Rép. : Executing custom action on d eploy
In your web.xml file, declare a servlet like this : myServlet xx.xx.xx.myServlet 1 And in your servlet, the init() method is called when the server start : import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class myServletextends HttpServlet { /** Init */ public void init(ServletConfig config) throws ServletException { super.init(config); // do your action } public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // ... } } Antony >>> [EMAIL PROTECTED] 07/10/2005 18:32:03 >>> Hi! I'm writing a web application for tomcat and I have a strange request: I would like to execute an initializing function in order to initialize correctly my applicaiton when it becomes available (deployed into tomcat or tomcat itself is started) I have written such behaviour in a method, so what can I do to execute it? Thanks for your help, Matteo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rép. : SSL question
If you want use javax.net.ssl you must have tomcat in a version upper or egal to 5. >>> [EMAIL PROTECTED] 04/10/2005 18:28:59 >>> Hi, thanks! I've got my own TrustManager/HostnameVerifier and it works when I use Apache's SecureWebServer and SecureXmlRpcClient. I'm not using javax.net.ssl, but instead com.sun.net.ssl - couldn't make it work with javax.net.ssl. Is the code below necessary for the servlet as well? Thought Tomcat has got all the information about trusted certificates in its keystore. --- Antony GUILLOTEAU <[EMAIL PROTECTED]> wrote: > Many articles talk about how access https using java client throws > HttpsURLConnection. > > You must use : > - your own TrustManager (implements javax.net.ssl.X509TrustManager) > - your own KeyManager (implements javax.net.ssl.X509KeyManager) > - your own HostnameVerifer(implements javax.net.ssl.HostnameVerifer) > > and use this following code : > > TrustManager[] objTrustManager = new TrustManager[] {new > MyX509TrustManager()}; > KeyManager[] objKeyManager = new KeyManager[] {new MyX509KeyManager()}; > > SSLContext sc = SSLContext.getInstance("SSL"); > sc.init(objKeyManager, objTrustManager, new SecureRandom()); > > SSLSocketFactory objSocketFactory = sc.getSocketFactory(); > HttpsURLConnection.setDefaultSSLSocketFactory(objSocketFactory); > > HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifer()); > > > ... > URL objUrl = new URL(...) > HttpsURLConnection objHttpsURLConnection = > (javax.net.ssl.HttpsURLConnection) objUrl.openConnection(); > > I hope it's help you. > > >>> [EMAIL PROTECTED] 04/10/2005 17:54:30 >>> > Hi > > I've got a servlet which works fine when using http. But when I want to > access > it through https I get a certificate unknown exception. Why does > https://localhost:8443 work in a browser but accessing my servlet (with java > client) not? Do I need to make my servlet SSL aware? Using another secure > webserver works with my client. Hope someone can help. > > Thanks! > > > > ___ > To help you stay safe and secure online, we've developed the all new Yahoo! > Security Centre. http://uk.security.yahoo.com > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Rép. : SSL question
Many articles talk about how access https using java client throws HttpsURLConnection. You must use : - your own TrustManager (implements javax.net.ssl.X509TrustManager) - your own KeyManager (implements javax.net.ssl.X509KeyManager) - your own HostnameVerifer(implements javax.net.ssl.HostnameVerifer) and use this following code : TrustManager[] objTrustManager = new TrustManager[] {new MyX509TrustManager()}; KeyManager[] objKeyManager = new KeyManager[] {new MyX509KeyManager()}; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(objKeyManager, objTrustManager, new SecureRandom()); SSLSocketFactory objSocketFactory = sc.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(objSocketFactory); HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifer()); ... URL objUrl = new URL(...) HttpsURLConnection objHttpsURLConnection = (javax.net.ssl.HttpsURLConnection) objUrl.openConnection(); I hope it's help you. >>> [EMAIL PROTECTED] 04/10/2005 17:54:30 >>> Hi I've got a servlet which works fine when using http. But when I want to access it through https I get a certificate unknown exception. Why does https://localhost:8443 work in a browser but accessing my servlet (with java client) not? Do I need to make my servlet SSL aware? Using another secure webserver works with my client. Hope someone can help. Thanks! ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Redirect to the secure port within a serlvet
