Re: single user session and block log-in after faut
Pid * wrote: On 03/06/2010 16:45, banto wrote: Hi gurus, i would like to know how to fix the following problems: 1) how can i set tocat in such a way to permit only one session per user? : let´s say userA logs-in from PC-A.Then userA logs-in from PC-B. Tomcat should block the second session because already logged-in. Tomcat won't do this, you'll have to code it in your application. 2) Tomcat rejects any further log-in attempt after 3 faults. Assuming you're using a v6.0.recent then there's a LockOutRealm which you can employ. See the docs: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#LockOutRealm p thanks in advance, Antonio thank you,this answers! -- View this message in context: http://old.nabble.com/single-user-session-and-block-log-in-after-faut-tp28769302p28776833.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
single user session and block log-in after faut
Hi gurus, i would like to know how to fix the following problems: 1) how can i set tocat in such a way to permit only one session per user? : let´s say userA logs-in from PC-A.Then userA logs-in from PC-B. Tomcat should block the second session because already logged-in. 2) Tomcat rejects any further log-in attempt after 3 faults. thanks in advance, Antonio -- View this message in context: http://old.nabble.com/single-user-session-and-block-log-in-after-faut-tp28769302p28769302.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: set-cookie
great guys for a great forum!!! n828cl wrote: From: banto [mailto:banto...@gmail.com] Subject: Re: set-cookie i´m using something like System.out.println(Thread.currentThread().getStackTrace()); What you got was a display of the array object - not very interesting. Either iterate through the array, displaying each entry, or just do this: Thread.currentThread().dumpStack(); - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -- View this message in context: http://old.nabble.com/set-cookie-tp28639362p28664798.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: set-cookie
chris, useful info. however when i print the current thread stack trace with a HttpSessionListener i see few info; something like this Ljava.lang.STackTraceElement;@4313455 i´m using something like System.out.println(Thread.currentThread().getStackTrace()); in the sessionCreated(). any advice? thanks Christopher Schultz-2 wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Banto, On 5/22/2010 12:01 PM, banto wrote: Hi Chuck, i have found out who is generating that in my code: dispatcher.forward(request, response); the response contains also the set cookie header...it is automatically done by tomcat... You can safely call RequestDispatcher.forward() without sending a Set-Cookie header. The code to your doPost method might be helpful, here. If you do any of the following, Tomcat will create a session for you and send a Set-Cookie header for the session: 1. directly call request.getSession() or request.getSession(true) 2. forward-to or include a JSP that does not have session=false declared in the %@ page % directive If you want to know what code it creating the session, write an HttpSessionListener, configure it in web.xml, and have your sessionCreated() method print the stack trace of the current thread. Hope that helps, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv6jkAACgkQ9CaO5/Lv0PCvngCggPq3JYga/w4O0yy8/1Vnua5t /QEAnjS1/bSZ87u1ie6aO2omXuWkzCim =Bf+a -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/set-cookie-tp28639362p28661057.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: set-cookie
..then where the set-cookie come from if not from the line getServletContext().setAttribute(products, products);? actually i added this line to another servlet but no set-cookie header is sent? thanks n828cl wrote: From: André Warnier [mailto:a...@ice-sa.com] Subject: Re: set-cookie // Store products in the ServletContext getServletContext().setAttribute(products, products); Presumably, if you store something in the context, it is because you want to retrieve it later (or else, what's the point he ?). Now, Tomcat has no way to know when you'll come back to retrieve it, so it has to create a session to store this. Nope, that's not it (but I don't know what is, yet). Attributes stored in a ServletContext have a webapp, not session, scope; no session is needed here, and nothing needs to be communicated between the client and server to retrieve them. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -- View this message in context: http://old.nabble.com/set-cookie-tp28639362p28641797.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: set-cookie
Hi Chuck, i have found out who is generating that in my code: dispatcher.forward(request, response); the response contains also the set cookie header...it is automatically done by tomcat... n828cl wrote: From: banto [mailto:banto...@gmail.com] Subject: RE: set-cookie ..then where the set-cookie come from if not from the line getServletContext().setAttribute(products, products);? That's part of the init() method, called when the servlet initializes, not when it's processing a request. There's no request or response involved at that time, so it's impossible for that code to have any relationship with cookie generation or evaluation (or session creation). See my previous response - you're creating a session somewhere, so Tomcat generates the appropriate cookie when that happens. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -- View this message in context: http://old.nabble.com/set-cookie-tp28639362p28644188.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
set-cookie
Hi gurus,
my problem here is that i'm trying to understnad a servlet code that makes
tomcat to send the
Set-Cookie: JSESSIONID=8BCB60D6F6B9394B4ABD2FDD007BDB39; Path=/store
header.
Now the code is something like:
public class FrontController extends HttpServlet {
public void init() throws ServletException {
HashMap products = new HashMap();
Product p = new Product(1, Dog, 9.99);
products.put(1, p);
// Store products in the ServletContext
getServletContext().setAttribute(products, products);
}
public void doPost(HttpServletRequest request, HttpServletResponse
response)
.
and the web.xml is quite standard.
my problem is that i don´t see where the servlet is instructing tomcat to
sent that header.
