Does anyone know when JSP 2.1 support is expected? Will that be in Tomcat 6?
Jon
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Does anyone know if it's possible to include a .jspx fragment in another
.jspx file? When I say .jspx fragment, I mean a file that is in XML format,
but, may not be well formed.
For example, I want to do something like the following. Currently, I'm
receiving an error message like the
I haven't tried it yet, but, I noticed that catalina.sh/bat, looks for a jar
file named tomcat-juli.jar and if it's present, it adds a
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager to
JAVA_OPTS. I think if you rename or remove that jar file, it will disable it
(haven't
After looking at the code, it looks like the SSO session doesn't go away
until all other sessions for the user have expired. So, as far as I can
tell, the SSO session doesn't have it's own session timeout as far as I can
tell.
Jon
- Original Message -
From: Jonathan Eric Miller [EMAIL
After looking at the code, it looks like the SSO session doesn't go away
until all other sessions for the user have expired. So, as far as I can
tell, the SSO session doesn't have it's own session timeout as far as I can
tell.
Jon
- Original Message -
From: Jonathan Eric Miller [EMAIL
by modifying the value
--
session-config
session-timeout30/session-timeout
/session-config
Peter
Jonathan Eric Miller schrieb:
I'm using the SingleSignOn valve with Tomcat 5.5.9. Does anyone know what
the default session timeout is set to? Is there a way to specify
Reading the changelog is a good place to start...
Jon
- Original Message -
From: Horvath, Ruth (Ruth) ** CTR ** [EMAIL PROTECTED]
To: tomcat-user@jakarta.apache.org
Sent: Wednesday, April 13, 2005 12:16 PM
Subject: Upgrading from tomcat 3.2.2 to 3.3.2 on Windows
Sorry if this has been
My guess (but, I'm not a Tomcat developer so what do I know! ;-)) is that
you can't do it for System.out.println(). However, I did notice that
System.setOut() allows you to redirect where standard out goes. However, I'm
guessing that that would be for the entire JVM? As of Tomcat 5.5.9 they
I'm using the SingleSignOn valve with Tomcat 5.5.9. Does anyone know what
the default session timeout is set to? Is there a way to specify this
timeout?
I'm finding that sometimes my session will timeout within an application,
but, it doesn't redisplay the login page. I want to try to set it
Until Tomcat 5.5.9 I was specifying my java.util.logging.config.file using a
system property set using CATALINA_OPTS like the following.
CATALINA_OPTS='-Djava.util.logging.config.file=/opt/jakarta-tomcat-dev/conf/logging.properties
Also, you'll need something like the following in your web.xml.
security-constraint
web-resource-collection
web-resource-name/web-resource-name
url-pattern/*/url-pattern
/web-resource-collection
user-data-constraint
transport-guaranteeCONFIDENTIAL/transport-guarantee
/user-data-constraint
Does anyone know if there are disadvantages to setting unpackWARs=false?
What I'm wondering is if it then has to uncompress the .war file everytime a
resource is accessed thus causing a performance hit?
Jon
-
To unsubscribe,
OK, thanks for the info. Like you mentioned, I was thinking that
redeployment would be easier with it set to false. I just wanted to make
sure that I wouldn't be incurring a performance hit and the expense of not
having to mess around with an extra directory. Thanks.
Jon
- Original Message
Anyone know if there are nightly zip files for Tomcat 5.5?
Jon
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
binaries download page even gives you the link at the bottom
;) http://cvs.apache.org/builds/jakarta-tomcat-5/nightly/.
Nightlies are always at your own risk.
Yoav Shapira http://www.yoavshapira.com
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November
Thanks!
Jon
- Original Message -
From: Shapira, Yoav [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Wednesday, November 17, 2004 12:07 PM
Subject: RE: Tomcat 5.5 nightly zip files?
Hi,
Yeah. They're built from CVS HEAD (there's very little purpose to
nightlies
Actually, I guess the default isn't that bad for UNIX/Linux anyway. In
theory, if you are using J2SE 1.5 with the default log settings and you
don't have Log4J installed, INFO level messages and above will get written
to the console which gets redirected to catalina.out by catalina.sh. So,
Here's the message without the file attachments since the original message
was blocked as spam. I don't see a way to post file attachments to the bug
database either...
