Re: Logging TLS Session Failures

This is one of the requirement from FIPS/CC certification. Thanks, Durga Srinivasu On Wed, Mar 8, 2017 at 11:03 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Durga, > > On 3/8/17 10:02 AM, Durga Srinivasu Karuturi wrote: >

Re: Logging TLS Session Failures

On 09.03.2017 09:34, Durga Srinivasu Karuturi wrote: This is one of the requirement from FIPS/CC certification. Thanks, Durga Srinivasu Durga, I believe that in your original post, you said : "We have a requirement in our application to log all TLS session failures." You should probably hav

Re: Logging TLS Session Failures

Our application meaning on RHEL machine within JVM with embedded tomcat (with single web-app) Okay, tomcat may not have this information on handshake failures. I need to see little higher level for capturing these failures. Thanks for answers so far. Thanks, Durga Srinivasu On Thu, Mar 9, 2017

What is the correct way to use scanManifest

Hi, I see that since 8.0.38 we added a scanManifest props to JarScanner. But when I added the props into: container/tomcat8x/apache-tomcat-8.0.38/conf/context.xml WEB-INF/web.xml ${catalina.base}/conf/web.xml It doesn't work and the prop is still true on startup:

[ANN] TomcatCon schedule announced

All, I am delighted to announce that the schedule for TomcatCon has been published: https://apachecon2017.sched.com/overview/type/TomcatCon Registration is open at: http://events.linuxfoundation.org/events/apachecon-north-america/attend/register- with early bird pricing ($600) through Sunday 1

Re: Logging TLS Session Failures

If you are using JSSE which you mentioned in earlier post, you probably can only enable debug for all or specially one -Djavax.net.debug=ssl:record or -Djavax.net.debug=ssl:handshake - but it will log all sessions You could try to register a customized SSL socket factory in JSSE, you may extend th

Re: JMX currentThreadsBusy less than connections/requests when use APR connector

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Linbo, On 3/8/17 8:13 PM, linbo liao wrote: > Here is the Connector configuration: > > protocol="org.apache.coyote.http11.Http11AprProtocol" > maxHttpHeaderSize="8192" maxThreads="400" acceptorThreadCount="4" > maxKeepAliveRequests="-1" enableLo

Re: Logging TLS Session Failures

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Durga, On 3/9/17 3:34 AM, Durga Srinivasu Karuturi wrote: > This is one of the requirement from FIPS/CC certification. Can you provide a reference for this requirement? - -chris > On Wed, Mar 8, 2017 at 11:03 PM, Christopher Schultz < > ch...@ch

How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

I have tried: org.apache.tomcat.util.scan.StandardJarScanner.level = SERVERE //in the logging.properties -Dorg.apache.tomcat.util.scan.StandardJarScanner=SERVERE //on startup org.apache.tomcat.util.scan.StandardJarScanner=SERVER //as sysprops None of them works... That logger is still WARN ena

Re: How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hoa, On 3/9/17 11:58 AM, Hoa Phan wrote: > I have tried: > > org.apache.tomcat.util.scan.StandardJarScanner.level = SERVERE //in > the logging.properties > > -Dorg.apache.tomcat.util.scan.StandardJarScanner=SERVERE //on > startup > > org.apache.t

Status code 403 Forbidden issue for websocket creation using WSS protocol

Hi, I am creating a websocket connection to server using "wss" protocol from client. I have configured apache as proxy(mod proxy and mod_proxy_wstunnel.so module is enabled in Apache httpd.conf file) to my tomcat server. In apache VirtualHost for port 443 is created.Attached is Apache httpd.co

Re: [ANN] TomcatCon schedule announced

This is great, but unfortunately I will not be able to attend in person due to scheduling conflicts. Will the sessions be recorded? I'd be willing to pay a reasonable fee to watch them afterwards. Thanks, Igal Sapir Lucee Core Developer Lucee.org On 3/9/2017 6:08 AM, Ma

Re: Status code 403 Forbidden issue for websocket creation using WSS protocol

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Nishant, On 3/9/17 1:16 PM, nishant singh wrote: > I am creating a websocket connection to server using "wss" > protocol from client. I have configured apache as proxy(mod proxy > and mod_proxy_wstunnel.so module is enabled in Apache httpd.conf > f

Re: Status code 403 Forbidden issue for websocket creation using WSS protocol

Hello Chris, Thank you for the response.I am using a self signed certificate. How to make httpd trust the certificate that Tomcat is presenting? Nishant On Fri, Mar 10, 2017 at 12:09 AM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA2

