If you get the referrer - but often you don't, depending on the browser.
Ricardo, is your form authentication page a JSP? If so, it can deal with
any parameters you pass it. What exactly are you thinking of?
Adam
On 01/21/2004 02:28 PM Matt Raible wrote:
You could check the referer and change a
Changed, probably, but broken, unlikely.
Instead of changing the catalina.properties to alter the class loading
setup, try putting the jar with your login module & other classes it
depends on in the $CATALINA_HOME/common/lib directory.
Adam
On 01/21/2004 12:55 AM Scott McReynolds wrote:
Hi,
I
et providers and they are often used inside
corporate networks.
If we want to be shure that an url is not cached,
we not only set the response headers, but also
append a unique id to the url that changes with
every request. (As parameter)
-Original Message-
From: Adam Hardy [mail
Maybe I'm just an idiot, but I'm having a nightmare with the caching in
my webapp. I asked a colleague to look at it and he's baffled too.
It's probably something to do with the resource bundles. I had
everything in an English and also a German .properties file, for testing
purposes, but then d
Did you know that specifying GET and POST means that the other http
methods like DELETE and PUT will not be secure?
On 01/13/2004 04:53 PM Keshav Sarin wrote:
Another way to secure resources is to define them in web.xml. Usually
this setting has worked for me.
app or resourc
Someone told me once that doing a GET with a form in tomcat has a bug in
it related to character encoding. Check out bugzilla to see what the
exact issue is.
On 01/13/2004 03:26 PM Altankov Peter wrote:
Try request.setCharacterEncoding("UTF-8") BEFORE you getParameter() out of it
-Original
On 12/18/2003 12:20 PM Alan Halley wrote:
Hi,
I'm using Tomcat 4.1.29 on XP Home.
I trying to configure Form based authentication with a DataSource based Realm. I've followed the server and web.xml given in the examples supplied with Tomcat.
When I try to access my protected index.jsp the req
On 12/18/2003 02:54 AM Justin Ruthenbeck wrote:
At 05:34 PM 12/17/2003, you wrote:
Hi,
I'm using mysql via JDBC and I need to encode a password with
non-alphabet characters in it like % in my server.xml.
Do I use a URL encoding for this or an XML encoding?
I don't know for sure as I haven't us
Hi,
I'm using mysql via JDBC and I need to encode a password with
non-alphabet characters in it like % in my server.xml.
Do I use a URL encoding for this or an XML encoding?
Also while I'm on the subject, do I have to encode or escape a
double-quote in an xml attribute:
or is there some othe
On 12/17/2003 12:39 AM Kent Boogaart wrote:
Didn't work. So I can't do what you're doing. Strange. Are you dead certain
you don't have an /eSM/ context?
Adam
Hi Adam,
It's a bit hard to tell for certain since I have disabled the manager app.
However, I can tell you that there is only one direct
On 12/17/2003 11:15 AM Jason Novotny wrote:
Hi,
In my project I use getServletContextName to get me the description
of the webapp specified in web.xml. However, is there a way to maintain
localized descriptions? It seems it only allows me to set on entry so if
I present that to my Italian
On 12/16/2003 05:55 PM jford wrote:
This may have been asked many times before, but I can't find it, in part
because I don't quite know what to search for and in part because it may
not even be a Tomcat-specific issue.
But it occurs because I'm trying to make Tomcat work, so here goes...
(if I'm
Is it possible to configure tomcat to use public / private key pairs
that implement the java.security API for authentication a la ssh? I
assume it is but haven't found out how yet.
I'm using SSL at the moment but I need to implement a higher security
environment in the same shape and form as ss
On 12/16/2003 01:30 AM Swaminathan Gurumoorthy wrote:
I am posting this again since I could not figure out how to solve
this. I wud really appreciate any help.
*** Problem statement ***
I need to use Tomcat's manager app to install my webapp with its
context file.
I was playing with the manager ap
On 12/16/2003 10:15 AM Adam Hardy wrote:
I'll experiment: if I put all my context info in the server.xml, then
maybe it will work.