Jon
- Original Message -
From: Jonathan Eric Miller [EMAIL PROTECTED]
To: Remy Maucherat [EMAIL PROTECTED]; Tomcat
So, exceptions aren't logged by default? Does the new log4j method give you
full stack traces, or, is it just one line error messages? If I don't
configure log4j, does that mean that exceptions can be occurring and I won't
know about it? IMHO, a decent default logging configuration should be
I don't see it at least on the inital bug report page at
http://nagoya.apache.org/bugzilla/enter_bug.cgi?product=Tomcat%205
Maybe I need to commit the page first and there's another page...
I don't want to submit a report just yet, because I'm still in the process
of trying to figure out how
not working in Tomcat 5.5.4 when .war file has a
META-INF/context.xml?
On Thu, 11 Nov 2004 11:09:58 -0600, Jonathan Eric Miller
[EMAIL PROTECTED] wrote:
I don't see it at least on the inital bug report page at
http://nagoya.apache.org/bugzilla/enter_bug.cgi?product=Tomcat%205
Maybe I need to commit
not
being reported into the stdout.
where is all the runtime exception stack tracing supposed to go Yoav? that
won't be picked up by log4j which is a good point
cheers!
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Thu 11/11/2004 16:50
To: Tomcat Users List
Cc
I have an application which has a META-INF/context.xml file. I'm attempting
to have the file auto-redeploy itself everytime I copy an updated the
updated .war file to the webapps directory. This worked fine in Tomcat
5.0.25.
In Tomcat 5.5.4, it will deploy itself the first time through, but,
I ran into the same issue with DBCP and JNDI.
Jon
- Original Message -
From: Allistair Crossley [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Thursday, September 02, 2004 8:32 AM
Subject: TC 5.5 - 4 issues (jasper, ROOT, jndi, logging)
Hi Guys
Decided to give TC 5.5 /
I noticed in the change log that some changes have been made to the way
things are logged in Tomcat 5.5. I was using something like the following in
my server.xml previously. However, this no longer works.
Logger className=org.apache.catalina.logger.FileLogger
directory=logs
In Tomcat 4.0 and 5.0, I had the following in my server.xml file.
Context path= docBase=ROOT debug=0 reloadable=true/
However, if I try to use this in Tomcat 5.5, I receive the following error
in catalina.out. Does anyone know if I need to change something to get it to
work with Tomcat 5.5, or,
,
System.out/System.err still behave as before, and the ServletContext#log
method works without any special configuration.
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 01, 2004 12:46 PM
To: Tomcat User
context configured for the path?
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 01, 2004 2:20 PM
To: Tomcat User List
Subject: Context path= docBase=ROOT... fails in Tomcat 5.5?
In Tomcat 4.0
If I remember correctly, symlinks are disabled by default. I think you can
turn them on using an attribute value for an element in server.xml.
Jon
- Original Message -
From: Philippe Mathieu [EMAIL PROTECTED]
To: Tomcat User List [EMAIL PROTECTED]
Sent: Wednesday, September 01, 2004
The problem that I found with doing it this way is that I had a
security-constraint on my application and it wasn't being enforced when I
tried to do that. So, I created an index page that redirects to the
application.
Jon
- Original Message -
From: QM [EMAIL PROTECTED]
To: Tomcat
and paste configuration files across release
versions, be careful.
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 01, 2004 2:37 PM
To: Tomcat Users List
Subject: Re: Context path= docBase=ROOT
I noticed that if you have unpackWARs set to false and you update a WAR
file, it doesn't reload it.
According to the Tomcat documentation at the following link, it only does it
for unpacked WAR files. Why?
redeploy the app via the manager (or whatever mechanism
he/she wants to use).
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 27, 2004 1:20 PM
To: Tomcat User List
Subject: Why don't updated
I am trying to configure my application so that everything has to be
encrypted. I was able to do that by using the security constraint at the
bottom of this message. I've had this working for awhile without a problem.
However, now, I want to add an additional restriction. I want to make it so
that
: Friday, May 21, 2004 7:15 AM
Subject: Re: Session Timeout and Direct Reference to login page
Jonathan Eric Miller wrote:
Yeah, that seems like it would work. I'm wondering if I could maybe use
a
filter by itself though and not use the listener and do something like
the
following.
