I have placed the following configuration in server.xml file after reading
from tomcat site
... ...
But it is not allowing me to log in.
On Feb 8, 2008 11:26 AM, alee amin <[EMAIL PROTECTED]> wrote:
> actually i am not able to get what
actually i am not able to get what you mean by context? should i insert it
in conf/server.xml or somewhere else. It is confusing me.
On Feb 7, 2008 8:59 PM, Caldarale, Charles R <[EMAIL PROTECTED]>
wrote:
> > From: alee amin [mailto:[EMAIL PROTECTED]
> > Subject: Re: Tomcat Security Problem
> >
>
Hi,
Thanks for the reply !
Actually, I am not able to find these dependencies on the internet.
Could you please help me in finding these dependencies or provide some links
from where I can download it.
Thanks,
Yogesh
Goldstein, Barry A wrote:
>
>
> I looked on google and it looks like thes
--- ilene m <[EMAIL PROTECTED]> wrote:
> Date: Thu, 7 Feb 2008 19:50:18 -0800 (PST)
> From: ilene m <[EMAIL PROTECTED]>
> Subject: can't get servlets to run
> To: users@tomcat.apache.org
>
> Hi,
>
> I cannot get servlets to run outside of the servlet
> examples link off of the main page.
> I'm
"Christopher Schultz" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Gary,
>
> Gary Weaver wrote:
> | I get the following error, because those two page elements are relative
> | to the webapp and not to the host part of the URL:
>
"Christopher Schultz" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Dave,
>
> Dave wrote:
> | I moved the inside the
> as the following:
> |
> |
> |
> | Automatic SLL
> Forward
Add this to cron: (use google to decode)
0 0 * * * find /TCLOG_DIR/localhost_access_log* ! -mtime -30|xargs rm
-Tim
Vamsavardhana Reddy wrote:
Is there a way to specify how many days access logs should be retained by
tomcat so that old access logs (for e.g. more than a month old) are
automatic
> From: Dan D. [mailto:[EMAIL PROTECTED]
> Subject: Re: Out of Memory Errors when upgrading from 5.0.27 to 6.0.14
>
> appBase='/home/user/html'
>
>
Right there is the first problem: docBase and appBase must never be the
same - lots of things go wrong internally when they both refer to the
s
It is entirely possible that this environment isn't setup in a optimal way,
and also that I may be messing up some of the proper names.
To provide a real world example (names and paths have been changed, but all
information is the same), here is the Host entry for a domain (same in both
TC5 an
I just need to know the roles that an application uses.
I thougth i could look for the context.xml of the application and read the
file searching for to see if the application has its own realm or if
i have to look for a of an upper level.
I was looking for because i thougth it was the only w
Apache HTTP Server (httpd.conf) rotate every 24 hoursCustomLog
"|/usr/local/apache/bin/rotatelogs/var/log/access_log 86400" common
Postgres rotate every 24 hourspg_ctl start | rotatelogs /var/log/pgsql_log 86400
HTHMartin__Disclaimer and
confidentialit
Hello,
i happened in the past to be coding a specific real that had to provide
extra informations to webapp (like user fullname, email, roles, etc). I
could only do this using the userprincipal (created own subclass then
typcasted it at webapp level).
You simple CAN't query the realm, becaus
> From: Dan D. [mailto:[EMAIL PROTECTED]
> Subject: Re: Out of Memory Errors when upgrading from 5.0.27 to 6.0.14
>
> Customer has the following directory structure:
>
> /home/user/html
> \_ WEB-INF/
> |\_ classes/
> |\_ lib/
> \_ images/
> \_ movies/
> \_ mp3s/
> \_ blog/
> \_ new_appli
Is there a way to specify how many days access logs should be retained by
tomcat so that old access logs (for e.g. more than a month old) are
automatically deleted? I am using Tomcat 5.5.15.
++Vamsi
As Alan says, my purpose would be to query the database all the roles that it
contains. But i can´t do that if i don´t know what database an application
uses. So, my question is how can i know what database does an application
use? Maybe if i could know which realm the application is using, i coul
Most of the advice that I received on this topic was pretty much the same:
Use a profiler to determine what is using the heap.
I went out and got a demo copy of yourkit as Filip suggested, and ran it
against a 512MB heap dump (lowered max heap to that, and
used the heap that was dumped on OOME
called 'No Hangup' wbbrev is nohup
http://www.ss64.com/bash/nohup.html
cwd $TOMCAT_HOME\bin
nohup startup.sh
M--
- Original Message -
From: "Sharmila R" <[EMAIL PROTECTED]>
To:
Sent: Thursday, February 07, 2008 3:35 PM
Subject: Problem with Unix script to start remote Tomcat
> I have
I looked on google and it looks like these shared libraries mysql.so,
mcrypt.so, and mbstring.so are php extensions for communicating with mysql,
doing encryption and decryption, etc. You probably need to download these
extensions and follow some kind of installation to use them.
