Is the following method thread-safe?
I use my own way for authentication. After authenticated, a user info is put
into session, when logout, call session.invalidate();
Current symptom is: a user info gets into another user's session. So
sometimes User A can see User B's info.
in production stage and users are starting to use it. I am very
nerveous.
Thanks!
Dave
Christopher Schultz <[EMAIL PROTECTED]> wrote:
DAve,
> Current symptom is: a user info gets into another user's session. So
> sometimes User A can see User B's info.
>
>
hanks,
Dave
Timothy Collett <[EMAIL PROTECTED]> wrote:
On Jul 20, 2006, at 8:36 PM, Dave wrote:
> Is the following method thread-safe?
>
> I use my own way for authentication. After authenticated, a user
> info is put into session, when logout, call session.invalidate();
&g
I need to add Blog feature into my web application. Is there any blog software
that can run inside tomcat? can tomcat support php? Do you have to run Apache
for blog?
Thanks!
-
How low will we go? Check out Yahoo! Messengers low PC-to-Pho
I could not find anything related to blog from the site. Thanks!
Wendy Smoak <[EMAIL PROTECTED]> wrote: On 7/22/06, Dave wrote:
> I need to add Blog feature into my web application. Is there any blog
> software that can run inside tomcat? can tomcat support php? Do you have to
there an Roller installation instruction for JBoss?
Thanks!
Nicholas Schuetz <[EMAIL PROTECTED]> wrote:
Try
http://rollerweblogger.org
You'll like it ;)
Dave wrote:
> I could not find anything related to blog from the site. Thanks!
>
> Wendy Smoak wrote: On 7/22/06, D
http://rollerweblogger.org/wiki/Wiki.jsp?page=InstallationGuideJBoss
I followed the instruction to deploy Roller into JBoss using exploded war
file. But
http://localhost:8080/roller
The requested resource (/roller/) is not available.
Other applications were available (the J
/22/06, Dave wrote:
> I could not find anything related to blog from the site. Thanks!
Oops, wrong topic. Okay, try Roller instead:
http://rollerweblogger.org/page/project
Google turns up a few more: http://www.google.com/search?q=java+blog+software
I am using JBoss and JSF. Can anyone recommend a chat software that enables
instant conversation between two users? It is better to be open source, support
audio and file transfer. Thanks!
-
Yahoo! Music Unlimited - Access over 1 million songs.Try
I saw some website that has a domain for each user, for example
user1.company.com
user2.company.com
how to implement this? Thanks!
-
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail.
During a HTTP request-response cycle, is there a way to change Browser URL
using response? Redirect can that. But it cause performance/network traffic
issue.
For JSF page navigation(non-redirect case), page has been changed but browser
still shows the old URL. Sometimes it makes more sen
Web application using JBoss 4.0.3SP1 and servlets.
I am using FORM authentication. Can username be UTF-8?
I create an account, its username is in UTF-8 encoding, chinese characters.
But login was not successful. Can JBoss built-in authentication handle UTF-8
encoding for username?
Ascii usern
Hi Martin,
Thanks!
I already have the following at the beginning of all the jsp pages.
<%@ page contentType="text/html; charset=UTF-8"%>
Martin Gainty <[EMAIL PROTECTED]> wrote:
Dave-
I believe you can effect this encoding if you specify encodi
t; Subject: Re: Form login UTF-8 username problem
>
> Dave wrote:
> > Web application using JBoss 4.0.3SP1 and servlets.
> > I am using FORM authentication. Can username be UTF-8?
> > I create an account, its username is in UTF-8 encoding,
> chinese characters.
I have the same problem to solve. I am using JSF also. In any page I allow user
to type in username and password, after login, stay in the same page.
Can anyone point a tutorial/doc ? Thanks!
Jan Zach <[EMAIL PROTECTED]> wrote:
Hi Everybody,
I got working container JAAS authentication (a
I am using JBoss. The servlet Form authentication is nice, but I need something
more flexible.