Didn't work. So I can't do what you're doing. Strange. Are you dead
certain you don't have an /eSM/ context?
Adam
--
struts 1.1 + tomcat
On 12/16/2003 12:00 AM Kent Boogaart wrote:
When I do that, I get a context at "/" and a context at "eSM". In
$TOMCAT_HOME/work/Standalone/localhost/ tomcat makes both "_" and "eSM".
I use exactly the same context config as you, except some I don't declare
since the defaults are the same. The only
On 12/15/2003 06:05 PM Renato Romano wrote:
it seems to me the simplest way to authenticate users is using form base
auth, in conjunction with declarative security (declaring
resources/roles in web.xml); the main problem with this approach in my
opinion is handling several login pages, for example;
/manager/ gives me a directory listing of the manager context. The
correct access is:
http://localhost:8080/manager/html
However you should check in your server.xml to see what your connectors
are set up for. manager operates under ssl and the connector should
redirect the http request to the
Jason,
check out this thread:
http://marc.theaimsgroup.com/?l=tomcat-user&m=107123762419428&w=2
Adam
On 12/15/2003 03:40 PM Tim Funk wrote:
The Realm is intended as a readonly gateway for authentication and
authorization. Its not the job of the realm to update the datasource
with respect to aut
On 12/15/2003 04:02 PM Edson Alves Pereira wrote:
Hello folks, i´m using Mozilla 1.4 and i just create a session
atribute named "Var_Blah" with value "here my value" and made my JSP page
show its value, like <%= ( String )session.getAttribute( "Var_Blah" ) %>.
But it didn´t work, my browse
r form and if this solves your problem, then you're
hit by it.
sk
Adam Hardy wrote:
This is something I thought I had sorted out but somehow it popped its
ugly head up again today.
I have tomcat 5.0.16 and I'm setting the character encoding for my
JSPs in the web.xml with the
This is something I thought I had sorted out but somehow it popped its
ugly head up again today.
I have tomcat 5.0.16 and I'm setting the character encoding for my JSPs
in the web.xml with the new config mechanism:
All JSPs
/WEB-INF/general/*
false
UTF-8
fa
just google on the list email address. Any list you can join as a member
of the public is by definition public, surely.
On 12/14/2003 01:18 PM David wrote:
Hi guys,
I was facing the same problem myself as well. Whatever I post on the
mailing list seems to be "searchable" through google.
Dave sug
On 12/12/2003 03:53 PM Ioannis Themelidis wrote:
Hello,
I have a problem with Apache Tomcat/4.1.24.I created an application and i
want to put it in adirectory "/reminder" in webapps.I created a context
using the administrator application and nothing worked.i also tried it
manually in the server.
On 12/12/2003 12:15 AM Kent Boogaart wrote:
I am currently running against version 4.1.27 of Tomcat. I did not
alter the name of my deploy directory. Here is my element
(with env entries removed):
charsetMapperClass="org.apache.catalina.util.CharsetMapper"
cookies="true" crossContext="fals
On 12/12/2003 12:21 AM Jerald Powel wrote:
It's sorted. To cut a long story short, the same people who
'configured' it so that webapps was completey separated from Tomcat,
and removed the examples, also decided to use a renamed server.xml.
Once I figured that out, and added the context, it ran fine
On 12/11/2003 04:42 PM Grzegorz Samborski wrote:
I have 2 aplications on Tomcat 4.1.29, one is designed for users(customers) another is designed for admin on both I use tomcat realms.
I want to log on user from admin app.
How to do that?
I understand that i need to call directly j_security_check
as the following content:
"
"
You're right, the Realm is defined in the server.xml:
"
...
...
"
Unfortunately: no effect, "403 - Access to the requested resource has been
denied"
The admin-app still shows no entry in 'User database"
Is there something else th
Amazingly it seems that google is down. Bang goes another myth.
On 12/11/2003 02:41 PM Nikola Milutinovic wrote:
Ostad, James wrote:
have you googled yourself at goole.com?
I don't know how they get all of our listserv communications.
Any one knows how they do that?
