Robert Koberg wrote:
On Apr 21, 2009, at 7:02 PM, André Warnier wrote:
André Warnier wrote:
Mark Thomas wrote:
André Warnier wrote:
Mark Thomas wrote:
Anthony J. Biacco wrote:
I did end up trying it and it did work, I just didn't know if it was
something that's frowned upon, or would for
mark_desp...@mcafee.com wrote:
...
Being named DeSpain, having a wife able to write about Java GC in
Japanese and English, and being oneself able to write eloquently about
an Insane Java library and its usage with Tomcat..
This world is full of wonders.
Hi,
We are using tomcat 5.0.28 and JDK 1.5.10. Now, there is some requirement to
use tomcat with PKCS#11 support.
Initial study shows that a hardware token would be needed for this.
1) Is minimum tomcat version 5.5 is must for this?
2) Is this hardware requirement is mandatory? Or
On Apr 22, 2009, at 4:25 AM, André Warnier wrote:
Allright, but I'm afraid this is still somewhat flying over my head,
what we me not being /either/ a Java expert, /nor/ a Tomcat expert, /
nor/ an XML expert. (What am I then doing on this list, one might
ask).
So, since everyone but
Rainer Jung wrote:
On 16.04.2009 12:44, Mark Thomas wrote:
Gregor Schneider wrote:
- Concerning how often questions regarding mod_jk are showing up in
the list: mod_jk - HowTo / Best practices
Any takers for presenting this?
Not sure, whether this is too specific for ApacheCon, but yes, if
I just finished my first cup of coffee and realized I didn't address
having the external def in the conf directory. You probably do not
want to rely on each user having the same directory structure, so you
can't rely on a hard coded absolute or relative path :)
First, let me say I usually
I realize that my Server.xml is not being used by the Tomcat engine. I mean
the Connector part.
Should I make any modifications anywhere?
And I regret for the last repeated mails. It was sent by mistake.
-Anand
connossieur wrote:
Christopher,
This is my Server.xml
!-- Note: A Server is
Robert Koberg wrote:
I just finished my first cup of coffee
You must be in a different timezone then. We've had to refill the coffee
machine a couple of times already.
In any case, thank you for your early interest and for your contribution.
and realized I didn't address
having the external
why not start by creating a backup copy of your server.xml, and then
removing all of the commented out config.
it'll be easier to see what's going on that way...
p
connossieur wrote:
I realize that my Server.xml is not being used by the Tomcat engine. I mean
the Connector part.
Should I
On 22.04.2009 06:44, Caldarale, Charles R wrote:
From: Menachem Husarsky [mailto:husar...@hotmail.com] Subject: Re:
Re: windows 2k3 / Tomcat 6 / IIS configuration - randomlylosing
sessions
Do you have any suggestions for me for how to debug this in a
finer more controlled fashion?
Have
On Tue, Apr 21, 2009 at 6:49 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
mod_proxy_ajp is included in httpd, and there have been /lots/ of
improvements since 2.2.2. Since you can't upgrade, would you consider
switching to using mod_jk,
Anand-
the suggestion of look elsewhere was a red herring
the problem is your Executor takes thread assignments e.g.
Executor name=tomcatThreadPool namePrefix=catalina-exec-
maxThreads=150 minSpareThreads=4/
then Connector is assigned the Executor threadpool
Connector
From: connossieur [mailto:anand.b...@aricent.com]
Subject: Re: Problem with maximum threads
I realize that my Server.xml is not being used by the Tomcat engine.
I hope you also realize the file name must be server.xml, not Server.xml (case
matters).
- Chuck
THIS COMMUNICATION MAY
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: GlobalNamingResources outside of server.xml
In this webapp, are some servlets that I get from third-parties, and
which need installation-specific settings in the web.xml deployment
descriptor, settings which are present as param-name
Christopher Schultz-2 wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
Caldarale, Charles R wrote:
From: Bill Davidson [mailto:bill...@gmail.com]
Subject: Fun with the JVM crashing.
I'm thinking that the JVM shouldn't be getting SIGSEGV's.
You're right about that.
