Have I got this right?
I have an app and in the deployment descriptor I ask for FORM authentication and set
the transport guarantee to CONFIDENTIAL .
If the user attempts access to a secured page or servlet in that app from a simple
http connection, tomcat will force the FORM page to be
Hi!
We currently have a couple of sites running JBoss-Tomcat. A third
application that used the JBoss part of this setup has been canned leaving
us with two non-EJB applications.
As far as I can determine the only benefits we currently get from JBoss are
the security system and connection
Many thanks to Craig for pointing me at Filters to solve my access problems.
Next Question: Running Tomcat 4.0.1, my cookies now seem to be URLencoded,
ie characters + and = get encoded. How do I decode before reading them in a
Filter or servlet?
Gerry
--
To unsubscribe: mailto:[EMAIL
OK! Thanks for that. Too obvious! I was looking in the javax api rather
than there!
Gerry
- Original Message -
From: Ing. Gabriel Gajdos [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, January 15, 2002 2:55 PM
Subject: RE: Question about URLencoded Cookie data?
There is such
I am trying to deploy a web app under JBoss2.2.4-Tomcat4.0.1. This app uses
JCE and works fine under JBoss2.2.2Tomcat3.2.2.
Now it throws an exception cannot set up certs for trusted CAs. All the
jce jars are in jboss/lib/ext.
Has anyone fixed this problem?
Gerry
--
To unsubscribe:
as a parameter when you redirected to the login servlet).
-Original Message-
From: Gerry Duhig [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 10, 2002 11:16 AM
To: [EMAIL PROTECTED]
Subject: Securing access to pages
This is an old question to which I had an answer that worked under
provided as a parameter when you redirected to the login servlet).
-Original Message-
From: Gerry Duhig [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 10, 2002 11:16 AM
To: [EMAIL PROTECTED]
Subject: Securing access to pages
This is an old question to which I had an answer
(where_to_go_after_this).
Gerry
- Original Message -
From: Craig R. McClanahan [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Friday, January 11, 2002 5:40 PM
Subject: Re: Securing access to pages
On Fri, 11 Jan 2002, Gerry Duhig wrote:
Date: Fri, 11 Jan 2002 17:00:30
Fredy,
Would you please show us exactly what you do, as I need to do the same sort
of thing?
I had a version that worked under 3.2, but it fails under Tomcat 4.
Thanks
Gerry
- Original Message -
From: Softwareentwicklung Hauschel [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL
This is an old question to which I had an answer that worked under 3.2.3 but now fails
under 4.0.1
Using Tomcat embedded in JBoss, I want to secure access to a certain set of pages and
use the JBoss security system to carry out the authentication.
Standard stuff. But, as well as going
Hi!
I have successfully built a servlet that uses JCE to encrypt data and deployed it
under JBoss Tomcat 2.4.1-3.2.2.
The very first access is VERY slow as the cryptography classes do some sort of
initialisation. I don't know what.
Subsequent actions seem very quick.
Is this to be
. You could just force such an
initialization at startup so that startup has a bit of a slowdown, but
then
it runs fast the rest of the time.
David
- Original Message -
From: Gerry Duhig [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, November 13, 2001 10:02 AM
Subject
Brilliant - thank you!
- Original Message -
From: Bo Xu [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Tuesday, November 13, 2001 8:23 PM
Subject: Re: cryptography - slow starting
- Original Message -
From: Gerry Duhig [EMAIL PROTECTED]
To: Tomcat Users
I am using Tomcat with JBoss and JBoss is handling security. Everything
works fine and each time a secured component is accessed I see two lines in
the logs:
User: name is authenticated
User: name is authorized
There are now thousands of these lines! How do I get rid of them?
There are so many
Can I ask a supplementary question please?
We have a couple of applications that are a few html and JSP pages and a
couple of servlets. Packing the whole lot up in ear files and deploying
under JBoss-Tomcat is really nice and simple. Obviously then we are not
using Apache because Tomcat is
PROTECTED]
Sent: Friday, October 19, 2001 5:56 PM
Subject: RE: Security Question
What is your debug level in the context?
Darrell
-Original Message-
From: Gerry Duhig [mailto:[EMAIL PROTECTED]]
Sent: Friday, October 19, 2001 9:34 AM
To: [EMAIL PROTECTED]
Subject: Fw: Security
I am using Tomcat embedded in JBoss: Versions: JBoss 2.2.2 Tomcat 3.2.2
I have two applications MyApp and MyAppWeb.
I deploy both and all is well.
I remove MyApp and MyAppWeb ceases to work. I have to redeploy it to make it
work again.
This becomes a problem when in normal use someone
I didn't see any answers! Does that mean its not possible? Or is just not
the right thing to do?
I really need to get something sorted soon.
Help! Desperation creeping in here!
Thanks
Gerry
- Original Message -
From: Gerry Duhig [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday
Help!
I want to find a sample of a JSP Page to use as the authentication form in a
secure application. I have seen reference to such a page but cannot find a
sample. We currently use an html page but need some additional processing.
Please direct me to a URL or send me a sample
Thanks
Gerry
I want login.jsp to
take the user input username and pasword,
pass them to a servlet to carry out some specialist actions including
writing a cookie
then pass the input to j_security_check so that authentication takes place.
Is that possible? Anyone got an example I can see?
Gerry
I am a little confused about tomcat workers and loadbalancing in a Linux
environment. I hope someone can explain.
I am running tomcat embedded in JBoss.
When I start JBoss, I see about 60 processes created.
Presumably each of these is an instance of JBoss with an embedded Tomcat?
Are they
Hi!
I have Tomcat setup, actually running with JBoss,
and I am looking at security.
I can setup an application with a login-conf in
web.xml, but I cannot see who or what handles that. Is it Tomcat directly, or
some loaded subsystem?
In detail: In my server.xml file I have
thefollowing:
I have written a Java servlet that seems to work
quite well but I am confused about the exact context in which it
runs.
At initialisation it creates a JDBC connection and
uses that to connect to a remote Oracle Database on each activation of the
servlet. The connection remains open until
Help please!
I have Apache running with ApacheJServ and working fine!
I want to test tomcat and consider it as a replacement for JServ.
I downloaded Tomcat and edited the Apache httpd.conf to include the
apache-tomcat.conf file, instead of the JServ file.
I start tomcat and I start Apache,
server.xml file. As a minimum on a clean tomcat install, this will
automatically let you access the example servlets via apache with the
minimum effort. I take it you have consulted the Apache-tomcat howto?
sam
- Original Message -
From: "Gerry Duhig" [EMAIL PROTECTED]
To: [EM
25 matches
Mail list logo