There is a web archive of th
..
...
"
Unfortunately: no effect, "403 - Access to the requested resource has been
denied"
The admin-app still shows no entry in 'User database"
Is there something else that's worth having a look at ?
Dirk
- Original Message -
From: A
Hi Jerald,
I'm sorry but I've never had a Status 500 - no context configured.
There must be something freaky in your context configuration. Is the
manager app running? That is normally at localhost:8080/manager/html
What does that say you have running in terms of contexts?
What directories do yo
On 12/11/2003 12:51 AM Kent Boogaart wrote:
Wow - thanks for all the help people. Just thought I'd update you on how I
resolved this.
Firstly, I removed all elements from "conf/server.xml" except my
own. Then I set "autoDeploy" to "false" on the element.
This almost got everything working as requ
On 12/10/2003 05:49 PM Dirk Griesbach wrote:
hello folks,
a question on datasource realms and the manager app:
When I installed TC 5.0.16 'out-of-the-box' I could start the manager-app.
Then I deployed our webapp (manually), configured a DataSourceRealm using mysql
for authentification, configur
have autoDeploy enabled. ROOT has
NOTHNING special. Maybe for the next release we should change the name
ROOT to something else just so people stop thinking there's something
special about it ;)
Yoav Shapira
Millennium ChemInformatics
-Original Message-----
From: Adam Hardy [mailto:[EMAIL
. ROOT is simply
the default tomcat name for the empty-string-path context.
Yoav Shapira Millennium ChemInformatics
-Original Message- From: Adam Hardy
[mailto:[EMAIL PROTECTED] Sent: Wednesday, December
10, 2003 6:48 AM To: Tomcat Users List Subject: Re: Default context
for web app
On
I wouldn't get too worried about it. It looks like an innocent mistake.
It seems illogical that your server IP was listed, when the mail was
sent by the jakarta list server.
Anyway, if you look at the FAQ at spamcop, it tells you what you can do
about the situation. It appears that the email ad
On 12/10/2003 08:53 AM Kent Boogaart wrote:
Hi all,
I am trying make my web application available via the default context. In
other words, when I type http://localhost:8080/ in a browser on the local
machine I want my web app to appear rather than the Tomcat default web app.
I figured I'd just nee
Jerald,
what happens then? You just get a message saying 'requested resource not
available'?
Presumably your different tomcats are on different ports and don't
interfere with each other?
Also can you run the manager app? What does it say is running?
You say you removed all other contexts - so
I'm obviously going mad. I must have been looking at the 4.x documentation.
Thanks
Adam
On 12/09/2003 04:05 PM Shapira, Yoav wrote:
Howdy,
Yup ;) See the Deployer documentation.
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sure
On 12/09/2003 02:52 PM Chaikin, Yaakov Y (US SSA) wrote:
Tomcat 5 is a stable release now?
Yaakov Chaikin
Software Engineer
BAE SYSTEMS
301-838-6899 (phone)
301-838-6802 (fax)
[EMAIL PROTECTED]
-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December
context is marked as reloadable i.e:
< this property set to true
-Original Message-----
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 09 Декември 2003 г. 13:09
To: Tomcat Users List
Subject: where to put context myapp.xml files
Hi,
I thought that xml context configurat
y set
to true
-Original Message----- From: Adam Hardy
[mailto:[EMAIL PROTECTED] Sent: 09 Декември 2003 г.
13:09 To: Tomcat Users List Subject: where to put context myapp.xml
files
Hi, I thought that xml context configuration files had to reside in
tomcat/webapps, but it seems they only tak
Hi,
I thought that xml context configuration files had to reside in
tomcat/webapps, but it seems they only take effect when they are placed
in tomcat/conf/Catalina/localhost.
Is this correct or am I doing something that prevents tomcat from using
it when I place it in webapps?
Thanks
Adam
/2003 11:25 AM Altug B. Altintas wrote:
No, i try http://localhost:8081/manager/html like this. And it is still
asking username and password
Any working example will be really appreciated.
Thanks.
