For the archives I just found that this exception occurs when you try
shutting tomcat down too quickly before it has finished starting.
problems shutting down tomcat 4.0.3: java.net.ConnectException
* From:
On 03/08/2004 10:15 AM funkster wrote:
security-constraint
web-resource-collection
web-resource-nameDisable Methods/web-resource-name
url-pattern/*/url-pattern
http-methodPUT/http-method
http-methodDELETE/http-method
On 03/08/2004 02:57 PM James Agnew wrote:
I've been looking for a way to prevent security scanners such as Nessus from
being able to easily read Tomcat's standalone webserver details. I'm
running Tomcat 5.0.18 standalone and Nessus identifies it as follows:
Server Version: Apache-Coyote/1.1
What I was implying is that you have effectively disabled it already
this way.
Or are you able to do PUTs and DELETEs despite the security constraint?
I'd be surprised.
Adam
On 03/08/2004 11:24 PM James Agnew wrote:
So, how would I go about actually prevent PUT and DELETE for all users,
Well in that case, it sounds like something which is sorely needed! ;)
On 03/09/2004 10:36 AM Alex wrote:
Lots of scripts out there for little script kiddies to run simply look at
banners of different services to determine their worth in attempting to
run an exploit against to gain access. By
On 03/11/2004 08:56 AM Ronald Wildenberg wrote:
My biggest unknown right now is, because the server handles the
creation of the session, what would it take to make the server grab
a user object from the database and store it in the session after
the user logs in?
Can't you use an
Try kgbinternet.com. They have very reasonable developer accounts with
tomcat and mysql or postgresql. They have dedicated jvm's so you can
start and stop your own tomcat. I have used them with good success. The
person to talk to is
Keith Bjorndahl at [EMAIL PROTECTED]
Good luck,
Phil
On 03/12/2004 06:05 AM mganesh wrote:
Dear folks,
How could i dump HTTP Response and Request headers.
Im using Apache 1.3 and Tomcat 4.0 MOD_JK.
Hi Ganesh,
if you are talking client-side, then there is an excellent extension for
Firefox browser called HTTP headers. I expect there's something
On 03/12/2004 08:49 AM Andi Reinbrech wrote:
The next best thing since sliced bread is UML (no, not drawings of stickmen)
User Mode Linux.
Some hosting companies give you a Linux VM with full root telnet access.
You can do with it whatever you want, install Tomcat, install JDK,
PostgreSQL -
On 03/12/2004 11:19 AM Graham Reeds wrote:
Yes, +1 from me. I've been using UML at www.memset.co.uk for 3 months so
far without the slightest glitch. I couldn't live without my root access
:)
I notice that memset.co.uk charge £9.60/year for the registration of .com
domains. This is significantly
On 03/12/2004 12:23 PM Keith Hyland wrote:
I'm looking at internationalizing a series of pages, which cover
different character sets.
I've been planning to store the content type value in a properties files
along wit hthe rest of the internationalized text, but I've run into
some problems.
I
Graham, when doing your cost calculation don't forget that the email
pop3 server is extra - normally. Only a couple of quid a month, but still.
Adam
On 03/12/2004 03:12 PM Graham Reeds wrote:
They were nice enough to email me directly back with the answer:
Just saw a link to your site while
On 03/12/2004 03:34 PM Paul Tomsic wrote:
What does tomcat do to ensure that you're logged in
while using the j_security_check ?
We're trying to transition users from non-logged in to
logged in, but we've got a fair amt. of portions of
the site that should be accessible from both states
On 03/12/2004 06:44 PM Alan Weissman wrote:
I'm implementing a JAAS login mechanism in my app, not as a Realm but
via Struts Action classes.
