Problems with IE6, AJP1.3, Apache httpd and tomcat

il archive. Not sure if it basically is the same problem, but it sounded similar. http://mail-archives.apache.org/mod_mbox/tomcat-users/200301.mbox/[EMAIL PROTECTED] Does someone has some suggestions? Is it a bug in IE6 or mod_jk? How can I fix it? Any help is appreciate

Re: Problems with IE6, AJP1.3, Apache httpd and tomcat

Rick G wrote: Hi Robert, I just wanted to say that I have been using the XMLHTTP object for about 7 years now (since IE 5x), Strangely enough the problems do not occur when using IE7. - To start a new topic, e-mail: users

Re: Problems with IE6, AJP1.3, Apache httpd and tomcat

Rick G wrote: Robert, Do you have some sample script/servlet that you can reliably reproduce the issue that I could try? If not, could you let me know a bit more about the operation, frequency of the occurrence? I don't have it, because I cannot reproduce the problem here on a wi

mod_jk without worker.properties?

So I have a rather nice dynamic configuration using mod perl stanzas the only thing standing in my way of making it 100% dynamic is the worker port for mod_jk. Why oh why must this be configured via a separate properties file? This

mod_jk and Perl Sections?

So am I correct in assuming that you cannot use Perl stanza's to configure mod_jk? I'm getting the following when I try command_rec for directive `JkOptions' not found! command_rec for directive `jkMount' not found! command_rec for directive `JkMount' not found! command_rec for directive `JKWorke

Re: mod_jk and Perl Sections?

I want to be able to do this in order to dynamically specify the worker port push @JkWorkerProperty [qw(worker.myWorker.port $workerPort)]; Quoting [EMAIL PROTECTED]: > So am I correct in assuming that you cannot use Perl stanza's to configure > mod_jk? > > I'm getting the following when I try

How to fallback to HTTP/1.0

Tomcat documentation says that this affects the KEEP_ALIVE, and so cannot solve my problems. As far as I know it is impossble to set XMLHttpRequest to do a HTTP/1.0 request. Any suggestions? Robert - To start a new topic, e-mail

Re: Tomcat 9.0.x on Windows crashing

You can try adding: -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=C:\HeapDump\java_pid.hprof to the Java options (in "Configure Tomcat") to capture heap dumps on out of memory errors (adjust path to suit your configuration) Robert On Wed, Aug 23, 2023 at 1:03 PM Daniel Savard wr

CIS Tomcat 8 Benchmark (v1.1.0) -- Questions

/ comments from "those in the know"? Thanks, Robert

Re: CIS Tomcat 8 Benchmark (v1.1.0) -- Questions

on -- suggesting the method of improvement is additive, and possibly not corrective. On Tue, Sep 5, 2023 at 9:36 AM Peter Kreuser wrote: > Robert, > > While Mark Thomas will have a more detailled answer to this... > > The finding behind this test is valid (information disclosure

Re: CIS Tomcat 8 Benchmark (v1.1.0) -- Questions

on (like explicitly specifying options in catalina.sh, even though there are more appropriate places, like in $CATALINA_HOME/conf files, or in the applications), as well as some items that are somewhat obscure and don't result in improving security in any material way (i.e. obscuring, ra

Re: Issue Migrating servlets to 10.1

Tomcat 10.x and higher require Jakarta namespaces versions of the Servlet specifications. Tomcat 9.x is the last Tomcat support javax.servlet namespaces. Refer to the Which Version page for Tomcat for details: https://tomcat.apache.org/whichversion.html On Tue, Nov 21, 2023 at 3:30 PM Campbell, L

Re: Issue Migrating servlets to 10.1

sion of Java I should use? > > Thanks, > > Lance > > -----Original Message- > From: Robert Turner > Sent: Tuesday, November 21, 2023 2:36 PM > To: Tomcat Users List > Subject: Re: Issue Migrating servlets to 10.1 > > Tomcat 10.x and higher require Jakarta n

Re: Any way to look-up a session from application?