- Original Message -
From: "Adam Hardy" <[EMAIL PROTECTED]>
To: "
On 12/09/2003 07:16 AM Antony Paul wrote:
Hi,
I asked this question as part of another mail but Mr. Tim Funk left it
unanswered.
How to test a servlet for thread safety.
Antony,
it might be the case that he didn't have time to answer, you know.
Nobody on this list is obliged to answer any ques
On 12/08/2003 11:59 PM Chaikin, Yaakov Y (US SSA) wrote:
I realized that my user can mess himself by bookmarking the login page
he is asked to log in. The login.jsp appears in the URL address in the
browser...
Does anyone know how to avoid this? How do I block that URL for the user
and not for the
On 12/09/2003 07:08 AM Antony Paul wrote:
Hi all,
Is there any compatibility issues in putting the jsp/servlet files
developed in Tomcat 4.1.x series to Tomcat 5.x. Application uses only
Servlets 2.3 and JSP 1.2.
I expect that there are very few issues, however I managed to find one.
In tomcat
On 12/09/2003 08:17 AM Altug B. Altintas wrote:
i couldn't understand what does RemoteHostValve and RemoteAddrValve
do ?
i changed "manager.xml" like this
*
*
then i try to enter http:/
On 12/09/2003 06:30 AM Jerald Powel wrote:
Hello,
Prostrating my self to a tongue lashing, can any one tell me why I am
getting the 500 error:
HTTP Status 500 - No Context configured to process this request
? In my server.xml I have defined:
where it resides:
c:/…/tomcat/webapps/myapp/….etc
Pr
olving random/known by mozilla things, till it found
localhost.net.au which
actually is an existing page.
Motto of this story is: your app is not running or not on port 8080 :-)
Patrick Ale
System administrator Freeler B.V
"Muda o mundo, começe com você mesmo"
-Oorspronkelijk bericht-
I took out the welcome-file config in web.xml and now I just get a plain
status 404.
But the tomcat manager shows the context is started and has a session
after I try to access it.
On 12/08/2003 02:32 PM Adam Hardy wrote:
I changed the web.xml and have now managed to get tomcat to generate a
Oops, sorry being a plonker. Had the ports in my config for the sslext
(ssl redirect) module set up for the production box to 80 & 443 instead
of 8080 & 8443 for development.
Sorry for the waste of time & bandwidth!
On 12/08/2003 02:32 PM Adam Hardy wrote:
I changed the web.xml
On 12/08/2003 02:41 PM Graham Reeds wrote:
Obviously I tried restarting tomcat, redeploying the app, taking out all
the filters, changing the context name, checked server.xml.
I had this when I was developing. I closed tomcat but because I had Lynx
open I assumed that the dos window was the tomcat
você mesmo"
-Oorspronkelijk bericht- Van: Adam Hardy
[mailto:[EMAIL PROTECTED] Verzonden: maandag 8
december 2003 14:16 Aan: Tomcat Users List Onderwerp: Re:
connection refused, localhost not found
The app is not running, yup, guess I can't argue with that.
Unfortunately it's not
or not on port 8080 :-)
Patrick Ale
System administrator Freeler B.V
"Muda o mundo, começe com você mesmo"
-Oorspronkelijk bericht-
Van: Adam Hardy [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 december 2003 13:29
Aan: Tomcat Users List
Onderwerp: connection refused, localhost not
Hi Listers
I'm sceptical whether anybody else has ever suffered this bizarre
problem so I'm not expecting anybody to be able to help, but this is
seriously damaging my enjoyment of Monday morning.
I have tomcat 5.0.14 set up on one computer and it works fine mostly,
i.e. root context, JSP examp
Ah OK. I am using JAASRealm too but I wrote my own implementation of
LoginModule. I think JAASMemoryLoginModule.java is merely a demo class
to show how it is done in the simplest way.
Adam
On 12/05/2003 04:24 PM Oliver Wulff wrote:
I saw the following note in JAASMemoryLoginModule.java:
// Vali
On 12/04/2003 07:00 PM Oliver Wulff wrote:
AFAIK, the JAASRealm in Tomcat 4.1.29 is a beta version. Is the JAASRealm
in Tomcat 5.x for production? If yes, can I use the JAASRealm of Tomcat 5.x
in Tomcat 4.1.29?