Hi
Thx for the reply
restrict based on roles so in /conf/tomcat-users.xml
By using the AAA Realm, UserId / Passwd would be definitely an usage ,
But the intension for doing the same is NOT to expose the /admin/* to
INTERNET and reply with ERROR 404 for the same,
But in case of INTRANET
Tomcat 6Struts 1.3
OS: MacOS X - Leopard
Hi,
I am trying to make sure my app requires a login. So I configured the
following in my deployment descriptor:
security-constraint
web-resource-collection
web-resource-nameadmin/web-resource-name
url-pattern*.do/url-pattern
From: Karthik Nanjangude [mailto:karthik.nanjang...@xius-bcgi.com]
Subject: RE: R: Apache / Tomcat Load Balanced mode
But the intension for doing the same is NOT to expose the /admin/*
to INTERNET and reply with ERROR 404 for the same,
But in case of INTRANET usage access for /admin/*
Mighty Tornado wrote:
http-methodPOST/http-method
Why do you want to restrict access only to requests with POST method? I
usually do not use http-method element.
form-login-page/WEB-INF/JSP/login.jsp/form-login-page
I'm not sure if login page will work if it is located under
Caldarale, Charles R wrote:
From: Karthik Nanjangude [mailto:karthik.nanjang...@xius-bcgi.com]
Subject: RE: R: Apache / Tomcat Load Balanced mode
But the intension for doing the same is NOT to expose the /admin/*
to INTERNET and reply with ERROR 404 for the same,
But in case of INTRANET
Mighty Tornado wrote:
Tomcat 6Struts 1.3
OS: MacOS X - Leopard
Hi,
I am trying to make sure my app requires a login. So I configured the
url-pattern*.do/url-pattern
url-pattern/*/url-pattern will protect everything.
http-methodPOST/http-method
This only protects the POST method.
I took everything out of my conf/context.xml file except for
WatchedResource. This includes
Context path=/xxx docBase=xxx debug=1 reloadable=true
/
Logger className=org.apache.catalina.logger.FileLogger
directory=logs prefix=localhost_log. suffix=.txt timestamp=true/
From: Mighty Tornado [mailto:mighty.torn...@gmail.com]
Subject: Tomcat Security and Struts
I am trying to make sure my app requires a login. So I configured the
following in my deployment descriptor:
security-constraint
web-resource-collection
From: JT [mailto:jltoo...@gmail.com]
Subject: Re: Undeploy does not delete all .jar files
I took everything out of my conf/context.xml file except for
WatchedResource. This includes
Logger className=org.apache.catalina.logger.FileLogger
directory=logs prefix=localhost_log.
You are right:
I just fixed this mistake - added
security-role
role-namemember/role-name
/security-role
into my web.xml
However, when I try to access my URL the browser gives me the following
message:
Data Transfer Interrupted
On Wed, Apr 22, 2009 at 10:26 AM, Caldarale, Charles R
I tried to use form based authentication with JNDIRealm. What I want to
accomplish is to have the two applications with the same realm be
authenticated once. It seems the tomcat ignored the realm. I have to
login twice. For example: when I login to http://localhost:8080/app1
successfully, then
Mark Thomas wrote:
url-pattern/*/url-pattern will protect everything.
If your login page uses any external assets (images, stylesheets, etc),
it will become corrupted (assets won't load).
--
Mikolaj Rydzewski m...@ceti.pl
Hey guys. Just recently, I've started to have this problem with Tomcat not
shutting down if the server has handled lots of traffic. Our test servers,
which have very small amount of traffic, shut down fine. I have to manually
kill the Tomcat process. If I run it in the foreground, ctr-c
Mark Thomas wrote:
Caldarale, Charles R wrote:
From: Karthik Nanjangude [mailto:karthik.nanjang...@xius-bcgi.com]
Subject: RE: R: Apache / Tomcat Load Balanced mode
But the intension for doing the same is NOT to expose the /admin/*
to INTERNET and reply with ERROR 404 for the same,
But in
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: R: Apache / Tomcat Load Balanced mode
http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html
Remote Address Filter or Remote Host Filter
Wait, does that not block *all* accesses to that host ?