Users are allowed to login on any unprotected page and stay in the same page
after lgoin. I have database table to store username and password.
After verifying username and password, what i
Undeploy a web application, then redeploy it.
Click a link in an old page(page before undeploy), making the first request
after redeploy.
In a filter:
String sessionId = httpRequest.getRequestedSessionId();
boolean valid = httpRequest.isRequestedSessionIdValid();
sessionId
Is there a way that NewsReader knows whether a page has been updated? How? the
page is dynamic collecting data from database.
Thanks!
Santosh Puranshettiwar <[EMAIL PROTECTED]> wrote:
Dave wrote:
> Thanks,
>
> It semms that it is easy to write the XML file for a Feed.
Any BBS software that can be integrated well with JSF application deployed on
Tomcat?
Thanks.!
-
Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates.
cookie based session tracking, how to configure domain-level ?
that is , a.mydomain.com and b.mydomain.com share the same session id.
Thanks for help.
Dave
Hi,
I have a new xserve and it is running both apache and tomcat But it
doesn't seem like they are hooked together.
I am looking to deploy open bluedragon via war file with tomcat and
still use apache to server up coldfusion 8.
If I edit the files manually it works fine but the issue is that
wrong
place for this to work.
thanks and I will try the httpd list
On Jul 21, 2008, at 2:21 AM, Peter Crowther wrote:
From: Dave [mailto:[EMAIL PROTECTED]
I have a new xserve and it is running both apache and tomcat But it
doesn't seem like they are hooked together.
[...]
If I edi
Could anyone tell me which class?
thanks
Dave
e();
os.close();
--- On Fri, 9/26/08, Dave <[EMAIL PROTECTED]> wrote:
From: Dave <[EMAIL PROTECTED]>
Subject: image download
To: "Tomcat Users List"
Date: Friday, September 26, 2008, 6:33 PM
For http://domain.com/servlet/pictures/image.jpg"/>
in servlet get met
version 1.5.
How to configure the JSP compiler java version, using the same version JDK 1.5
that starts Tomcat?
Thanks for help.
Dave
we are using JBoss4.0.5. For flash video, we added
flv
video/x-flv
in tomcat conf/web.xml.
Restarted jboss. When uploading a foo.flv, uploadeFile.getContentType returns
"application/octet-stream", not "video/x-flv". Could you please help me?
Thanks,
Dave
rewriting session
tracking will be used.
Thanks for help.
Dave
I am using servlet. How to open a window in a new session?
I tried javascript
onclick="window.open(...)"
but the opened window belongs to the same servlet session (see from user
login name).
Thanks for help!
David
-
Never mi
SIGNED MESSAGE-
Hash: SHA1
Dave,
Dave wrote:
> I am using servlet. How to open a window in a new session?
>
> I tried javascript
>
> onclick="window.open(...)"
>
> but the opened window belongs to the same servlet session (see from
> user login name).
If I open an IE from windows desktop, and then access the link, it will start a
new session. Is there any control on cookie, like do not use cookie for this
new window?
Thanks!
Christopher Schultz <[EMAIL PROTECTED]> wrote: -BEGIN PGP SIGNED
MESSAGE-
Hash: SHA1
Dave,
Dave wrot
into the windows machine
even though the JBoss is running on the Linux machine?
Thanks
dave
-
Be a PS3 game guru.
Get your game face on with the latest PS3 news and previews at Yahoo! Games.
even if create=true.
What I am trying to do is to Start a brand new session so that the new session
will not have the user authentication information from the existing session.
Thanks for ideas.
Dave
-
Ahhh...imagining that irresistible "ne
I am in the process of setting up a cluster of a number of JBoss. Should I use
Apache or hardware load balancer in the front? Please advise. I am concerned
about about Security and Performance.
Thanks
Dave
-
Don't let your dream ride pass y
For cookie based session tracking, on a jsp or jsf page, when a user click
links, all requests are in the same session. Is there a way to open a new
session when a user clicks a link and send a request? Can Filter do that ?
