,
Daniel
On Thu, 5 Feb 2004, Mark W. Webb wrote:
I am seeing a very similar problem with Tomcat 4.1.24 and Apache over
SSL on Solaris 9. I am using Tomcat4.1.24, JDK 1.4.2 Apache
2.0.48(mod_ssl, mod_jk), OpenSSL 0.9.7c. Everything compiled from
source except JDK.
Hi,
I'm really stumped and hope
Does anyone know why IE will not allow a file download from tomcat (and
maybe other sources) when the connection is over SSL and the pragma HTTP
Header tag is set to no-cache? I have been experiencing this and am
puzzled as to why this is happening. If I set the pragma tag to
no-cache, blah,
I am seeing a very similar problem with Tomcat 4.1.24 and Apache over
SSL on Solaris 9. I am using Tomcat4.1.24, JDK 1.4.2 Apache
2.0.48(mod_ssl, mod_jk), OpenSSL 0.9.7c. Everything compiled from
source except JDK.
Hi,
I'm really stumped and hope someone can provide insight :(
We got a
where can I find some examples on embedding tomcat in a java app using JMX?
thank you for your time and sorry for any inconvenience.
Remy Maucherat wrote:
Mark W. Webb wrote:
Embedded tomcat 4 had an API that could be used to programatically
start tomcat from within another application. I
Is there such a thing as an embedded tomcat 5? I need to embed tomcat
into a C program, which I could do with 4.1.24 easily enough using the
Startup examples that I found in the tomcat baseline. I now need to
integrate tomcat 5.x.x into my C program, but not sure how I should
approach this.
can anyone get to apache.org? I cannot get there or jakarta
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Can you explain how embedded tomcat is easier? I would appreciate it
greatly. Also, if there is any documentation on this I would like to
read it. Thank you.
Shapira, Yoav wrote:
Howdy,
Is there such a thing as an embedded tomcat 5? I need to embed
tomcat
into a C program,
Embedded tomcat 4 had an API that could be used to programatically start
tomcat from within another application. I am wondering if the same API
exists for tomcat 5. If not, how could I start tomcat in an existing
process.
I would guess that I could not take advantage of the JMX stuff in
tomcat inside a C program :(
I would like to write some documentation on this once I have it all
working. It seems like very few people use the embedded tomcat.
thank you.
Remy Maucherat wrote:
Mark W. Webb wrote:
Embedded tomcat 4 had an API that could be used to programatically
start
Is there a tomcat 5-specific mailing list? It seems that most of the
mail deals with tomcat 4.
thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I just finished setting up a CVS environment, and wanted to pass along a
tip that I found
I followed the instructions for setting up a CVS environment using my
fedora linux system found at
http://jakarta.apache.org/site/cvsindex.html, and after checking out the
jakarta-tomcat-5 module and
thank you. I guess I was looking at the wrong page.
Is my bugzilla query right? I only see 17 New/Assigned/Reopened bugs.
Shapira, Yoav wrote:
Howdy,
I followed the instructions for setting up a CVS environment using my
fedora linux system found at
So if one were to get involved with tomcat development, where would they
start? Is there a TODO list? of maybe a nice feature to have list?
Shapira, Yoav wrote:
Howdy,
Is my bugzilla query right? I only see 17 New/Assigned/Reopened
bugs.
Yup, that's it for tomcat 5, and most of
manner from Apache to Tomcat.
Thanks again!
Mark W. Webb wrote:
Does the following return null? If so, your ssl.conf may be messed
up. Is the servlet that executes this code running over SSL?
java.security.cert.X509Certificate[] certs =
(java.security.cert.X509Certificate
what is null? the certs object ? Why do you have the following 2 lines...
X509Certificate [] certs = (X509Certificate
[])request.getAttribute(javax.servlet.request.X509Certificate);
X509Certificate [] certs = (X509Certificate
[])request.getAttribute(org.apache.coyote.request.X509Certificate);
access those variables.
Thanks!
