was sponsored by a commercial support contract
with webtide.com <http://webtide.com>
All three releases provide a workaround for the Security Advisory
https://github.com/advisories/GHSA-58qw-p7qm-5rv
Oops -- this gives a 404.
--
John English
___
jetty
request to "/foo%", the problem would
be detected when the request was processed, before my code ever got to
see it, and then passed straight to the error handler defined in web.xml.
Oh well, it all helps to keep me in work I suppose. :)
Thanks for the response,
--
John English
e? What other exceptions
might it throw, and under what circumstances?
Any ideas? What would *you* do in this situation?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
ode failed, or the load balancer is non sticky) then the
suffix will change but the rest of the session id is invariant.
The session id, minus the suffix, is unique across all nodes in the cluster.
Right. Thanks for the explanation.
--
John English
___
Looking at my session ID in my browser's Network tools, I see that
JSESSION=node01.node0
When I do session.getid() inside the running code, I see node01
(without the trailing ".node0").
It's a minor triviality, but can anyone explain why they are different?
Thanks,
--
Jo
On 25/07/2022 10:55, John English wrote:
On 25/07/2022 04:52, Greg Wilkins wrote:
How was the exception logged?
Normally we try to suppress such IO exceptions, as they can happen at
any time if a client closes the connection (goes into a tunnel, closes
laptop lid etc.). But perhaps
IOException in my webapp and ignore, but this one was from
Jetty, not my webapp, so it hit my if-all-else-fails handler which sends
me an email message when anything unhandled happens:
java.lang.Exception
/error
--
John English
--
This email has been checked for viruses by AVG.
https
)
at java.lang.Thread.run(Thread.java:748)
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman
Just curious!
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
something a browser would send.
Thanks for the help,
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
and OPTIONS commands from a (known,
internal) IP address. There was no login attempt, so perhaps whoever did
it is trying a replay attack using session cookies from an earlier
session. The only annoyance is it shows up as an unhandled exception, so
I get emailed automatically.
--
John English
(SessionHandler.java:1712)
Can someone explain what might have happened here?
Thanks,
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
I found the solution: the servlet mapping for the default servlet was
missing from web.xml. Adding the following fixed the problem:
default
/
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
to you directly instead of to the
list. Hope you don't mind. I've fixed it now.)
Thanks,
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from
essed them?
Thanks,
--
John English
--
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
user on port 8080/8443, and then use an iptables rule to forward traffic
from ports 80/443 to ports 8080/8443. Easy to do, no complicated
installs, works perfectly.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from
each time it's delayed. So I think I need to look at my
code to try and figure out what might be causing a 3 minute delay.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org
, of course.
There is no reason on the face of it that those requests should take so
long, so I'll investigate -- maybe there's a DB locking issue or some
such related to the problem I'm looking at.
Many thanks for the help,
--
John English
___
jetty
:00:32 + < and again!
30/Jan/2022:15:04:06 +
30/Jan/2022:15:04:09 +
30/Jan/2022:15:04:19 +
Is this normal? If not, what should I be looking for?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscrib
.
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
and what might be causing it? (I'm
using Jetty 9.4.41.)
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
a
credential is sent over "the wire" but we want to avoid storing such
credentials on the server, so we check the MD5 of the provided
credential with the stored MD5).
Ah, I misread -- I was thinking of password authentication when I read
it. Apols.
--
Jo
if the password that was provided is a
match.
Ouch. MD5? Not terribly secure. I prefer BCrypt.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
.
This was indeed the problem. I upgraded overnight to 9.4.41 and it now
works perfectly. (Sigh.)
Thanks to all who helped,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman
running 9.4.39... :(
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
significance of the 64K threshold might be?
This is driving me nuts. Pathetically grateful for any ideas...!
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/l
On 22/05/2021 11:07, John English wrote:
On 21/05/2021 16:55, Simone Bordet wrote:
Multipart works on dev environment?
If so, then it's some configuration difference between the two.
Yes. Compared all files between server and dev kit -- no differences.
Went onto server machine and connected
.
So now I'm trawling through the server's iptables logs and trying to
find out if anyone changed the firewall rules... :(
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https
* for multipart-form requests.
