Am 31.08.2012 04:01, schrieb David A. Rush:
We've got two different machines (both Windows Server something)
running Tomcat 7.0.22, and each running a webapp that uses user
authentication. We're using a couple of different schemes (LDAP and
database using JDBCRealm with hashed pwords, just
(Warning: there is some raw text in this post.)
Hello Casper. Hello list.
Thank you for your answer and your advices.
Here is some interesting litterature related to my problem:
Redirecting from a servlet to an exterior URL using a POST
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 31-08-2012 11:42, Léa Massiot skrev:
(Warning: there is some raw text in this post.)
Hello Casper. Hello list.
Thank you for your answer and your advices.
Here is some interesting litterature related to my problem:
Redirecting from
Hi all,
I am trying to run JSF-JAAS based sample application which is here.
(http://www.ixtendo.com/secure-your-jsf-application-with-jaas/)
I want to just use the application so just deployed jjwa.war file in
web-apps directory of tomcat.
Profiling tomcat:-
I use tomcat 7.0 version. I try
catalina.sh run -security
Basically runs tomcat with the Security Manager.
I think the talina.sh command is missing the ca in front of it :-). If
not paste the script here, as it might be custom.
On 31/08/12 8:18 PM, Ragini raginippa...@gmail.com wrote:
Hi all,
I am trying to run JSF-JAAS
2012/8/31 Ragini raginippa...@gmail.com:
Hi all,
I am trying to run JSF-JAAS based sample application which is here.
(http://www.ixtendo.com/secure-your-jsf-application-with-jaas/)
I want to just use the application so just deployed jjwa.war file in
web-apps directory of tomcat.
Profiling
Dear Darryl Lewis,
Thanks for your quick response..I corrected that silly mistake..As I
told I am able to profile tomcat when I start and stop by (startup.sh
and shutdown.sh). I tried to start it with security manager as following:
./startup.sh -security
it runs fine and also the
The user doesn't shift from WEBAPP_1 to WEBAPP_2 for good.
The user will go on with WEBAPP_1 after WEBAPP_2 has done what it has to
do after the form (F1) submission.
Best regards.
--
View this message in context:
Have a look here:
http://onjava.com/pub/a/onjava/2007/01/03/discovering-java-security-require
ments.html?page=2
On 31/08/12 8:44 PM, Ragini raginippa...@gmail.com wrote:
Dear Darryl Lewis,
Thanks for your quick response..I corrected that silly mistake..As I
told I am able to profile tomcat
Would it be possible for you to set up a simple test case and package
it as a WAR? Also, write-up a set of URLs and your expectations about
whether they should work or not and attach all that to a Bugzilla
report:
https://issues.apache.org/bugzilla/enter_bug.cgi?product=Tomcat%207
See comments inline
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 31-08-2012 13:18, Léa Massiot skrev:
The user doesn't shift from WEBAPP_1 to WEBAPP_2 for good.
The user will go on with WEBAPP_1 after WEBAPP_2 has done what it has to
do after the form (F1) submission.
That depends. As
Joseph:
I've bumped up application logging in a couple of places as early in the
login process as I can, but nothing's shown up. The delay occurs
between the submit on the login page but before any more of the
application's code gets run.
I'm looking into enabling logging on my Oracle JDBC
Felix:
Aha, you're suggesting a firewall issue, which I've been speculating
on. Thanks for confirmation about the persistent connection that
JDBCRealm tries to keep.
I'll look into the DataSourceRealm. Thanks for the tip.
David
On 2012-08-31 03:16, Felix Schumacher wrote:
Am 31.08.2012
2012/8/30 Knute Snortum ksnor...@catalystitservices.com:
See below:
-Original Message-
From: Knute Snortum [mailto:ksnor...@catalystitservices.com]
Sent: Wednesday, August 29, 2012 3:05 PM
To: Tomcat Users List
Subject: RE: tomcat7-maven-plugin doesn't understand Maven filtering of
Hi!