Thank you,
B
I have Tomcat installed on a Unix box and I need to start it remotely
from another Unix box.
Tomcat is started using a script. When this script is run locally
everything is fine. When I run the same script from remote box, tomcat
starts but the command running the script does not terminate.
I nee
yes..Tough call without knowing what type of realm you will be implementing
for (specifically would the realm be Memory or JDBC)
I found this jsp code for which will take the parameters role from the
request /verify / and output encoded string
<% String role = request.getParameter("role"); if (rol
If you purpose is to find the roles in the database wouldn't it be
better just to query the database? What kind of realm are you using?
If its something like the 'memory' realm then you can just read the
file. If its a RDBM then a few lines of JDBC code or the use of a
persistence manager would
> From: tadamski [mailto:[EMAIL PROTECTED]
> Subject: tomcat 5.5.9 aliases
>
> I would like to maintain the name and version number on the
> actual war file, but just exclude it from the url.
Keep the webapp outside of the Tomcat directory structure so Tomcat
won't automatically deploy it under
Via the spec - you can't query all the roles a user has. But you can say
request.isUserInRole(rolename)
If you *need* access to the realm, things start to get ugly. You need to
start coding against Tomcat internal specific classes.
-Tim
maux wrote:
Hi,
I am doing a Java code. This code hav
Is it possible to give an alias to an application like you can with a
servlet? I have a war named myWar-1.2.3.4.war located in my webapps
directory. In my web.xml within the war directory WEB-INF/web.xml I have
the servlet appropriately mapped to '/'.
All that said (and hopefully understood) abo
There usually isn't much happiness in the spec violations. Most of the
time, the violations are due
- optimizations
- contradictions
- better use case where not following the spec is a good idea (but in
those cases, the ability to follow the spec is still there)
-Tim
Gregory Gerard wrote:
th
I only want to know the steps i have to follow, to know what realm an
application is using.
Thank you
maux wrote:
>
> Hi,
> I am doing a Java code. This code have to access to the realm
> that an application in Tomcat is using, after that the code have to access
> to
> that realm and look f
Yes, but I did not want to say that...
Caldarale, Charles R wrote ..
> > From: David Brown [mailto:[EMAIL PROTECTED]
> > Subject: Re: "Putting java packages as web applications on tomcat"
> >
> > There's more: you need to take a look at the
> > tomcat.jarakta.apache.org doco.
>
> Should also l
> From: David Brown [mailto:[EMAIL PROTECTED]
> Subject: Re: "Putting java packages as web applications on tomcat"
>
> There's more: you need to take a look at the
> tomcat.jarakta.apache.org doco.
Should also look at the servlet spec, which defines the structure and
content of a webapp:
http:/
No, tomcat doesn't only deply .war files. It can also deploy an
expanded web application as long as the layout conforms to the spec.
Regarding the OPs original question, the servlet spec is the best place
for the info.
http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html
--Davi
Tomcat only deploys (dot).war files. Or if you want to manually deploy you can
create the application directory yourself under the Tomcat webapps directory
and upzip the (dot).war or populate the directory structure with the right
classes, jars, html and jsp yourself:
TOMCAT_HOME\webapps\yourwe
Dear all,
I have few java packages that I would like to put on Tomcat, I was searching
intensively on the web how one does this but I could not find concrete
consrtuction. Code within packages contains servlets that process get
requests, so I do not need to change anything in the code all I need t
Chris,
The url is not changed when I point to http://www.mydomain.com/login.html in
browser. The .html is mapped to servlet. I expected it to change to https://
So it is not secure to start as http and then switch to https to use the same
http session because session id to visible
Hello Dave, this is not exactly the answer you are looking for but I have been
concerned with public web security for a long time and I have finally resigned
myself to the fact that if you are using login pages that process user ids and
passwords and other confidential info that man-in-the-middl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave,
Dave wrote:
| I moved the inside the
as the following:
|
|
|
| Automatic SLL
Forwarding
| /login.html
|
|
CONFIDENTIAL
|
> From: alee amin [mailto:[EMAIL PROTECTED]
> Subject: Re: Tomcat Security Problem
>
> How can i make it available for it and at the same
> time i want application 1 BASIC AUTHENTICATION based
> on tomcat-users.xml file.
