Re: PGP key missing for 9.0.65
> You aren't using the KEYS file in the above command. gpg works with > keyrings, and you have to import then use it: > > # Import > $ gpg --import --no-default-keyring --primary-keyring apache-9.0-keys < KEYS > > # Verify against the custom key ring > $ gpg --keyring apache-9-keys --no-default-keyring --verify > apache-tomcat-9.0.65.tar.gz.asc Ah, the KEYS files are different for each Tomcat release. I must have downloaded the file for 8 or 10 and tried to use it with 9. And some of the keys aren’t published to a server. I re-downloaded and was able to verify the files. And thanks for the tip about the alternate keyring. That keeps things organized. Thanks, –Arno -- arno s hautala/-| a...@fracas.net pgp b2c9d448 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
PGP key missing for 9.0.65
Hei all, I’m trying to verify the PGP signatures for the 9.0.65 release, but the public key is missing from the KEYS.txt file and it isn’t available on any keyservers that I’ve checked. Can someone point me in the right direction or update the KEYS.txt? Thanks for your help, –Arno > $ sha512sum -c apache-tomcat-9.0.65.tar.gz.sha512.txt > apache-tomcat-9.0.65.tar.gz: OK > $ gpg --verify apache-tomcat-9.0.65.tar.gz{.asc.txt,} > gpg: Signature made Thu Jul 14 08:36:27 2022 EDT > gpg:using RSA key 48F8E69F6390C9F25CFEDCD268248959359E722B > gpg: requesting key 68248959359E722B from hkp server pgp.mit.edu > gpg: Can't check signature: No public key -- arno s hautala/-| a...@fracas.net pgp b2c9d448 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Recognize shutdown event in tomcats Realm instance
> Over-ride RealmBase.stopInternal() and don't forget to call > super.stopInternal() when you do. Thanks a lot Mark for the fast answer! I have overlooked that, sorry. - Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Recognize shutdown event in tomcats Realm instance
Hi all, we use our own Realm implementation in our webapps. If tomcat shuts down, we have to do some clean up in this instance to speed up the shutdown. In our web application we do this in the ServletContextListener instance in 'contextDestroyed(...)' method. What is the right place to do this in tomcat's Realm instance? Do I have to implement some notification code or does it work over a RealmBase method? I found nothing about that in the documentation. Best regards - Arno _ Vorsitzender des Aufsichtsrats: Lothar Pauly Vorstand: Diederik Vos (CEO) ? Ralph Gillessen (COO) ? René Gawron (CFO) Martin Hodgson (Executive Director Management Consulting) SQS AG ? Stollwerckstraße 11 ? 51149 Köln Sitz der Gesellschaft: Köln ? Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
AW: UNC access to an tomcat webdav server
> In the "any hints" category : > - in Windows (disk) Explorer, go to "Netzwerkumgebung" > - select "Netzwerkumgebung hinzufügen" > - click "Weiter" (2 X) > - in "Internet- oder Netzwerkadresse", enter your > "https://webserver:port/webdav; >and click "Weiter". Depending on how you set this up in your webserver, > you may have to login. > When you are done, you should have a new link under "Netzwerkumgebung", > without a drive letter. Under that link, > what appears is the content of the > webserver's DAV directories. > You can then drag/drop files to/from there, using Windows Explorer. Yes, thank you very much, that is exactly what I looked and searched for. In the properties of the link I see also the resulting UNC path. I have never recognized this content in the context menu of the 'computer'. It seem s also not possible to get this result with the 'net use' command. Best regards Arno
UNC access to an tomcat webdav server
I have configured a tomcat (7.0.54) webdav server and try to access via a windows UNC path. If I run WebDAV in an IIS environment I can access this server automaticly from all clients via an UNC path like '\\webserver[@port]\webdav\' if the server side mapping is 'https://webserver[:port]/webdav'. For this I have done nothing. (Windows >= version 7) So it is possible to use this dynamicly in every client website, where I need it. What is to do to get this also on the tomcat server? Is it done with some kind of server configuration or is it a client side action. Til now I mapped the webdav address to a windows drive letter, but this I want to avoid. Any hints are welcome :-) Thanks Arno _ Vorsitzender des Aufsichtsrats: David Bellin Vorstand: Diederik Vos (CEO) │ Ralph Gillessen (COO) │ René Gawron (CFO) Martin Hodgson (Executive Director Management Consulting) SQS AG │ Stollwerckstraße 11 │ 51149 Köln Sitz der Gesellschaft: Köln │ Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
AW: Mounting WebDAV in Tomcat 7.0.45
