Where is Jakarta's common email jar file
Hi, Do anyone knows where to download latest Jakarta's commons email jar. I tried in Jakarta commons website, but I cannot find it. Thanks, Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Where is Jakarta's common email jar file
Thanks for the replys. Commons email is an api that extends javamail. Lorenzo -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: Viernes, 22 de Abril de 2005 12:40 p.m. To: Tomcat Users List Subject: Re: Where is Jakarta's common email jar file You sure you don't really want JavaMail from Sun? http://java.sun.com/products/javamail/index.jsp You'll also need Java Activation Framework. --David Lorenzo Jiménez wrote: Hi, Do anyone knows where to download latest Jakarta's commons email jar. I tried in Jakarta commons website, but I cannot find it. Thanks, Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Problems with DataSourceRealm Tomcat 5.5
On the web.xml you have also to write down after ther welcome files: resource-ref res-ref-namejdbc/myDB/res-ref-name res-typejavax.sql.DataSource/res-type res-authContainer/res-auth -- optional.if you like -- res-sharing-scopeShareable/res-sharing-scope /resource-ref Lorenzo -Original Message- From: Kanda Upendra [mailto:[EMAIL PROTECTED] Sent: Martes, 19 de Abril de 2005 11:06 a.m. To: Tomcat Users List Subject: Problems with DataSourceRealm Tomcat 5.5 Hi, I am using Tomcat 5.5 and having problems with the DataSourceRealm finding the data source in the JNDI. Here is the configuration of my context.xml, Realm className=org.apache.catalina.realm.DataSourceRealm debug=99 dataSourceName=jdbc/myDB userTable=users userNameCol=login userCredCol=password userRoleTable=user_roles roleNameCol=role_name / Resource name=jdbc/myDB auth=Container type=javax.sql.DataSource maxActive=10 maxIdle=5 maxWait=100 username=myDB password=myDB driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost/myDB?autoReconnect=true/ I get this error Name jdbc not bound in this context. I tried moving the Resource configuration under GlobalNamingResources in server.xml, but I get the same error. JDBCRealm works, but I want it use a connection pool and hence I am trying to change it to a DataSourceRealm. Also, interestingly, when I try to access the data source from a jsp in my webapplication it works. The problem seems to be with the DataSourceRealm looking up for the resource using JNDI. Any help will be appreciated. Thanks, Upendra - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [SPAM2] - RE: Problems with DataSourceRealm Tomcat 5.5 - Found word(s) list error in the Text body
This is my context.xml ?xml version=1.0 encoding=UTF-8? Context docBase=C:\Apps\NB41\Registro path=/registry Logger className=org.apache.catalina.logger.FileLogger prefix=registry. suffix=.log timestamp=true/ Resource name=jdbc/egistry scope=Shareable type=javax.sql.DataSource/ ResourceParams name=jdbc/registry parameter namefactory/name valueorg.apache.commons.dbcp.BasicDataSourceFactory/value /parameter !-- DBCP database connection settings -- parameter nameurl/name valuejdbc:sybase:Tds:172.16.19.11:5000/WEB/value /parameter parameter namedriverClassName/name valuecom.sybase.jdbc2.jdbc.SybDriver/value /parameter parameter nameusername/name valueWEB123/value /parameter parameter namepassword/name value456PASSW/value /parameter !-- DBCP connection pooling options -- parameter nameinitialSize/name value1/value /parameter parameter nameminIdle/name value1/value /parameter parameter namemaxActive/name value2/value /parameter parameter namemaxIdle/name value2/value /parameter parameter namemaxWait/name value3/value /parameter /ResourceParams !