Before TLS extension server name indication is implemented in server and
browser (next year?), certificate is determined by which keystore is
used.
Keystore is determined by which connection is used, which means the
certificate selection is driven by the IP address port number.
A keystore is
FYI this is catered for in tomcat 5 with the filter-mapping/dispatcher
element (see servlet 2.4 spec).
Thanks to Bill Barker for the info.
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 13 April 2004 16:35
To: 'Tomcat Users List'
Subject: RE: tomcat 4 vs 5
Do you know how the session is being tracked in the browser? Cookie,
url? Are you saying you use the same browser in each case? Can you log
the http traffic?
Martin
-Original Message-
From: MUKUND Premchander [mailto:[EMAIL PROTECTED]
Sent: 15 April 2004 04:26
To: Tomcat Users List
Anyone?
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 12 April 2004 16:42
To: 'Tomcat Users List'
Subject: RE: tomcat 4 vs 5 form based container auth filters
Thanks Adam
It seems to me that the separation idea is not clear cut. There is
certainly a down side
Can anyone comment on this?
Thanks
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 09 April 2004 09:53
To: Tomcat Users List
Subject: tomcat 4 vs 5 form based container auth filters
Hi,
Initial observation indicates that filters get executed when a form
on a page via a filter - surely you should be
encapsulating that sort of stuff in a JSP or taglib?
Adam
On 04/12/2004 11:02 AM Martin Alley wrote:
Can anyone comment on this?
Thanks
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 09 April 2004 09:53
anyway to
put decorations on a page via a filter - surely you should be
encapsulating that sort of stuff in a JSP or taglib?
Adam
On 04/12/2004 11:02 AM Martin Alley wrote:
Can anyone comment on this?
Thanks
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED
in the request - I remember someone
whose realm included users with user-names containing accented
characters that had to be converted to the correct character-encoding
for the realm database. He had used a filter to do it but obviously had
to find another way.
Adam
On 04/12/2004 02:34 PM Martin Alley
PROTECTED]
Subject: Re: Session behaviour across http/https boundary
Martin Alley [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi,
I have a small web app that appears to illustrate the following
behaviour.
Session started in http is carried over to https, but session started
in
https
Hi,
Initial observation indicates that filters get executed when a form for
form based container auth is served - under tomcat 4, but not under
tomcat 5.
I'm using sitemesh. The decorations go on the form based login page
under tomcat 4, but not under tomcat 5.
I need to do more research,
Hi,
I have a small web app that appears to illustrate the following
behaviour.
Session started in http is carried over to https, but session started in
https is *not* carried over to http!
Why?
Web app has 3 pages
Index.jsp
Page2.jsp
Logout.jsp (does session invalidate forward to index.jsp)
Hi,
I have a small web app that appears to illustrate the following
behaviour.
Session started in http is carried over to https, but session started in
https is *not* carried over to http!
Why?
Web app has 3 pages
Index.jsp
Page2.jsp
Logout.jsp (does session invalidate forward to index.jsp)
It sends you the html form you specify in the form-login-config
section of web.xml
See chapter 12 (Security) Appendix A (Deployment Descriptor) of Servlet
Spec 2.3 for details.
http://java.sun.com/products/servlet/download.html#specs
Martin
-Original Message-
From: Malcolm Warren
Hi,
I want to have different certificates for different virtual hosts on my
tomcat setup (embedded in JBoss).
I only have 1 IP address. I want to use the default ports (80 443)
for each virtual server.
A certificate doesn't say anything about the IP address - only the
common name (ie the
Stick the class files in WEB-INF/classes in the appropriate package
hierarchy.
Eg. Com.mycompany.myclass in WEB-INF/classes/com/mycompany/myclass.class
-Original Message-
From: Malcolm Warren [mailto:[EMAIL PROTECTED]
Sent: 31 March 2004 11:03
To: [EMAIL PROTECTED]
Subject: Of .war and
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 31 March 2004 12:10
To: Tomcat Users List
Subject: Multiple certificates for multiple virtual hosts (1:1)
Hi,
I want to have different certificates for different virtual hosts on my
tomcat setup (embedded in JBoss).
I only have
:
Short version- No connectors on 443.
Redirect or link from http page to https nonstandard port.
Has anyone tried this or have it working
Doug
www.parsonstechnical.com
- Original Message -
From: Martin Alley [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Wednesday
. I
assume there's a bug report? I haven't looked at JBoss's bugzilla yet.