1
[EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Thursday, May 20, 2004 2:59 AM
Subject: Re: Session Timeout and Direct Reference to login page
Jonathan Eric Miller wrote:
Thanks. I think option #1 is what I'm looking for. What I don't
understand
is what I need to do
in their session.
2.) In each servlet/jsp (or, better, in a filter), test for the existence
of
that object and forward back to the login if it is null.
Seems pretty straight forward to me.
On Thursday 20 May 2004 12:51 pm, Jonathan Eric Miller wrote:
Yeah, that seems like it would work. I'm
I'm using org.apache.catalina.authenticator.SingleSignOn for single sign
on with container-based security.
I have a question about session time outs. When the session for a given
application times out, if a user attempts to access the application after
the session has timed out, the user should
It's too bad there isn't a session-timeout-page element that you can put
in web.xml kind of like the error-page element...
Jon
- Original Message -
From: Jonathan Eric Miller [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Wednesday, May 19, 2004 2:58
PROTECTED]
Sent: Wednesday, May 19, 2004 3:16 PM
Subject: Re: Session Timeout and Direct Reference to login page
On Wed, May 19, 2004 at 02:58:05PM -0500, Jonathan Eric Miller wrote:
: All I want to do is detect when a session has timed out for a user and
: display a page stating such when the user
Renato,
Did you ever receive a response to this? I'm having the same problem.
My current problem is slightly more complicated though. I have my
application protected using container based security, but, I also have
single-sign on enabled. So, the user doesn't get redirected back to the
login
He said Apache Tomcat in his message. Tomcat supports running CGIs natively
in standalone mode without having to use Apache HTTP server.
One thing to watch out for is that Tomcat 5.0.16 had a bug in the
CGIServlet. This is fixed in 5.0.18, so, be sure to use the latest version
of Tomcat 5 if you
The reason I'm using it is because I have an application that is a CGI that
generates Web server statistics. This is the only application that I'm using
CGI for. To run Apache HTTP server would make things unnecessarily complex.
Enabling CGI in Tomcat is trivial. i.e. Uncommenting a few lines in a
I recently found out about a way to create a single sign-on setup for
authentication for Web applications called Pubcookie. The following link has
a diagram that shows how it works. If a user hasn't yet authenticated, they
are redirected to a separate server that displays a login page. Then, once
I'm using jakarta-taglibs-standard-1.1.0-B1 with JSP 2.0 and Tomcat 5.0.16.
I have a bean that has the following accessor method.
public String getCNetId() {
return cNetId;
}
I'm attempting to get the value in a JSP using the following,
c:out value=${courseSiteRequest.cNetId}/
but, I'm
I'm using Tomcat in standalone mode and hence setting the permissions using
Tomcat in the web.xml file.
Jon
- Original Message -
From: Howard Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, December 31, 2003 3:36 PM
Subject: Re: URL path naming question, recommended
I'm developing an application that uses servlets and JSP. Currently, it is
using a Model View Controller type setup where everything is going through a
single servlet (I'm not using Struts) which forwards to JSPs that are
located in WEB-INF.
The path to my application is,
OK, thanks. I got it to work using the servlet as the welcome file, but, now
I have the problem that I don't know how to protect the servlet when it's
accessed as the welcome file. I tried using a url-pattern//url-pattern
for a security constraint, but, that causes images and a CSS file that I'm
, CGI isn´t a Apache server matter?
--
De: Jonathan Eric Miller[SMTP:[EMAIL PROTECTED]
Responder: Tomcat Users List
Enviada: segunda-feira, 15 de dezembro de 2003 20:52
Para: Tomcat Users List
Assunto: Re: CGI not working on Tomcat 5.0.16?
Do you have the same error that I do in your
]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 6:59 AM
Subject: RE: CGI not working on Tomcat 5.0.16?
Just a question, CGI isn´t a Apache server matter?
--
De: Jonathan Eric Miller[SMTP:[EMAIL PROTECTED]
Responder: Tomcat Users List
Enviada: segunda-feira, 15 de
I've been having problems getting CGI to work with Tomcat 5.0.16. I have it
working with Tomcat 4.1. Has anyone else been able to get it to work?