27;t think there was a way that we found. Robert On Tue, Feb 27, 2024 at 3:10 PM Olaf Kock wrote: > Hi Chris > > On 27.02.24 15:19, Christopher Schultz wrote: > > All, > > > > I'm looking at building some administrative tools into my application, > > an

Re: [EXTERNAL] Re: Tomcat 9 returning 404 for audio files

It's also possible you may need to support the "Range" HTTP header for fetching parts of the audio file for playback. IIRC, we had to do that to support the HTML 5 audio control properly. On Mon, Mar 11, 2024 at 9:15 AM Joey Cochran wrote: > Thanks for replying!! > > Yes audio files are generate

Re: Tomcat SMPT TLS1.2

AFAIK, there is nothing in Tomcat for SMTP. This would be part of the application you are running typically. It's possible (but not guaranteed) that the web application is using the standard Java libraries for SMTP, and as such, you may (but again not guaranteed) be able to configure some of the ma

Re: Tomcat SMPT TLS1.2

rom lube...@archicoop.it.invalid. Learn why > this is important at https://aka.ms/LearnAboutSenderIdentification ] > > I had issues in the past connectin to mailserver using TLS and solved them > upgrading the webapplicatio library from mail-1.4.jar to > javax.mail-1.6.2.jar > > I

Re: HttpSession tracking

We receive the sessionWillPassivate and sessionDidActivate callbacks on startup. Odd that you are not. That's how we achieve the same. On Thu, Mar 21, 2024 at 3:25 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > All, > > After having written a solution using JMX to do something li

Re: HttpSession tracking

prefer a way to query the sessions from the app, but as we know, that's not part of the current Servlet specification, or any extensions Tomcat currently provides. Robert On Thu, Mar 21, 2024 at 3:31 PM Robert Turner wrote: > We receive the sessionWillPassivate and sessionDidActivate callba

Re: HttpSession tracking

On Fri, Mar 22, 2024 at 9:28 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > Robert, > > On 3/21/24 15:31, Robert Turner wrote: > > We receive the sessionWillPassivate and sessionDidActivate callbacks > > on startup. Odd that you are not. That's ho

Re: HttpSession tracking

< ch...@christopherschultz.net> wrote: > All, > > On 3/22/24 09:59, Christopher Schultz wrote: > > All, > > > > On 3/22/24 09:33, Robert Turner wrote: > >> On Fri, Mar 22, 2024 at 9:28 AM Christopher Schultz < > >> ch...@christopherschultz.net&g

Re: [External] org.apache.catalina.valves.RemoteAddrValve

It looks like you need to escape your periods, like you did for 127\. etc... 1\.3\.5 Robert Egan On Thu, Apr 4, 2024 at 1:44 PM Eric Fetzer wrote: > Hi All, > > When I originally set up my tomcat instance, I added the following to allow > manager access under /opt/tomcat/webapps/

Re: [External] org.apache.catalina.valves.RemoteAddrValve

t;). A backward slash means to treat the character immediately after it normally and not as a special character. So "\d" would mean the literal letter "d". There's more rules, but they're well documented all over the internet, so I won't elaborate. Robert Egan

Re: Tomcat 9 symlinks ?

This page might be a useful resource to read if you haven't already: https://tomcat.apache.org/tomcat-9.0-doc/config/context.html The short version is -- to publish an application in the "root" web url path (of http(s)://your.server-name.com/), you can name your WAR file "ROOT.war" and copy it to

Re: How to comment out JSP directives

Those are XML / HTML comments. Try using JSP comments to wrap what you want to comment out: <%-- --%> On Tue, Jul 2, 2024 at 4:40 PM Aryeh Friedman wrote: > When I do the following the include is still done short of rewriting > it to not be a include how do I comment it out correctly: > > > >

Http TRACE method headers in response body

Hi, Using Spring boot (2.5.4) with Tomcat (9.0.52), the HTTP TRACE method is disabled by default and returns a 405 method not allowed, which is what I expect security-wise. My issue is that if one gives a malicious header: header: malicious: alert('malicious call'); it's given back in the respon

Re: Http TRACE method headers in response body

My issue is that even though TRACE is disabled, we see the "malicious" header in the response. On Wed, 8 Sept 2021 at 17:01, Mark Thomas wrote: > > On 08/09/2021 14:14, Gilles Robert wrote: > > Hi, > > > > Using Spring boot (2.5.4) with Tomcat (9.0.52), the HT

