Does anyone know why IE will not allow a file download from tomcat (and
maybe other sources) when the connection is over SSL and the pragma HTTP
Header tag is set to "no-cache"? I have been experiencing this and am
puzzled as to why this is happening. If I set the pragma tag to
"no-cache, bla
ition: attachment; filename="doc.pdf"
Regards,
Daniel
On Thu, 5 Feb 2004, Mark W. Webb wrote:
I am seeing a very similar problem with Tomcat 4.1.24 and Apache over
SSL on Solaris 9. I am using Tomcat4.1.24, JDK 1.4.2 Apache
2.0.48(mod_ssl, mod_jk), OpenSSL 0.9.7c. Everything compil
I am seeing a very similar problem with Tomcat 4.1.24 and Apache over
SSL on Solaris 9. I am using Tomcat4.1.24, JDK 1.4.2 Apache
2.0.48(mod_ssl, mod_jk), OpenSSL 0.9.7c. Everything compiled from
source except JDK.
Hi,
I'm really stumped and hope someone can provide insight :(
We got a tomc
where can I find some examples on embedding tomcat in a java app using JMX?
thank you for your time and sorry for any inconvenience.
Remy Maucherat wrote:
Mark W. Webb wrote:
Embedded tomcat 4 had an API that could be used to programatically
start tomcat from within another application. I
tomcat inside a C program :(
I would like to write some documentation on this once I have it all
working. It seems like very few people use the embedded tomcat.
thank you.
Remy Maucherat wrote:
Mark W. Webb wrote:
Embedded tomcat 4 had an API that could be used to programatically
start
Embedded tomcat 4 had an API that could be used to programatically start
tomcat from within another application. I am wondering if the same API
exists for tomcat 5. If not, how could I start tomcat in an existing
process.
I would guess that I could not take advantage of the JMX stuff in tomcat
Can you explain how embedded tomcat is easier? I would appreciate it
greatly. Also, if there is any documentation on this I would like to
read it. Thank you.
Shapira, Yoav wrote:
Howdy,
Is there such a thing as an embedded tomcat 5? I need to "embed"
tomcat
into a C program,
can anyone get to apache.org? I cannot get there or jakarta
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Is there such a thing as an embedded tomcat 5? I need to "embed" tomcat
into a C program, which I could do with 4.1.24 easily enough using the
Startup examples that I found in the tomcat baseline. I now need to
integrate tomcat 5.x.x into my C program, but not sure how I should
approach this.
Is there a tomcat 5-specific mailing list? It seems that most of the
mail deals with tomcat 4.
thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
So if one were to get involved with tomcat development, where would they
start? Is there a TODO list? of maybe a "nice feature to have" list?
Shapira, Yoav wrote:
Howdy,
Is my bugzilla query right? I only see 17 New/Assigned/Reopened
bugs.
Yup, that's it for tomcat 5, and most o
thank you. I guess I was looking at the wrong page.
Is my bugzilla query right? I only see 17 New/Assigned/Reopened bugs.
Shapira, Yoav wrote:
Howdy,
I followed the instructions for setting up a CVS environment using my
fedora linux system found at
http://jakarta.apache.org/site/cvsi
I just finished setting up a CVS environment, and wanted to pass along a
tip that I found
I followed the instructions for setting up a CVS environment using my
fedora linux system found at
http://jakarta.apache.org/site/cvsindex.html, and after checking out the
jakarta-tomcat-5 module and
anner from Apache to Tomcat.
Thanks again!
Mark W. Webb wrote:
Does the following return null? If so, your ssl.conf may be messed
up. Is the servlet that executes this code running over SSL?
java.security.cert.X509Certificate[] certs =
(java.security.cert.X509Certificate[])req.getAttr
o
the real problem... I can't access those variables.
Thanks!
Mark W. Webb wrote:
what is null? the certs object ? Why do you have the following 2
lines...
X509Certificate [] certs = (X509Certificate
[])request.getAttribute("javax.servlet.request.X509Certificate")
what is null? the certs object ? Why do you have the following 2 lines...