Just noting that Java 6u35, 7u07 were released by Oracle a day ago
http://www.oracle.com/technetwork/java/javase/downloads/
Those contain security fixes for issues exploitable when running Java
from within a web browser. (Those running it on server or standalone
are said to be unaffected).
Hi All,
I looked at the release notes and there was nearly nothing there. So
justification to update was impossible. Oracle needs to realize that releases
with just one security and one time clock change makes it impossible to explain
to anyone why we need to update an Enterprise.
Just my
On 8/31/2012 11:02 AM, Tony Anecito wrote:
Hi All,
I looked at the release notes and there was nearly nothing there. So
justification to update was impossible. Oracle needs to realize that releases
with just one security and one time clock change makes it impossible to explain
to anyone why
On 31/08/2012 16:02, Tony Anecito wrote:
Hi All,
I looked at the release notes and there was nearly nothing there. So justification to update was impossible. Oracle needs to realize that releases with just one security and one time clock change makes it impossible to explain to anyone why we
Read the second link and you have quite a reason for upgrading :)
Actually all teamlers at GameForge was told to disable java in browsers
because of this security issue...
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 31-08-2012 17:02, Tony Anecito skrev:
Hi All,
I looked at the
Just my smarmy reply to Tony's when Sun owned Java comment...
Used to be when Sun owned Java you got security updates months, not days, after
a vulnerability like this was discovered. :-)
Not saying I like Oracle (I loathe it most days); just making the point that
they were REALLY good about
Well, don't give Oracle too much credit -- or grief.
According to various articles (look them up, I didn't save the URLs),
they were notified of these vulnerabilities ~4 months ago.
Unfortunately several days ago serious attacks in the wild using these
vulnerabilities were discovered --
On 31/08/2012 16:22, Jess Holle wrote:
Well, don't give Oracle too much credit -- or grief.
According to various articles (look them up, I didn't save the URLs),
they were notified of these vulnerabilities ~4 months ago.
Unfortunately several days ago serious attacks in the wild using these
Thanks Everyone. I agree on the security issue just seemed the last couple of
updates had no substance beyond just security. MS sends updates quite often but
I look forward to advances in other areas like performance ect.
Regards,
-Tony
--- On Fri, 8/31/12, Jess Holle je...@ptc.com wrote:
In case it's not clear, Oracle normally strictly alternates between
security-only (or very, very nearly security only) and
performance/bug-fix updates.
In this particular case they had to alter their plans -- as they had to
get a security fix out the door immediately.
On 8/31/2012 10:31 AM,
2012/8/31 Konstantin Kolinko knst.koli...@gmail.com:
Hi!
Just noting that Java 6u35, 7u07 were released by Oracle a day ago
http://www.oracle.com/technetwork/java/javase/downloads/
Those contain security fixes for issues exploitable when running Java
from within a web browser. (Those
-Original Message-
From: Olivier Lamy [mailto:ol...@apache.org]
Sent: Friday, August 31, 2012 6:58 AM
To: Tomcat Users List
Subject: Re: tomcat7-maven-plugin doesn't understand Maven filtering of
context files?
2012/8/30 Knute Snortum ksnor...@catalystitservices.com:
See
2012/8/27 Sérgio juger.on.n...@gmail.com:
Hi.
I am trying to use the Tomcat Maven Plugin to create an executable jar file
with an embedded Tomcat7, but I am having two issues when trying to do so.
The first one, is that I am not getting how I can stop my executable jar. I
want to run it in
On 29/08/2012 13:22, Mark Thomas wrote:
On 29/08/2012 08:29, Awdhesh Kumar wrote:
I am working with Tomcat 7.0.X.
Just to be clear, do you mean Tomcat 7.0.x built from tc7.0.x/trunk in
svn or do you mean some unknown Tomcat 7 version?
I have started some work to improve the cluster
28 matches
Mail list logo