Re: Interesting log capability request

The catalina.out log should capture that information already, right? This is what I see when I shutdown my barebones Tomcat: 07-Oct-2021 15:19:03.276 INFO [main] org.apache.catalina.core.StandardServer.await A valid shutdown command was received via the shutdown port. Stopping the Server instance

Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

wing the Servlet / JSP / EL documentation, I also haven't found anything obvious that would suggest what the problem might be. Hopefully someone has encountered this before and can nudge me in the right direction. Thanks in advance, Robert [1] Caused by: java.lang.NoClassDefFou

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

2022 at 5:05 PM Rob Sargent wrote: > > > On 2/7/22 14:50, Robert Turner wrote: > > All > > > > I'm hoping that someone can point me in the right direction as this issue > > has been baffling me all day, and I'm starting to run out of ideas of > what &

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

expression containing a class name will be resolved against the static members of the class. So, as to why it is different between the two environments, maybe it's as Rob S suggested (a classpath issue of some sort) -- I will continue looking in this direction On Mon, Feb 7, 2022 at 5:07 P

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

ack down why. I'm still working on the class path analysis as suggested by Rob S, even though the class in question should be in the class path in both cases. Thanks for the suggestion though. Robert On Mon, Feb 7, 2022 at 7:16 PM Neil Aggarwal wrote: > Robert: > > > Caused

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

y) - construct a trivial application reproduction, along with docker layout, and see if anyone else can reproduce... (assuming anyone else has time to do that of course...) Anyone got any suggestions of what to look into next? On Mon, Feb 7, 2022 at 5:05 PM Rob Sargent wrote: > > > On 2/7/22 1

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

hat would surprise me if they differed in any material way on the different platforms. I hope that helps provide more detail that might be useful... Robert [1] $ unzip -l target/app.war | grep "model\/Organization\.class" 66246 02-07-2022 20:17 WEB-INF/classes/model/Organizati

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

ntext.setAttribute("failing", failing); %> Hello World! field1=${failing.field1} $ cat src/main/java/com/example/rt/Failing.java package com.example.rt; public class Failing { private final String field1 = "field1_value"; public String getField1() { return field

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

fferent contexts than you expected. Robert [1] $ cat src/main/webapp/index.jsp <%@page contentType="text/html" pageEncoding="UTF-8" isELIgnored="false" %> <%@page import="com.example.rt.Failing" %> <% final Failing failing = n

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

Thanks Mark. Much appreciated. On Tue., Feb. 8, 2022, 04:06 Mark Thomas, wrote: > Robert, > > Thank you for putting the effort in to debugging this. Narrowing down > the issue to a simple test case is extremely helpful. > > The behaviour you describe looks odd to me. I&#

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

with a debugger up on the Expression Resolvers, you will at least narrow it down quickly...) On Tue, Feb 8, 2022 at 7:55 AM Robert Turner wrote: > Thanks Mark. Much appreciated. > > On Tue., Feb. 8, 2022, 04:06 Mark Thomas, wrote: > >> Robert, >> >> Thank yo

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

not an option for APFS). I will try to confirm suspicions and provide details in a few hours (hopefully -- got a few meetings today that will get in the way). Thanks again, Robert On Tue, Feb 8, 2022 at 8:51 AM Mark Thomas wrote: > Robert, > > I agree this is something to do with the Dock

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

of the root cause is available in the server logs.Apache Tomcat/9.0.58 And a "working" scenario, replace step 8 with the following: docker run -d -p 8075:8080 tomcat:9.0.58-jre11-openjdk docker cp target/test-e-resolver.war :/usr/local/tomcat/webapps/ Accessing the page with the curl c

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

That's good to know. I suppose the key use case we would have is having the ability to "hot deploy" from an IDE into the webapps folder rather than a full build, package, deploy cycle (which can be time consuming). Robert On Tue, Feb 8, 2022 at 11:41 AM Mark Eggers wrote:

Tomcat 9.0.58 and OpenJDK 1.8.0_322

We are currently running Tomcat 9.0.40 and OpenJDK (Red Hat) 1.8.0_292 and have no issues. We upgrade to the ones in the subject line and Tomcat throws "SHA1PRNG SecureRandom not available" and "SHA MessageDigest not available" and "SHA-1 not available" and others. We downgrade to .40 and _292 an