X509Certificate [] certs = (X509Certificate
[])request.getAttribute("javax.servlet.request.X509Certificate");
X509Certificate [] certs = (X509Certificate
[])request.getAttribute("org.apache.coyote.request.X509Certificate
I am working on an old project using Sun JDK 1.3. I get an error
message while using ant. The error is listed below:
Error occurred during initialization of VM
Unable to load native library:
/usr/local/jdk1.3.1_08/jre/lib/i386/libjava.so: symbol __libc_wait,
version GLIBC_2.0 not defined in f
Hart, Justin wrote:
Is there a way to use SSL in tomcat without having to type the password to your keystore in plaintext in the server.conf file?
Justin
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mai
James Rome wrote:
I have installed Tomcat5 on Solaris in the Sun jwdsp-1.3. I created
the certificates as per the instructions in the server.xml file, and
uncommented the ssl server section. But when I try to connect to it,
after the server presents me with its certificate, I get "error -12229"
thanks for the info. I thought I looked at the INSTALL file and did not
see anything.
UNIXalways :)
Christopher Schultz wrote:
Mark,
Thanks for getting back to me.
Where can I get instructions for doing this? I can only find
instructions for compiling the mod_jk2 as a shared object.
Thanks for getting back to me.
Where can I get instructions for doing this? I can only find
instructions for compiling the mod_jk2 as a shared object.
Christopher Schultz wrote:
Mark,
is it possible to compile mod_jk2 into apache statically?
Absolutely! In fact, I would personally recomm
is it possible to compile mod_jk2 into apache statically?
...thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I have the ability to upload files using a servlet. I also enforce file
size constraints, so people do not upload files that are too large. The
problem is, that I cannot figure out how to determine the file size
without uploading the file first. I could get the contentLength from
the request
Knowing that Tomcat is moving towards JMX, I was wondering if anyone has
"ported" Embedded.java into the a format that will support the JMX
integration. Knowing that there is a build.xml file that will launch
tomcat in an embedded state, is there an equivalent .java file for doing
this?
thank
I am converting my program over from using Tomcat 4 to Tomcat 5. I
wanted to try out the Embedded.java in the Tomcat 5 source, but there is
no main function. I think this is a bug, since catalina.sh tries to
call this class when trying to run in embedded mode.
Anyone familiar with the embedde
Mark W. Webb wrote:
I have to compile some JNI stuff for tomcat, and the gcc compile is
different for linux and solaris. Is there a way I can set this up in
ant?
thank you.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
I have to compile some JNI stuff for tomcat, and the gcc compile is
different for linux and solaris. Is there a way I can set this up in ant?
thank you.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mai
ibution (binary or source).
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 21, 2003 2:22 PM
To: Tomcat Users List
Subject: embedded tomcat 5
I want to used tomcat 5 in the embedded "format". Are there
pira
Millennium ChemInformatics
-Original Message-----
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 21, 2003 2:22 PM
To: Tomcat Users List
Subject: embedded tomcat 5
I want to used tomcat 5 in the embedded "format". Are there any
docs/suggestions/hints to doing thi
I want to used tomcat 5 in the embedded "format". Are there any
docs/suggestions/hints to doing this? I especially want the source for
this. Should I just use the standart tomcat 5 source tarball?
thanks.
-
To unsubscribe, e
I need to add some JMS functionality to my web app. I want to stick
with Tomcat, since I have become very familiar with it, and like it.
Has anyone had any experience with JMS and tomcat/servlets. I need to
have a class/servlet recieve JMS messages.
Thanks,
-
Message-
From: David Rees [mailto:[EMAIL PROTECTED]
Sent: 06 October 2003 21:51
To: [EMAIL PROTECTED]
Subject: Re: auto refresh pages and session timeout
On Mon, October 6, 2003 1at 1:12 am, Mark W. Webb sent the following
Is there a way to implement ""
tag in HTML and stil
I came across this article and wondered if this is an issue with
4.1.24. Thanks for any thoughts on this issue.
http://www.fawcette.com/javapro/2002_11/online/servletsjsp_bkurniawan_11_08_02/default_pf.aspx
-
To unsubscribe
Is there a way to implement ""
tag in HTML and still have the ability to timeout a session after X
number of minutes ? Would there have to be some logic in place for the
servlet that changes the session timeout for every refresh?
thanks.