In my loginModule, I am creating the Subject with principals and
credentials and want to store role information. Where does Tomcat
expect a list of roles
On 03/12/2004 08:02 PM Alan Weissman wrote:
Hm! Thanks Adam - I guess that makes sense! Ok, so my two requirements
for my authentication are 1) that I can load custom information into the
session object and 2) that I support isUserInRole(). Realm
authentication should take care of #2, but what
Steve,
post the Resource ResourceParams tags from your context for the
webapp. State whether it's in a context.xml file, server.xml or whatever.
Perhaps we can spot something.
Adam
ps this email has got some weird font - my mail reader is up the creek
at the mo'. sorry
On 03/16/2004 09:47
these files as requested in just a sec.
Thanks for your help.
Steve
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 16, 2004 2:07 PM
To: Tomcat Users List
Subject: Re: JDBC problems with MySQL
Steve,
post the Resource ResourceParams tags from your context
If you are having problems with JNDI connection pooling and you can't
work out the problem, I would pay attention to the Host node settings
in the server.xml.
I would even get a fresh installation of tomcat and start from scratch
with a simple test case.
The attributes of Host, e.g.
On 03/18/2004 03:22 PM Jeff Poling wrote:
We use tomcat as our middleware to provide a GUI-like interface for
our UNIX character-based back-end. We are running into a problem with
maxProcesses being maxed out and users not being able to use the
system. A good rule of thumb is to multiply
On 03/19/2004 06:35 AM Tom K wrote:
Any clues where I would look to determine where this message?
Start from only happens during sart up of my application.
Mar 18, 2004 11:33:48 PM java.util.jar.Attributes read
WARNING: Duplicate name in Manifest: Class-Path
Sounds like somebody is
On 03/21/2004 05:53 AM Matt Anderson wrote:
Hi All,
This is the first time I have used this list so this question may have
been asked many times before, however I tried to download previous message
but were unsucessful. My question is, how do you configure the security
manager to disable
Leonard,
I went the other way. I wrote a login module for tomcat's JAAS
implementation and recently found it relatively easy to adapt it to
JBoss. However I see you're going down the JDBC route.
Adam
On 03/23/2004 09:22 AM Leonard Wolters wrote:
Hi,
I've got a question concerning the
Martin,
I would check your problem again. That is not the normal behaviour of
the container-managed login. It will cache the original request during
the login and send it on to the originally requested URL.
Adam
On 03/25/2004 02:45 PM Martin Alley wrote:
Hi,
Has any one got an example of a
Tom,
FIXME means it needs to be written... :) (Although I may be wrong there
- perhaps someone will jump in)
I should imagine that the original class for the JDBC realm would be a
fine basis to start from.
You should jar it up and put it in tomcat's common/lib directory.
Adam
On 03/25/2004
//DTD Web Application 2.3//EN
http://www.jboss.org/j2ee/dtd/jboss-web_3_0.dtd;
jboss-web
security-domainjava:/jaas/authtest/security-domain
!-- Resource Environment References --
!-- Resource references --
!-- EJB References --
/jboss-web
-Original Message-
From: Adam Hardy
...
Thanks
Martin
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 29 March 2004 09:17
To: Tomcat Users List
Subject: Re: post data through form based authentication example?
Hmm. You're right. I just tested it on my JBoss (running 3.2.4RC1 with
tomcat 5.0.19) and I got
Tomcat 3.3? Are you not able to upgrade?
On 03/29/2004 01:10 PM Abhinandan Karmakar wrote:
Hi,
My web site has a lot of JSP pages ~60. Some JSPs are big ~400 lines. I
have given load-on-startup for all my JSP pages.
I notice that tomcat takes up about 200 secs to preload all my JSPs and
during
Pardon my ignorance but how do you share one port between multiple
instances of tomcat? Are you talking launching tomcat 100 times (100
JVMs), or are you talking 100 Hosts configured in server.xml?
Adam
On 03/30/2004 05:28 PM Reynir Þór Hübner wrote:
I just wanted to post my info on the
To do a login programmatically via form-based authentication, you would
need to watch for the login form being returned that has a submit action
to j_security_check. You must submit that with the correct headers and
form element parameters - j_username and j_password.