-- Default set of monitored resources -- WatchedResourceWEB-INF/web.xml/WatchedResource WatchedResourceMETA-INF/context.xml/WatchedResource /Context -Original Message- From: Kanda Upendra [mailto:[EMAIL PROTECTED] Sent: Martes, 19 de Abril de 2005 11:57 a.m. To: Tomcat Users List Subject: [SPAM2] - RE: Problems with DataSourceRealm Tomcat 5.5 - Found word(s) list error in the Text body Hi, Thanks for the quick response. I have the resource-ref defined in my web.xml and it still doesn't work. Throws me the same error. Name jdbc not bound in this context Thanks Upendra -Original Message- From: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 19, 2005 1:20 PM To: Tomcat Users List Subject: RE: Problems with DataSourceRealm Tomcat 5.5 Importance: High On the web.xml you have also to write down after ther welcome files: resource-ref res-ref-namejdbc/myDB/res-ref-name res-typejavax.sql.DataSource/res-type res-authContainer/res-auth -- optional.if you like -- res-sharing-scopeShareable/res-sharing-scope /resource-ref Lorenzo -Original Message- From: Kanda Upendra [mailto:[EMAIL PROTECTED] Sent: Martes, 19 de Abril de 2005 11:06 a.m. To: Tomcat Users List Subject: Problems with DataSourceRealm Tomcat 5.5 Hi, I am using Tomcat 5.5 and having problems with the DataSourceRealm finding the data source in the JNDI. Here is the configuration of my context.xml, Realm className=org.apache.catalina.realm.DataSourceRealm debug=99 dataSourceName=jdbc/myDB userTable=users userNameCol=login userCredCol=password userRoleTable=user_roles roleNameCol=role_name / Resource name=jdbc/myDB auth=Container type=javax.sql.DataSource maxActive=10 maxIdle=5 maxWait=100 username=myDB password=myDB driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost/myDB?autoReconnect=true/ I get this error Name jdbc not bound in this context. I tried moving the Resource configuration under GlobalNamingResources in server.xml, but I get the same error. JDBCRealm works, but I want it use a connection pool and hence I am trying to change it to a DataSourceRealm. Also, interestingly, when I try to access the data source from a jsp in my webapplication it works. The problem seems to be with the DataSourceRealm looking up for the resource using JNDI. Any help will be appreciated. Thanks, Upendra - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED
RE: Virtual domain problem
Dear Gurumoorthy: Thank you very much for your help. It worked at the first try! Regards, Lorenzo -Original Message- From: Raghupathy,Gurumoorthy [mailto:[EMAIL PROTECTED] Sent: Lunes, 18 de Abril de 2005 02:07 a.m. To: 'Tomcat Users List' Subject: RE: Virtual domain problem Do you use tomcat as standalone ? Send me the server.xml However try Engine defaultHost=www.nacion.com name=Catalina Host appBase=webapps name=www.nacion.com debug=0 Logger className=org.apache.catalina.logger.FileLogger suffix=.txt prefix=localhost_log. timestamp=true/ Context path= docBase=ROOT debug=0/ /Host Host appBase=webapps2 name=www.revistaperfil.com debug=0 Logger className=org.apache.catalina.logger.FileLogger suffix=.txt prefix=revistaperfil_log. timestamp=true/ Context path= docBase=Perfil debug=0/ /Host /Engine Try this and let me know Regards Guru -Original Message- From: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Sent: 16 April 2005 01:35 To: Tomcat Users List Subject: Virtual domain problem Importance: High Hi, I have one domain www.nacion.com http://www.nacion.com/ and another domain www.revistaperfil.com http://www.revistaperfil.com/ . Both domains land on the same ip. We want to have the apps of nacion.com in webapps directory, and the apps from revistaperfil.com in webapps2. In server.xml we have: Engine defaultHost=localhost name=Catalina !-- This Host is the default Host -- Host appBase=webapps name=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger suffix=.txt prefix=localhost_log. timestamp=true/ Context path= docBase=ROOT debug=0/ /Host !-- This Host is the www.revistaperfil.com -- Host appBase=webapps2 name=www.revistaperfil.com debug=0 Logger className=org.apache.catalina.logger.FileLogger suffix=.txt prefix=revistaperfil_log. timestamp=true/ Context path= docBase=Perfil debug=0/ /Host Realm className=org.apache.catalina.realm.UserDatabaseRealm/ /Engine The problem is that when he start Tomcat, when we load www.revistaperfil.com http://www.revistaperfil.com/ we land in www.nacion.com http://www.nacion.com/ . How can we configure Tomcat so it can take the correct action depending on the domain asked? Do we need to change the context.xml from the webapps also? We don't have Apache installed, only Tomcat 5. Thanks very much, Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to change a running Tomcat with root user to other user.