Re: Tomcat 9.0.58 and OpenJDK 1.8.0_322

; Asking for a friend... > > On Wed, Feb 16, 2022 at 4:03 PM Noelette Stout > wrote: > > > Based on those errors, it sounds like SHA-1 has been desupported in the > > newer OpenJDK version. > > > > On Wed, Feb 16, 2022 at 1:55 PM Robert Hicks > > wrote: > &g

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

Mark, Thanks for continuing to look into it, and producing a detailed record of the issues and the cause (along with intermediate details). Hopefully it will come in useful for others in the future. Robert On Thu, Mar 3, 2022 at 3:11 AM Mark Thomas wrote: > Robert, > > Apologie

Re: Odd EL resolution issue - java.lang.NoClassDefFoundError: package/Class1 (wrong name: package/class1)

On Thu, Mar 3, 2022 at 1:10 PM Berneburg, Cris J. - US wrote: > > Running Tomcat in a container via Docker Desktop on a Windows host > > with the web application served from a location on the host mounted > > /bound to the container is insecure. > > So the app resides on the "host" OS file system

Re: Possibly Silly Question

Just looking the history page says: *Apache Tomcat 3.0.x*. Initial Apache Tomcat release. Wikipedia also mentions: 2.0 1998 Tomcat started off in November 1998[16] as a servlet reference implementation

Re: Tomcat Native on M1 Macs

I think you need to use an ARM-based JVM -- IIRC, you will need Corretto JDK 18 I think, otherwise it will be running in emulation. On Tue, Apr 5, 2022 at 1:56 PM Paquin, Brian wrote: > After compiling Tomcat Native (that comes with Tomcat 9.0.62, version > 1.2.32) on a (ARM) M1 Mac (with Amazon

9.0.60 fix question

- [image: Fix:] Fix potential thread-safety issue that could cause HTTP/1.1 request processing to wait, and potentially timeout, waiting for additional data when the full request has been received. (markt) What would that actually look like? Tomcat spinning its gears and not serving anyt

Re: Per context heap usage

On Wed, 2022-05-18 at 17:36 -0400, Christopher Schultz wrote: > > > > > Is it possible to find out the per deployed context heap usage in > > > > > tomcat? > > > > > > > > With a profiler you can look at the retained size of the web > > > > application class loader instance associated with a web

Logging "location" header from the HTTP response

We would like to start logging the response location in Tomcat. I am not sure where to look something like that up. Thanks, Bob

Re: Logging "location" header from the HTTP response

On Thu, May 26, 2022 at 11:37 AM Konstantin Kolinko wrote: > чт, 26 мая 2022 г. в 18:19, Robert Hicks : > > > > We would like to start logging the response location in Tomcat. I am not > > sure where to look something like that up. > > You are not mentioning the ver

Re: [Tomcat9][Linux]listening all local addresses by default is not security best practice

My 2 cents: I think that it would be a very strange change to make to a generic product and a "sample" configuration file. If Tomcat was packaged in a distribution, that might be a more reasonable suggestion. I don't think Tomcat is insecure because of this; binding to addresses/ports is a key par

Re: Tomcat for Apple silicon coming soon?

You can run an aarm64 version of the Java runtime (various distributions exist) and run Tomcat on that -- it works well. No specific version of Tomcat is required as it a Java package. On Mon, Jan 16, 2023 at 3:38 PM m...@cvkimball.com wrote: > > I'd like to run Tomcat on one of the new Apple

Re: GoDaddy SSL certificate not working with Tomcat9

I believe the default certificate alias used by Tomcat is "tomcat". I think you are creating your keystore with the alias "root". (see https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html for docs on Tomcat SSL configuration -- adjust for the version you are running) On Mon, Mar 20, 2023 at 9:

Re: GoDaddy SSL certificate not working with Tomcat9

more helpful than I...sorry. On Mon, Mar 20, 2023 at 9:14 PM Robert Turner wrote: > I believe the default certificate alias used by Tomcat is "tomcat". I > think you are creating your keystore with the alias "root". > > (see https://tomcat.apache.org/tomcat-9.0-do

Tomcat Manager App and Federation

Does the manager app support something like Apache CXF to authenticate people to the manager application or is the manager application only accessible through username/password? Robert

Re: Tomcat links application at the root of the server?