Mark W. Webb wrote:
what is null? the certs object ? Why do you have the following 2
lines...
X509Certificate [] certs = (X509Certificate
[])request.getAttribute(javax.servlet.request.X509Certificate);
X509Certificate [] certs = (X509Certificate
I am working on an old project using Sun JDK 1.3. I get an error
message while using ant. The error is listed below:
Error occurred during initialization of VM
Unable to load native library:
/usr/local/jdk1.3.1_08/jre/lib/i386/libjava.so: symbol __libc_wait,
version GLIBC_2.0 not defined in
Hart, Justin wrote:
Is there a way to use SSL in tomcat without having to type the password to your keystore in plaintext in the server.conf file?
Justin
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands,
James Rome wrote:
I have installed Tomcat5 on Solaris in the Sun jwdsp-1.3. I created
the certificates as per the instructions in the server.xml file, and
uncommented the ssl server section. But when I try to connect to it,
after the server presents me with its certificate, I get error -12229
thanks for the info. I thought I looked at the INSTALL file and did not
see anything.
UNIXalways :)
Christopher Schultz wrote:
Mark,
Thanks for getting back to me.
Where can I get instructions for doing this? I can only find
instructions for compiling the mod_jk2 as a shared object.
is it possible to compile mod_jk2 into apache statically?
...thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Thanks for getting back to me.
Where can I get instructions for doing this? I can only find
instructions for compiling the mod_jk2 as a shared object.
Christopher Schultz wrote:
Mark,
is it possible to compile mod_jk2 into apache statically?
Absolutely! In fact, I would personally
I have the ability to upload files using a servlet. I also enforce file
size constraints, so people do not upload files that are too large. The
problem is, that I cannot figure out how to determine the file size
without uploading the file first. I could get the contentLength from
the
Knowing that Tomcat is moving towards JMX, I was wondering if anyone has
ported Embedded.java into the a format that will support the JMX
integration. Knowing that there is a build.xml file that will launch
tomcat in an embedded state, is there an equivalent .java file for doing
this?
thank
I am converting my program over from using Tomcat 4 to Tomcat 5. I
wanted to try out the Embedded.java in the Tomcat 5 source, but there is
no main function. I think this is a bug, since catalina.sh tries to
call this class when trying to run in embedded mode.
Anyone familiar with the
I have to compile some JNI stuff for tomcat, and the gcc compile is
different for linux and solaris. Is there a way I can set this up in ant?
thank you.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands,
Mark W. Webb wrote:
I have to compile some JNI stuff for tomcat, and the gcc compile is
different for linux and solaris. Is there a way I can set this up in
ant?
thank you.
-
To unsubscribe, e-mail: [EMAIL PROTECTED
I want to used tomcat 5 in the embedded format. Are there any
docs/suggestions/hints to doing this? I especially want the source for
this. Should I just use the standart tomcat 5 source tarball?
thanks.
-
To unsubscribe,
ChemInformatics
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 21, 2003 2:22 PM
To: Tomcat Users List
Subject: embedded tomcat 5
I want to used tomcat 5 in the embedded format. Are there any
docs/suggestions/hints to doing this? I especially want
Shapira
Millennium ChemInformatics
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 21, 2003 2:22 PM
To: Tomcat Users List
Subject: embedded tomcat 5
I want to used tomcat 5 in the embedded format. Are there any
docs/suggestions/hints to doing
I need to add some JMS functionality to my web app. I want to stick
with Tomcat, since I have become very familiar with it, and like it.
Has anyone had any experience with JMS and tomcat/servlets. I need to
have a class/servlet recieve JMS messages.
Thanks,
Message-
From: David Rees [mailto:[EMAIL PROTECTED]
Sent: 06 October 2003 21:51
To: [EMAIL PROTECTED]
Subject: Re: auto refresh pages and session timeout
On Mon, October 6, 2003 1at 1:12 am, Mark W. Webb sent the following
Is there a way to implement meta http-equiv=refresh content=60
Is there a way to implement meta http-equiv=refresh content=60
tag in HTML and still have the ability to timeout a session after X
number of minutes ? Would there have to be some logic in place for the
servlet that changes the session timeout for every refresh?
thanks.