Hi, Today we saw that our Tomcat 5.0.28 had been installed and it is running with the root user. Because is a security hazard, how can I change it to other less dangerous user?, and what privileges needs to have in order to work? Our system is a RedHat 9.0, 2.4.21-20.ELsmp Thanks, Regards, Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Virtual domain problem
Hi, I have one domain www.nacion.com http://www.nacion.com/ and another domain www.revistaperfil.com http://www.revistaperfil.com/ . Both domains land on the same ip. We want to have the apps of nacion.com in webapps directory, and the apps from revistaperfil.com in webapps2. In server.xml we have: Engine defaultHost=localhost name=Catalina !-- This Host is the default Host -- Host appBase=webapps name=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger suffix=.txt prefix=localhost_log. timestamp=true/ Context path= docBase=ROOT debug=0/ /Host !-- This Host is the www.revistaperfil.com -- Host appBase=webapps2 name=www.revistaperfil.com debug=0 Logger className=org.apache.catalina.logger.FileLogger suffix=.txt prefix=revistaperfil_log. timestamp=true/ Context path= docBase=Perfil debug=0/ /Host Realm className=org.apache.catalina.realm.UserDatabaseRealm/ /Engine The problem is that when he start Tomcat, when we load www.revistaperfil.com http://www.revistaperfil.com/ we land in www.nacion.com http://www.nacion.com/ . How can we configure Tomcat so it can take the correct action depending on the domain asked? Do we need to change the context.xml from the webapps also? We don't have Apache installed, only Tomcat 5. Thanks very much, Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm -
RE: Redirect to https://
I have done that yesterday and it is pretty simple. Just look this web.xml: ?xml version=1.0 encoding=UTF-8? web-app xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; version=2.4 session-config session-timeout 30 /session-timeout /session-config !-- Automatic redirection to SSL Remember to have SSL active -- security-constraint web-resource-collection web-resource-nameAutomatic SLL Forwarding/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint welcome-file-list welcome-file index.jsp /welcome-file welcome-file index.html /welcome-file welcome-file index.htm /welcome-file /welcome-file-list /web-app Lorenzo -Original Message- From: Darryl Wilburn [mailto:[EMAIL PROTECTED] Sent: Jueves, 14 de Abril de 2005 02:00 p.m. To: tomcat-user@jakarta.apache.org Subject: Redirect to https:// Where would I configure a context to automatically redirect to https? So when a user types http://host/application, it would automatically redirect them to https://host/application where a index.jsp may be a login form that I'd like to have the username and password encrypted. I assume it goes in web.xml, but is it in the web.xml of the context itself? What is the format of the entry? Thanks in advance. Darryl __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How can I access a web app only from 443 in Tomcat 5
Thank you very much! Regards, Lorenzo -Original Message- From: Jason Bainbridge [mailto:[EMAIL PROTECTED] Sent: Martes, 12 de Abril de 2005 06:04 p.m. To: Tomcat Users List Subject: Re: How can I access a web app only from 443 in Tomcat 5 On 4/12/05, Lorenzo Jiménez [EMAIL PROTECTED] wrote: Hi, I am trying to make my webapp to only be available thru port 443 in Tomcat 5. Can I do it in context.xml or need a further config on server.xml or web.xml? Well you can either disable the non HTTPS connector in your server.xml all together or add transport-guarantee's to your web-xml and then set a redirectPort on your non HTTPS connector so it redirects to the HTTPS port. I'd give you an example but I'm at home and don't have easy access to the servers at work, a quick google should turn up the syntax though. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How can I create a digest password