So, many thanks for your comments, > The general recommendation is to use a 3rd party WebDAV client. Check > the archives details (I think it is Chris that uses one). At least I found a product, what we actually use in our company and what I can take also for our project. The WebDAV Client is based on AJAX and JQuery and it should be possible to integrate this in our web application. Because the actual project didn't use AJAX and JQuery can you give me a short hint, what are the requirements to use it and where are the pitfalls, when I use it. Thanks Arno
AW: Mounting WebDAV in Tomcat 7.0.45
> Some versions of the Windows WebDAV client refuse to connect if the server > root is not WebDAV enabled. > There is also this code that you might find helpful - although it hasn't been > updated in a while: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/WebdavFixFilter.java?view=annotate Thanks for the fast answer, I will try it tomorrow. Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Mounting WebDAV in Tomcat 7.0.45
Hi all, I have activate WebDAV in our web application, as it is in tomcat. A filter control the access to exactly one folder inside the web application. This application is used only internal in the intra-net and so it run just over HTTP without any user permission. Open and save Office documents on this WebDAV URI work fine. What I have to do, that I can mount this one directory to the normal explorer. If I do it, like you see in the Attachment, I get the message, that Windows has no access. Do I have something to configure in the server, that directories can be mounted or does the standard WebDAV servlet do not have this feature? Best regards Arno _ Vorsitzender des Aufsichtsrats: David Bellin Vorstand: Diederik Vos (CEO) │ Ralph Gillessen (COO) │ René Gawron (CFO) Martin Hodgson (Executive Director Management Consulting) SQS AG │ Stollwerckstraße 11 │ 51149 Köln Sitz der Gesellschaft: Köln │ Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Using WebDAV in Tomcat 7.0.45
Hi Mark, thank you for your fast answer. Also André has answered and I know now what I will do. Best regards Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: AW: Using WebDAV in Tomcat 7.0.45
Hi André, many thanks for your thought's, but my requirement is not so complex and difficult like it could be. > DAV (or WebDAV), in itself, stands for Distributed Authoring and Versioning. > It was originally designed mainly > as a tool to help people to remotely edit the HTML pages of a website, and be > able to do so using the same > HTTP connection which is already used by the website itself (thus avoiding > separate connections via FTP, SFTP, > SCP etc. and the corresponding user access and permissions setup). > But in itself, DAV does not have all the features which are needed to do this > in a safe, multi-user scenario. It is a big internal and 15 year old webserver, where I want to implement exactly this purpose, what you are talking about. DAV should be used instead of share's, like it is today. This service is only used internally and will never become a public service, so from the security site I have no such strange requirements. Parallel access for writing will be solved with a simple locking mechanism, because it is relatively seldom, that more than one person work on the same item and then it is acceptable, that the first owner blocks the file til he is ready. At least I have tried a little bit around to make our client (written in Java) able to send DAV request, but this failed til now, because it seems, that I have to write my own ' DavURLConnection', because the 'HttpURLConnection' can't handle the additional requests. Do you know, if some Java library for DAV clients exist. I haven't found any lightweight solution til now. To get the data and edit them, it is very strait forward and works fine for me :-) Many thanks for your patience Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Using WebDAV in Tomcat 7.0.45
Hi André, you are right, I have missed this part of the puzzle. Thanks for that explanation, so it is clear for me now, what I have to do. If I use the actual Word or Libre Office with a docx file from the webda URI from our server it works :-), so I have to change My 'save document' code in our client only. The permissions, what files are accessible, I want to decide in my special filter for the WebDAV request or is that a bad choice? My client site is only Windows, so I know that my special client, what open this web file, is registered for our own extension. So can I use this, to open our client directly from the browser? Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Using WebDAV in Tomcat 7.0.45