I already answered that question:
> > Sounds like you need to put it insi
Hi Chris,
I moved the inside the as
the following:
Automatic SLL
Forwarding
/login.html
CONFIDENTIAL
But
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gary,
Gary Weaver wrote:
| I get the following error, because those two page elements are relative
| to the webapp and not to the host part of the URL:
|
| HTTP Status 404 - /caladmin/Shibboleth.sso/Login
:(
Yeah, the spec says:
"The form-login-p
> From: Dave [mailto:[EMAIL PROTECTED]
> the
> machine has one IP address. But there are two top-level
> domains (not subdomains) mapping to the ip address.
>
> www.domain1.com
> www.domain2.com
>
> I need to setup SSL. As far as I know, SSL certificate is
> set up for one domain only. Using
On Feb 7, 2008 7:25 AM, Dave <[EMAIL PROTECTED]> wrote:
> Hi I am running JBoss w/tomcat on a Linux machine. the machine has one IP
> address. But there are two top-level domains (not subdomains) mapping to the
> ip address.
>
> I need to setup SSL. As far as I know, SSL certificate is set up f
Yeah i guess so. I want realm thing only for application 2. How can i make
it available for it and at the same time i want application 1 BASIC
AUTHENTICATION based on tomcat-users.xml file.
I am going throgh the page u sent but still not able to get some working
solution. Need it urgent.
On Feb 7
Chris,
In the version of Tomcat I'm using 5.5.25, when I do what you are
suggesting, and set the config to:
FORM
demo
/Shibboleth.sso/Login
/Shibboleth.sso/Login
I get the following error, because those two page elements are relative
to the webapp and not to the h
Hi I am running JBoss w/tomcat on a Linux machine. the machine has one IP
address. But there are two top-level domains (not subdomains) mapping to the ip
address.
www.domain1.com
www.domain2.com
I need to setup SSL. As far as I know, SSL certificate is set up for one
domain only. U
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave,
Dave wrote:
| I tried the method, it worked.
| But when I tried to protect login page only,
|
|
| protected
pages
| /login.jsp
|
|
| restarted tomcat, and went to http://www.mydomain.c
> From: alee amin [mailto:[EMAIL PROTECTED]
> Subject: Tomcat Security Problem
>
> Application 2 has form based security and for some
> enhanced security i have added the "realm" for the
> database in conf/server.xml file.
Where in server.xml? A element may be nested inside of an
, , or , de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gary,
Gary Weaver wrote:
| I'm having trouble finding a way (maybe it is because it isn't
| possible?) of making Tomcat send users to the relative URL
| "/Shibboleth.sso/Login" (not served by Tomcat) in order to login if
| the Tomcat session times ou
Hi Hazem,
Thanks,
I tried the method, it worked.
But when I tried to protect login page only,
protected pages
/login.jsp
restarted tomcat, and went to http://www.mydomain.com
it was redirected to secure URL. It should stay
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greg,
Gregory Gerard wrote:
| A follow up question for 100: why does the spec define this at all
I think "they" explicitly set the session id parameter and cookie name
so that different implementations would be compatible. In some cases,
you may nee
Hello!
I'm having trouble finding a way (maybe it is because it isn't
possible?) of making Tomcat send users to the relative URL
"/Shibboleth.sso/Login" (not served by Tomcat) in order to login if the
Tomcat session times out, etc.
Is there a way to do that?
Basically the intent is that it
Hi,
I am doing a Java code. This code have to access to the realm
that an application in Tomcat is using, after that the code have to access
to
that realm and look for the roles that exist in that database.
If someone can help me i would be very grateful.
Thanks a lot
--
View this message
Hi Dave,
Try to add this to web.xml under tomcat_install_dir/conf:
"
/
Protected Context
/*
CONFIDENTIAL
/
"
That works for me.
Regards.
--Hazem.
Dave a écrit :
Hi,
when user types http://www.mydomain.com, how to redirect to secure url
https://
Hi,
when user types http://www.mydomain.com, how to redirect to secure url
https://www.mydomain.com? I know that a servlet filter can do that. Is there
an easier way?
In server.xml, redirectPort="8443" for port 80, it did not work as I
expected.
Thanks fo
I have 1 tomcat server (5.5) and i have deployed 2 independent applications
on it.
Application 1 has security, which is implemented using BASIC AUTHENTICATION
mode of tomcat. defining the username and password in
conf/tomcat-users.xmlfile.
Application 2 has form based security and for some enhanc
I'm not clear on what you mean by 'reloading' as catalina.out is just a
text file accepting tomcat's redirected standard output. It should
simply be appended to as messages are generated. Are you saying you
want the file to be deleted and started fresh on every tomcat startup?
--David
persi
Barak,
can you extract a use case so we can try it at home? :-)
I'm really interested, since i'm switching some services from corba to
rmi right now.
thanx
leon
On Feb 6, 2008 8:36 PM, Barak Yaish <[EMAIL PROTECTED]> wrote:
> The first request takes much longer (~100 ms) the than the other reque
54 matches
Mail list logo