Hi Oliver,
where does it say that JAASRealm is beta?
Adam
--
struts 1.1 + tomcat 5.0.16
(optionally based on an
init-parameter), set some cookies and do an HTTP Post to
j_security_check. Works on Tomcat 4-5 and Resin 3.x.
Matt
On Dec 3, 2003, at 4:21 PM, Adam Hardy wrote:
Matt,
are you really managing to post a form to j_security_check without
invoking it first, or is that som
On 12/03/2003 11:24 PM Remy Maucherat wrote:
The Tomcat Team announces the immediate availability of Apache Tomcat
5.0.16 Stable.
Please refer to the changelog for the list of changes.
Downloads:
Binaries: http://jakarta.apache.org/site/binindex.cgi
Sources: http://jakarta.apache.org/site/source
Matt,
are you really managing to post a form to j_security_check without
invoking it first, or is that some sort of black magic you've cooked up?
Or have I just misunderstood what Chris said?
Adam
On 12/03/2003 09:24 PM Matt Raible wrote:
Chris,
I found your post at
http://www.mail-archive.c
Hi Chris,
I don't know whether that solution would ever work. I'm sure you can't
post straight to j_security_check. Tomcat has to be aware that someone
is trying to access a protected resource before it will invoke the login
procedure.
Adam
On 12/03/2003 04:15 PM Chris Ward wrote:
Dear all,
I
Robin Rigby wrote:
Thanks. I tried to to find the 4.1.24 RPM under
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/
but this redirects me to
http://jakarta.apache.org/site/binindex.cgi
which offers 4.1.29 and no RPM.
Where should I really be looking?
Robin,
I don't think you real
On 12/02/2003 07:55 AM Nikola Milutinovic wrote:
Mark Eggers wrote:
I have put some of my documentation on the Tomcat Wiki
at:
http://nagoya.apache.org/wiki/apachewiki.cgi?TomcatWeb
These are sort of bare-bones documents about some ways
to connect Tomcat/Apache on Linux, Tomcat/Apache on
Windows/2
rying to hack a solution to me!!
Sorry if your not!
Andoni.
- Original Message -
From: "Adam Hardy" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Thursday, November 27, 2003 10:08 PM
Subject: Re: Authentication with JAAS / Form Autenthi
Yes, but there it is just used in a call to JspFactory.getPageContext()
where the J2EE documentation says the needsSession parameter should be
true if the JSP participates in a session.
I wonder whether the session is always created by default or whether it
sometimes honestly doesn't get create
On 11/27/2003 06:41 PM Jose Antonio Chirinos wrote:
Hi, i have a web application that use web authentication through
"j_security_check" servlet; i need to add an extra parameter diferent
of "j_password" and "j_username"; i guess that i have to put the
extra parameter in the login form and in the de
I'm wondering what the servlet equivalent of <%@ page session=false %>
would be.
After all the discussion here about disabling URL rewriting, I have
knocked up a filter to overwrite the response so that encodeUrl() is
no-op'd (thanx Brice) for requests from callers like google that can't
handl
On 11/27/2003 12:22 PM Mario Ivankovits wrote:
If i start Excel two times, i also have to know which excel is what
sheet. I think this is something which a user, who uses this feature,
is familiar with. And mostley then, the are in different sections of
the application, or, the would like to compa
On 11/27/2003 10:57 AM Mario Ivankovits wrote:
Hello !