On 21/05/2021 15:24, John English wrote:
On 21/05/2021 12:02, Simone Bordet wrote:
1.8.0_251 and 1.8.0_172 are quite different, as 251 backported the
ALPN APIs and possibly also TLS 1.3 (don't recall on top of my head),
while the older version does not have those
. And as I understand things, POST requests shouldn't
produce 302 responses.
Does anyone have any idea what might be going on here?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.e
elieve that this also exists as jakarta.servlet.http.Part, so this
might be the way to go.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
to use getSession(false).
Sorry for the late response -- just found this buried in my inbox. Yes,
you're quite right, that fixed it. Many thanks.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
Can anyone tell me what might be happening here?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
intervals,
then it worked as normal from then onwards.
I have now rewritten the fileupload code to use getParts() instead, just
in case.
Any ideas what might have happened here?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
. This is true for both Firefox and Chrome. (AFAIK it used to
cache static resources before the upgrade to 9.4.30, but I might be
wrong about that...)
Does anyone have any idea why this might be, and what I can do to find
out more about what's going on?
--
John English
, and by default that's owned by root... so check who ends
up owning it, or it can get messy.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https
On 06/08/2019 15:05, John English wrote:
I have only 13 entries on my classpath, as opposed to the 41 in the full
distro:
Oops, correction, I was looking at the wrong server: there are 25
entries. WEB-INF/lib is empty apart from a copy of
org.mortbay.jasper.apache-jsp-8.5.9.1.jar.
0
On 05/08/2019 17:47, John English wrote:
I need some configuration advice, please.
WARN:oejd.DeploymentManager:main: Unable to reach node goal: started
java.util.ServiceConfigurationError: org.apache.juli.logging.Log:
Provider org.eclipse.jetty.apache.jsp.JuliLog not a subtype
org.eclipse.jetty.apache.jsp.JuliLog not a subtype
at java.util.ServiceLoader.fail(ServiceLoader.java:239)
Can someone tell me what I have to do to get basic taglib support
working here?
Thanks,
--
John English
---
This email has been checked for viruses by AVG.
https://www.avg.com
erver view, but
although it lists Tomcat, Geronimo, Websphere, JBoss and others, there
is no entry for Jetty.
Can anyone advise me what I need to do to configure Eclipse for use with
Jetty?
TIA,
--
John English
---
This email has been checked for viruses by AVG.
https://w
(QueuedThreadPool.java:673)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:591)
at java.lang.Thread.run(Thread.java:745)
--
John English
---
This email has been checked for viruses by AVG.
https://www.avg.com
___
jetty-users
app.old"
elsewhere, everything went back to normal: I can now stop it using
"--stop", and it restarts correctly.
Is it really the expected behaviour?
Thanks,
--
John English
---
This email has been checked for viruses by AVG.
https://www.avg.com
"nodeXXX" is the session ID.
Is "oejshC" an abbreviation for
org.eclipse.jetty.server.handler.ContextHandler, perhaps?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve
this,
and what does nodeXXX refer to?
I used Jetty 8 until fairly recently and don't recall seeing anything
like this then...
Thanks to anyone who can explain this for me!
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your
On 10/03/2018 16:15, Lou DeGenaro wrote:
default="my-password"/>
name="jetty.truststore.password" default="my-password"/>
The keystore password and truststore password are really the same? Are
you sure?
--
John English
:
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https
On 27/12/2017 11:53, John English wrote:
What am I doing wrong here?
Oops, please ignore that -- I added a debug config parameter to my
servlet, added an override of init() to read it, and forgot to call
super.init() from my init()...
--
John English
ot; makes no difference; I
still get the same NPE. I also tried "servlets.Proxy.LEVEL=DEBUG"; still
no luck.
What am I doing wrong here?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, r
On 26/12/2017 23:48, Simone Bordet wrote:
Hi,
On Tue, Dec 26, 2017 at 9:15 PM, John English <john.fore...@gmail.com> wrote:
Is there perhaps some way to run the proxy in a debug mode without having to
run the entire system in debug mode? This is a live system with quite a few
users,
On 26/12/2017 21:13, Simone Bordet wrote:
Hi,
On Tue, Dec 26, 2017 at 6:06 PM, John English <john.fore...@gmail.com> wrote:
3) Requests to https://www.foo.com go to the primary webapp as expected.