I came across this article and wondered if this is an issue with
4.1.24. Thanks for any thoughts on this issue.
http://www.fawcette.com/javapro/2002_11/online/servletsjsp_bkurniawan_11_08_02/default_pf.aspx
-
To
I am working on a program that checks the file download progress and
audits the results. I have noticed with netscape browsers, that if a
user starts downloading a file, and the Save As window comes up, there
is a small amount ~200K worth of data that gets written to the browser.
Is there a
do you have ssl turned on in apache? This is definitely an apache
config issue
[EMAIL PROTECTED] wrote:
Greetings,
This will work - http://placeanad.classifiedmarketplace.net:8080/AdWebster
but this will not
https://placeanad.classifiedmarketplace.net:8080/AdWebster - why is this?
Thanks,
...also, you do not need the :8080 for https. it will default to port 443
Mark W. Webb wrote:
do you have ssl turned on in apache? This is definitely an apache
config issue
[EMAIL PROTECTED] wrote:
Greetings,
This will work -
http://placeanad.classifiedmarketplace.net:8080/AdWebster
I have a few questions conceerning deploying a web application using an
embedded version on tomcat 4.1.24 I hope someone can help me with
1. Is it possible to deploy a web app using a jar file?
2. Are any of the files in $TOMCAT/conf necessary if using an embedded
tomcat?
smime.p7s
does anyone have experience load testing tomcat? I am especially
interested in mutually authenticate SSL load testing where tomcat runs
in conjunction with apache 2.0.47.
What tools are people using to test tomcat/apache?
thank you.
smime.p7s
Description: S/MIME Cryptographic Signature
Do you know of any load testing tools for apache/tomcat that support
testing when a mutually authenticated SSL connnection is required ?
Tim Funk wrote:
yes and no. The browser makes a request to apache. Then the request is
proxied to tomcat. When the servlet has been served, the browser
set reoadable to true
Fabricio Machado wrote:
Hi guys!
I'm just starting work with Tomcat 4.1.24 and I want
to run it with an unprivileged user.
The webmasters are boring me every time they update
some files in webapps directory... they ask me to
shutdown/startup Tomcat... :-/
How can I solve
I have wrote a C program that starts up tomcat using the Invocation API. The reason for this is so that I can prompt the user for a password that will open up a PKCS12 file If anyone has a better solution, please let me know).
I have downloaded the tomcat 4.1.24, and commons-digester source and
If anyone could help me out, it would be greatly appreciated. I have
been working this issue for 2 weeks and cannot figure out what the
problem is.
Thank you.
Mark W. Webb wrote:
I have wrote a C program that starts up tomcat using the Invocation
API. The reason for this is so that I can
I am using 4.1.24 using mutually authenticated SSL, and having no
problems with URL re-writing
Mark Miller wrote:
I am working on a web application for which one form must be submitted
via HTTPS (while the rest of the application uses HTTP). When that one
form is submitted (and URL rewriting
Is there an accepted way to prompt for a password upon startup of tomcat?
thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
what do you mean by embedding
Tim Funk wrote:
AFAIK, no
Embedding tomcat would be the simple workaround. (But I have never
embedded tomcat before)
-Tim
Mark W. Webb wrote:
Is there an accepted way to prompt for a password upon startup of
tomcat? thanks
how would this be handled at the OS level?
Mike Curwen wrote:
can that not be handled at an OS level?
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 3:23 PM
To: [EMAIL PROTECTED]
Subject: prompt for password at startup
you would probably want to write a SessionListener, and plug it into tomcat.
Turansky, Mark wrote:
I am required to track users and their sessions in my web application. Is there a way to access all the sessions currently held in server memory?
