Re: Tomcat 9.0.74 change causes not honoring session timeout configured in tomcat web.xml for FORM Authentication

1. Do not cross-post the same question to multiple lists. 2. This question belongs on the users list. Mark 27 Oct 2023 05:40:09 Channa Puchakayala : Hi All,   Tomcat Version : 9.0.74 Operating System: Windows and Linux Bits: 64      Tomcat 9.0.74 not honoring  session timeout configured

Tomcat 9.0.74 change causes not honoring session timeout configured in tomcat web.xml for FORM Authentication

Hi All, Tomcat Version : 9.0.74 Operating System: Windows and Linux Bits: 64 Tomcat 9.0.74 not honoring session timeout configured in tomcat/conf/web.xml for FORM Authentication and it is effecting customers. == 30 // 30 minutes ===

[Bug 67926] PEMFile prints unidentifiable string representation of ASN.1 OIDs

https://bz.apache.org/bugzilla/show_bug.cgi?id=67926 --- Comment #4 from Mark Thomas --- +1 - we are already using that class in the SPNEGO authenticator -- You are receiving this mail because: You are the assignee for the bug. ---

[Bug 67927] TLSCertificateReloadListener triggers race condition (?) in OpenSSL code which causes the JVM to die

https://bz.apache.org/bugzilla/show_bug.cgi?id=67927 --- Comment #10 from Mark Thomas --- We need to allow in-progress usage of the old SSLContext to continue while new requests get the new SSLContext. We don't want new requests to have to wait for a long running request using the old SSLContext

[Bug 67932] New: module-info re-export other libraries

https://bz.apache.org/bugzilla/show_bug.cgi?id=67932 Bug ID: 67932 Summary: module-info re-export other libraries Product: Tomcat 10 Version: unspecified Hardware: PC OS: Mac OS X 10.1 Status: NEW Severity

[Bug 67927] TLSCertificateReloadListener triggers race condition (?) in OpenSSL code which causes the JVM to die

https://bz.apache.org/bugzilla/show_bug.cgi?id=67927 --- Comment #9 from Michael Osipov --- (In reply to Christopher Schultz from comment #8) > Michael, do you know if calling the JMX-based "reload" operation will cause > the same crash? I haven't dug-into the code, but it's possible this bug has

[Bug 67927] TLSCertificateReloadListener triggers race condition (?) in OpenSSL code which causes the JVM to die

https://bz.apache.org/bugzilla/show_bug.cgi?id=67927 --- Comment #8 from Christopher Schultz --- Michael, do you know if calling the JMX-based "reload" operation will cause the same crash? I haven't dug-into the code, but it's possible this bug has existed far longer than the TLSCertificateReload

Buildbot failure in on tomcat-9.0.x

Build status: BUILD FAILED: failed compile (failure) Worker used: bb_worker2_ubuntu URL: https://ci2.apache.org/#builders/37/builds/744 Blamelist: Mark Thomas Build Text: failed compile (failure) Status Detected: new failure Build Source Stamp: [branch 9.0.x] 5462cf0e569d62a9f3949800d14ec343d4766a

[tomcat] branch main updated: Add a note about a todo

This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 2f7618039f Add a note about a todo 2f7618039f is descr

[Bug 67927] TLSCertificateReloadListener triggers race condition (?) in OpenSSL code which causes the JVM to die

https://bz.apache.org/bugzilla/show_bug.cgi?id=67927 --- Comment #7 from Michael Osipov --- (In reply to Remy Maucherat from comment #6) > Since deallocating the ssl context should be tied to GC when using NIO, I > don't understand how it happens. OTOH, actually doing it is quite risky, so > mayb

[Bug 67927] TLSCertificateReloadListener triggers race condition (?) in OpenSSL code which causes the JVM to die

https://bz.apache.org/bugzilla/show_bug.cgi?id=67927 --- Comment #6 from Remy Maucherat --- Since deallocating the ssl context should be tied to GC when using NIO, I don't understand how it happens. OTOH, actually doing it is quite risky, so maybe it could be better to leak it ... It would be a