Requests to https://www.bar.com result in an empty 502 response ("Bad
Gateway&quo
On 26/12/2017 21:13, Simone Bordet wrote:
Hi,
On Tue, Dec 26, 2017 at 6:06 PM, John English <john.fore...@gmail.com> wrote:
3) Requests to https://www.foo.com go to the primary webapp as expected.
Requests to https://www.bar.com result in an empty 502 response ("Bad
Gateway&quo
quests to https://www.bar.com result in an empty 502 response ("Bad
Gateway").
Can anyone suggest what might be going wrong here in case (3)?
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delive
On 24/11/2017 15:27, John English wrote:
I asked about this a week or so ago, but haven't found a solution yet...
After lots of random fiddling, I discovered that the solution is to have
a copy of jetty-proxy.jar in the lib directory of my proxy webapp, i.e.
${jetty.base}/webapps/proxy/WEB
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
... 32 more
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retriev
On 19/11/2017 11:43, John English wrote:
jetty-util-9.4.6.v20170531 (for Attributes) and
jetty-server-9.4.6.v20170531 (for HandlerWrapper) are both in the lib
directory. I've also added them to the Eclipse build path but that
doesn't make any difference either. They don't appear in the server
requests for that domain
name from Jetty to the other server. (Plan B would be to use a
non-standard port for the new server, but I prefer not to.)
Can anyone advise me what I'd need to do to accomplish this?
Thanks,
--
John English
___
jetty-users
this would have an impact on performance...
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
w...
Many thanks for all your help,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
On 6 September 2017 at 01:26, John English <john.fore...@gmail.com
<mailto:john.fore...@gmail.com>> wrote:
Correction: with a 5 minute timeout and no DEBUG flag,
sessionDestroyed() gets called automatically after TWENTY minutes!
This is 15 minutes after the session expires, whic
o maintain this sort of information for me.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
On 05/09/2017 18:18, John English wrote:
Later tests showed that a second request made between 5 and 10 minutes
later also triggers sessionDestroyed(), and that a request is needed to
trigger the call to sessionDestroyed() if the DEBUG flag is not turned
on; with no DEBUG parameter
UG:oejs.session:Scheduler-631659383:
setIdleTimeout called: -1
2017-09-05 17:33:28.531:DBUG:oejs.session:Scheduler-631659383: Session
timer stopped
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retr
/1319.
That would be very welcome. I imagine I'm not the only one who would
want to know how to do this (e.g. anyone using Let's Encrypt
certificates would probably be interested)...
Many thanks,
--
John English
___
jetty-users mailing list
jetty-users
it...
But, as I said, my current problem is that getKeyStorePath() just
returns null.
Any ideas?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
'm replacing the entire keystore file.)
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
cases, especially for this one
where Jetty provides the basic mechanism, but applications have to
write a bit of code to actually make use of the feature.
Thanks !
Seconded! Since I'm having a bit of trouble getting this to work, I'd
*love* to see some sample code...
--
John E
) with having to duplicate the path as a config parameter. I
thought this would do the trick, but I'm obviously mistaken. Can anyone
tell me what I'm doing wrong here?
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change
her, while performing the
modification within the consumer will serialize the reloads.
Ah, OK. Thanks.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, v
n't?
if (sslContextFactory.getKeyStorePath().endsWith(KEYSTORE_1))
sslContextFactory.setKeyStorePath(KEYSTORE_2);
else
sslContextFactory.setKeyStorePath(KEYSTORE_1);
sslContextFactory.reload(sslContextFactory -> { });
I'm still getting used to Java 8, so forgive me if this is a stupid
question...
--
John E
On 06/02/2017 12:55, John English wrote:
That sounds excellent. Is there any documentation/examples showing how
to use this feature? My initial thought is to add a thread that wakes up
every so many hours, checks the date on the keystore, and reloads if
it's been updated... but then I need
On 06/02/2017 00:59, Simone Bordet wrote:
Hi,
On Sat, Feb 4, 2017 at 12:38 PM, John English <john.fore...@gmail.com> wrote:
When I renew my SSL certificate and update my keystore, is it possible to
get the server to reload the new certificate without restarting the server?