I'm receiving the following error in my localhost_log*.txt log even though
the file listed is there. Has anyone else had this problem?
2003-12-12
5.0.16?
I've noticed that on tomcat 5 the working directory that it execs the
cgi script in is different then it was on tomcat 4. I haven't solved my
problem yet, but I have isolated that to be my problem.
-gabe
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED
I'm using Tomcat 5.0.16 and I'm trying to make it so that if a user enters a
path like, http://myserver/myapp it runs a default servlet for that path.
According the the Servlet 2.4 spec, you can do this by mapping / to a
servlet. However, for me, it's just printing out a directory listing of the
(this is what the default servlet
handles, among other duties).
As for directory listings, read the FAQ.
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 1:23 PM
To: Tomcat User
-file
2305/welcome-file-list
2306 /web-app
On Friday 12 December 2003 03:35 pm, Jonathan Eric Miller wrote:
Hmmm, I just tried it by adding the following to my web.xml file but
it's
still just printing out the directory listing.
welcome-file-list
welcome-file
I'm having the same exact problem. I think it might be a bug in Tomcat 5 as
I have it working no problem in Tomcat 4. For some reason the file name has
two sets of 's. Not sure if that might have something to do with it...
Jon
- Original Message -
From: Li, William [EMAIL PROTECTED]
To:
where as Mozilla was only
3 MBs.
Jon
- Original Message -
From: Jonathan Eric Miller [EMAIL PROTECTED]
To: Tomcat User List [EMAIL PROTECTED]
Sent: Wednesday, October 15, 2003 3:52 PM
Subject: Slow HTTP upload speed with IE and Tomcat on Solaris (works fine on
Linux and Windows)
I'm
I'm having a strange problem with regard to HTTP upload speed when using
Internet Explorer on Windows with Tomcat on Solaris. If I upload a 10 MB
file over a 100 Mbs Ethernet connection, it takes 2 minutes 25 seconds if I
use IE (~80 Kbs). If I use Mozilla, it takes 3 seconds (~3 Mbs). If I try
JNDIRealm is broken and unusable.
Jon
- Original Message -
From: Karamat Adil IHMD [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Wednesday, April 02, 2003 2:08 PM
Subject: Tomcat with LDAP
Hello everyone,
Can any one give me an example of a LDIF file that I can
I think I may be having the same problem as well. I'm running Tomcat in
standalone mode and I have it configured only for HTTPS. The error message
that I'm receiving is.
INFO: All threads are busy, waiting. Please increase maxThreads or check the
servlet status75 75
This is the second time I've
I'm running in standalone mode and I'm receiving the same error, so, I don't
think the problem is with regard to what version of Apache you're running or
mod_jk.
Jon
- Original Message -
From: Ivan F. Martinez [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Friday, March
Did you set your CATALINA_HOME environment variable to point to the
directory you have Tomcat installed in?
Jon
- Original Message -
From: Shapira, Yoav [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Monday, October 28, 2002 11:12 AM
Subject: RE: Anyone running 4.1.12
Don't use cn, use uid.
Jon
- Original Message -
From: hans albers [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, October 14, 2002 4:09 AM
Subject: Authentification LDAP multiple entries
Authentification with JNDI-Realm works fine,
but what to do if there are multiple entries
Does anyone know if it is possible to turn off session persistence? I don't
have an immediate need to do so, but, I was thinking that it might be a nice
option to have while testing an application if you want to make sure all the
state is getting cleared out. You could do that by just opening a
Did you protect the resource that you're trying to access with a
security-constraint in your web.xml?
Jon
- Original Message -
From: Douglas L Stewart [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 23, 2002 11:31 AM
Subject: JNDIRealm and 4.1.10 with iPlanet
I'm
It used to be the case that javax.servlet.request.cipher_suite and
javax.servlet.request.key_size attributes would be set by Tomcat to
something similar to the following for HTTPS connections. I just noticed
that this no longer seems to be the case?
javax.servlet.request.cipher_suite:
FYI, something is screwed up with your email application. You have no To
field in the headers.
Jon
- Original Message -
From: [EMAIL PROTECTED]
Sent: Tuesday, July 09, 2002 11:29 AM
Subject: mod_webapp and Virtual Hosts
Following the installation instructions, I have successfully
If I remember correctly, JAXP is optional if you are using JDK 1.4. I
remember having the same problem, but, then I realized that it was optional.