My other servlets are not issuing that header when running. So what i´m
missing?
thanks you!!
--
View this message in context:
http://old.nabble.com/set-cookie-tp28639362p28639362.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: standardize the URL
Gregor Schneider wrote: On Tue, Apr 20, 2010 at 12:54 PM, banto banto...@gmail.com wrote: Hi, i know this can be a silly question but i have the following issue: i want to call my web app with a standard URL as http://host:port/myString how does the url look like when you call your webb-app currently? how would you like the url to look like? rgds gregor -- just because you're paranoid, don't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 @ http://pgp.mit.edu:11371/ skype:rc46fi - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org I explain better my problem, my webapp is in the folder: C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\istanceVar and i call it with http://localhost:8080/instanceVar/instance what i would like to do (also for others webapps) is to call it/them as http://localhost:8080/instance http://localhost:8080/webapp_2 http://localhost:8080/webapp_3 ... or better http://localhost/instance http://localhost/webapp_2 http://localhost/webapp_3 ... how can i get the 2 modes? i hope it is clearer now thanks. -- View this message in context: http://old.nabble.com/standardize-the-URL-tp28287836p28324762.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: standardize the URL
Pid * wrote: On 22/04/2010 07:45, banto wrote: Gregor Schneider wrote: On Tue, Apr 20, 2010 at 12:54 PM, banto banto...@gmail.com wrote: Hi, i know this can be a silly question but i have the following issue: i want to call my web app with a standard URL as http://host:port/myString how does the url look like when you call your webb-app currently? how would you like the url to look like? rgds gregor -- just because you're paranoid, don't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 @ http://pgp.mit.edu:11371/ skype:rc46fi - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org I explain better my problem, my webapp is in the folder: C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\istanceVar and i call it with http://localhost:8080/instanceVar/instance what i would like to do (also for others webapps) is to call it/them as http://localhost:8080/instance http://localhost:8080/webapp_2 http://localhost:8080/webapp_3 Rename the webapp, from instanceVar to ROOT. or better http://localhost/instance http://localhost/webapp_2 http://localhost/webapp_3 Change the port in the Connector from 8080 to 80. how can i get the 2 modes? Then add multiple mappings for each instance of the URL. OR Create the servlet and map it to a value also present in the welcome-file list of file names. http://localhost/instanceVar http://localhost/webapp_2 p thank you g now it works. However i understand the only way to do that is putting the webapps in the ROOT folder,right? -- View this message in context: http://old.nabble.com/standardize-the-URL-tp28287836p28326093.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: standardize the URL
Pid * wrote: On 22/04/2010 10:10, banto wrote: Pid * wrote: On 22/04/2010 07:45, banto wrote: Gregor Schneider wrote: On Tue, Apr 20, 2010 at 12:54 PM, banto banto...@gmail.com wrote: Hi, i know this can be a silly question but i have the following issue: i want to call my web app with a standard URL as http://host:port/myString how does the url look like when you call your webb-app currently? how would you like the url to look like? rgds gregor -- just because you're paranoid, don't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 @ http://pgp.mit.edu:11371/ skype:rc46fi - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org I explain better my problem, my webapp is in the folder: C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\istanceVar and i call it with http://localhost:8080/instanceVar/instance what i would like to do (also for others webapps) is to call it/them as http://localhost:8080/instance http://localhost:8080/webapp_2 http://localhost:8080/webapp_3 Rename the webapp, from instanceVar to ROOT. or better http://localhost/instance http://localhost/webapp_2 http://localhost/webapp_3 Change the port in the Connector from 8080 to 80. how can i get the 2 modes? Then add multiple mappings for each instance of the URL. OR Create the servlet and map it to a value also present in the welcome-file list of file names. http://localhost/instanceVar http://localhost/webapp_2 p thank you g now it works. However i understand the only way to do that is putting the webapps in the ROOT folder,right? If by webapp, you mean Servlet. ROOT is a webapp in it's own right, it is not the same as the root directory of an HTTPD server. any .war file or directory (effectively an exploded .war file) you put in tomcat/webapps will be treated as an application. p Just to understand you: i have copied the class files of my webapp and modified the relative web.xml to the folder C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\ROOT i hope you mean the same ROOT? thanks -- View this message in context: http://old.nabble.com/standardize-the-URL-tp28287836p28326999.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: standardize the URL