Hi, I need help to generate encrypted passwords. Using the Tomcat 5's documentation: C:\java org.apache.catalina.realm.RealmBase -a MD5 mypassd And this is the error message: Exception in thread main java.lang.NoClassDefFoundError: org/apache/catalina/realm/RealmBase I also checked the classpath, and Catalina.jar is in it. I even tried being positioned on catalina's directory. Using Win XP, Tomcat 5.0.28, and j2sdk1.4.2_07. Thank you very much! Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How can I create a digest password - another error
Dear Jerry: Thanks for the advice. I follow your advice but did not worked. I use this C:\java -cp C:\Java\Tomcat5.0.28\common\lib\catalina.jar org.apache.catalina.realm.RealmBase -a MD5 admin And I got this error: Exception in thread main java.lang.NoClassDefFoundError: javax/management/MBeanRegistration at java.lang.ClassLoader.defineClass0(Native Method) at java.lang.ClassLoader.defineClass(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClassInternal(Unknown Source) Thanks again, Lorenzo -Original Message- From: J Malcolm [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 11:07 a.m. To: 'Tomcat Users List' Subject: [SPAM2] - RE: How can I create a digest password - Found word(s) list error in the Text body The problem you are hiting is due to the location of the jar file in the default tomcat install. You can move the jar file into the lib\common area. Frankly, I think it's much cleaner to just copy the code to create pw's into one of your own classes. It's only a few lines of code. Just find the realmbase class in the Tomcat source and clone the method. Jerry -Original Message- From: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 13, 2005 11:57 AM To: Tomcat Users List Subject: How can I create a digest password Importance: High Hi, I need help to generate encrypted passwords. Using the Tomcat 5's documentation: C:\java org.apache.catalina.realm.RealmBase -a MD5 mypassd And this is the error message: Exception in thread main java.lang.NoClassDefFoundError: org/apache/catalina/realm/RealmBase I also checked the classpath, and Catalina.jar is in it. I even tried being positioned on catalina's directory. Using Win XP, Tomcat 5.0.28, and j2sdk1.4.2_07. Thank you very much! Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Re[2]: Tomcat/4.1.31 - SSL Troubles
I followed Tomcat directions and did not worked. I do find this and it worked, just go to http://galatea.com/flashguides/tomcat-ssl-5-unix Lorenzo -Original Message- From: Andrey [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 11:53 a.m. To: Tomcat Users List Subject: Re[2]: Tomcat/4.1.31 - SSL Troubles Hello, Wednesday, April 13, 2005, 8:47:13 PM, you wrote: I can connect to ssl port ... and i can see sertificate.. but when i accept this sertificate my browser says The page cannot be displayed. Is the page OK on http then? - https://server.com:8443/app1/page1.jsp - http://server.com:8080/app1/page1.jsp Yes. usual http works. -- Best regards, Andrey [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How can I create a digest password - digest.bat is the key!