I wanted to simulate a CLIENt-CERT realm to the browser with serlvet (response.setHeader("WWW-Authenticate", "BASIC realm=\"myName\"")) but it seems not possible. So I want to basically redirect my request to SSL. I wish know how to redirect a request to the secure port within a serlvet but I don't want use init-parameter in the web.xml and so one. Thanks
Rép. : Re: How show CLIENT-CERT Rea lm
Thanks. Like I've found nothing, I'm choosing a solution like this. So it is impossible to show CLIENT-CERT realm like response.setHeader("WWW-Authenticate", "CLIENT-CERT realm=\"myName\""); I've an another question : how to redirect an request to the secure port within a serlvet ? I post a new message. >>> [EMAIL PROTECTED] 21/09/2005 21:15:39 >>> Antony GUILLOTEAU wrote: > I'm able to show the login window of a basic realm with following code : >response.setHeader("WWW-Authenticate", "BASIC realm=\"myName\""); >response.sendError(HttpServletResponse.SC_UNAUTHORIZED); > > Now I wish to show the window like CLIENT-CERT : when all realm parameters > are set in the web.xml that 's work fine. But I want to do the same thing > programmaticly with response.sendError(HttpServletResponse.SC_UNAUTHORIZED). > > I think it is done in the tomcat code ... but where ? > > Thanks It is done in o.a.c.authenticator.AuthenticatorBase and the process is basically issue a redirect to SSL. You will need to set the clientAuth attribute on the connector to true to require all connections to present a client certificate. If you want to validate the clienbt certificate, have a look at o.a.c.authenticator.SSLAuthenticator Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How show CLIENT-CERT Realm
I'm able to show the login window of a basic realm with following code : response.setHeader("WWW-Authenticate", "BASIC realm=\"myName\""); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); Now I wish to show the window like CLIENT-CERT : when all realm parameters are set in the web.xml that 's work fine. But I want to do the same thing programmaticly with response.sendError(HttpServletResponse.SC_UNAUTHORIZED). I think it is done in the tomcat code ... but where ? Thanks
Tomcat SSL : check CRL
I've read all I can on the web and I have not found informations about how check CRL when Tomcat is configured in client authentication. All response given say that I must use an Apache Server but I want keep my tomcat standalone. Thanks for your response. Antony GUILLOTEAU
jakarta-struts-1.1-rc1 and jakarta-tomcat-4.1.24-LE-jdk14
I'm running struts 1.1-rc1 with jakarta-tomcat-4.1.24-LE-jdk14 but I have the following error when I launch tomcat : Catalina.start: java.lang.ClassNotFoundException: org.apache.catalina.core.StandardServer java.lang.ClassNotFoundException: org.apache.catalina.core.StandardServer at org.apache.commons.digester.Digester.createSAXException(Digester.java:2383) at org.apache.commons.digester.Digester.createSAXException(Digester.java:2409) at org.apache.commons.digester.Digester.startElement(Digester.java:1271) at org.apache.xerces.parsers.SAXParser.startElement(SAXParser.java:1376) at org.apache.xerces.validators.common.XMLValidator.callStartElement(XMLValidator.java:1284) at org.apache.xerces.framework.XMLDocumentScanner.scanElement(XMLDocumentScanner.java:1806) at org.apache.xerces.framework.XMLDocumentScanner$ContentDispatcher.dispatch(XMLDocumentScanner.java:949) at org.apache.xerces.framework.XMLDocumentScanner.parseSome(XMLDocumentScanner.java:381) at org.apache.xerces.framework.XMLParser.parse(XMLParser.java:1098) at org.apache.commons.digester.Digester.parse(Digester.java:1543) at org.apache.catalina.startup.Catalina.start(Catalina.java:449) at org.apache.catalina.startup.Catalina.execute(Catalina.java:400) at org.apache.catalina.startup.Catalina.process(Catalina.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203) I found an existing bug at http://archives.real-time.com/pipermail/tomcat-users/2003-February/096065.html (from Mark Hloden - Feb 3 2003) but no response. When I delete the commons-digester.jar from my classpath tomcat run but I have an error on my web application. Does anybody help me ? Thanks. --- Antony GUILLOTEAU - Système U Ouest Service : DSI - Normes / Méthodes / Qualité Tél: 02.40.68.59.59 poste 51.08 E-mail : [EMAIL PROTECTED]