Yes, which is why I suggested a
André Warnier wrote:
Mark Thomas wrote:
Caldarale, Charles R wrote:
From: Karthik Nanjangude [mailto:karthik.nanjang...@xius-bcgi.com]
Subject: RE: R: Apache / Tomcat Load Balanced mode
But the intension for doing the same is NOT to expose the /admin/*
to INTERNET and reply with ERROR 404
From: Matthew Chambers [mailto:chamb...@imageworks.com]
Subject: Tomcat does not shut down
Any tips that I can use to figure out what the server is doing or help
it shut down quicker would be great.
And a thread dump shows ...?
Use jstack to get one, if needed.
- Chuck
THIS
Mark Thomas wrote:
André Warnier wrote:
Mark Thomas wrote:
Caldarale, Charles R wrote:
From: Karthik Nanjangude [mailto:karthik.nanjang...@xius-bcgi.com]
Subject: RE: R: Apache / Tomcat Load Balanced mode
But the intension for doing the same is NOT to expose the /admin/*
to INTERNET and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anand,
On 4/22/2009 1:35 AM, connossieur wrote:
This is my Server.xml
Note you have two connectors defined:
Executor name=tomcatThreadPool namePrefix=catalina-exec-
maxThreads=70 minSpareThreads=20/
Connector
André Warnier wrote:
Mark Thomas wrote:
André Warnier wrote:
Mark Thomas wrote:
I'd assumed that admin was a separate context and therefore could have a
valve applied. If not, just do it in httpd.
Do you mean that the Valve can be inserted at the context.xml level,
rather than inside the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 4/21/2009 8:48 PM, Caldarale, Charles R wrote:
It's really 64 MB, of which 32.5 MB is available for allocation. The
8 MB is the initial amount available for allocation. (If this sounds
unnecessarily complicated, that's only because it
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: R: Apache / Tomcat Load Balanced mode
Do you mean that the Valve can be inserted at the context.xml level,
rather than inside the Host ?
Yes. I had made the opposite assumption to Mark T, in that I thought admin was
part of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 4/21/2009 10:27 PM, mark_desp...@mcafee.com wrote:
Ok, so my wife actually wrote a couple of month ago in Japanese about
using strategy for leveraging the Insane library and a continuous
integration server in order to prevent webapp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mikolaj,
On 4/22/2009 9:58 AM, Mikolaj Rydzewski wrote:
Mighty Tornado wrote:
I'm not sure if login page will work if it is located under WEB-INF
directory.
Of course it will. There's nothing special about the WEB-INF directory
that would prevent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jill,
On 4/22/2009 10:46 AM, Jill Han wrote:
I tried to use form based authentication with JNDIRealm. What I want to
accomplish is to have the two applications with the same realm be
authenticated once. It seems the tomcat ignored the realm. I
From: Mikolaj Rydzewski [mailto:m...@ceti.pl]
Subject: Re: Tomcat Security and Struts
Mark Thomas wrote:
url-pattern/*/url-pattern will protect everything.
If your login page uses any external assets (images, stylesheets,
etc), it will become corrupted (assets won't load).
Care to
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Subject: Re: Headstart on Resolving OOM-PermGen errors on webapp
reload
It's also a shame that the values for -Xmx aren't shown
It is - it's the MaxHeapSize under Heap Configuration.
The odd thing in your report is MaxNewSize,
Hi.
As (maybe) part of another issue which I am still trying to track down
with the concerned network people (client write errors, Sample 2 below),
I find the following kind of messages regularly in the mod_jk logfile
(Sample 1).
I just want to know if this indicates a problem somewhere, or
Caldarale, Charles R wrote:
From: Mikolaj Rydzewski [mailto:m...@ceti.pl]
Subject: Re: Tomcat Security and Struts
Mark Thomas wrote:
url-pattern/*/url-pattern will protect everything.
If your login page uses any external assets (images, stylesheets,
etc), it will become corrupted (assets
Thanks,
I commented off SingleSignOn as instructed on the link.
Host name=localhost ...
...
Valve className=org.apache.catalina.authenticator.SingleSignOn
debug=0/
...
/Host
However, this makes authentication activated only once although the
applications have different realms.