On 03/29/2004 01:10 AM Martin Alley wrote:
After further testing, I believe this is a bug specific to the JBoss
environment (both 3.2.3 and 3.2.4RC1)
Martin
-Original Message-
From: Martin Alley [mailto
a working example of this?
Thanks
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 27 March 2004 09:47
To: 'Tomcat Users List'
Subject: RE: post data through form based authentication example?
I forgot to mention it's behaviour!!
Basically when
After further testing, I believe this is a bug specific to the JBoss
environment (both 3.2.3 and 3.2.4RC1)
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 28 March 2004 15:24
To: 'Tomcat Users List'
Subject: RE: post data through form based authentication
and send it on to the originally requested URL.
Adam
On 03/25/2004 02:45 PM Martin Alley wrote:
Hi,
Has any one got an example of a servlet secured with form based
authentication, where the request to the servlet is posted, from
outside
the secured area?
My actual situation is I already have
I forgot to mention it's behaviour!!
Basically when the is no security constraint, it works. When there is a
security constraint, the post data gets killed.
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 27 March 2004 09:43
To: 'Tomcat Users List
The differences I can see are in the Context element and the url param
value. The question is what difference is significant.
I would try making the second config more similar to the first, and see
when it starts working. Eg. Is it because the url lookup is failing? Is
it because it is no
, different result
Martin Alley wrote:
The differences I can see are in the Context element and the url param
value. The question is what difference is significant.
The URL have been switched back and forth, but with the same result.
This goes for all the other parameters also - but in the end it's
Reloadable
Docbase
Path
In that order.
Martin
-Original Message-
From: Stig Stavik [mailto:[EMAIL PROTECTED]
Sent: 27 March 2004 10:32
To: Tomcat Users List
Subject: Re: Same data source config on two contexts, different result
Martin Alley wrote:
So you can change any parameter
Furthermore, I'm thinking about the semantics of the driver class and
doc base.
Do you have the driver class in the right place so it can be found when
docroot is ROOT?
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED]
Sent: 27 March 2004 10:37
To: 'Tomcat Users List
What version of tomcat are you using?
-Original Message-
From: Stig Stavik [mailto:[EMAIL PROTECTED]
Sent: 27 March 2004 11:23
To: Tomcat Users List
Subject: Re: Same data source config on two contexts, different result
Martin Alley wrote:
Do you have the driver class in the right
I believe the driver either needs to be in
WEB-INF/lib or $CATALINA_HOME/common/lib
Martin
-Original Message-
From: Stig Stavik [mailto:[EMAIL PROTECTED]
Sent: 27 March 2004 11:23
To: Tomcat Users List
Subject: Re: Same data source config on two contexts, different result
Martin Alley
To: Tomcat Users List
Subject: Re: Same data source config on two contexts, different result
Martin Alley wrote:
I believe the driver either needs to be in
WEB-INF/lib or $CATALINA_HOME/common/lib
The driver is in $CATALINA_HOME/common/lib
--
StSt
Can you validate your config against a DTD?
I find the wording of the error message suspicious - it sounds like it
can't read the config file properly, rather than it can't find the
driver file that is configured.
Martin
-Original Message-
From: Martin Alley [mailto:[EMAIL PROTECTED
contexts, different result
Martin Alley wrote:
Can you validate your config against a DTD?
Well, when I made a new context on the v-host, tomcat makes a config for
me.
Context docBase=/home/stig/blablabla/ path= useNaming=false
/Context
I haven't touched it - and I recon tomcat should be able
Hi,
Has any one got an example of a servlet secured with form based
authentication, where the request to the servlet is posted, from outside
the secured area?
My actual situation is I already have a web application with form based
auth working fine, but I have a problem when the user is at a web
based authentication example?
Martin,
I would check your problem again. That is not the normal behaviour of
the container-managed login. It will cache the original request during
the login and send it on to the originally requested URL.
Adam
On 03/25/2004 02:45 PM Martin Alley wrote:
Hi
Hi,
I'm pulling my hair out over this...
Set up is
Cobalt RaQ4
Sun Cobalt Developer Kit for Java (jdk 1.3.1 tomcat 3.2.1)
I have two tests that fail:
All samples in webapps/examples
An html file call test.jsp in webapps/examples/jsp/ (file contains just
html)
The jsp seems to compile find,
34 matches
Mail list logo