Tomcat fans,
I have a (I assume basic) question wrt servlet/tomcat
authentication/authorization
First let me indicate I would like my URL to always be something like
http:///username
I have configured a security-constraint like
myapp
/*
POST
GET
user
I understand that that is the way a typical servlet deployment would work
yes. On the other hand, it would not meet the url requirements that are
imposed on me.
Thanks,
Peter
Mikolaj Rydzewski-2 wrote:
>
> Peter Coppens wrote:
>>
>>
>> myapp
>> /*
Thanks, I will, Peter.
Mikolaj Rydzewski-2 wrote:
>
> Peter Coppens wrote:
>> I understand that that is the way a typical servlet deployment would work
>> yes. On the other hand, it would not meet the url requirements that are
>> imposed on me.
>
Tomcat fans,
I am using the 6.0.2 tomcat beta and doing some stress testing with a
servlet app for which a form login has been declared and that does repeated
login/logout's (session invalidate).
THe problem I run into is that, under heavy load, during the doGet
invocation for the login request
me. I am still uncertain as to what the
servlet is doing wrong.
Would you (or anyone else) have any other comments on this?
Thanks,
Peter
Caldarale, Charles R wrote:
>
>> From: Peter Coppens [mailto:[EMAIL PROTECTED]
>> Subject: session#getId changes during doGet invocation
t; Leon
>
> On 12/29/06, Peter Coppens <[EMAIL PROTECTED]> wrote:
>>
>> Thanks Chuck.
>>
>> I have done some further research and I have the impression that there is
>> some kind of race condition where a session that is being removed because
>> of
&
gt;
> To: "Tomcat Users List"
> Sent: Friday, December 29, 2006 6:31 AM
> Subject: Re: session#getId changes during doGet invocation under heavy
> load
>
>
>> Do I understand it right, that you made it a reproduceable testcase?
>> If so, can we have a look on it
wrote:
>
> On 12/30/06, Peter Coppens <[EMAIL PROTECTED]> wrote:
>>
>> I am gathering more evidence that this is related to a session expiring
>> on
>> one hand and a request being processed for that same session.
>>
>> I have been debugging t
the
servlet"
Again, all suggestions warmly welcomed!
Peter
Leon Rosenberg-3 wrote:
>
> On 12/30/06, Peter Coppens <[EMAIL PROTECTED]> wrote:
>>
>> Actually it just seems to be related to the fact that under heavy load
>> the db
>> connection starts
>Are you referring to MySQL connection setup time? Or query time?
Connection time (using a dbcp pool)
>Either way, it certainly doesn't sound like a Tomcat problem... :-)
Absolutely agree.
--
View this message in context:
http://www.nabble.com/session-getId-changes-during-doGet-invocation-under
t; From: "Hassan Schroeder" <[EMAIL PROTECTED]>
> To: "Tomcat Users List"
> Sent: Saturday, December 30, 2006 2:39 PM
> Subject: Re: session#getId changes during doGet invocation under heavy
> load
>
>
>> On 12/30/06, Peter Coppens <[EMAIL
Gentlepeople,
I am trying to add a bit of extra security at the application level. I would
like to leverage the information that is defined in the security-constraint
(et al) web.xml settings.
I found the things I need in org.apache.catalina.deploy but I can not get
bootstrapped from the inform
make this a priviliged web
app now and I am unclear as to what the consequences of that are. The Tomcat
doc is fairly brief on the meaning of the privileged attribute of the
context element so that did not reallly help.
Perhaps someone is willing to explain?
Thanks,
Peter
Peter Coppens wrote
Thanks for the reply Mark. In my case that should not really be an issue so
I'll go for it.
Peter
Mark Thomas-14 wrote:
>
> Peter Coppens wrote:
>> Works fine, but what worries me is that I have to make this a priviliged
>> web
>> app now and I am unclear as to
Gentlepeople,
I have a weird problem where I send a request from a browser to apache2
(running on Debian) to tomcat 6 (jdk 1.5) through mod_jk and where the
requested url in tomcat seems different from the one that is sent to
apache2.
In my case the url contains an "escaped" single quote (%27) l
Oh well, that was not too difficult.
If I add
JkOptions +ForwardURICompatUnparsed
to the apache config, all is well again.
Apologies for the noise,
Peter
Peter Coppens wrote:
>
> Gentlepeople,
>
> I have a weird problem where I send a request from a browser to apache2
&
igure URI encoding behaviour.
>
> Regards,
>
> Rainer
>
> Peter Coppens schrieb:
>> Gentlepeople,
>>
>> I have a weird problem where I send a request from a browser to apache2
>> (running on Debian) to tomcat 6 (jdk 1.5) through mod_jk and where the
&
Hello,
When a user posts data to a servlet after the session has expired (timeout)
tomcat automatically redirects to my login page. After successful login,
tomcat will redirect to the original request.
I am looking for way to access the originally posted data when it 'arrives'
in the servlet (af
.apache.org/tomcat-5.5-doc/config/http.html
>
> Regards,
> Delbecq David
>
> Op zondag 28-10-2007 om 02:41 uur [tijdzone -0700], schreef Peter
> Coppens:
>> Hello,
>>
>> When a user posts data to a servlet after the session has expired
>> (timeout)
>
Thanks again for the quick replies.
It proved to be a getParameter in some logging code that messed up the
subsequent read. Weird the problem only shows up with a 'savedrequest' and
not with a normal request, but I guess the behaviour is to be expected.
Peter
--
View this message in context:
Tomcat fans,
I was wondering whether anyone has found an elegant way (or has pointers to
information on how) to deal with a timeout on the login form (form based
authentication).
Ideally I would want to hide this completely from the user using whatever
coding is needed. If that can't be achieved
Thanks for your time/answers.
>> Ideally I would want to hide this completely from the user using whatever
>> coding is needed.
>This would be a custom authenticator. You should be able to use
>org.apache.catalina.authenticator.FormAuthenticator as the basis for this.
Does not look like to be a
Hello,
I understand this post is a bit old, but I am facing the same issue and I
was wondering whether any progress was made or workaround found,
Thanks,
Peter
--
View this message in context:
http://www.nabble.com/Pipelining-Problem-after-Form-Authentication-with-Firefox-and-Status-Code-40
23 matches
Mail list logo
