> 1) Generate keystore keytool -genkeypair -alias repository -keyalg
> RSA -keysize 2048 -sigalg SHA256withRSA -keystore
Hi Chris.
It returns 3 entries:
1 PrivateKeyEntry (Private Key) - alias repository
1 trustedCertEntry (Intermediate certificate) - alias intermed
1 trustedCertEntry (SSL certificate) - alias server
Thanks for your attention!
Adriano
Em Qui, 2015-06-11 às 09:35 -0400, Christopher Schultz escr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 9:45 AM, Adriano Matos Meier wrote:
>>> I tried to add keyAlias="server" in my server.xml, but I
>>> received this error:
>>
>> What does "keytool -list" show for that keystore?
>
> It returns 3 entries:
>
> 1 PrivateKeyEntry
Good Day All,
I am having a problem with a connection pool and I was hoping for some guidance.
I have defined the connection pool below for two deployed applications to use.
When I bounce the server I can see that it immediately crates 100 connections
to the DB. (I am ok with this, but that i
set the properties
logAbandoned="true"
removeAbandoned="true"
removeAbandonedTimeout="60" (value is in seconds, should be larger than
your longest running transaction)
timeBetweenEvictionRunsMillis="15000" (value is in milliseconds)
if you have a leak (meaning your code is not returning the conne
Configuration reference:
https://tomcat.apache.org/tomcat-7.0-doc/jdbc-pool.html
On Thu, Jun 11, 2015 at 6:58 PM, Filip Hanik wrote:
> set the properties
>
> logAbandoned="true"
> removeAbandoned="true"
> removeAbandonedTimeout="60" (value is in seconds, should be larger than
> your longest runn
Is anyone aware of a way to mitigate the Logjam attack with tomcat 7 and
java 7? I use tcnative and openssl-1.0.2a both compiled from source in
production today, but I would be open to JSSE too. I believe I need
Java 8 to mitigate CVE-2015-4000 with JSSE. I don't see anyway to use a
unique 2
Chris.
I had success when I re-import SSL certificate using same name alias of
PrivateKeyEntry and name alias used when I generate CSR (repository).
It's ok now!
Thank you very much!!!
Adriano
Em Qui, 2015-06-11 às 09:59 -0400, Christopher Schultz escreveu:
> Adriano,
>
> On 6/11/15 9:45 AM,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 2:14 PM, Arthur Ramsey wrote:
> Is anyone aware of a way to mitigate the Logjam attack with tomcat
> 7 and java 7?
Disable DHE_EXPORT on the server?
> I use tcnative and openssl-1.0.2a both compiled from source in
> production
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 2:31 PM, Adriano Matos Meier wrote:
> I had success when I re-import SSL certificate using same name
> alias of PrivateKeyEntry and name alias used when I generate CSR
> (repository).
That was going to be my second suggestion.
Exactly!
When I run "keytool -list ...", the PrivateKeyEntry now has the
fingerprint for SSL certificate.
I belived that I had lost private key, and I would have to do it all
again (keystore/CSR/intermed/SSL).
I still import the SSL certificate with alias tomcat, and it appears in
keytool as a t
On 06/11/2015 02:35 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 2:14 PM, Arthur Ramsey wrote:
Is anyone aware of a way to mitigate the Logjam attack with tomcat
7 and java 7?
Disable DHE_EXPORT on the server?
I believe I have, but Qualys S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 4:34 PM, Arthur Ramsey wrote:
> On 06/11/2015 02:35 PM, Christopher Schultz wrote: Arthur,
>
> On 6/11/15 2:14 PM, Arthur Ramsey wrote:
Is anyone aware of a way to mitigate the Logjam attack with
tomcat 7 and java 7?
>
From: Christopher Schultz
Reply-To: Tomcat Users List
Date: Thursday 11 June 2015 09:12
To: Tomcat Users List
Subject: Re: TCP connections reuse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Maxim,
On 6/10/15 4:12 AM, Maxim Neshcheret wrote:
I have java http client which sends periodic
18 matches
Mail list logo