Adam
On 04/04/2004 11:20
On 04/05/2004 02:02 PM Simone - Dev wrote:
Hello All,
I'm developing a webapplication that needs to authorize and authenticate
users looking inside a database.
Generally I'll be doing it adding a JDBCRealm inside the server.xml (or
in the contex xml file)
But I don't have access to these files.
Michiel,
you are programming your own login trigger in a filter - I don't this
this will work (although I'm happy to be wrong).
I think tomcat is only going to adopt your principals as authenticated
if you protect whichever pages necessary via security-constraints in the
deployment descriptor.
bluppie of type security.UserPrincipal to user bluppie
Assigned principal authenticateduser of type security.RolePrincipal to
user bluppie
Assigned principal developer of type security.CustomPrincipal to user
bluppie
Adam Hardy wrote:
Michiel,
you are programming your own login trigger
Hi Mike, I'm not familiar with openejb but I assume that you are talking
about fetching the initial context for JBoss?
Try this in your code:
Hashtable env = new java.util.Hashtable();
env.put(java.naming.factory.initial,
org.jnp.interfaces.NamingContextFactory);
On 04/12/2004 10:31 AM [EMAIL PROTECTED] wrote:
Hello. I'm a bit confused. I'm trying tomcat's authentication with bad
or no results. The documentation is very simple and I don't understand
so well. I've a web application and I want to make authentication with
a user role and a admin role. The
Yes your observations are correct. It's my understanding that filters
are not invoked until after authentication. i.e. after the form-based
login.
I have no experience of site-mesh, but it seems a bit weird anyway to
put decorations on a page via a filter - surely you should be
encapsulating
Martin Alley wrote:
Hi Adam,
Why do you think this behaviour changed from tomcat4 ?
I haven't gone into the full architecture of sitemesh, as yet, but I
know it includes a filter.
Martin
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 12 April 2004 11:26
To: Tomcat
.
I'll see if I can find anything in the tc5 release notes on this.
Thanks again
Martin
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 12 April 2004 13:13
To: Tomcat Users List
Subject: Re: tomcat 4 vs 5 form based container auth filters
AFAIK it has something to do
2004 16:42
To: 'Tomcat Users List'
Subject: RE: tomcat 4 vs 5 form based container auth filters
Thanks Adam
It seems to me that the separation idea is not clear cut. There is
certainly a down side. I wonder whether this will stick.
Martin
-Original Message-
From: Adam Hardy [mailto:[EMAIL
On 04/18/2004 12:22 PM Frank Schaare wrote:
I've written one step by step for this. It's for Tomcat on Linux, but
I don't think Windows is different at all, at least for the realm
part. Can't say the same for the installation. You can view it at
1. Yes of course. 4.1.30 is many release cycles ahead of 5.0.19. But
that's a matter of course with all software.
2. Don't know.
3. I thought 'enterprise' was a marketing word ;)
4. Are you sure you've got apache configured correctly? I don't think
there should be such a noticeable
On 04/21/2004 10:27 PM Alan Weissman wrote:
I've written a simple login module that I've configured to run from a
Struts Action class and it appears to be working wonderfully -
authentication takes place and principal/credentials are returned.
However, I can't get any of this information back when
The servlet container spec from Sun doesn't specify any integration
requirements for JAAS. The JAAS support is basically fledgeling
authentication, and that's it for servlet spec 2.4 - I would be
interested myself in seeing the discussions and motivations behind the
progress and changes on the
Michiel,
that would be the one that you put there, right?