What about the standard / provided Tomcat Manager application? https://tomcat.apache.org/tomcat-9.0-doc/manager-howto.html On Fri, Jul 7, 2023 at 9:26 AM Graham Leggett wrote: > Hi all, > > Is there is application out there that will provide, at / (or a path of > your choosing), a list of lin

Client Certificates

ce". Thanks in advance Robert Egan -- *VSolvit LLC*, *CMMI (Level 3), ISO 9001, ISO 2-1, ISO 27001* *1305 Executive Blvd. Ste. 160 | Chesapeake | VA | 23320* *(617) 455-1425* www.vsolvit.com *VSolvit (We*Solve*it) *is an award winning technology services company that specializes in the

Re: [External] Re: Client Certificates

I suspect the problem is occurring before I can see the certificate, because the only way the request even reaches my filter is when the is set to auth="none". I have been pulled away from this project for now, but thanks for the answers. Robert Egan -- *VSolvit LLC*, *CMMI (Level 3)

Tomcat shutdown password complexity

I am trying to find what the password complexity can be. I've looked at several hardening guides and they are all "WordsLikeThis". Does the shutdown password take symbols and numbers or at least hyphenated words? Thanks, Bob

Tomcat 9 and FIPS-140

Is this article good for enabling FIPS-140 for Tomcat 9? Thanks, Bob

Tomcat mod_jk rpm-build for CentOS-8 - exit with error.

@Klaus Trachtler: Managed to build mod_jk RPM for CentOS8. See https://gist.github.com/robertoschwald/3317b4d777f44260fef86c5059955ffc

Re: Tomcat 9 and FIPS-140

GIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Robert, > > On 8/18/20 16:19, Robert Hicks wrote: > > Is this article good for enabling FIPS-140 for Tomcat 9? > > [citation needed] > > - -chris > -BEGIN PGP SIGNATURE- > Comment: Us

Tomcat 9 and FIP-140 mode

Maybe it's just better to straight up ask. I've found a couple of Google searches but nothing for Tomcat 9 and the information seems sporadic, incomplete, or contradictory. How do you enable FIPS-140 for Tomcat 9 (using JDK 8)? Thanks in advance. -- Bob

Re: Tomcat 9 and FIP-140 mode

On Mon, Aug 24, 2020 at 12:48 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Robert, > > On 8/24/20 11:04, Robert Hicks wrote: > > Maybe it's just better to straight up ask. I've f

Re: Virtual event focussed on Tomcat Security

On Thu, Oct 15, 2020 at 2:01 PM Mark Thomas wrote: > On 29/09/2020 12:25, Mark Thomas wrote: > > Hi all, > > > > We (the Tomcat community) have some funding from Google to help us > > improve Tomcat security. Our original plan was to use the funding to > > support an in-person security focussed h

TLS on Tomcat: Using ECC and RSA certificates together -- invalid intermediate certificate in chain

intermediate CAs for ECC versus RSA). Thanks for any suggestions anyone can provide, Robert

Re: TLS on Tomcat: Using ECC and RSA certificates together -- invalid intermediate certificate in chain

et reported by testssl.sh as: Chain of trust NOT ok (chain incomplete) And when I connect using "openssl s_client -connect :", I see only the initial certificate in the server response, where normally I would see the chain listed out up to the root CA. So unfortunately,

Re: TLS on Tomcat: Using ECC and RSA certificates together -- invalid intermediate certificate in chain

also broken). Sorry about that. Robert On Wed, Dec 9, 2020 at 9:22 PM Robert Turner wrote: > Thanks Chris for replying. > > I'm pretty sure I'm using the APR connector. Without double-checking how > things are configured... the startup logs show: > > 09

Re: TLS on Tomcat: Using ECC and RSA certificates together -- invalid intermediate certificate in chain

2020 at 12:56 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Robert, > > On 12/9/20 21:31, Robert Turner wrote: > > Actually, one incorrect statement in my previous response. testssl.sh > > didn't report the details of the certificate chain,

Re: Browser complains of "weak signature algorithm" in cert on a new Tomcat installation. Does anybody here know anything about that sort of thing

You'll want to set the protocols, ciphers, and honorCipherOrder attributes on either the Connector or the SSLHostConfig objects in your server.xml file to restrict the available TLS/SSL protocols and ciphers available to avoid using weak ones. See the documentation here for details: https://tomcat