Re: [ANN] TomcatCon schedule announced

On 09/03/17 18:36, Igal @ Lucee.org wrote: > This is great, but unfortunately I will not be able to attend in person > due to scheduling conflicts. > > Will the sessions be recorded? I'd be willing to pay a reasonable fee > to watch them afterwards. We should have audio recordings. I believe the

Re: What is the correct way to use scanManifest

On 09/03/17 13:15, Hoa Phan wrote: > Hi, > > I see that since 8.0.38 we added a scanManifest props to JarScanner. > But when I added the props > into: container/tomcat8x/apache-tomcat-8.0.38/conf/context.xml > > > WEB-INF/web.xml > ${catalina.base}/conf/web.xml > > > > >

Re: [ANN] TomcatCon schedule announced

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 3/9/17 2:42 PM, Mark Thomas wrote: > On 09/03/17 18:36, Igal @ Lucee.org wrote: >> This is great, but unfortunately I will not be able to attend in >> person due to scheduling conflicts. >> >> Will the sessions be recorded? I'd be willing

Re: Status code 403 Forbidden issue for websocket creation using WSS protocol

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Nishant, On 3/9/17 2:12 PM, nishant singh wrote: > Thank you for the response.I am using a self signed certificate. > How to make httpd trust the certificate that Tomcat is presenting? I think this is the directive you are looking for: http://http

Re: [ANN] TomcatCon schedule announced

On 09/03/17 19:51, Christopher Schultz wrote: > Mark, > > On 3/9/17 2:42 PM, Mark Thomas wrote: >> On 09/03/17 18:36, Igal @ Lucee.org wrote: >>> This is great, but unfortunately I will not be able to attend in >>> person due to scheduling conflicts. >>> >>> Will the sessions be recorded? I'd be

Re: [ANN] TomcatCon schedule announced

On 3/9/2017 11:42 AM, Mark Thomas wrote: We typically make these available free of charge. For past Tomcat related sessions see: http://tomcat.apache.org/presentations.html We should have audio for more of those. I'll see if I can track it down. Thanks for the link! I've been on that Tomcat w

RE: getRealPath is a bad idea?

Chris >> BTW, why doesn't getRealPath return the full path to the >> folder that the WAR file is in instead of null? > > You mean for a call like getRealPath("/")? Yes, exactly! > Well, that would require a path to be returned to the "root" of > the application. Let's say that ROOT.war is in > /

RE: getRealPath is a bad idea?

> From: Berneburg, Cris J. - US [mailto:cberneb...@caci.com] > Subject: RE: getRealPath is a bad idea? > How do you all configure the location of a special folder that is not part of > the > deployment package itself? A site-specific config file perhaps? Take a look at this: http://tomcat.apa

Re: getRealPath is a bad idea?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cris, On 3/9/17 3:18 PM, Berneburg, Cris J. - US wrote: >>> BTW, why doesn't getRealPath return the full path to the folder >>> that the WAR file is in instead of null? >> >> You mean for a call like getRealPath("/")? > > Yes, exactly! > >> Well,

Re: What is the correct way to use scanManifest

I'll try that and see how it goes, thanks Mark. Btw, when I was debugging I couldn't find where this method get called at all: public void setScanManifest(boolean scanManifest) { this.scanManifest = scanManifest; } This props default to true: private boolean scanManifest = true

Re: How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

Hi Chris, I tried: org.apache.tomcat.util.scan.StandardJarScanner.level=SERVERE //in the logging.properties -Dorg.apache.tomcat.util.scan.StandardJarScanner.level=SERVERE //on startup org.apache.tomcat.util.scan.StandardJarScanner.level= SERVERE //as sysprops But they didn't help either :(, St

Apache Tomcat 9

Hello ! I’m trying to teach myself Java Web App Development but can’t seem to get this issue resolved. Can anyone give me a few hints ? I’m using a Windows 10 Hope laptop with Eclipse Neon 2 IDE. Thanks. Mar 09, 2017 5:44:16 PM org.apache.tomcat.util.digester.SetPropertiesRule begin WARNING: [S

RE: Apache Tomcat 9

> From: pina.freder...@gmail.com [mailto:pina.freder...@gmail.com] > Subject: Apache Tomcat 9 > I'm trying to teach myself Java Web App Development but can't seem to get > this issue resolved. > Mar 09, 2017 5:44:17 PM org.apache.catalina.core.StandardServer await > SEVERE: StandardServer.awai