Dear Paulo: Thanks for your comments. What we want is to have minimum exposure to hacking. We found out that, in the context.xml, we can specify the users.xml file, and the digest method. So now it is possible to have a different user and password for admin and manager, and in a separate location where hackers -hopelly- cannot get thru. Also in the net we found that we can generate the MD5 password using digest.bat that is in the tomcat/bin directory. This worked perfectly! Thanks again, Regards, Lorenzo Jimenez -Original Message- From: Paulo Alvim [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 02:01 p.m. To: Tomcat Users List Subject: [SPAM2] - RES: How can I create a digest password - another error - Found word(s) list error in the Text body Hi, I don't know if it's your objective but is it possible to use MD5 to encode passwords in the DBCP conf files? Is there any documentation about how could we avoid to have the real passwords in these files? Thanks in advance! Alvim -Mensagem original- De: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Enviada em: quarta-feira, 13 de abril de 2005 15:04 Para: Tomcat Users List Assunto: RE: How can I create a digest password - another error Prioridade: Alta Dear Jerry: Thanks for the advice. I follow your advice but did not worked. I use this C:\java -cp C:\Java\Tomcat5.0.28\common\lib\catalina.jar org.apache.catalina.realm.RealmBase -a MD5 admin And I got this error: Exception in thread main java.lang.NoClassDefFoundError: javax/management/MBeanRegistration at java.lang.ClassLoader.defineClass0(Native Method) at java.lang.ClassLoader.defineClass(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClassInternal(Unknown Source) Thanks again, Lorenzo -Original Message- From: J Malcolm [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 11:07 a.m. To: 'Tomcat Users List' Subject: [SPAM2] - RE: How can I create a digest password - Found word(s) list error in the Text body The problem you are hiting is due to the location of the jar file in the default tomcat install. You can move the jar file into the lib\common area. Frankly, I think it's much cleaner to just copy the code to create pw's into one of your own classes. It's only a few lines of code. Just find the realmbase class in the Tomcat source and clone the method. Jerry -Original Message- From: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 13, 2005 11:57 AM To: Tomcat Users List Subject: How can I create a digest password Importance: High Hi, I need help to generate encrypted passwords. Using the Tomcat 5's documentation: C:\java org.apache.catalina.realm.RealmBase -a MD5 mypassd And this is the error message: Exception in thread main java.lang.NoClassDefFoundError: org/apache/catalina/realm/RealmBase I also checked the classpath, and Catalina.jar is in it. I even tried being positioned on catalina's directory. Using Win XP, Tomcat 5.0.28, and j2sdk1.4.2_07. Thank you very much! Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Information on a hacked tomcat 5
Hi, If someone in the net, found out, by any reason, our admin or manager user and password, what resources he can get besides turn on/off the apps, looking tomcat-users.xml? Can he/she get info on the application context.xml like database user and passwords? Can he/she deploy an exe or script for converting a server in a zombie? Change the server init scripts? Change the root password? Thanks very much, Lorenzo Jimenez - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Information on a hacked tomcat 5
Thanks Mark, your input is much appreciated. Lorenzo -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 02:42 p.m. To: Tomcat Users List Subject: Re: Information on a hacked tomcat 5 It depends if these apps are visible to the internet. You can use a remote address filter (actually a valve not a filter in the servlet API sense of the word) to limit their accessibility. If the apps are visible, an attacker with your manager password can replace one of your trusted apps/deploy their own app which can do anything allowed by your security policy and the permissions of the user under which the tomcat process runs. Assuming they can then escalate their access via some other vulnerability, getting root access is also possible. Things you can do to mitigate this risk - configure a remote address filter for all admin sensitive apps (admin, manager + any of your own) - configure a security manager and then test your configuration to make sure it does what you think it does. Depending on your OS there may be other things you can do to isolate the tomcat process from the rest of the box. Mark Lorenzo Jiménez wrote: Hi, If someone in the net, found out, by any reason, our admin or manager user and password, what resources he can get besides turn on/off the apps, looking tomcat-users.xml? Can he/she get info on the application context.xml like database user and passwords? Can he/she deploy an exe or script for converting a server in a zombie? Change the server init scripts? Change the root password? Thanks very much, Lorenzo Jimenez - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How can I create a digest password - digest.bat is the key! - Found word(s) list error in the Text body
