Hi,
In IIS I'm able to define virtual servers using the same host-name
but different ports. These virtual servers have independent paths
(applications) as you would expect.
I can't see any similar functionality in Tomcat or am I just reading
the config documents wrong???
regard,
Anders R
http://myhost:8000/app
http://myhost:9000/app
Should be possible to configure independtly, I.e. app could
be different for the two ports.
But the Tomcat mapping schemes does not seem to include port and host.
/anders
- Original Message -
From: Anders Rundgren [EMAIL PROTECTED
Hi,
I got at rather funny line (HTML displayed as raw text) using
Netscape 6.2.1 and it seems to be caused by a missing
MIME-type in Tomcat 4.0.2 error messages.
Is this a known problem?
How do you change this behavior?
cheers,
Anders
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For
Hi,
I have a Tomcat app using sessions based on cookies (i.e. std way) that
works with a huge set of browsers and OSes.
But on Mac using IE 5 it does not. The culprit seems to be that session
cookies are not compatible in some way as they are not visible in
TC.
Is this a known problem?
BTW,
Now i have digged a little bit further in this.
The IE 5 Mac missing session cookie problem only occurs when using SSL.
Too bad our app needs SSL.
Anders
- Original Message -
From: Anders Rundgren [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Friday, March 08, 2002 11
the session
tracking by url.
-Ursprüngliche Nachricht-
Von: Anders Rundgren [mailto:[EMAIL PROTECTED]]
Gesendet: Freitag, 8. März 2002 13:04
An: Tomcat Users List
Betreff: SSL: IE 5 on Mac is incompatible with TC 4?
Now i have digged a little bit further in this.
The IE 5 Mac missing
Ralph,
I got the impression from your previous posts, that
the browser is the source not tomcat.
Well This is matter of taste. As IE 5 is the current Mac release and
IE is relatively popular even by Mac-user's, I believe that TC should
adopt to IE 5 rather than the revse. A *really*
of client software.
Randy
-Original Message-
From: Anders Rundgren [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 08, 2002 7:51 AM
To: Tomcat Users List
Subject: Re: IE 5 on Mac is incompatible with TC 4?
Ralph,
I got the impression from your previous posts, that
the browser
Ralph, at this stage we can just guess as it does not *have* to be a browser bug.
Particularly as other web-servers most likely handles this differently.
I have verified that IIS does this OK but that was hardly a surprise :-).
I will now perform some deeper investigation by writing a small
Dave,
snip
The system described above relies on correct behavior of cookies on the Mac
in IE, and it works for us. I don't know if any behavior on the Tomcat side
has changed since 4.0.1, but I would tend to doubt it.
That's nice to hear :-|
Why are you using a secure cookie for the session
Dave,
Perhaps there is something in the configuration of your server (server.xml),
or its default webapp settings (conf/web.xml), or the configuration of your
webapp (WEB-INF/web.xml) that is causing the session cookie to be set as a
secure cookie.
There is one thing that differs between the TC
file directs them to a loginpage before they
access the index.jsp
Have the same problem and found that If they accept session cookies
then all is ok
Your help would be greatly appreciated.
-Original Message-
From: Anders Rundgren [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 08, 2002 7
Dear all,
I have no success in getting my TC 4.0.2 under apache and ajp1.3
returning persistant TCP connections in spite of using up-to-date
(HTTP 1.1) browsers. Any clues to this (except for reprogramming
the application) would be *very* appeciated.
/anders
--
To unsubscribe:
Michael,
I'm up to my eyeballs in SSL-problems using TC but maybe I can help.
You have:
https://host:443/
https://host:444/
This indicates that you have two _different_ applications and they do not share
session content.
To let them share session requires authentication mechanisms that is not
when
this transfer is
made, and any session objects that client had are lost.
Can you tell me why this is happening or how I can get around it? In exchange I will
grant you
eternal consciousness.
Michael
Anders Rundgren wrote:
Michael,
I'm up to my eyeballs in SSL-problems using TC
Leonard,
Its a bug in Tomcat 4. We also had to make the work-around you suggested. I depends
also on if you use Warp or AJP connectors.
There are unfortunately other cookie-related bugs in TC 4 as well.
Some due to the fact the the browser manufacturers do not follow the
current RFC too well.
In:
org.apache.catalina.util.CookieTools.java
a flag Secure is added to JSESSIONIDs for SSL sessions.
This is incompatible with Mac IE 5.0. RFC-compliant though
What is the *future* way to handle this?
We of course patched our TC. Open Source is just GREAT!
Best Regards
Anders Rundgren
You are right Manuel,
Tomcat 4.0.2 using SSL unfortunately always sets a Secure flag
on JSESSIONIDs, which do not (depending on browser) allow
you to do this https-http switch.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6983
A Macintosh using IE 5 cannot even obtain a _standard_ SSL
when switching from https to http in Tomcat 4
Hi,
I just read this and tested for my app also wherein I would have the same
problem in coming days.
Any better way of overcoming this problem other than persisting the session
manually.
Regards,
Gurmeet
-Original Message-
From: Anders
in Tomcat 4
Thanks Anders,
But as you must be knowing if I implement a HttpSessionBindingListener then
it would still be a problem.
Can u please elaborate on the patching u did on CookieTool class.
Regards
Gurmeet
-Original Message-
From: Anders Rundgren [mailto:[EMAIL PROTECTED]]
Sent
Carsten,
As a consequence, switching from https to http and back is about equally secure as
not using SSL at all. So you are
shooting yourself in the foot by thinking that everything is safe, but your webapp is
just one very big hole.
I would say that you are partially right. It may be valid
Ralph,
I could not find anything that disallow switching between https and http
in any order while maintaining. Although not a particularly good
idea, it is anyhow used out there to protect passwords but be
less protective about the session.
I think that security issues should be dealt with as
Gary,
This is not a TC issue. It is how IE treat local names.
Goto to Security and change settings so that all names
are treated as Internet and no Intranets
Anders
- Original Message -
From: Gary McGowan [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Tuesday, April
23 matches
Mail list logo