Adam
On 04/23/2004 10:33 AM Michiel Toneman wrote:
Oops, missed the How ;-)
Subject subject =
(Subject)session.getAttribute(javax.security.auth.subject);
if (subject == null) {
subject = new Subject();
}
I just upgraded from 4.1.24 to 4.1.27 and found that tomcat or java now
can't find my formatter class which I need for JDK 1.4 logging.
if you're not familiar with JDK 1.4 logging, the formatter class is what
you specify in the logging.properties config file, which formats the
output of the each
I just upgraded from 4.1.24 to 4.1.27 and found that tomcat or java now
can't find my formatter class which I need for JDK 1.4 logging.
if you're not familiar with JDK 1.4 logging, the formatter class is what
you specify in the logging.properties config file, which formats the
output of the
I'm using org.apache.catalina.realm.JAASRealm for my authentication for
my webapps, and I have got to the point where I want to use tomcat's
manager and admin app.
Unfortunately when I try to use JAASRealm for the manager,
JAASCallBackHandler throws an exception because it hasn't been given
,
Adam
On 08/25/2003 12:43 PM Tim Funk wrote:
You can place a Realm inside a Context declaration.
As for the non-working of JAASRealm - I know nothing about it and have
not used it.
-Tim
Adam Hardy wrote:
I'm using org.apache.catalina.realm.JAASRealm for my authentication
for my webapps, and I
a webapp should use.
-Tim
Adam Hardy wrote:
ah, ok. I put those 2 realms at engine level. So I can't have 2 realms
in engine?
Now thanks to your advice I've got the manager working with
tomcat-users.xml by placing the realm tag in the manager.xml in the
webapps dir. However I would like to keep
M$ lost it - but it is only the City of Munich, not the whole of Germany.
On 08/28/2003 04:31 PM Dave Butler wrote:
I remember them talking about it and M$ sending some heavies
to Munich to sort them out..
-
To
.
--- Stuart MacPherson [EMAIL PROTECTED] wrote:
Forbid independent development of innovative
software-based solutions...
So you might only be able to code for someone else?!
That does not sound good...
-Original Message-
From: Adam Hardy
[mailto:[EMAIL PROTECTED]
Sent: 28 August 2003 13:01
This is a repost from last week, which got no answers. I've tried to
give more better info here.
I just upgraded from 4.1.24 to 4.1.27 and found that java now
can't find my formatter class which I need for JDK 1.4 logging.
The configuration in the logging.properties file is picked up fine, I
I am trying to run my JAASRealm implementation, and I have it working
successfully on my own apps using Form-based authentication, but when I
try to use it for tomcat's manager tool (configured in
webapps/manager.xml) or any other app using basic authentication, I have
problems.
First of all
hi Tom,
it's not obvious what your problem could be.
To find out the classpath being used by your app server, you should put
an echo in your app server's batch file at the appropriate point, i.e.
just before it calls javac.
However app servers generally don't include the webapp directories in
On 09/05/2003 05:16 AM Bill Barker wrote:
But, some how the logger manager can't find the handler classes. (Class
loader problem?)
Yup, it's a CL problem. Unfortunately, it looks like the problem is in
Sun's implementation of 1.4 Logging. Instead of using the
ContextClassLoader, it's looking for
an I got BasicDataSource.
--Angus
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: Friday, September 05, 2003 4:19 AM
To: Tomcat Users List
Subject: Re: Using jndi to get a DBCP BasicDataSource give
ClassCastException
Hi Angus,
looked at your first mail and couldn't
:11 AM
To: 'Tomcat Users List'
Subject: RE: Using jndi to get a DBCP BasicDataSource give
ClassCastExce ption
I suppose there could be two different classes called
BasicDataSource, in
two different packages...
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 05
If you haven't checked
http://jakarta.apache.org/
today, do so and read the welcome page. Sounds dire, but in these times,
predictable.
Nothing to do with me, I just agree with it.
Adam
--
struts 1.1 + tomcat 4.1.27 + java 1.4.2
Linux 2.4.20 RH9
Hi Dave,
how much does it cost at Verisign, and how long is it valid for? And is
this 'openssl' you mentioned a free alternative?
Adam
On 09/06/2003 03:21 PM Dave Wood wrote:
FINALLY!