My application is tracking users in a database
in the javadocs as well as the session event class. any advice regarding *how* I plug it into tomcat? Is your method a standard J2EE solution or will this be Tomcat specific?
thanks for the quick reply,
mark
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08
I have been researching this issue for a few days, and have come to the
conclusion that apache 2.0.46 is not exporting the entire certificate
chain to tomcat when I use mutually authenticated SSL. I have tried
different configurations, and also some cgi-type programs to determine
whether or
I can't believe that passwords for SSL are stored in the clear. That
places all responsibility of security to the OS, which may not be a good
idea. What happened to defense-in-depth ??
Nathan McMinn wrote:
When was the last time Tomcat had a published exploit?
On a related note, these kind
Has anyone ever developed any code that would prompt a user for a password upon startup? I have read on the mailing list about many people configuring tomcat to perform mutually authenticated SSL, so I think a password would be required in order to open up the key information.
How are people
I am writing a C program in Solaris 9 that will use the JNI Invocation API to launch tomcat. I am doing this because I want to prompt the user for a startup password that will open a PKCS12 file. I do not want the password echoed to the screen.
My C program will load a class that I have
Hello -
I have an SSL enabled system I am deploying using tomcat, and I would
like to prompt the user for a password to open up an encrypted file.
What is the easiest way to do this using tomcat 4.1.24 ?
thank you.
-
To
I know that the setting of a session ID was taken out in servlet API 2.1, but is there a way to still set the session ID in tomcat 4.1.24? Is there some type of session manager that I can 'plug in' to tomcat ?
...thank you.
-
I need to write a servlet that handles file downloads, so that I can audit who downloaded from where, when..etc.
When I click on the link to download a file, the Save As window comes up in my browser(Netscape), and as a default filename I get the servlet name. Is there a way to list the actual
...thank you.
Shapira, Yoav wrote:
Howdy,
Use the content-disposition header:
http://www.onjava.com/pub/a/onjava/excerpt/jebp_3/index3.html
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Monday, June 09, 2003 3:34 PM
need more information.
Galbayar Dorjgotov wrote:
How to export private keystore file to a OpenSSL pem file?
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
openssl is what I have been using.
PS. If you are doing SSL using a tomcat connector, I could use some
help. My servlets can only get the user's certificate when I run tomcat
in stand-alone mode. I would like it if apache could handle the SSL,
and pass of servlet processing to tomcat.
configured Apache/IIS/iPlanet to request the cert, then certs ==
null.
Mark W. Webb [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I need to get the user certificate that the user's browser sends to the
server in order to set up a mutually authenticated SSL connection. Will
a non-SSL
Mark W. Webb wrote:
I have the code that you specified working. The problem is that the
request.getAttribute(javax.servlet.request.X509Certificate) call is
returning null. This leads me to believe that apache is only
performing server authentication. But netscape asks me for the
password
I get the following error message when I try and add an AJP connector
using the admin tool.
HTTP Status 400 - Invalid path /connector/AddConnector was requested
type Status report
message Invalid path /connector/AddConnector was requested
description The request sent by the client was
I ended up using a pkcs12 file instead of a java keystore. Not sure if
this helps, but it looks like you are using openssl, so you should be
able to use the openssl command line tools.
Giulia Hill wrote:
Following the How-to, I have almost successfully activated SSL on tomcat
4.1. The problem
PKCS12 is a certificate storage file type.
look at openssl pkcs12
Jan Fetyko wrote:
Sorry for the dump question but what is pkcs12 ? And how did you use the certification files with that ?
Jf
On Wed, 02 Apr 2003 10:34:34 -0500
Mark W. Webb [EMAIL PROTECTED] wrote:
I ended up using
I am trying to set up JK2 to support SSL. I have a test servlet that I
run in tomcat and on a call to HttpServletRequest.isSecure(), it returns
true. The problem is that I get the following exception in catalina.out:
Apr 2, 2003 1:57:06 PM org.apache.commons.modeler.Registry loadRegistry
I need to get the user certificate that the user's browser sends to the
server in order to set up a mutually authenticated SSL connection. Will
a non-SSL connector be able to perform this if I run tomcat with apache
2.0.44?