This whole question about sharing the session cookies or not when
you open a new window seems a bit unnecessary to me. I often want
to test using two users and not share the cookies, but I just open
a different browser, e.g. if I'm using Mozil
On 11/26/2003 09:56 PM Antonio Fiol Bonnín wrote:
i'm a tomcat newbie looking for information about tomcat and firewalls.
what i want to do is to connect apache2(mod_ssl) and tomcat with
mod_jk2 ,
where tomcat is within a firewall. which ports do i need to open for
apache
to connect to tomcat? th
This whole question about sharing the session cookies or not when you
open a new window seems a bit unnecessary to me. I often want to test
using two users and not share the cookies, but I just open a different
browser, e.g. if I'm using Mozilla, I open IE or Netscape4 or Firebird
or Opera. So
On 11/25/2003 01:45 PM Mario Ivankovits wrote:
Ben Souther wrote:
I'm not that familiar with Firebird, but I know that Mozilla allows
you to create different profiles, each having it's own space for
storing cookies.
Have you tried running two instances with different profiles?
I havent found
On 11/21/2003 09:57 PM Hart, Justin wrote:
-Original Message-
On 11/21/2003 09:11 PM Hart, Justin wrote:
I think that what we BOTH need to do in this case is create a
subclass of whatever realm we are using, and using this subclass
provide our specific functionality, in my case authentica
On 11/21/2003 09:11 PM Hart, Justin wrote:
I think that what we BOTH need to do in this case is create a subclass of whatever realm we are using, and using this subclass provide our specific functionality, in my case authenticating to a database, in yours logging.
I just tried searching the archive
On 11/21/2003 09:17 PM James Ostad wrote:
It is always good to know where we are going while on the airplane!
-Original Message-
From: Erik Wright [mailto:[EMAIL PROTECTED]
Jakarta is a major city on the island of Java... in addition to being
capital of indonesia.
The city of Jakarta was
2. Java.util.Logging
Purely because it's part of the sdk and meets my logging requirements. I
did use log4j before, but since I decided I should know
java.util.logging, I stuck with it after learning how to use it.
Adam
-
To u
On 11/21/2003 11:01 AM eric perso wrote:
Thanks but see the topic not see the directory
bye
Yes, I just saw the other thread & the solution. Glad you got a
solution. BTW if you keep your postings threaded, then I would have seen
that someone answered you. It's the general way most people work, wh
On 11/20/2003 03:20 PM eric perso wrote:
i search to don 't see a directory.
exemple : i ve a dir /images in my webapp
how to don't see: http://www.toto.com/images
but i cant use the images into this directory on another pages
Hi Eric
I don't understand exactly what you are trying to do. Are you tr
On 11/19/2003 02:57 PM Christopher Schultz wrote:
No, 'fraid not, your app never gets to see requests to
j_security_check - it's handled by tomcat beforehand.
Right, and the user never sees this URL. They're talking about
intercepting the request for the login *page*, not the j_security_check
re
On 11/19/2003 01:08 PM Graham Reeds wrote:
Just a noob firing off into the dark...
Couldn't you have a small piece of code that checks for the session and if
they are bringing up the login page directly (ie no session info) then take
them to the index.
No, 'fraid not, your app never gets to see re
On 11/19/2003 03:58 AM Henrik Bentel wrote:
Had an application which had 3 different types of users:
One group should be authenticated using https only to protect password,
then switch to http, but sometimes switch back to https again.
This is my main requirement.
Ideally what I would like to see
On 11/18/2003 06:00 PM deric stroud wrote:
Hi,
I'm running a standalone Tomcat webserver 4.0.6 and am trying to force a
resource on my web server to only serve a particular URL through SSL, so
I've inserted the following lines in the web.xml file:
Deric
you have to maintain that order as well. You
On 11/18/2003 07:45 AM Bill Barker wrote:
You'll have to go back at least two years to get the tomcat-dev
discussion ;-).
I had another search for it but can't find anything. Ploughing thro the
whole list of threads doesn't fit in my schedule unfortunately. I guess
I'm just going to have sit on
On 11/17/2003 11:58 PM Kevin Williams wrote:
I read this post and have a question...and maybe I'm not understanding
https correctly, but why is your login PAGE secure? I wouldn't care if
someone sees an empty page with a prompt for the username and password.
The post should be secure though... I
If you are using CMS then you must realise that the realm and the login
info from j_username etc are held seperately in tomcat from your app.