I still don't know what I did wrong in the first place, but after starting
over with VeriSign, all is well
Hi Hans,
in my server.xml I have:
GlobalNamingResources
Resource name=jdbc/GlobalRealmDB
auth=Container
type=javax.sql.DataSource
description=allows connections to be made to mySQL
/Resource
ResourceParams name=jdbc/GlobalRealmDB
parameter
What is the URL querystring? There are limits on how long the query
string can be. Sounds like the flash program is doing a GET instead of a
post.
Adam
On 09/10/2003 06:22 PM chanan braunstein wrote:
Good Morning,
I need to build a page that accepts a POST from a flash program. So
far my
Hi Matt,
how does it work if you use a meta tag direct in html?
meta http-equiv=content-type content=application/vnd.ms-excel /
On 09/11/2003 07:54 PM Sgarlata Matt wrote:
I'm having trouble using the %@ page contentType= % directive and
container-based authentication. Here is a toy example that
The tricky bit is to remember to put a reference to the global-resource
in the contexts which want to use it:
ResourceLink name=jdbc/RealmDB
global=jdbc/GlobalRealmDB
type=javax.sql.DataSource/
Adam
On 09/15/2003 07:03 PM Paul wrote:
has anyone been successful
that the values for the name and global parameter in the
ResourceLink tag are the same. I notice that in your example they are
different. Where does the global value get defined?
- Original Message -
From: Adam Hardy [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Monday, September 15
It depends on your logging configuration rather than catalina.bat. When
you say catalina.out, you mean the console?
On 09/16/2003 02:20 PM Csaba Nemeth wrote:
Hi all,
I would like to log everything under Windows (like under linux) to
catalina.out. How should I configure this?
( A proper
Hi Nathan,
could you rephrase what the problem is? It's a bit ambiguous. Do you
mean that each thread can only do one DB operation and then it gets the
exception on its next DB operation, or on its next http request?
Have you checked in bugzilla? I think there are some unresolved issues
with
Guess you won't be needing my reply then, but looking at your code, it
seems that your finally block could be improved slightly :)
In the rare situation where statement.close() throws an exception, your
connection won't be closed.
Adam
On 09/17/2003 10:20 PM Nathan Christiansen wrote:
Sorry.
you have to answer the confirm email it sends you.
On 09/18/2003 01:29 PM Ronaldo Quispe wrote:
Hello,
How does one get off this list? I tried the by sending email as
described in the web site but that does not work. Is there a moderator
that can help?
Ronaldo Q.
Is there a way to configure the manager app to use form-based or digest
authentication so I can use SSL to encrypt the login?
As I understand it, with basic authentication the passwords are sent in
plain text across the net, allowing them to be snooped out from caches
and logs. I've no
Thanks, I'll do that.
Adam
On 09/19/2003 07:48 PM Filip Hanik wrote:
in web.xml for the manager app, force it to use SSL,
that way the only way to connect into it is over SSL and you are good to go,
even with basic authentication
Filip
- Original Message -
From: Adam Hardy [EMAIL
Looking through the archives I see this topic has had some heavy
discussion in the past, but I just want to bring it up again to verify a
few points.
To overcome the issue with tomcat 4.x where the first session amongst
all contexts to time-out will time-out all the user's other sessions, I
another question on this topic which has long puzzled me: is tomcat
being changed over to commons-logging to output log statements?
Or is it all configured going to remain controlled by the debug
attributes of nodes in server.xml?
If I set all those debug attributes to 0, will tomcat become
On 09/22/2003 04:25 PM Shapira, Yoav wrote:
Tomcat is already mostly switched over to commons logging.
tomcat 4 as well, or just 5? If so, then presumably there is a logging
properties config file somewhere, which the original poster could
configure so that less output goes to the console?
In
No it's not mandatory. But tomcat's admin app uses struts. This is
controlled by an .xml file in your webapps directory, and it points to
the deployment in tomcat/server/webapps/admin.