Re: TomCat 9 service failed to start on Windows after TomCat 9 update

I would check permissions on the folders/files. The account running the windows service may not have permissions to execute the programs or maybe access the directories. That's the first thing I would check. (Also check Event Viewer for any related messages). On Fri, Jan 15, 2021 at 8:24 AM Igor S

Re: Security Vulnerability -Default files

also be able to modify the installation settings of the application using Add or Remove Programs in Windows Control Panel to remove the example applications if you'd prefer that approach instead of #1 above, but that might require reinstalling Tomcat again. Best of luck, Robert On Thu, Jan

Re: Security Vulnerability -Default files

up, I strongly suggest looking for an experienced _paid_ consultant to do the work for you. (I do not have any suggestions on where to look for one though.) Robert On Thu, Jan 21, 2021 at 10:43 PM Nitin Kadam wrote: > Thank you Robert for your reply. > > If we upgrade the tomcat

Re: Out of memory exception

Have you tried enabling heap dumps on OOM exceptions ( https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/clopts001.html ; HeapDumpOnOutOfMemoryError) and then looking at the heap dump? It should help you identify where the allocated heap is going to, and give you some ideas of whe

Tomcat Manager

Is there a way (my google-fu is failing) to use the command line version of the manager but not have the front end UI available at all? Thanks, Bob

Re: Tomcat Manager

#Configuring_Manager_Application_Access and using your choice of command-line tool to interact. I planned to use/test tomcat-manager: https://tomcatmanager.readthedocs.io/en/stable/install.html Best Regards, Robert On Wed, 2021-02-24 at 15:18 -0500, Robert Hicks wrote: > [EXTERNAL EMAIL ALERT]: Verify sender before open

Re: Unable to start Tomcat 10.0.4

It's saying port 80 is already in use. Make sure another process (like IIS) isn't using the port already, or change your configuration to a different port. You can use 'netstat' (with options) to determine which process is using the port already. On Tue., Mar. 16, 2021, 07:36 , wrote: > Dear Al

Re: Unable to start Tomcat 10.0.4

Your more recent exception log didn't include the "caused by" exception -- which is the actual failure details. Double-check that and make sure it's the same issue. Also, use netstat to confirm you aren't using the ports already. Changing it may just find another conflict (although less likely). T

Re: Unable to start Tomcat 10.0.4

If you look at the stack trace, it tells you what the problem is: Caused by: java.lang.IllegalArgumentException: No SSLHostConfig element was found with the hostName [_default_] to match the defaultSSLHostConfigName for the connector [https-openssl-nio-8443] So it no longer looks like you are hi

Re: Unable to start Tomcat 10.0.4

I suggest you have a read here: https://tomcat.apache.org/tomcat-10.0-doc/config/http.html#SSL_Support The documentation covers the details you need to correctly configure Tomcat and SSL and links to a related page about SSL configuration. Notice the line: Each secure connector must define at leas

Re: [OT] Working with SAML

r use case. It doesn't do everything by any means, but was considerably smaller and simpler than most packages out there. Robert On Tue, Mar 16, 2021 at 1:55 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > All, > > I've got a system which is accepting one

Re: [OT] Working with SAML

itely works yet). As far as I can tell it's free to use as it's an MIT-style License. And at least, one can get at the code and "fix" things if needed. On Tue, Mar 16, 2021 at 4:19 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Robert, > >

Tomcat (catalina.jar) Security Question

We are getting evaluated and one of the items that I need to do is change the "ServerInfo.properties" in the catalina.jar to set "server.info" and "server.version" to nonsense (really). I have the following Valve setup as well: At what point would the "ServerInfo.properties" actually show a ver

JEP 411: Deprecate the Security Manager for Removal

Is that the "same" security manager we flip on for Tomcat or just an unfortunate naming coincidence? -- Bob

Re: Tomcat 9 and FIP-140 mode

ob On Mon, Aug 24, 2020 at 2:49 PM Robert Hicks wrote: > > > On Mon, Aug 24, 2020 at 12:48 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> Robert, >> >> On 8/24/2