If I open a new IE from desktop, all requests from the new IE wind
concern. How
to configure SSL all the way between client --> Apache --> Tomcat?
Thanks!
dave
Schadler Johann <[EMAIL PROTECTED]> wrote:
To ensure you have a valid keystore with the included private key and a
refer to an alias 'tomcat' I recommend strongly to cr
cking? In our case, we have to use URL rewriting because
sometimes a new session is needed when users click some links on pages.
In my opinion, session id is not sufficient to identify a session, it should
have client's ip address for more security.
Thanks for an
2098js8980?name='Foo'&digest='abc123'
Please give me further help. Thanks,
Dave
Martin Gainty <[EMAIL PROTECTED]> wrote:
Hi Dave
http://www.securityfocus.com/infocus/1774
suggests either implementing with
SSL connector
http://tomcat.apache.org/tom
Thank for help.
Dave
-
Looking for last minute shopping deals? Find them fast with Yahoo! Search.
changed
the port to 80, no luck.
Thanks for any help.
Dave
-
Never miss a thing. Make Yahoo your homepage.
oblem? Have you verified via netstat that tomcat is
listening on 8080 and the address you've specified?
--David
Dave wrote:
> JBoss 4.2.2, cluster config, ie JBoss/server/all, tomcat server.xml
> configures ports as following:
>
> > maxThreads="250" maxHttpH
ow to implement the second? We think about using Applet, are there other
ways ?
Thanks for any idea on how to implement this for JSF application.
Dave
-
Boardwalk for $500? In 2007? Ha!
Play Monopoly Here and Now (it's updated for today
econds using javascript. In this part you could
put your code to popup something on B if there are new messages.
En l'instant pr[is du 28/06/07 14:36, Dave s'exprimait en ces termes:
> We have a JSF application running on JBoss/Tomcat, and have a requirement for
> users to send short
Hi, I am using JSF on JBOSS.
I disabled cookies and use URL rewriting for session tracking.
All URLs have session id that are added automatically. I like
to the link to open in a new session. How to prevent session id on the URL?
Thanks,
dave
I think this feature is very basic. Everything should have a programmatic way.
zhu quanxin <[EMAIL PROTECTED]> wrote: hi,David,
My aim is that tomcat could authenticate users without promoting
any login form. I give out the userID and password in the servlet
code. when users navagate the servlet
For cookie-based session tracking, when a user clicks a link on a jsp page,
how to make the request belong to a new session, not existing session.
Thanks!
dave
-
Never miss a thing. Make Yahoo your homepage.
showing a lock and https:// in
browser address bar.
How can I do this?
sometimes The IE browser shows a warning: the page contains both secure and
nonsecure data. what is the meaning? how to avoid the warning?
Thanks for ideas.
Dave
Hi Chris,
Thanks for ideas.
> Use two separate instances of the web browser.
this is the best solution. Is there a way for openning a new instance of web
browser such as IE by clicking a link on JSP page?
Dave
Christopher Schultz <[EMAIL PROTECTED]> wrote:
-
Hi, I am using JBoss 4.0.5GA on Federa Core 6 Linux for JSF application. After
running for two days, got the following exception on server side. How to avoid
it? Thanks for help. Dave
Caused by: org.apache.jasper.JasperException: PermGen space
at
Thanks for help.
Dave
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
. Using the different domains will get a security warning from web
browser. (domain name does not match)
Can SSL certificate be ip address based? Or Tomcat support SSL multiple
domains(prevent warnings from browser)?
Thanks,
Dave
-
Looking for
visible to man-in-the-middle. Am I right? If
not secure, why is it allowed to be working this way?
Even start with https, if url-rewriting is used for session
tracking(sessionid in url), it is not secure anymore, right?
Thanks,
Dave
Christopher Schultz <[EMAIL PROTECTED]>
from http
and the same session id is used by https?