Pid * wrote: On 22/04/2010 11:27, banto wrote: Pid * wrote: On 22/04/2010 10:10, banto wrote: Pid * wrote: On 22/04/2010 07:45, banto wrote: Gregor Schneider wrote: On Tue, Apr 20, 2010 at 12:54 PM, banto banto...@gmail.com wrote: Hi, i know this can be a silly question but i have the following issue: i want to call my web app with a standard URL as http://host:port/myString how does the url look like when you call your webb-app currently? how would you like the url to look like? rgds gregor -- just because you're paranoid, don't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 @ http://pgp.mit.edu:11371/ skype:rc46fi - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org I explain better my problem, my webapp is in the folder: C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\istanceVar and i call it with http://localhost:8080/instanceVar/instance what i would like to do (also for others webapps) is to call it/them as http://localhost:8080/instance http://localhost:8080/webapp_2 http://localhost:8080/webapp_3 Rename the webapp, from instanceVar to ROOT. or better http://localhost/instance http://localhost/webapp_2 http://localhost/webapp_3 Change the port in the Connector from 8080 to 80. how can i get the 2 modes? Then add multiple mappings for each instance of the URL. OR Create the servlet and map it to a value also present in the welcome-file list of file names. http://localhost/instanceVar http://localhost/webapp_2 p thank you g now it works. However i understand the only way to do that is putting the webapps in the ROOT folder,right? If by webapp, you mean Servlet. ROOT is a webapp in it's own right, it is not the same as the root directory of an HTTPD server. any .war file or directory (effectively an exploded .war file) you put in tomcat/webapps will be treated as an application. p Just to understand you: i have copied the class files of my webapp and modified the relative web.xml to the folder C:\Program Files\Apache Software Foundation\Tomcat 5.5\webapps\ROOT i hope you mean the same ROOT? Yes, this is correct. p thank you!! -- View this message in context: http://old.nabble.com/standardize-the-URL-tp28287836p28327291.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
standardize the URL
Hi, i know this can be a silly question but i have the following issue: i want to call my web app with a standard URL as http://host:port/myString regardless from the path of the servlet under Tomcat tree. I have made some try in web.xml url-pattern field but no success. Any advice? thanks. -- View this message in context: http://old.nabble.com/standardize-the-URL-tp28287836p28287836.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
automatic redirect
Hi all, there is a way for tomcat to redirect http calls to another web-server (plug-in,...) trasparently,i mean by means of just configuration ? e.g. bowser - http://host1_tomcat:port - http://host2_tomcat:port and back... thanks in advance, Antonio -- View this message in context: http://old.nabble.com/automatic-redirect-tp27652567p27652567.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
tomcat manager configuration
Hi all, i´m trying to figure out where are the configurations for the tomcat manager webapp. I mean how if i would want to change the path of the manager, write my own one, disable it and so oni´m just trying to understand if (apart the access configurations) all the the confs are indeed hardcoded in tomcat... any clarifications from you is very appreciated. thanks you!!! -- View this message in context: http://old.nabble.com/tomcat-manager-configuration-tp27635436p27635436.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest algorithm in BASIC auth
hi Chris, thank you very much. I was confused because in the HTTP message exchanges between the browser and tomcat i saw that tomcat sent back to the browser the realm value. for that i thought was involved some kind of digest. Antonio Christopher Schultz-2 wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Antonio, On 2/12/2010 6:12 AM, banto wrote: my tomcat conf has basic auth and i have a the following in web.xml login-config auth-methodBASIC/auth-method realm-nameThe HTML Application/realm-name /login-config That is HTTP BASIC AUTH. now i´m seeing that the password during the auth is digested and has value. Authorization: Basic YW50b25pbzpwYXNzd29yZA== My problem is that i cannot understand where it comes from... That's base64(username + ':' + password). Your username is 'antonio' and your password is 'password' in this case. I´m trying all the combination, i mean i´m digesting user:realm:password with all of the algorithms but i cannot get that value. You are confusing the above with HTTP DIGEST AUTH, which requires md5(user + ':' + realm + ':' + password) Along with Konstantin's reference, you should also read this one: http://en.wikipedia.org/wiki/Http_digest_authentication - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt1pxoACgkQ9CaO5/Lv0PCo1gCgoHNO/WVMn7BlX48B1VlavGte MfYAn3AjZY6XyRHFIg2xBCFL7JEn+k5k =w9Gu -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/digest-algorithm-in-BASIC-auth-tp27562000p27573009.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: digest algorithm in BASIC auth
yes!! that´s base64 encoding, you are perfectly right!!! thanks Christopher Schultz-2 wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Antonio, On 2/13/2010 3:01 AM, banto wrote: I was confused because in the HTTP message exchanges between the browser and tomcat i saw that tomcat sent back to the browser the realm value. for that i thought was involved some kind of digest. The realm name is present in both BASIC and DIGEST authentication mechanisms. Were you able to get things working? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkt2u5cACgkQ9CaO5/Lv0PDxlACfQeCnbfzDtGaK02LwdKwjzh3a tu4An2QCo/tCLUAWQNLJzy8GKQV0q49J =cKxS -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/digest-algorithm-in-BASIC-auth-tp27562000p27576143.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
digest algorithm in BASIC auth
Hi all, my tomcat conf has basic auth and i have a the following in web.xml login-config auth-methodBASIC/auth-method realm-nameThe HTML Application/realm-name /login-config now i´m seeing that the password during the auth is digested and has value. Authorization: Basic YW50b25pbzpwYXNzd29yZA== My problem is that i cannot understand where it comes from... I´m trying all the combination, i mean i´m digesting user:realm:password with all of the algorithms but i cannot get that value. does anyone of you can suggest me where i´m missing? thanks you all, Antonio -- View this message in context: http://old.nabble.com/digest-algorithm-in-BASIC-auth-tp27562000p27562000.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