Re: [ANN] Apache Tomcat 9.0.50 available

I did a version and there seems to be a mismatch? PS C:\apache-tomcat-9.0.50> cd bin PS C:\apache-tomcat-9.0.50\bin> .\version.bat Using CATALINA_BASE: "C:\apache-tomcat-9.0.50" Using CATALINA_HOME: "C:\apache-tomcat-9.0.50" Using CATALINA_TMPDIR: "C:\apache-tomcat-9.0.50\temp" Using JRE_HOME:

Re: [ANN] Apache Tomcat 9.0.50 available

3abc11df29c1328e2632df2c1c449d4002becdd6464c79766ade506c058 > *apache-tomcat-9.0.50.zip > > So all is OK. Please check your files. > > BTW, the current version of Java 8 is 8u292. > > вт, 6 июл. 2021 г. в 17:10, Robert Hicks : > > > > I did a version and there seems to

extending Embedded (basically copying Catalina) - Address already in use: JVM_Bind:80

Hi, I want to use a standard startup the same way startup.sh -> catalina.sh -> Bootstrap -> Catalina handles it. I want to make the (standard)server available to a custom manager in the main webapp. I want to be able to start up a Context when a user enters a project in my webapp (i.e. I don

many No Referrers in logs

We have our server.xml file set w/ the following entry: Valve className="org.apache.catalina.valves.AccessLogValve" directory="../logs" prefix="ws_access_log." suffix=".txt" pattern="combined" However, there are still many log entries showing no referrers. Some are from user spiders such as the fo

Custom 404 page displays broken images w/ 'listings' set to false

Running Tomcat 5.0 on Win 2003... I set the following in web.xml: debug 0 listings false 1 404 /404.html But when someone tried to list a directory, e.g., www.ourdomain.com/images, al

RE: sort an array

remove it from the other array. Robert S. Harper Information Access Technology, Inc. -Original Message- From: password password [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 27, 2006 8:57 AM To: Tomcat Users List; [EMAIL PROTECTED] Subject: Re: sort an array Hi, Arrays.sort

RE: Cannot use Tomcat

Gary: You can track Property # 404175 to me. Regards, Bob -Original Message- From: Martin Gainty [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 28, 2006 9:49 AM To: Tomcat Users List Subject: Re: Cannot use Tomcat Antonio- someone has been mucking with the file/folder permissions..In o

Re: BOOBIES!

Wow... how do some people make it through the day without exploding from some terrible insult. I can't believe this thread subject has turned into such a big deal. I deleted the first 5 or so because I thought it was spam. Then I saw names responding which I recognized. I really don't unders

RE: BOOBIES!

me of the manuals are so hard to read and information is so scattered that it is hard to get answers. Remember that if you don't want to read it, you don't have to. Just keep responses respectful and informative. Robert S. Harper Information Access

RE: Response time banding

ensure exact order. Make sure you go over the time stamps carefully before you pass too much judgment. Robert S. Harper Information Access Technology, Inc. -Original Message- From: Leon Rosenberg [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 26, 2006 2:35 PM To: Tomcat Users List Subject

Re: mod_jk and Perl Sections?

So assuming I'm not doing anything wrong and that these directives are not supported by mod_perl How can you dynamically create worker properties? On Jul 31, 2006, at 5:51 PM, [EMAIL PROTECTED] wrote: I want to be able to do this in order to dynamically specify the worker port push @JkWor

User database and user attributes

but it only works when the new user information is flushed to disk. What would be the best way to do this?   Robert S. Harper Senior Engineer Information Access Technology, Inc. 1100 East 6600 South, Suite 300 Salt Lake City Utah USA 84121-7411 (801)265-8800 Ext. 255 FAX (801)265-8880

RE: User database and user attributes

Robert S. Harper Information Access Technology, Inc. -Original Message- From: Mikolaj Rydzewski [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 08, 2006 3:25 PM To: Tomcat Users List Subject: Re: User database and user attributes [snip] Use some kind of a database related realm

Using Tomcat's internal bean server.

t wrap the UserDatabase.getGroups() and UserDatabase.getRoles() methods?   Robert S. Harper Senior Engineer Information Access Technology, Inc. 1100 East 6600 South, Suite 300 Salt Lake City Utah USA 84121-7411 (801)265-8800 Ext. 255 FAX (801)265-8880   This e-mail is intended only for the add

  1   2   3   4   5   6   >