Thanks for help.
Dave
Christopher Schultz <[EMAIL PROTECTED]> wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave,
Dave wrote:
| I tried the method, it worked.
| But when I tried to protect login page only,
|
|
| protected
stay insecure until going to login
page.
anything I was missing?
Thanks
Dave
Hazem DAOUD <[EMAIL PROTECTED]> wrote:
Hi Dave,
Try to add this to web.xml under tomcat_install_dir/conf:
"
/
Protected Context
/*
CONFIDENTIAL
/
"
That works for me.
Regards.
--Haze
present the first key read in the KeyStore will
be used.
How to work around this?
Thanks for help!
Dave
-
Looking for last minute shopping deals? Find them fast with Yahoo! Search.
ll be used to create the new https session. I hope tomcat to
generate a new unique session id.
Is there a way to delete cookie?
for security reason, how to set a different session id for https when
redirecting from http to https?
Tha
session.invalidate();
session = request.getSession(true);
The new session will have the same session id.
Bill Barker <[EMAIL PROTECTED]> wrote:
"Dave" wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> I am using JBoss 4.0.5GA. Cookie-based session tracking is u
Thanks
Dave
-
Never miss a thing. Make Yahoo your homepage.
Our Linux(FC) machine has 8G physical memory and 12G swap size. I am using JDK
1.5. I tried to set the Java option -Xmx to set max heap size for best
performance, the allowed max heap size is 2048M . Does that mean that the
JVM can not use all the physical memory (8G) ? Thanks.
Dave
I installed Linux FC6 64-bit on the machine DELL 2590(I think it is INTEL type
CPU). But JVM 64-bit is only available for AMD and SPARC. Is the SUN not
support INTEL?
Thanks, Dave
David Delbecq <[EMAIL PROTECTED]> wrote:
En l'instant précis du 25/02/08 13:51, Dave s'
?
Thanks for any help.
Dave
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
? Thanks for
help.
Dave
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
the domain:
www.mydomain.com
there is only one IP for the domain in DNS. How to set up DNS for the purpose?
For 10 tomcat instances, each Apache has the same 10 workers, or 5
workers/each apache?
Thanks in advance for further help.
Dave
Felix Schumacher <[EM
false
1
Could someone help me on how to prevent directory listing?
I tried to change default to default1, it did not work.
Thanks very much.
Dave
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
We have an ear file with one entity ejb jar, one session ebj jar, and two web
modules that use a common library: common.jar.
Where to put the common.jar in the ear file? Thanks.
Dave
pear at anytime?
2) should I be able to use addFilter() from an init() method or is that
crazy.
Thanks,
Dave
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
t's not a big deal. It would just be
a little cleaner if I could do it the way I originally planned.
Dave
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
ml is
that the Tomcat common loader will search for jars in
CATALINA_HOME/lib. My CATALINA_HOME/lib contains gwt-user-2.10.0.jar
which contains RemoteServiceServlet.class.
Why is the Tomcat common loader not finding this class?
many thanks
Dave Breeze
Link
Thanks Mark
appreciate that the url was for 8.0
With regards to classpath that was my first attempt - unfortunately it
would seem that Tomcat does not support wildcards in the classpath -
for example dirpath/lib/*.jar - at least in version 9.
Dave Breeze
Linkedin:https://uk.linkedin.com/in
files). This enabled the embedded Tomcat instance to resolve all
referenced classes
thanks again
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
On Fri, 7 Jun 2024 at 15:02, Chuck Caldarale wrote:
>
>
> > On Jun 7, 2024, at 08:11, Christopher Schultz
> > wrote:
>
I'm having intermittent failures when I deploy to a cluster. I see the
war file sent to slave nodes but it then becomes zero size. It happens
on different nodes and not all the time.