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: Tomcat Security and Struts
Maybe this : if the login page itself contains a link to a gif located
in the same area, trying to load that gif will also hit the
authentication bit, and trigger another login page, before the first
even
From: Jill Han [mailto:jill@alverno.edu]
Subject: RE: form based authentication
However, this makes authentication activated only once although the
applications have different realms.
To quote from the SSO doc:
All web applications configured for this virtual host must share the same
Yeah, Insane just using reflection and a graph traversal algorithm to get the
job done. It looks like this is implemented by
org.netbeans.insane.impl.InsaneEngine.
Oh, and I found my copy of the Insane source. The third argument to
ScannerUtils.scan() should be true since that is what
From: mark_desp...@mcafee.com [mailto:mark_desp...@mcafee.com]
Subject: RE: Headstart on Resolving OOM-PermGen errors on webapp
reload
Yeah, Insane just using reflection and a graph traversal algorithm to
get the job done. It looks like this is implemented by
I don't doubt that jmap/jhat would be able to give you more detailed
information. My exact goal was to come up with something for automated testing
that would help prevent classloader leaks from making it into production. If
someone can think of a programmatic way to do that with jmap/jhat,
I think the following might be a problem. When I access the application I
get this error in the browser:Firefox can't establish a connection to the
server at localhost:8443
But Tomcat is supposed to listen on port 8080 - and it has been for my app,
until I put in the security feature.
any way
The Tomcat-Connector docs say that the source dist contains a sample
workers.properties file, but neither Tomcat 6 nor Httpd 2.2 src archives
contain such a file.
Could someone please post a sample workers.properties file for the
aforementioned Tomcat and Httdp versions?
Thanks
On Wed, Apr 22, 2009 at 11:16 AM, Mighty Tornado
mighty.torn...@gmail.com wrote:
I think the following might be a problem. When I access the application I
get this error in the browser:Firefox can't establish a connection to the
server at localhost:8443
But Tomcat is supposed to listen on
How can I make the request to port 8443 actually succeed?
On Wed, Apr 22, 2009 at 2:40 PM, Hassan Schroeder
hassan.schroe...@gmail.com wrote:
On Wed, Apr 22, 2009 at 11:16 AM, Mighty Tornado
mighty.torn...@gmail.com wrote:
I think the following might be a problem. When I access the
From: Mighty Tornado [mailto:mighty.torn...@gmail.com]
Subject: Re: Tomcat Security and Struts
Firefox can't establish a connection to the
server at localhost:8443
You need to define a secure Connector for port 8443.
But Tomcat is supposed to listen on port 8080
You can't run both HTTP
On Wed, Apr 22, 2009 at 11:43 AM, Mighty Tornado
mighty.torn...@gmail.com wrote:
How can I make the request to port 8443 actually succeed?
Configure an https Connector.
--
Hassan Schroeder hassan.schroe...@gmail.com
Mighty Tornado wrote:
I think the following might be a problem. When I access the application I
get this error in the browser:Firefox can't establish a connection to the
server at localhost:8443
But did you not ask for this ?
transport-guaranteeCONFIDENTIAL/transport-guarantee
Jonathan Mast wrote:
The Tomcat-Connector docs say that the source dist contains a sample
workers.properties file, but neither Tomcat 6 nor Httpd 2.2 src archives
contain such a file.
But the mod_jk connector download does, I am quite sure.
ok, i'll look, the docs don't explicitly say what source package the sample
is in. thanks
On Wed, Apr 22, 2009 at 2:48 PM, André Warnier a...@ice-sa.com wrote:
Jonathan Mast wrote:
The Tomcat-Connector docs say that the source dist contains a sample
workers.properties file, but neither
André Warnier wrote:
Jonathan Mast wrote:
The Tomcat-Connector docs say that the source dist contains a sample
workers.properties file, but neither Tomcat 6 nor Httpd 2.2 src archives
contain such a file.
But the mod_jk connector download does, I am quite sure.