(I'm now
When I renew my SSL certificate and update my keystore, is it possible
to get the server to reload the new certificate without restarting the
server?
(I'm now using Jetty 9.4, BTW.)
Thanks,
--
John English
___
jetty-users mailing list
jetty-users
for the tip!
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
robably just trust it, but I'm a bit wary of
deploying things I don't fully understand in case it suddenly breaks
later... so if you can just explain this last point to me I will finally
be able to sleep easy... :)
But thanks for the solution!
--
John English
_
e "default" webapp, but I
don't seem to have one in my new 9.4 setup.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
htt
t the same thing happens
for *all* 404s not handled by my webapp.)
Any ideas what I need to do to configure the generic 404, as opposed to
my webapp's 404?
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your
in
start.ini to configure this? It seems unlikely that I'm the only one to
want this feature, and copying and editing the underlying XML seems a
little obscure...
Again, many thanks!
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
current 8.1.4 setup.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
to Jetty 9 is just
not going to happen for us!
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman
page that I supply.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
in the request log. Is there something else I need to
configure to make something visible happen here? In particular, can I
serve up a static page of my choice?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options
t;war" can be either a .war file or a directory name, then?
I will see what I can do about making the documentation more clear in
this regard.
Great, many thanks.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change you
ething obvious...
Thanks again,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
only:
default="./logs"/>/_mm_dd.jetty.log
true
90
name="getTimeZone">GMT
id="ServerLog"/>
Thanks,
--
John English
___
jetty-users mailing
aging purposes that
can exist in an open file system, in an archive file, or in
some other form..." No apparent requirement for a .war file. And also,
the deploy module is happy to deploy directories...
--
John English
___
jetty-users mailing list
j
odule it seems to
work when I reference static content (e.g. index.html) but I just get a
blank page (but no error?) when I reference a servlet. All the examples
I've seen assume that the webapp is packaged as a .war, and I can't
figure out what I need to do if it isn't.
Thanks, and sorry if I'm
, but
then the messages to stdout also get routed to the log file. Is there a
way to keep them separated?
Thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list
ons jetty.sslContext.keyStorePassword (presumably what I specified
as keystore-password above) but doesn't say what to do with
pkcs12-password. And of course this didn't matter when I was using a
self-signed certificate, but is crucial for a proper certificate...
Thanks!
--
John Engl
On 17/01/2017 19:57, Brian Reichert wrote:
On Tue, Jan 17, 2017 at 07:27:57PM +0200, John English wrote:
If your server is indeed serving the certificate you expect, then
your config is OK, but now you get to track down what your SSL issue
is, and that's not specific to jetty.
Further
any thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
OK. I'm not familiar with OpenSSL but what you've told me should be
enough to get me started. I'll probably be back with more questions
tomorrow unless a miracle happens.
Many thanks,
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To c
foo
foo
/>/webapps/ssltest/WEB-INF/web.xml
/webapps/ssltest
/
Thanks!
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, ret
it another try, then.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
On 06/08/2015 13:25, John English wrote:
It would appear from my experiments that when there are multiple
setHandler blocks defining webapps all mapped to /, the last one
wins if the virtual host lists are not disjoint. If I have one accepting
127.0.0.1 (A) and another without a VH list (B
it to accept all
requests to hosts *except* the ones n the list.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org
than invoking B.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
)?
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
=virtualHosts
Array type=java.lang.String
Item*/Item
/Array
/Set
I gather from your answer that the default response page is hard-wired
somewhere where I can't customise it easily...
--
John English
___
jetty-users mailing list
jetty-users
is
directed to an invalid hostname that I was asking about.
--
John English
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman
On 05/08/2015 13:19, John English wrote:
So, can I just follow this with another nearly-identical setHandler
block but pointing at a different Descriptor and Resource-Base, and with
a VH spec as follows?
Set name=virtualHosts
Array type=java.lang.String
Item*/Item
/Array
1 - 100 of 134 matches
Mail list logo