-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 9/9/19 17:37, Peter Kreuser wrote:
> Isn‘t that what client certs are for? Https to identify Server A,
> Client cert to authenticate Server B?
Yes, it sounds like the OP is re-designing TLS mutual authentication.
Michael, do you see any
All,
We have a Tomcat application (that ships/includes Tomcat with it) that
requires we use multiple domains and therefore set up SSLHostConfig
settings in our server.xml file to accommodate each domain. We have been
using this configuration and it works well:
Tomcat 8.5.32
Isn‘t that what client certs are for?
Https to identify Server A, Client cert to authenticate Server B?
Message integrity should then be unnecessary?!
Or am I missing a piece?
Peter
> Am 09.09.2019 um 21:10 schrieb M. Manna :
>
> Why not use JWT cookies/tokens? You sign your claims and only
Why not use JWT cookies/tokens? You sign your claims and only you can
validate the claims and ensure that it’s coming from the right place/user.
Thanks,
On Mon, 9 Sep 2019 at 19:26, Michael Duffy wrote:
> I need to communicate securely between two Tomcat servers running in two
> different
I need to communicate securely between two Tomcat servers running in two
different environments. I have control of both servers.
I would like to do this through a simple REST call from Server-B to
Server-A.
On the server I am communicating to, Server-A, I can easily set up HTTPS
with a
Hi André,
Thanks for the suggestion, that looks like it.
Tomcat 8.5.45 (32-bit) comes with version 1.2.0.0 of the Commons Daemon Service
Runner.
Tomcat 8.5.43 (32-bit) comes with version 1.1.0.0 of the Commons Daemon Service
Runner
The version 1.2.0.0 service crashes for me every time.
I tried
Our use case is rejecting the request based on IP.
In the browser the status code is 0, and the network tab in developer
tools is showing no response to the request. It's the same in Chrome and
Firefox.
The request works fine when I send from Node.JS.
It seems to me that Tomcat responds to
On 09.09.2019 15:21, Leon Atherton wrote:
Thank you for the suggestion.
I have just tried playing with this value. Setting it to -1, and setting
it to 100x larger than the default.
In both cases, the behaviour seems unchanged.
Without touching this value, Tomcat will accept multipart POST
On 06/09/2019 07:26, Pradeep Kumar M N wrote:
> Hi All,
>
> I am using Tomcat 9.0.20. I am installing the Tomcat silently from a
> PowerShell script. But after silent installation, below mentioned registry
> entry seems not added. I am passing a Config ini file to tomcat installer
> with /C
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 9/9/19 07:59, André Warnier (tomcat) wrote:
> Hi. Did you check :
> https://tomcat.apache.org/tomcat-8.5-doc/config/http.html#Common_Attri
butes
>
>
- --> maxPostSize
>
> Note : normally, the browser will encode (Base64 or similar) the
Thank you for the suggestion.
I have just tried playing with this value. Setting it to -1, and setting
it to 100x larger than the default.
In both cases, the behaviour seems unchanged.
Without touching this value, Tomcat will accept multipart POST requests
much larger than 2MB (which is the
Hi.
Did you check :
https://tomcat.apache.org/tomcat-8.5-doc/config/http.html#Common_Attributes
--> maxPostSize
Note : normally, the browser will encode (Base64 or similar) the content of a file and
send the encoded content, which tends to be significantly larger (in bytes) than the
original
Hello,
I've discovered an interesting issue where POST requests fail when
uploading a file over about ~6MB if the server ignores the request content.
I've put together a simple project to reproduce it:
https://github.com/leonatherton/tomcat-request-issue
Serverside code:
13 matches
Mail list logo