I was able to get Tomcat to build without it.
Jon
- Original Message -
From: Heap, John [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent:
Have a look at these links. There is some new functionality in Tomcat 4.1
that isn't mentioned in the main end-user document yet that is in the second
link. Namely, how to get it to bind as a user to do the authentication
rather than querying for a password and comparing it.
If you want to see what the structure of AD is, run LDIFDE. LDIFDE comes
with Windows 2000 Server and will dump the contents of AD to a LDIF file.
Jon
- Original Message -
From: Chris Shen [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Thursday, June 06, 2002 4:35 PM
Josh,
You also need to put something similar to the following in your web.xml
file. i.e. the stuff you put in server.xml, just tells Tomcat where to
authenticate. The stuff in web.xml, tells Tomcat what resources are
protected and what roles are required in order to access a particular
resource.
if you're
using Apache HTTP Server on the front end.
Jon
- Original Message -
From: Jonathan Eric Miller [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Wednesday, June 12, 2002 2:20 PM
Subject: Re: JNDIRealm authentication
Josh,
You also need to put something similar
The value that you have connectionName set to looks invalid. It looks like
you have it set to the name of a container rather than to the dn of the
admin account that is used to bind to the directory for querying for user
passwords and role information.
Jon
- Original Message -
From:
Here's a link to the Tomcat SSL How To document.
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html
This is a link to the keytool documentation in the JDK.
http://java.sun.com/j2se/1.4/docs/tooldocs/tools.html
Note, it's also now possible to use a PKCS12 keystore. This would be
When you say that you configured SSL to work, do you mean you enabled HTTPS?
You may also want to enable SSL for the JDBC connection assuming the
database server is on a different host. The problem there is that many
databases don't support SSL. It depends on which DBMS your using. If you
want
?
groupOfUniqueNames objectclass? group class? Are both
valid?
Thanks,
Cristina
--- Jonathan Eric Miller [EMAIL PROTECTED]
wrote:
Jacob,
I'm happy to say that there is a new bind as user
mode in Tomcat 4.1.3
which verifies the user password by binding as them
to the directory, rather
If you are using Tomcat 4.1.3, there are two modes that you can use for
checking roles. If you set roleSearch, it will look for search for group
objects that contain a list of users for each group. If you set
userRoleName, it will get the group information out of the user's entry
instead. i.e.
.
R Thanks,
R Ryan
R --- Jonathan Eric Miller [EMAIL PROTECTED]
R wrote:
If you are using Tomcat 4.1.3, there are two
modes
that you can use for
checking roles. If you set roleSearch, it will
look
for search for group
objects that contain a list of users for each
group
I found that it looks like the nightly binary builds are broken. As you can
see, for some reason the many of the file sizes are only 45 bytes. Also, the
.zip file builds are missing.
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/nightly/
of /builds/jakarta-tomcat-4.0/nightly
Name
I noticed that you will receive the following error if you do not have a
GlobalNamingResources element in your server.xml file for Tomcat 4.1.2.
IMHO, this tag shouldn't be required because sometimes you might not having
anything to put in that section. i.e. I want to use JNDIRealm, not the
Remy,
Can you tell me if org.apache.coyote.tomcat4.CoyoteServerSocketFactory when
used for SSL supports the keystoreType attribute? As far as I can tell, it
doesn't. I'm hoping to be able to use it with a PKCS12 keystore rather than
the default JKS keystore. This works fine using the old HTTP
I have some Java servlet example applications that do this that I can send
you if you want. I don't know JSP, so, I don't know if you can easily
translate it to JSP or not. I would assume that you can do all the same
things using JSP that you can in servlets, just using different syntax?
Jon
This question is probably for Remy.
Does the CoyoteServerSocketFactory class that you use with CoyoteConnector
to use SSL not support the keystoreType attribute? I tried it out using the
following, and it doesn't work. I receive a Catalina.start:
LifecycleException: Protocol handler
Thanks, but, unless I'm overlooking something the factory is still listed as
org.apache.catalina.net.SSLServerSocketFactory (for use with HttpConnector).