RE: Apache Tomcat 9

How do I stop it ? Sent from Mail for Windows 10 From: Caldarale, Charles R Sent: Thursday, March 9, 2017 6:16 PM To: Tomcat Users List Subject: RE: Apache Tomcat 9 > From: pina.freder...@gmail.com [mailto:pina.freder...@gmail.com] > Subject: Apache Tomcat 9 > I'm trying to teach myself Java

Re: How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

On Thu, Mar 9, 2017 at 9:48 PM, Hoa Phan wrote: > Hi Chris, > > I tried: > > org.apache.tomcat.util.scan.StandardJarScanner.level=SERVERE //in the > logging.properties > > -Dorg.apache.tomcat.util.scan.StandardJarScanner.level=SERVERE //on startup > > org.apache.tomcat.util.scan.StandardJarScanner

Re: What is the correct way to use scanManifest

On 09/03/17 21:38, Hoa Phan wrote: > I'll try that and see how it goes, thanks Mark. Btw, when I was debugging I > couldn't find where this method get called at all: > public void setScanManifest(boolean scanManifest) { > this.scanManifest = scanManifest; > } > > This props default

Re: How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

Ouch!! My bad... sorry Chris. On Fri, Mar 10, 2017 at 10:31 AM, calder wrote: > On Thu, Mar 9, 2017 at 9:48 PM, Hoa Phan wrote: > > Hi Chris, > > > > I tried: > > > > org.apache.tomcat.util.scan.StandardJarScanner.level=SERVERE //in the > > logging.properties > > > > -Dorg.apache.tomcat.util.sc

Re: Apache Tomcat 9

>> From: pina.freder...@gmail.com [mailto:pina.freder...@gmail.com] >> Subject: Apache Tomcat 9 > > >> I'm trying to teach myself Java Web App Development but can't seem to get >> this issue resolved. > >> Mar 09, 2017 5:44:17 PM org.apache.catalina.core.StandardServer await >> SEVERE: StandardSer

Re: Apache Tomcat 9

On 10.03.2017 00:24, pina.freder...@gmail.com wrote: How do I stop it ? Close the lid of your laptop ? (Sorry, could not stop myself) Sent from Mail for Windows 10 From: Caldarale, Charles R Sent: Thursday, March 9, 2017 6:16 PM To: Tomcat Users List Subject: RE: Apache Tomcat 9 From: pi

How to restrict access to specific webapp + denyStatus

Hello guys! inside of my "/opt/tomcat7/webapps/" folder, I have many apps over there I would like to protect for instance, "Student" (/opt/tomcat7/webapps/Student) app to only allow specific IP address, so I did: "# vi /opt/tomcat7/conf/Catalina/localhost/Student.xml" and addedd: It

Re: What is the correct way to use scanManifest

looks like I can't overwrite the webapp context.xml with tomcat context.xml. I have no control over the WAR file until tomcat deployed it :( If I try to use tomcat server.xml and add inside it somehow breaks the webapp. Is there any other way for me to set this scanmanifest to false. Sa

Re: How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

Unfortunately it's still the same. When I tried to debug it the logger tomcat is using is DirectJDKLog Is org.apache.tomcat.util.scan.StandardJarScanner.level=SEVERE the right way to turn off WARNING logging ​? On Fri, Mar 10, 2017 at 10:34 AM, Hoa Phan wrote: > Ouch!! My bad... sorry Chris. >

Re: JMX currentThreadsBusy less than connections/requests when use APR connector

1、The load-generating vm has 2 cores. 2、Can I use currentThreadsBusy to monitor the performance of Tomcat using APR connector? 2017-03-10 0:42 GMT+08:00 Christopher Schultz : > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Linbo, > > On 3/8/17 8:13 PM, linbo liao wrote: > > Here is the C

Re: How do I set the logger org.apache.tomcat.util.scan.StandardJarScanner's level to WARN

Oops just noticed I set the subject wrong. I meant to set it to SEVERE to get rid of the FileNotFoundException all over the places. I tried to overwrite logging.properties in tomcat itself and in the webapp with the content: handlers = java.util.logging.ConsoleHandler

Websocket client with SSL and authentication

Tomcat team, I have few questions on websocket: 1. I am looking for Java websocket client sample code that uses basic (user) auth. 2. Is there any sample code for how to put in SSL (keystore and truststore) websocket client ? 3. I want to create a websocket client within the Tomcat jvm. I know the