You /have/ downloaded the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 4/22/2009 12:16 PM, Caldarale, Charles R wrote:
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Subject: Re: Headstart on Resolving OOM-PermGen errors on webapp
reload
It's also a shame that the values for -Xmx
I am confused again. I was using Tomcat 5.5, but I uninstalled 5.5 and
installed 6 and tried to start from scratch by following the docs. Maybe
I'm missing something, but I am using a database and I think it's telling me
to add my database connections inside of the context.xml file. Resouce...
There is single Host in server.xml
Engine name=Catalina defaultHost=localhost
...
Realm className=org.apache.catalina.realm.JNDIRealm
debug=99
connectionName=
connectionPassword=
connectionURL=ldap://url:389;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 4/22/2009 12:37 PM, André Warnier wrote:
Caldarale, Charles R wrote:
From: Mikolaj Rydzewski [mailto:m...@ceti.pl]
Subject: Re: Tomcat Security and Struts
Mark Thomas wrote:
url-pattern/*/url-pattern will protect everything.
If
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hassan,
On 4/22/2009 2:45 PM, Hassan Schroeder wrote:
On Wed, Apr 22, 2009 at 11:43 AM, Mighty Tornado
mighty.torn...@gmail.com wrote:
How can I make the request to port 8443 actually succeed?
Configure an https Connector.
And correctly set
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Subject: Re: Headstart on Resolving OOM-PermGen errors on webapp
reload
Does that mean that, technically speaking, PermGen is allowed
to grow to take over the whole heap?
No, PermGen is independent of the general heap,
From: JT [mailto:jltoo...@gmail.com]
Subject: Re: Undeploy does not delete all .jar files
I am using a database and I think it's telling me
to add my database connections inside of the
context.xml file.
That is correct. If the database is to be used by just a single webapp, the
Resource
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
On 4/22/2009 12:25 AM, Menachem Husarsky wrote:
Christopher Schultz wrote:
Are all your customers using Cookies?
Yes. However, URL rewriting is disabled.
Er.. how did you do this? Tomcat offers no way to disable URL rewriting.
Or, did
Caldarale, Charles R wrote:
...
It can't really; if I get time before going on vacation this Friday I'll look
to see where that number comes from.
We'll miss you.
You'll probably want mountains, and chocolate. Switzerland ?
You *did* say it was unnecessarily complicated ;)
Probably
Some corrections on the previous email.
I should say
When singleSignOn is commented, those tasks can be achieved if basic
authentication as
login-config
auth-methodBASIC/auth-method
realm-nameTEST/realm-name
/login-config
is used.
-Original Message-
From: Jill Han
Sent:
Christopher Schultz wrote:
I would instrument the client using something like LiveHttpHeaders (when
is Daniel going to support ff3.5?!)
try HttpFox.
or IEHeaders (or whatever it is for
MSIE)
Fiddler2
-
To unsubscribe,
yeah i downloaded the source and found the sample workers.properties files.
The workers.properties.minimal has a bug in it, btw, the ajp13w worker is
not in the worker.list and must be added manually.
But it works otherwise.
On Wed, Apr 22, 2009 at 2:52 PM, André Warnier a...@ice-sa.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jill,
On 4/22/2009 3:11 PM, Jill Han wrote:
What I want to do is all the applications have the same realm config
in server.xml.
That's not what you said earlier: you said you wanted /certain/
applications to have SSO behavior. SSO works by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jonathan,
On 4/22/2009 3:43 PM, Jonathan Mast wrote:
yeah i downloaded the source and found the sample workers.properties files.
The workers.properties.minimal has a bug in it, btw, the ajp13w worker is
not in the worker.list and must be added
Not sure why I have the Logger. I put that in over a year ago and I was
looking at docs and examples online and since it seemed to work I didn't
worry about it. now that I need to undeploy without stopping the service
things aren't working. This was originally in the global conf/context.xml
I'm using Tomcat 6.0.18, which was downloaded from tomcat.apache.org, with
jvm 6.0.07 on Windows XP.
I was just trying to see if Tomcat works.
I created a new directory in the Tomcat home directory, and then tried to
use IE in a client to see the file info within that directory, but failed.
No
we expect free technical support 24/7/365 so bring a blackberry w/ you
are there any good primers on eden,PermGen and general heap?