Paulo: Are you using the DBCP JDBC connection pooling Yes, but how can I tell tomcat the password is encrypted? Using the realm? Thanks again, Lorenzo -Original Message- From: Paulo Alvim [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 02:59 p.m. To: Tomcat Users List Subject: [SPAM2] - RES: How can I create a digest password - digest.bat is the key! - Found word(s) list error in the Text body Lorenzo, Are you using the DBCP JDBC connection pooling (with that configuration files in the conf/catalina/localhost)? We'd like to know if your approach could be used to change the JDBC pool configuration files from: ResourceParams name=jdbc/jcompanyadmseg parameter namedriverClassName/name valueoracle.jdbc.driver.OracleDriver/value /parameter parameter nameurl/name valuejdbc:oracle:thin:@x:1521:oraplcdb/value /parameter parameter nameusername/name valuedemo3/value /parameter parameter namepassword/name valuemypass/value /parameter (...) /ResourceParams ...to something like (pass encrypted): ResourceParams name=jdbc/jcompanyadmseg parameter namedriverClassName/name valueoracle.jdbc.driver.OracleDriver/value /parameter parameter nameurl/name valuejdbc:oracle:thin:@x:1521:oraplcdb/value /parameter parameter nameusername/name valuedemo3/value /parameter parameter namepassword/name value%$#I(#)$/value /parameter (...) /ResourceParams -Mensagem original- De: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Enviada em: quarta-feira, 13 de abril de 2005 17:13 Para: Tomcat Users List Assunto: RE: How can I create a digest password - digest.bat is the key! Prioridade: Alta Dear Paulo: Thanks for your comments. What we want is to have minimum exposure to hacking. We found out that, in the context.xml, we can specify the users.xml file, and the digest method. So now it is possible to have a different user and password for admin and manager, and in a separate location where hackers -hopelly- cannot get thru. Also in the net we found that we can generate the MD5 password using digest.bat that is in the tomcat/bin directory. This worked perfectly! Thanks again, Regards, Lorenzo Jimenez -Original Message- From: Paulo Alvim [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 02:01 p.m. To: Tomcat Users List Subject: [SPAM2] - RES: How can I create a digest password - another error - Found word(s) list error in the Text body Hi, I don't know if it's your objective but is it possible to use MD5 to encode passwords in the DBCP conf files? Is there any documentation about how could we avoid to have the real passwords in these files? Thanks in advance! Alvim -Mensagem original- De: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Enviada em: quarta-feira, 13 de abril de 2005 15:04 Para: Tomcat Users List Assunto: RE: How can I create a digest password - another error Prioridade: Alta Dear Jerry: Thanks for the advice. I follow your advice but did not worked. I use this C:\java -cp C:\Java\Tomcat5.0.28\common\lib\catalina.jar org.apache.catalina.realm.RealmBase -a MD5 admin And I got this error: Exception in thread main java.lang.NoClassDefFoundError: javax/management/MBeanRegistration at java.lang.ClassLoader.defineClass0(Native Method) at java.lang.ClassLoader.defineClass(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClassInternal(Unknown Source) Thanks again, Lorenzo -Original Message- From: J Malcolm [mailto:[EMAIL PROTECTED] Sent: Miércoles, 13 de Abril de 2005 11:07 a.m. To: 'Tomcat Users List' Subject: [SPAM2] - RE: How can I create a digest password - Found word(s) list error in the Text body The problem you are hiting is due to the location of the jar file in the default tomcat install. You can move the jar file into the lib\common area. Frankly, I think it's much cleaner to just copy the code to create pw's into one of your own classes. It's only a few lines of code. Just find the realmbase class in the Tomcat source and clone the method. Jerry -Original Message- From: Lorenzo Jiménez [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 13, 2005 11:57 AM To: Tomcat Users List Subject: How can I create a digest password Importance: High Hi, I need help
How can I access a web app only from 443 in Tomcat 5
Hi, I am trying to make my webapp to only be available thru port 443 in Tomcat 5. Can I do it in context.xml or need a further config on server.xml or web.xml? Thanks a lot! Lorenzo - Si usted no es el destinatario indicado en este mensaje o responsable como persona de la entrega del mensaje, no debe copiar o reenviar este mensaje, por favor notifique al correo [EMAIL PROTECTED] Para más referencia sobre términos importantes relacionados a este correo visite http://www.nacion.com/disclaimer/index_es2.htm If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or send this message to anyone, please notify to [EMAIL PROTECTED] Click here for important additional terms relating to this e-mail. http://www.nacion.com/disclaimer/index_en2.htm -