Upon failure, Master node .out shows
SEVERE [Catalina-utility-1]
org.apache.catalina.ha.tcp.SimpleTcpCluster.s
hat is the syntax
thank you
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
ctory(URLStreamHandlerFactory)"
Could you please explain further
thanks again
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
On Fri, 20 Jan 2023 at 11:01, Mark Thomas wrote:
>
> On 20/01/2023 09:53, Dave Breeze wrote:
> > T
ol.handler.pkgs=org.apache.catalina.webresources
$JAVA_OPTS "
then users could use JAVA_OPTS to set the value.
thanks
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
On Fri, 20 Jan 2023 at 12:17, Mark Thomas wrote:
>
> On 20/01/2023 11:18, Dave Breeze wrote:
> > Many thanks Mark for the answer
thanks
i have just done a quick and dirty test - I found a tomcat launcher code I
did as an exercise - quickly modified it to set the handler to a
concatenation. Tomcat launches correctly and uses the ibm safkeyring
thanks again
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
On Fri
ot;javax.servlet.request.X509Certificate") correctly
returns both the certificate from the browser plus the Cert Auth. A
getSubjectX500Principal().getName() call on the browser certificate
returns the cn/o/ou setting that should match with users.xml.
What am I missing here?
Dave Breeze
called. In my servlet, however, I can retrieve the certificates.
thanks for your help
Dave Breeze
Linkedin:https://uk.linkedin.com/in/dabreeze
On Sun, 29 Jan 2023 at 22:21, Christopher Schultz
wrote:
>
> Dave,
>
> On 1/28/23 09:28, Dave Breeze wrote:
> > this is Tomcat 9.0 running
ricted to a role - I need the servlet to respond
differently based on role. what I have decided to do in the servlet is to
retrieve the user-id from the certificate and determine their role by using
a security product native to the platform on which Tomcat is running
Thanks for your help.
Dave B
in the tomcat logs - is it possible
to turn up the logging for the manager app to see exactly what
credentials (well, username) is being passed by Edge to it?
Thanks
Dave
in the documentation - I
was looking at the wrong place.
Thanks very much - got a route forward throug this now
Thanks
Dave
Does anyone out there have any experience with monitoring Tomcat using the SNMP
agent in JDK 1.5? I am looking to use an SNMP tool to gather statistics from
the JVM.
David A. Morrow
Technical Systems Lead
Autodata Solutions Company
[EMAIL PROTECTED]
http://www.autodata.net
Tel: (519) 951-6079
F
ED]
Sent: Friday, November 04, 2005 8:36 AM
To: Tomcat Users List
Subject: Re: Monitoring Tomcat with SNMP?
tomcat has the status servlet, so you could use that to monitor tomcat.
other than that, you'd probably have to write a servlet to return snmp
results
peter
On 11/4/05, Dave Morrow <
ried.
If you want to know the stats that Tomcat maintains in it's mbeans for
the container, I don't think SNMP is going to give you those stats.
just something to consider.
peter
On 11/4/05, Dave Morrow <[EMAIL PROTECTED]> wrote:
>
> I'd like to use SNMP which is refer
Hi all. I have a server with multiple applications running under Tomcat 5.5
In /conf/web.xml is set to 30
In /webapps/myapp/WEB-INF/web.xml is set to -1
(infinite)
Users are being timed out of their sessions after 30 minutes as opposed to
never being timed out.
David A. Morrow
Technical
Hi all. I have a server with multiple applications running under Tomcat 5.5
In /conf/web.xml is set to 30
In /webapps/myapp/WEB-INF/web.xml is set to -1
(infinite)
Users are being timed out of their sessions after 30 minutes as opposed to
never being timed out.
Can anyone assist with thi
Message-
From: Rob Dickey [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 29, 2005 2:23 PM
To: Dave Morrow
Cc: 'Tomcat Users List'
Subject: RE: Help with session-timeout
Are there any other services involved (JDBC, etc.) that are referenced
by or in the session, or where the sessio
Hi all. I have a website running under Tomcat 5.5.9
I would like to use mod_jk to allow Apache to serve all static content however,
I cannot figure out how to serve this content only if the user has already
logged into the application. This application uses Tomcat sessions.