Adam
On 09/23/2003 06:07 AM Sarika N Inamdar wrote:
Hi All,
Please let me know if struts.jar should be
Have you set up the security-constraint in your web.xml for those pages?
security-constraint
web-resource-collection
web-resource-nameLogin 4 Everything/web-resource-name
!-- Define the context-relative URL(s) to be protected --
url-pattern/private/*/url-pattern
I believe somewhere on java.sun.com I saw an article about setting up
JAAS as a tomcat realm to use NT authorisation.
Good luck,
Adam
On 09/23/2003 07:29 AM Peter Harrison wrote:
I was wondering it anyone knows how to do NT based one login authentication
with web applications. I was hoping
Is there a way that we can tell tomcat not to use struts.jar ? Do we
need to make any changes in the web.xml ?
Please let us know on this.
Thanks Much,
Sarika
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 23, 2003 1:49 PM
To: Tomcat Users List
Subject
Hi Joerg,
since you are using struts, why don't you ditch the
SetCharacterEncodingFilter and set the character-encoding as a property
of the struts controller? This means you also don't need anything in
your JSPs.
I assume you are using form-based container-managed authentication as
the
.
Adam
On 09/23/2003 11:56 AM Adam Hardy wrote:
Hi Sarika,
I think the easiest solution is to move the admin.xml file out of your
tomcat/webapps directory. Then the admin app will not be started with
tomcat.
HTH
Adam
On 09/23/2003 10:36 AM Sarika N Inamdar wrote:
Hi,
Thanks for the inputs. We
I can't see why. Perhaps you are overriding it later in the request
processing? Struts uses response.setContentType()
The docs say: overridden automatically if a
* codeRequestDispatcher.forward()/code call is
* ultimately invoked.
but that leaves me none the wiser.
Adam
On 09/23/2003
On 09/23/2003 03:20 PM Joerg Heinicke wrote:
Ah, okay. It's our first Struts project and experience. I found
http://jakarta.apache.org/struts/api/org/apache/struts/config/ControllerConfig.html#contentType
and set the contentType in the struts-config.xml with
controller
Your config looks OK. Are you getting any errors logged when you try to
log on?
On 09/23/2003 04:43 PM Laurent Perez wrote:
Hello
I am trying to protect a webapp I wrote using a JDBCRealm, but it
doesn't seem to work as expected. I am using Tomcat 4.1.27, and
Postgresql 7.3.2, with latest
sounds like you need the commons-dbcp and commons-pool jar files as well.
Adam
On 09/24/2003 01:52 AM Renda, Michael wrote:
I'm trying to configure a JDBC Data Source for a Tomcat 4.1.27
installation. I used the Admin tool which wrote the following entry to
my server.xml file:
struts.jar ? Do we
need to make any changes in the web.xml ?
Please let us know on this.
Thanks Much,
Sarika
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 23, 2003 1:49 PM
To: Tomcat Users List
Subject: Re: Is struts.jar mandatory for tomcat
Stop it, you're giving me dxlseiya
On 09/24/2003 08:18 AM Micael wrote:
Aoccdrnig to a rscheearch at Cmabrigde Uinervtisy, it deosn't
mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is
taht the frist and lsat ltteer be at the rghit pclae. The rset can be
a total mses and
Don't you get:
Digester.error(): org.xml.sax.SAXParseException: Element
security-constraint requires additional elements.
On 09/24/2003 09:48 AM Laurent Perez wrote:
in case no one noticed and it matters, web.xml has following typo in it,
where resource is spelled ressource:
Yes! I was unaware that you could disable xml parsing exceptions. But it
seems you have. :(
Perhaps it depends on the xml parser you are running. Mine is crimson
(SAX?).
Adam
On 09/24/2003 11:29 AM Laurent Perez wrote:
Don't you get:
Digester.error(): org.xml.sax.SAXParseException: Element
Oh I'm very sorry, perhaps I confused your post with somebody else's.