There is no example for SSL with Coyote in the provided server.xml.
Jon
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
I just noticed that the CoyoteConnector no longer seems to work. I'm using
the config listed below for my server.xml. This worked fine with Tomcat
4.0.4b2-01 and Coyote 1.0b5. Now, it just hangs.
Server port=8005
shutdown=SHUTDOWN
debug=0
Service name=Tomcat-Standalone
Connector
Does anyone know if this release contains the new JNDI Realm code that
allows you to authenticate users using LDAP binds instead of querying the
directory for the password and comparing?
Jon
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL
it does an
LDAP bind as the user himself will be implemented. I know someone had a
patch that does this. The question is whether or not that patch will be in
4.1 or not.
Jon
- Original Message -
From: Rick Fincher [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]; Jonathan Eric
Miller
I think if you add something similar to the following to the web.xml file
for your application, it will make it automatically redirect from HTTP to
HTTPS.
security-constraint
web-resource-collection
web-resource-nameTomcat/web-resource-name
url-pattern/*/url-pattern
As far as I know, you won't be able to do this until Tomcat 4.1 is released.
In the current version of Tomcat, it binds as an administrator and then
queries for the user's password and compares it to that which was provided
by the user. This comparison takes place on the client-side. i.e. in
I don't know if you noticed, but, the password has to be stored as a hex
string rather than a base64 encoded string in the directory in order for it
to work. I think there is a patch that is supposed to fix this that I think
is supposed to be included when Tomcat 4.1 comes out. Also, there's
It is possible to use the Coyote connector for SSL connections as well?
Jon
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Tuesday, March 26, 2002 1:34 PM
Subject: [ANNOUNCEMENT] Tomcat 4.0.4 Beta 2 released
Thanks!
Jon
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Tuesday, March 26, 2002 1:00 AM
Subject: Re: Tomcat 4.0.4-b2 available?
I noticed that the following directory now exists on the Jakarta Web
site.
I noticed that the following directory now exists on the Jakarta Web site.
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.4-b2/bin/
Does this mean that 4.0.4-b2 is out? Or, is that a nightly build?
Also, anyone know if this release will contain the JNDIRealm enhancements? I
]
To: Tomcat Users List [EMAIL PROTECTED]; Jonathan Eric
Miller [EMAIL PROTECTED]
Sent: Friday, March 15, 2002 5:14 PM
Subject: Re: JNDIRealm with bind as user functionality
On Fri, 15 Mar 2002, Jonathan Eric Miller wrote:
Date: Fri, 15 Mar 2002 15:36:09 -0600
From: Jonathan Eric Miller [EMAIL
Does anyone know if JNDIRealm is going to be fixed up anytime soon so that
the bind as user functionality is in there?
I know someone had a patch for this. I'm wondering if that patch is going to
be integrated into the main distribution.
Jon
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For
According to the announcement, 4.0.3 is really just 4.0.2 with a security
patch applied. So, I'm pretty sure any other post 4.0.2 fixes won't be in
there.
Jon
- Original Message -
From: Andrzej Jan Taramina [EMAIL PROTECTED]
To: tomcat Users List [EMAIL PROTECTED]
Sent: Sunday, March
There seems to be a bug in the Bug Database as it appears to be down right
now.
http://nagoya.apache.org/bugzilla/
Jon
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For additional commands: mailto:[EMAIL PROTECTED]
Troubles with the list: mailto:[EMAIL PROTECTED]
been implemented?? has anyone tried it??
How does it work? I mean when I authenticate using bind style why is the
password ignored? I will seach on the web but would appreciate if someone
gives me a pointer.
ThanksRegards
jay
On Sat, 16 Feb 2002 Jonathan Eric Miller wrote :
How about bind
Does anyone know if this vulnerability still exists? It says that 4.0.1
suffers from this vulnerability, but, I don't see anything out of the
ordinary when I try it on mine.
http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=infoid=3199
Jon
--
To unsubscribe: mailto:[EMAIL
-
From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 20, 2002 4:34 PM
To: Tomcat User List
Subject: Jakarta Tomcat Error Message Information Disclosure
Vulnerability?
Does anyone know if this vulnerability still exists? It says that 4.0.1
suffers from
1 - 100 of 243 matches
Mail list logo