(HF)
Martin
__
Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung / Note de
déni et de
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: Headstart on Resolving OOM-PermGen errors on webapp
reload
You'll probably want mountains, and chocolate. Switzerland ?
London. $ vs pound is pretty decent right now. It's been 45+ years since I've
been on the Tube...
I recently
FreddieWeng wrote:
I'm using Tomcat 6.0.18, which was downloaded from tomcat.apache.org, with
jvm 6.0.07 on Windows XP.
Which one did you download and install ?
In Tomcat 5 .. Binary distributions .. Core..
there are 2 : a zip version, and a Windows Installer.
Which one did you download and
From: Martin Gainty [mailto:mgai...@hotmail.com]
Subject: RE: Headstart on Resolving OOM-PermGen errors on webapp
reload
we expect free technical support 24/7/365 so bring a blackberry w/ you
No thanks; I'll keep my iPhone (and Skype, so I don't have to pay ATT's
outrageous international
On Wed, Apr 22, 2009 at 12:58 PM, JT jltoo...@gmail.com wrote:
My application context.xml file looks like this.
Context
Context antiJARLocking=true antiResourceLocking=true/
Resource name=jdbc/xxx” auth=Container type=javax.sql.DataSource
From: FreddieWeng [mailto:freddiew...@gmail.com]
Subject: RE: Access Deny of Tomcat
I created a new directory in the Tomcat home directory
That's not useful; webapps (even if they consist of nothing but static content)
are normally placed under the Host appBase directory. The default for
From: JT [mailto:jltoo...@gmail.com]
Subject: Re: Undeploy does not delete all .jar files
Not sure why I have the Logger. I put that in over a
year ago and I was looking at docs and examples online
and since it seemed to work I didn't worry about it.
It didn't work - it didn't do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Raminder,
On 4/22/2009 5:06 AM, Raminder Singh wrote:
We are using tomcat 5.0.28 and JDK 1.5.10. Now, there is some
requirement to use tomcat with PKCS#11 support. Initial study shows
that a hardware token would be needed for this.
1) Is
First time
Context antiJARLocking=true antiResourceLocking=true/
Second time
Context
Context antiJARLocking=true antiResourceLocking=true/
Resource name=jdbc/xxx” auth=Container type=javax.sql.DataSource
driverClassName=”oracle.jdbc.driver.OracleDriver”
url=”jdbc:oracle:thin:@.../
Hi,
We are using Tomcat 5.0.27. Whenever the user logs using GET or POST request
his/her username and password are being logged in clear text in the
localhost access logs. It has become a security issue as anyone with an
account to the system can browse through the logs and find out the username
-- Forwarded message --
From: jithu mada jithu.m...@gmail.com
Date: Wed, Apr 22, 2009 at 5:38 PM
Subject: username/password being logged in clear text
To: users@tomcat.apache.org
Hi,
We are using Tomcat 5.0.27. Whenever the user logs using GET or POST request
his/her username
From: Tom-cat [mailto:jithu.m...@gmail.com]
Subject: Avoiding username/password being logged into localhost access
logs
We are using Tomcat 5.0.27.
No longer supported.
It has become a security issue as anyone with an
account to the system can browse through the logs
and find out the
Thanks for the prompt Reply.
The tomcat is running on AIX 5.3 and the files are not publicly accessible.
Its only accessible to few users.
But the user wants the username and password to be obscured.
On Wed, Apr 22, 2009 at 5:43 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
jithu mada wrote:
[...]
The only way I can see for the userid and password to be visible in an
access log, is if they are part of the URL (actually, of the query
string) and unencoded.
Which would mean that this is a form-based authentication, with either
no method attribute in the form tag,
From: jithu mada [mailto:jithu.m...@gmail.com]
Subject: Re: Avoiding username/password being logged into localhost
access logs
Its only accessible to few users.
But the user wants the username and password to be obscured.
Then you'll need to extend the existing logger class, have your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrea,
On 4/16/2009 10:45 AM, Andrea De Gaetano wrote:
Everything works with the Thin Driver, instead with OCI driver, after the
login procedure the java virtual machine crash with some memory dump
messages...
Care to post those messages?
92 matches
Mail list logo