Anyone have experi
Calling Craig help please.
I am trying to deploy a client web-application to a distributed app which relies
on ActiveMQ as its core async messaging medium.
I have declared the appropriate resources in the GlobalNamingResources section
of server.xml and referenced them via ResourceLinks in th
I am trying to deploy a client web-application to a distributed app which relies
on ActiveMQ as its core async messaging medium.
I have declared the appropriate resources in the GlobalNamingResources section
of server.xml and referenced them via ResourceLinks in the context.xml.
The org.activemq.
Briefly: Is there anyway to figure out what TomCat is doing, or trying to
do, when it hangs and does not respond to any http or https request?
Details: I am running Tomcat 5.1.12 on Redhat9 on a 4 processor server. I
get frequent but random Tomcat hangs. It has not happened on a 1 processor
syste
anuary 18, 2006 1:37 PM
To: 'Tomcat Users List'
Subject: RE: How to diagnose a TomCat hang?
kill -QUIT will cause a stack dump... including any Java deadlocks.
-----Original Message-
From: Dave Pullin [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 18, 2006 1:33 PM
To: users@tom
I am using JDK 1.5, so may be not good news for you.
btw - I have not observed the hang on my 2 processor systems - only the 4
processor -- but that could just be luck -- it's obviously very time
dependent.
Dave
-Original Message-
From: tamsin [mailto:[EMAIL PROTECTED]
Sent: Wedn
hat Linux 9.0 users should use the following setting to avoid
#stability problems:
#export LD_ASSUME_KERNEL=2.4.1
On Redhat 9 running on the 4-way SMP, LD_ASSUME_KERNEL=2.2.5, or nothing at
all seemed to be more stable than the recommended LD_ASSUME_KERNEL=2.4.1.
I am
om jakarta-* to apache-*, I can tell the script
generating the nightly builds hasn't been updated in a long time.
Thanks
-Dave-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi all, I recently made a change to my tomcat web.xml file in an effort
to avoid having to clear the work directory in an environment where
frequent code changes are being made. I added the setting of
KeepGenerated=false.
It appears that this change has had the desired effect and I no longer
ne
Subject: RE: KeepGenerated
> From: Dave Morrow [mailto:[EMAIL PROTECTED]
> Subject: KeepGenerated
>
> If my thinking is correct, the change in KeepGenerated should have
> decrease performance? Am I correct in this assumption?
> Does anyonw know of any drawbacks to what I have done?
Ch
am Files\Apache Software Foundation\Tomcat 5.5
INFO 2006-02-20 11:20:31,194 org.apache.coyote.http11.Http11AprProtocol
- Initializing Coyote HTTP/1.1 on http-443
INFO 2006-02-20 11:20:31,194 org.apache.catalina.startup.Catalina -
Initialization processed in 1781 ms
...
--
Dave Brondsema
Sof
Markus Schönhaber wrote:
> Dave Brondsema wrote:
>> I'm using Tomcat 5.5.15 on Windows 2000. I have this connector:
>> >maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>>enableLookups="
jk_nt_service.exe program along with a
wrapper.properties file that was used, will this still work with 5.5 on
Windows 2003?
Any assistance welcome
Thanks
Dave
Hi all. I have somewhat of a perplexing problem.
My site uses Apache 2.0 with mod_jk1.2 to connect to a Tomcat
application. The Tomcat app uses a session ID on the URL line. Apache
is configured to log in "combined" log format.
In the URL in the POST , I see
/myapplication/page.jsp;jsessioni
Hi all. I have somewhat of a perplexing problem.
My site uses Apache 2.0 with mod_jk1.2 to connect to a Tomcat
application. The Tomcat app uses a session ID on the URL line. Apache
is configured to log in "combined" log format.
In the URL in the POST , I see
/myapplication/page.jsp;jsessioni
1 - 100 of 403 matches
Mail list logo