Hi all, I have activated WebDAV in my web app to be able to show some log files directly in the browser and to edit some special XML files in a special editor. In my first attempt I can read all this files and show it in the editor and in the browser, but I failed to save them, after I have changed them. Can someone provide me a good tutorial or a short example, what I have to do, to get it running. I am using the standard WebdavServlet from the catalina.jar and the WebdavFixFilter for now. From the documentation I do not understand, how I have to request the single methods of the implemented interfaces. Do I have to implement my own servlet or filter to handle all interfaces what I need for saving files? Also an example of a possible HTTP save requests would be very helpfull. Thanks in advance, best regards Arno _ Vorsitzender des Aufsichtsrats: David Bellin Vorstand: Diederik Vos (CEO) ? Ralph Gillessen (COO) ? René Gawron (CFO) Martin Hodgson (Executive Director Management Consulting) SQS AG ? Stollwerckstraße 11 ? 51149 Köln Sitz der Gesellschaft: Köln ? Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
Re: JSESSIONID changed without notice
Hi Felix, thank you very much for that hint. > When a session gets 'authenticated' its id will change to prevent > session fixation attacks. If you are interested in the events telling > you the change you have two possibilities: ok, that explain, what I see :-) > 1. Use servlet api 3.1 and use a HttpSessionIdListener (which means > upgrading to tomcat 8 or newer) That's an option for the next release, not for now. > 2. Use a ContainerListener. I took the 'org.apache.catalina.ContainerListener' and implement the interface in my own SessionListener, but I got no container event there. Is this the interface and the right place for the implementation? best regards Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JSESSIONID changed without notice
6D9A8E38A' in servlet path '/images/icons/report.gif' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) Session: 'F742E60445E91DED73C64FD6D9A8E38A' in servlet path '/alive' (OLD) <-- here I closed the browser and after a minute: : Apr 07, 2016 4:33:25 PM de.sqs.newline.testcenter.BIT removeTCSession INFORMATION: Lookup for HTTP session: 'F742E60445E91DED73C64FD6D9A8E38A -> failed! Session: 'F742E60445E91DED73C64FD6D9A8E38A' destroyed (MaxInactiveInterval = 0)<-- output from the 'destroy' event from the listener, recognize the ID from the create event! : I have really checked, that there is only one place in our code, where 'request.getSession()' is called, and that is in the situation, when a request received, that has no session, but it should have one. The question is: Why does the value of the ID changed, without notice and why tomcats authentification was called twice after the first 'getSession()' call and is this responsible for the ID change. The configuration of the tomcat is attached. It is only one HTTP connector with one webapp and an own Realm. Thanks for your interest, best regards Arno _ Vorsitzender des Aufsichtsrats: David Bellin Vorstand: Diederik Vos (CEO) │ Ralph Gillessen (COO) │ René Gawron (CFO) SQS AG │ Stollwerckstraße 11 │ 51149 Köln Sitz der Gesellschaft: Köln │ Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. server.xml Description: server.xml - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: AW: Problems to configure tomcat as windows service
Aurélien, > still investigating for you in the documentation ( > http://commons.apache.org/proper/commons-daemon/procrun.html ), can you try > again with --ServiceUser & --ServicePassword instead of --User & --Password ? thanks for that hint. I try it and it works now. :-) I miss the point, that my start mode 'jvm' was excluded, but no alternative is described in the tomcat documentation. Perhaps it will be a good idea to integrate a link to the original procrun documentation, when it is more up to date and complete. I didn't recognize til today, that this is a separate project. Thanks for your patience, best regards Arno
AW: AW: Problems to configure tomcat as windows service
Hi Aurélien, > Arno, can you try with these parameters : --StdOutput out.txt --StdError > err.txt > and check if this writes anything to these files (I don't bet a pence on this > but let's try) ? That isn't the point. My problem is, that I can't configure a different service user as the local system account with this utility. 'tomcat7.exe' configure all other parameter as you can see afterwards in the 'serverconsole' utility except the '--User' and '--Password' on Windows 8.1 64 bit with no error message. It only ignores these both values. The service is running in all cases under the local system account and I can manualy change to an other user and it still works. So, do you know, what is the normal process to report a bug to the development? I have to revert my statement from the mail before: It didn't work also with tomcat6 on Windows 8.1 64 Bit > Taken from the doc : > http://tomcat.apache.org/tomcat-7.0-doc/windows-service-howto.html I know this document very well ;-) regards Arno
Problems to configure tomcat as windows service
