Rép. : Executing custom action on d eploy
In your web.xml file, declare a servlet like this : servlet servlet-namemyServlet/servlet-name servlet-classxx.xx.xx.myServlet/servlet-class load-on-startup1/load-on-startup /servlet And in your servlet, the init() method is called when the server start : import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class myServletextends HttpServlet { /** Init */ public void init(ServletConfig config) throws ServletException { super.init(config); // do your action } public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // ... } } Antony [EMAIL PROTECTED] 07/10/2005 18:32:03 Hi! I'm writing a web application for tomcat and I have a strange request: I would like to execute an initializing function in order to initialize correctly my applicaiton when it becomes available (deployed into tomcat or tomcat itself is started) I have written such behaviour in a method, so what can I do to execute it? Thanks for your help, Matteo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rép. : SSL question
If you want use javax.net.ssl you must have tomcat in a version upper or egal to 5. [EMAIL PROTECTED] 04/10/2005 18:28:59 Hi, thanks! I've got my own TrustManager/HostnameVerifier and it works when I use Apache's SecureWebServer and SecureXmlRpcClient. I'm not using javax.net.ssl, but instead com.sun.net.ssl - couldn't make it work with javax.net.ssl. Is the code below necessary for the servlet as well? Thought Tomcat has got all the information about trusted certificates in its keystore. --- Antony GUILLOTEAU [EMAIL PROTECTED] wrote: Many articles talk about how access https using java client throws HttpsURLConnection. You must use : - your own TrustManager (implements javax.net.ssl.X509TrustManager) - your own KeyManager (implements javax.net.ssl.X509KeyManager) - your own HostnameVerifer(implements javax.net.ssl.HostnameVerifer) and use this following code : TrustManager[] objTrustManager = new TrustManager[] {new MyX509TrustManager()}; KeyManager[] objKeyManager = new KeyManager[] {new MyX509KeyManager()}; SSLContext sc = SSLContext.getInstance(SSL); sc.init(objKeyManager, objTrustManager, new SecureRandom()); SSLSocketFactory objSocketFactory = sc.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(objSocketFactory); HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifer()); ... URL objUrl = new URL(...) HttpsURLConnection objHttpsURLConnection = (javax.net.ssl.HttpsURLConnection) objUrl.openConnection(); I hope it's help you. [EMAIL PROTECTED] 04/10/2005 17:54:30 Hi I've got a servlet which works fine when using http. But when I want to access it through https I get a certificate unknown exception. Why does https://localhost:8443 work in a browser but accessing my servlet (with java client) not? Do I need to make my servlet SSL aware? Using another secure webserver works with my client. Hope someone can help. Thanks! ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Rép. : SSL question
Many articles talk about how access https using java client throws HttpsURLConnection. You must use : - your own TrustManager (implements javax.net.ssl.X509TrustManager) - your own KeyManager (implements javax.net.ssl.X509KeyManager) - your own HostnameVerifer(implements javax.net.ssl.HostnameVerifer) and use this following code : TrustManager[] objTrustManager = new TrustManager[] {new MyX509TrustManager()}; KeyManager[] objKeyManager = new KeyManager[] {new MyX509KeyManager()}; SSLContext sc = SSLContext.getInstance(SSL); sc.init(objKeyManager, objTrustManager, new SecureRandom()); SSLSocketFactory objSocketFactory = sc.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(objSocketFactory); HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifer()); ... URL objUrl = new URL(...) HttpsURLConnection objHttpsURLConnection = (javax.net.ssl.HttpsURLConnection) objUrl.openConnection(); I hope it's help you. [EMAIL PROTECTED] 04/10/2005 17:54:30 Hi I've got a servlet which works fine when using http. But when I want to access it through https I get a certificate unknown exception. Why does https://localhost:8443 work in a browser but accessing my servlet (with java client) not? Do I need to make my servlet SSL aware? Using another secure webserver works with my client. Hope someone can help. Thanks! ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Rép. : Re: How show CLIENT-CERT Rea lm