The problem I am referring to is the issue with the web-resource-name
being spelt wrong.
Adam
On 09/24/2003 12:08 PM Laurent Perez wrote:
Yes! I was unaware that you could disable xml parsing exceptions. But
it seems you
at jakarta.apache.org from their binary downloads page.
On 09/24/2003 01:05 PM Renda, Michael wrote:
I've got the commons-dbcp.jar file in the common/lib directory. Where
do I find the commons-pool.jar file?
Mike
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent
-nameapplication/param-name
param-valueApplicationResources/param-value
/init-param
Is there a way that we can tell tomcat not to use struts.jar ? Do we
need to make any changes in the web.xml ?
Please let us know on this.
Thanks Much,
Sarika
-Original Message-
From: Adam Hardy [mailto:[EMAIL
PM Joerg Heinicke wrote:
Adam Hardy wrote:
I can't see why. Perhaps you are overriding it later in the request
processing? Struts uses response.setContentType()
The docs say: overridden automatically if a
* codeRequestDispatcher.forward()/code call is
* ultimately invoked
Statements should go to $CATALINA_HOME/logs/ if you have set up your JDK
logging.properties not to filter them out.
Adam
On 09/26/2003 08:34 AM Josh G wrote:
Just wondering if anybody here has any experience on using
java.util.logging with tomcat? I was under the impression that logged
lines
I think I have a problem.
I want form-based container-managed authentication on my app.
I also want to allow cookies to be disabled.
And I want to keep my JSPs under WEB-INF for security.
It seems I cannot have these 3 combined, because disabling cookies means
I have to do URL rewriting in
On 09/28/2003 06:09 PM Jose Alfonso Martinez wrote:
Do you really need to maintain a session, even when the user is just browsing static html files (before logging in)??? If the answer is no, then you could have an html login form.
Try it! If tomcat doesn't have a session id to store the user's
wrote:
Adam Hardy wrote:
Statements should go to $CATALINA_HOME/logs/ if you have set up your
JDK logging.properties not to filter them out.
How do I make that change?
--
struts 1.1 + tomcat 4.1.27 + java 1.4.2
Linux 2.4.20 RH9
Hi Steven,
check out the AccessLogValve in your server.xml
Adam
On 09/29/2003 11:35 AM Steven Perry wrote:
Hello All,
I have got Tomcat 4.1.
I would like to read all the requests that are passed
onto Tomcat from all the different applications, and
print them either onto the screen or a file.
I
Hi Matt,
you don't destroy them, you just close them.
if (!conn.isClosed()) conn.close();
On 09/30/2003 12:51 AM Matt Raible wrote:
If I'm getting my database connections from a JNDI resource (configured in
server.xml) how do I destroy these suckers. Sample code would be great - or
tell me
actually that doesn't really close them, since it's a connection pool,
but it tells the connection pool that they're free for someone else.
On 10/01/2003 11:05 AM Adam Hardy wrote:
Hi Matt,
you don't destroy them, you just close them.
if (!conn.isClosed()) conn.close();
On 09/30/2003 12:51
That bugzilla issue only addresses filters, not character encoding, with
j_security_check.
On the one hand the servlet 2.4 spec actually addresses response
character encoding issues nicely, with the addition of stuff like:
locale-encoding-mapping-list
locale-encoding-mapping
there.
other ideas or comments
Jose
On Sun, Sep 28, 2003 at 06:50:05PM +0200, Adam Hardy wrote:
On 09/28/2003 06:09 PM Jose Alfonso Martinez wrote:
Do you really need to maintain a session, even when the user is just
browsing static html files (before logging in)??? If the answer is no,
then you
Sorry, but I didn't see which datasource you were using. With DBCP, you
have these optional parameters:
!-- abandoned dB connections are removed and recycled --
parameter
nameremoveAbandoned/name
valuetrue/value
/parameter
!-- set the number of seconds a dB connection has been idle
1 - 100 of 320 matches
Mail list logo