Does anyone have any experience with SSL and tomcat? I am having a
Is there a way to have a servlet get the client certificate that was
used to connect to apache?
I have tomcat 4.1.24 running as the backend to apache 2.0.44. Clients
set up a mutually authenticated SSL connection to apache, and all
servlet requests get forwarded to tomcat. What connector
,
Janne
- Original Message -
From: Mark W. Webb [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, March 28, 2003 11:04 PM
Subject: mutual SSL authentication
How can I set up SSL on tomcat 4.1 that will allow the server and client
to authenticate each other? from what I can tell, it looks
I have some config information that I set up for my servlets. This
information is stored in serialized files. I will need my servlets to
access this information in their normal processing. Is there some
mechanism either in the servlet API or tomcat that will allow me to
'cache' this
a dozen out there) a FileWatchdog, which
checks a file every x seconds to see if it has been modified. If so, it
sends an event to your MyServletConfig or somewhere else, which re-reads
the servlet config.
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Mark W. Webb [mailto
How can I set up SSL on tomcat 4.1 that will allow the server and client
to authenticate each other? from what I can tell, it looks like the
SSL-HOWTO only addresses server authentication. I have this set up on
apache, would I be better off just running tomcat on top of apache?
thanks...
Is there a way to make a context run in SSL mode only? I can get the context
to work in both. The context is also an apache SSL based virtual host.
Should that matter?
--
Mark Webb
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
I have placed a prop.properties file in the WEB_INF/lib directory of my
tomcat context. The servlet keep throwing an Exception saying that it cannot
find the ResourceBundle. Where should I place this file? From what I have
read, the prop.properties file should go into the WEB-INF/lib
here are a few notes on where I am.
1. I have noticed that in the conf/jni_server.xml file, I have an entry that
points to a file c:/jakarta-tomcat/bin/win32/i386/jni_connect.dll. I am
running in linux, do this obviously is no good. I cannot find a linux
equivalent to this file. The contect
I am getting the following errors when I try and load a servlet from the
webapps/servlets directory...
2001-03-19 09:23:06 - Ctx( /servlets ): 404 R( /servlets +/HelloWorldExample
+ null) null
2001-03-19 09:24:29 - Ctx( /servlets ): 404 R( /servlets + /SessionExample +
null) null
Here is
I want to use the admin username and password, but I do not know what they
are. Where can I find this information ??
--
Mark Webb
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
Email: [EMAIL PROTECTED]
Is there a way to make a context run in SSL mode only? I can get the context
to work in both. The context is also an apache SSL based virtual host.
Should that matter?
--
Mark Webb
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
What do I do in order to get SSL only for the tomcat contexts? I have set up
a SSL virtual host in apache, and my context points to the same directory for
tomcat. The servlets and JSP load fine, but they load fine in http and
https. I only want to be able to run the servlets and JSP in
I have placed a .properties file in my TOMCAT_HOME/lib directory, and I get
and error saying that it cannot find the .properties file. Is this the right
place to put it?
I have modified the SnoopServlet servlet to print out the claspath and that
looks fine. The property file is in the
I am not sure how you can set up SSL for only certain context sections. If
you use virtual hosts in apache you should be able to set up different
directories with different security levels. This is what I am trying to do,
but the virtual host in apache cannot server jsp or servlets right
I am trying to get SSL working with tomcat. I have been unsuccessful in
getting tomcat 3.2.1 to work with SSL, I can get apache to use SSL, and I can
get tomcat 3.2.1 to work with servlets and JSP(See posting from earlier
today). My question is, is tomcat4 going to be any easier or better to
Hello, I am trying to set up tomcat to work with apache in serving SSL based
servlets. I have installed tomcat 3.2.1, and apache-1.3.14-11. I have also
installed mod_ssl-2.7.1-11, and tomcat-mod-3.2.1-1. I start up tomcat, then
apache, and I can load web pages(.html files) from the virtual
82 matches
Mail list logo