In the realm implementation that is run by tomcat at login, you have no
access to the request or the session (although you could stick it in a
hashmap in
On 11/17/2003 05:15 PM Andrew Mottaz wrote:
Also, as far as I can see, the java community has decided that once you
start a secure session, you should stay in a secure session, for various
security reasons. Are you doing a secure login and then redirecting back
to http afterwards?
Imagine the follo
On 11/17/2003 06:32 AM Andrew Mottaz wrote:
http://nagoya.apache.org/bugzilla. However, there aren't very many
developers who like the idea of allowing you to hang yourself :).
Thanks much for the tip -- I have to disagree about this not being a
necessary change. There are plenty of apps where p
On 11/14/2003 04:08 PM Bryan Field-Elliot wrote:
When I call from a Servlet:
response.setContentType("text/xml");
Tomcat changes the header to read:
Content-Type: text/xml;charset=ISO-8859-1
The ;charset is killing us interoping with another vendor and they can't
change their code. I've tried:
On 11/13/2003 03:07 PM Harry Mantheakis wrote:
I doubt very much that this implementation is container-specific to
tomcat. Did you try searching on 'user-data-constraint' or 'confidential'?
Yes, I did a search for those, but it did not shed any more light on whether
or not (and how) cookies created
On 11/13/2003 09:07 AM Andreas Mohrig wrote:
-Ursprungliche Nachricht-
Von: Christopher Schultz [mailto:[EMAIL PROTECTED]
It's possible that you'll still have the same session, but you'll just
have to re-login. Does that make any sense?
That's my problem exactly. I don't think that it make
On 11/13/2003 10:24 AM Harry Mantheakis wrote:
URL-rewriting sessions are not 'transferable' as per the Servlet 2.3 Spec.
Cookie session in Tomcat 3.3.2 and higher follow the rules:
a) If you create the session with a non-SSL request, then it will be
transfered back and forth between SSL and non-SS
On 11/12/2003 08:37 PM Raghava Rao wrote:
Hi,
I have jakarta-4.1.24 installed.
I have enabled both HTTP, running on port 80 and
HTTPS, running on 443 on my tomcat server.
So, my HTTP site can be reached at
http://localhost/index.jsp and my secure site can be
reached at https://localhost/index.jsp
On 11/12/2003 04:37 PM Harry Mantheakis wrote:
No, not at all.
I found that if I redirect a client from SSL to non-SSL I lose the session.
I never experienced that. I see the session id stays the same between
SSL and non-SSL.
Adam
--
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9
On 11/12/2003 11:51 AM Duncan wrote:
Would one loose their session when switching from non-ssl to ssl (ie.
changing connectors)?
No, not at all.
Adam
--
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9
-
To unsubscribe
On 11/10/2003 02:32 PM Marcel Stor wrote:
One of the libraries I use (actually my own ;-)) uses JAAS. If I ran a
JAAS application on the destop I could simply use
-Djava.security.policy=jaas.policy
Djava.security.auth.login.config=jaas.conf. With Tomcat, however, I can
hardly set those parameters i
On 11/07/2003 06:48 PM Marius Scurtescu wrote:
I opened an enhancement request for this issue at:
http://issues.apache.org/bugzilla/show_bug.cgi?id=24506
Well formulated description!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
On 11/05/2003 09:04 PM Christoph Lechleitner wrote:
[snip...]
Good idea, i will write a test app which replaces unknwon characters
with something like '_'+ASCII code+'_' instead of a space._
So far thanks for the clearer formulation of the problem ;->>
No problem. I suspect I will need help like
Is anybody else out there using a Mozilla nightly build? Seems they've
introduced a bug since the last major release (1.5) that stops me
logging in using form-based authentication.
It would cool if anybody else affected here would vote for the bug on
bugzilla:
http://bugzilla.mozilla.org/show_
On 11/05/2003 07:02 PM Christoph Lechleitner wrote:
Basically the problem manifests in producing the html output.
i.e., the so far correct data from the DB or file are not getting encoded,
the browser gets ? instead of ä (for ä).
If this happens when filling forms with current values of some parame
101 - 200 of 322 matches
Mail list logo