Hi all, using tomcat 7.0.54 on Windows 8.1 64 Bit system, I encounter the problem, that I can not configure a user/password with the tomcat7.exe utility. I run this as a local administrator in a DOS box with a valid user and password it returned with errorlevel 0, but the user was not set in the service settings. What can be the reason for this? The same solution run before in a tomcat 6 environment with no problems and I recognize no changes in the documentation in this area. best regard Arno _ Vorsitzender des Aufsichtsrats: David Bellin Vorstand: Diederik Vos (CEO) ? Ralph Gillessen (COO) ? René Gawron (CFO) SQS AG ? Stollwerckstraße 11 ? 51149 Köln Sitz der Gesellschaft: Köln ? Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
AW: Problems to configure tomcat as windows service
Thanks for the hint Aurélien, > there *maybe is* documentation about this, see question & comments from > Konstantin Kolinko in > http://tomcat.apache.org/tomcat-7.0-doc/windows-service-howto.html but I asked this question, because I recognize, that it didn't worked like it is described, but in version 6 the description was the same and it has worked. Regards Arno
AW: AW: Problems to configure tomcat as windows service
André, > Maybe it is not only the version of Tomcat that has changed, but also the > machine/OS on which > you do this ? Maybe the user under which you execute this command does not > have the > required > privileges, at OS level on this machine, to do this ? On the same machine/OS it work's with tomcat 6. > Maybe the user-id *to* which you are trying to set the Tomcat service, does > not have enough > privileges to "run as a Service" ? > (In the services.msc applet, it would ask you interactively to grant these > privileges first, but > maybe the command-line tool cannot do that). Like I said in my first mail, I install it as an local administrator and the service was registered and I am able to run it under the local system account. And also if I fill in the user data manually, what I used in the tomcat7.exe call, I am able to start and run the tomcat server, so missing privileges shouldn't be the problem. Regards Arno
AW: Problems to configure tomcat as windows service
Hi Andre, > What exactly /is/ the problem ? 'XXX' is not configured and doesn't exist. if I then call 'tomcat7 //IS//XXX --User="domain\user" --Password="xx" the call return with exitcode 0 and if I look in the services.msc the service XXX is installed, but run as local system account. The --User and --Password was ignored. All other parameters was accepted. I have also double checked it with the serverconsole.bat. Regards Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to authenticate our webapp against our own relm only
Felix Schumacher felix.schumacher at internetallee.de writes: I think tomcat will always inject a realm into to host when it finds none. But that realm should not interfere with your requests to your webapp. You are right, and I see, that I have misinterpreted my debugger sessions. Our realm contains an additinal class, that contain the access methods to our server against we have to authenticate. So the realm does a lot of things what are not neccessary on the webserver side at the moment. So I have written now my own small method, what only make the autentification and all things was ok afterwards. By the way, what I haven't realy understood, is how and when this realm is called, after a request reached the connector. What I didn't understand also is what actions or what content of the request triggers the realm to do anything. Perhaps you have a hint or a link for me, where I can see which control flow a request have, before he arrived my first filter. I haven't found the right documents for this til now. kind regards Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to authenticate our webapp against our own relm only
Christopher Schultz chris at christopherschultz.net writes: Accessing a protected resource triggers an authorization check, which also required authentication. Some realms cache authentication information while others do not. The authenticator is a Valve which uses the Realm to perform the authentication and gather authorization information (e.g. roles). If the user isn't authenticated, then they are challenged for credentials (login form, SSL client certificate, HTT BASIC/DIGEST auth, etc.) and the credentials they provide are then fed back into the realm to authenticate the user. Then the roles are checked for authorization. ok, thanks for this explanation, that's makes it more clear for me. One more question about ...Accessing a protected resource... Which resources are protected is decided by what kind of configuration? Because I do nothing special for this, I think that my configuration is using the normal defaults for BASIC authentification. Perhaps there is some potential space to increase performance by disable this authentification for a lot of request types. Because I will have some issues with the administration of my session handling, can I also influence the JSESSION generation with such kind of configuration or is this done by the used browser only? Background for this question: Now I recognize, when I open a new instance of f.e. an IExplorer with my home url, this new instance use the same JSESSION id, what the parallel running instance is also using. Is it possible to configure this in the tomcat instance or couldn't I influence this behaviour? kind regards Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How to authenticate our webapp against our own relm only
