I tried to get that working but failed so I went back to mod_jk which does
pass the cert.
Directory /webapps/myapp
SSLVerifyClient optional
SSLVerifyDepth 5
SSLRequireSSL
SSLOptions +FakeBasicAuth +ExportCertData +StdEnvVars
Options Indexes
Looking at SingleSignOn sessionEvent code it seems that if you invalidate a
session it does kill all the sessions.
Only if the session died from timeout do other sessions survive.
This is from TC5.0.25
// Was the session destroyed as the result of a timeout?
// If so, we'll just remove the
And server side you can use a token match from a form hidden element and
session attribute.
-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 10, 2004 7:56 AM
To: Tomcat Users List
Subject: RE: Denial Service Attack Prevention apache-tomcat modjk2
I am really starting to hate IE.
First my site.
Running apache 2.0.49. mod_ssl to mod_jk to TC 5.0.19.
Apache is doing all of my PKI work, passes the cert to TC which handles user
auth.
My site has a lot of PDF documents. Some are downloaded via a servlet.
The problem:
It all worked
After searching the archives it seems that it is not possible.
Just to note. I added JkMount /MyApp/* ajp13 to http.conf.
That is what caused the direct url problem.
Apache does not set the header but tomcat does, strange.
Guess I will have to write my servlet as I need user access control to
From other comments on the list I added this to the top of my login.jsp
if (session.isNew())
{
String referer = request.getHeader(Referer);
if (referer == null)
{
response.sendRedirect(index.jsp);
}
else
{
response.sendRedirect(referer);
}
return;
}
Then I had a problem
. Removing the...
Pragma: No-cache
Cache-Control: no-cache
...headers should fix your problem, I think. It worked for me, let me know
if this words for you too.
-Sasha
From: Summers, Bert W. [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
Date: Tue, 11 May 2004 12:32:49
I have a problem that just came up. I have PDF documents located out side
of my webapps directory.
When the user wants one they go to my servlet which streams it back.
This use to work just fine, but now is broke.
In IE I get Error opening document on TC4.1.30 and unable to open this
Internet
This is what tcptrace tells me is being sent back to the browser
HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-disposition: attachment; filename=N77-NTSP-E-70-0203.pdf
Content-Type: application/pdf
Content-Length: 443928
Date: Tue, 11 May
Running 4.1.29 on 2003.
Had problems with IIS6 and DoD PKI client authentication.
Went to Apache to fixed that problem.
-Original Message-
From: Anderson Boechat Lopes [mailto:[EMAIL PROTECTED]
Sent: Friday, May 07, 2004 12:12 PM
To: Tomcat Users List
Subject: Tomcat and Windows 2003
I am using the SingleSignOn class from Tomcat.
It is working good in that I have three webapps that I can be between
without a problem.
My issue that when one of the sessions expire it kills all the sessions in
the other webapps and I get redirected to the login screen again.
That is not
to my trading
account. When I log off, I expect to log off BOA and not just the section
I'm on. Other people might have different expectations, but that's how I
tend to think of single signon.
peter lin
Summers, Bert W. [EMAIL PROTECTED] wrote:
I am using the SingleSignOn class from Tomcat
of single signon.
peter lin
Summers, Bert W. [EMAIL PROTECTED] wrote:
I am using the SingleSignOn class from Tomcat.
It is working good in that I have three webapps that I can be between
without a problem.
My issue that when one of the sessions expire it kills all the sessions
in
the other webapps
of sessions and if there is
only one then remove the ssoId from the cache.
Seems that will fix my problem.
Are there any security problems I should be aware of?
Bert
-Original Message-
From: Summers, Bert W. [mailto:[EMAIL PROTECTED]
Sent: Monday, April 12, 2004 12:51 PM
To: Tomcat Users
You need to cast the ResultSet to the Oracle specify ResultSet
-Original Message-
From: Kumar Abhay-CAK203C [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 06, 2004 11:01 AM
To: Tomcat Users List
Subject: [OT] getBlob() error in Tomcat
Importance: High
Hi,
Any idea why this error is
:[EMAIL PROTECTED]
Sent: Tuesday, April 06, 2004 1:43 PM
To: 'Tomcat Users List'
Subject: RE: [OT] getBlob() error in Tomcat
Importance: High
I will appreciate you if you can tell me how ?
Best Regards
Abhay Kumar
-Original Message-
From: Summers, Bert W. [mailto:[EMAIL
I just completed doing something similar.
You need to write a custom authenticator.
I got hung up an having to change my web.xml security constraint from FORM
to MYFORM(or whatever you put in Authenticators.properties)
-Original Message-
From: Brett Spell [mailto:[EMAIL PROTECTED]
I have Apache2 running as the front end handling all the client PKI
authentication.
Then Tomcat 4.1 using security constraints in the web.xml.
Now I use jk to connect them together and it works fine, sort of.
I can access protected files inside of Tomcat from Apache. Specifically any
file
I am using form base authentication with web.xml security constraints.
It works fine in that if you enter the correct username and password you get
in.
What I want to do is provide feedback to the user for certain conditions,
such as password is expired and they can not login or about to
.
-Original Message-
From: Summers, Bert W. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 31, 2004 11:48 AM
To: [EMAIL PROTECTED]
Subject: form base auth with custom messages
I am using form base authentication with web.xml security constraints.
It works fine in that if you enter the correct
: Summers, Bert W. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 31, 2004 11:57 AM
To: Tomcat Users List
Subject: RE: form base auth with custom messages
I would like to but there are two problems:
1. On the error page I don't know who tried to login, so I can not do any
checks with the db.
2. I
I have used the redirector2 on IIS6 and Tomcat 4.1.29
Had problems with the redirector failing about 5% of the time.
Found that my reg entries were missing a couple of keys defined in the
source download.
Specifically,
authComplete and threadPool
Added those, tweaked the connector in server.xml
I have moved my Tomcat from 4.0.6 on NT4 with IIS4 to Win2003 IIS6 and
Tomcat 4.1.29.
I have configured everything correctly, I believe.
The problem is that sometimes the redirector does not seem to pass the
request to Tomcat.
I have tried isapi_redirect.dll (which worked great on NT4 and
23 matches
Mail list logo