Thanks. Like I've found nothing, I'm choosing a solution like this. So it is impossible to show CLIENT-CERT realm like response.setHeader(WWW-Authenticate, CLIENT-CERT realm=\myName\); I've an another question : how to redirect an request to the secure port within a serlvet ? I post a new message. [EMAIL PROTECTED] 21/09/2005 21:15:39 Antony GUILLOTEAU wrote: I'm able to show the login window of a basic realm with following code : response.setHeader(WWW-Authenticate, BASIC realm=\myName\); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); Now I wish to show the window like CLIENT-CERT : when all realm parameters are set in the web.xml that 's work fine. But I want to do the same thing programmaticly with response.sendError(HttpServletResponse.SC_UNAUTHORIZED). I think it is done in the tomcat code ... but where ? Thanks It is done in o.a.c.authenticator.AuthenticatorBase and the process is basically issue a redirect to SSL. You will need to set the clientAuth attribute on the connector to true to require all connections to present a client certificate. If you want to validate the clienbt certificate, have a look at o.a.c.authenticator.SSLAuthenticator Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Redirect to the secure port within a serlvet
I wanted to simulate a CLIENt-CERT realm to the browser with serlvet (response.setHeader(WWW-Authenticate, BASIC realm=\myName\)) but it seems not possible. So I want to basically redirect my request to SSL. I wish know how to redirect a request to the secure port within a serlvet but I don't want use init-parameter in the web.xml and so one. Thanks
How show CLIENT-CERT Realm
I'm able to show the login window of a basic realm with following code : response.setHeader(WWW-Authenticate, BASIC realm=\myName\); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); Now I wish to show the window like CLIENT-CERT : when all realm parameters are set in the web.xml that 's work fine. But I want to do the same thing programmaticly with response.sendError(HttpServletResponse.SC_UNAUTHORIZED). I think it is done in the tomcat code ... but where ? Thanks
Tomcat SSL : check CRL
I've read all I can on the web and I have not found informations about how check CRL when Tomcat is configured in client authentication. All response given say that I must use an Apache Server but I want keep my tomcat standalone. Thanks for your response. Antony GUILLOTEAU
jakarta-struts-1.1-rc1 and jakarta-tomcat-4.1.24-LE-jdk14
I'm running struts 1.1-rc1 with jakarta-tomcat-4.1.24-LE-jdk14 but I have the following error when I launch tomcat : Catalina.start: java.lang.ClassNotFoundException: org.apache.catalina.core.StandardServer java.lang.ClassNotFoundException: org.apache.catalina.core.StandardServer at org.apache.commons.digester.Digester.createSAXException(Digester.java:2383) at org.apache.commons.digester.Digester.createSAXException(Digester.java:2409) at org.apache.commons.digester.Digester.startElement(Digester.java:1271) at org.apache.xerces.parsers.SAXParser.startElement(SAXParser.java:1376) at org.apache.xerces.validators.common.XMLValidator.callStartElement(XMLValidator.java:1284) at org.apache.xerces.framework.XMLDocumentScanner.scanElement(XMLDocumentScanner.java:1806) at org.apache.xerces.framework.XMLDocumentScanner$ContentDispatcher.dispatch(XMLDocumentScanner.java:949) at org.apache.xerces.framework.XMLDocumentScanner.parseSome(XMLDocumentScanner.java:381) at org.apache.xerces.framework.XMLParser.parse(XMLParser.java:1098) at org.apache.commons.digester.Digester.parse(Digester.java:1543) at org.apache.catalina.startup.Catalina.start(Catalina.java:449) at org.apache.catalina.startup.Catalina.execute(Catalina.java:400) at org.apache.catalina.startup.Catalina.process(Catalina.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203) I found an existing bug at http://archives.real-time.com/pipermail/tomcat-users/2003-February/096065.html (from Mark Hloden - Feb 3 2003) but no response. When I delete the commons-digester.jar from my classpath tomcat run but I have an error on my web application. Does anybody help me ? Thanks. --- Antony GUILLOTEAU - Système U Ouest Service : DSI - Normes / Méthodes / Qualité Tél: 02.40.68.59.59 poste 51.08 E-mail : [EMAIL PROTECTED]