Mark Eggers its_toasted at yahoo.com.INVALID writes: It looks like one of the prior developers wrote a custom Realm. Was this application written to run on a prior version of Tomcat (Tomcat 6, for example)? If so, the custom Realm may not work with Tomcat 7. You would have to look at the javadoc for Thanks Mark for this hint, it leads me to the problem, what we have had in our realm and after rewritting some older stuff I have had corrected the behaviour of our webapp and all the misinterpreted debugging stuff was away kind regards Arno - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How to authenticate our webapp against our own relm only
Hi all, I am using Tomcat 7.0.54 with java 1.7 and 1.8 on a Windows 8.1 System, maintaining our webapp with around 1000 JSP pages and I am NOT a web developer. I have inherited this application and all of the previous owners are no longer available. So the last 2months I do a lot of reading and debugging the whole bunch of java and jsp code and I think, that I have a basic understanding what the software is doing and how it is implemented at least. The last days I found a lot of configuration issues and I was able to get the whole stuff running in a very downsized environment build on a standard tomcat Installation. I got rid of all special configuration inside the server.xml, so that I was able to fix some things and do it, like it was described in the beautiful tomcat documentation and available wiki's. That's only for some explanations, before the stupid questions may follow: I have to use basic authentication without an own login form. The behavior I see, is that if the webapp is starting a realm instance is correctly created and initialized in my webapp, but if the first request arrive, also the tomcat itself instantiate one object of this class and took the credentials from the automatically upcoming login form (here IExplorer 11). My understanding from reading the documentation is, that, if I configure my own realm in my context.xml (what I have done), that the webapp will use it. That seems to be ok, but why also tomcat itself instantiate an object of my custom realm and take the first request when I want to access my webapp. Therefore I have no own control about my JSessions and so my session management leaks, because I didn't got the info's from the logins, what the tomcat is doing now. What is wrong in my configuration or in my understanding? I want be the only one, that got the requests for the authentication for my webapp. Here are my server.xml, it only contain one Realm line of our realm in the 'Host' section (I strip the comments and the header lines, which are unchanged): GlobalNamingResources Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved factory=org.apache.catalina.users.MemoryUserDatabaseFactory pathname=conf/tomcat-users.xml/ /GlobalNamingResources Service name=Catalina Connector acceptCount=100 connectionTimeout=20 maxThreads=150 port=9150 protocol=HTTP/1.1 redirectPort=8443/ Connector port=8009 protocol=AJP/1.3 redirectPort=8443/ Engine defaultHost=localhost name=Catalina [Realm className=org.apache.catalina.realm.UserDatabaseRealm/] Host appBase=webapps autoDeploy=true name=localhost unpackWARs=true xmlNamespaceAware=false xmlValidation=false [Realm className=de.myproject.tomcat.realm.BITRealm domainName=dom1 .../] /Host /Engine /Service The lines in brackets I have switched on and off in several attempts without the wished result. Without a realm definition in server.xml and only in the context.xml I have had equal results and one combination I have had one time, was that I have to authenticate twice and the first time with the data of tomcat-users.xml and the second time with my own one. Is it possible that there is some more configured in some of the web.xml's or other directories in WEB-INF, what cause this behavior? I have searched there for some words like security, realm, userdatabase and so on, but have found nothing. Hopefully I have explained my problem as good as I know and somebody see my point :) Thanks in advance, best regards, mit freundlichen Grüßen Arno _ SQS hat bei den AIM Awards 2014 zum zweiten Mal die begehrte Auszeichnung International Company of the Year erhalten. http://www.sqs.com/portal/news/de/pressemitteilungen-aim-awards-international-company-of-the-year.php Vorsitzender des Aufsichtsrats: David Bellin Vorstand: Diederik Vos (CEO) ? Ralph Gillessen (COO) ? René Gawron (CFO) SQS AG ? Stollwerckstraße 11 ? 51149 Köln Sitz der Gesellschaft: Köln ? Amtsgericht Köln, HRB 12764 This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.