---
I am working on a program that checks the file download progress and
audits the results. I have noticed with netscape browsers, that if a
user starts downloading a file, and the "Save As" window comes up, there
is a small amount ~200K worth of data that gets written to the browser.
Is there a
...also, you do not need the ":8080" for https. it will default to port 443
Mark W. Webb wrote:
do you have ssl turned on in apache? This is definitely an apache
config issue
[EMAIL PROTECTED] wrote:
Greetings,
This will work -
http://placeanad.classifiedmarketplace.net:8080/AdW
do you have ssl turned on in apache? This is definitely an apache
config issue
[EMAIL PROTECTED] wrote:
Greetings,
This will work - http://placeanad.classifiedmarketplace.net:8080/AdWebster
but this will not
https://placeanad.classifiedmarketplace.net:8080/AdWebster - why is this?
Thanks,
Bobbi
does anyone have experience load testing tomcat? I am especially
interested in mutually authenticate SSL load testing where tomcat runs
in conjunction with apache 2.0.47.
What tools are people using to test tomcat/apache?
thank you.
smime.p7s
Description: S/MIME Cryptographic Signature
I have a few questions conceerning deploying a web application using an
embedded version on tomcat 4.1.24 I hope someone can help me with
1. Is it possible to deploy a web app using a jar file?
2. Are any of the files in $TOMCAT/conf necessary if using an embedded
tomcat?
smime.p7s
Descriptio
Do you know of any load testing tools for apache/tomcat that support
testing when a mutually authenticated SSL connnection is required ?
Tim Funk wrote:
yes and no. The browser makes a request to apache. Then the request is
proxied to tomcat. When the servlet has been served, the browser
issue
set reoadable to true
Fabricio Machado wrote:
Hi guys!
I'm just starting work with Tomcat 4.1.24 and I want
to run it with an unprivileged user.
The webmasters are boring me every time they update
some files in "webapps" directory... they ask me to
shutdown/startup Tomcat... :-/
How can I solve t
class. any advice regarding *how* I plug it into tomcat? Is your method a standard J2EE solution or will this be Tomcat specific?
thanks for the quick reply,
mark
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 4:30 PM
To: Tomcat Users List
Subjec
you would probably want to write a SessionListener, and plug it into tomcat.
Turansky, Mark wrote:
I am required to track users and their sessions in my web application. Is there a way to access all the sessions currently held in server memory?
My application is tracking users in a database tab
how would this be handled at the OS level?
Mike Curwen wrote:
can that not be handled at an OS level?
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 3:23 PM
To: [EMAIL PROTECTED]
Subject: prompt for password at startup
Is there an
what do you mean by "embedding"
Tim Funk wrote:
AFAIK, no
Embedding tomcat would be the "simple" workaround. (But I have never
embedded tomcat before)
-Tim
Mark W. Webb wrote:
Is there an accepted way to prompt for a password upon startu
Is there an accepted way to prompt for a password upon startup of tomcat?
thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I am using 4.1.24 using mutually authenticated SSL, and having no
problems with URL re-writing
Mark Miller wrote:
I am working on a web application for which one form must be submitted
via HTTPS (while the rest of the application uses HTTP). When that one
form is submitted (and URL rewriting
If anyone could help me out, it would be greatly appreciated. I have
been working this issue for 2 weeks and cannot figure out what the
problem is.
Thank you.
Mark W. Webb wrote:
I have wrote a C program that starts up tomcat using the Invocation
API. The reason for this is so that I can
I have wrote a C program that starts up tomcat using the Invocation API. The reason for this is so that I can prompt the user for a password that will open up a PKCS12 file If anyone has a better solution, please let me know).
I have downloaded the tomcat 4.1.24, and commons-digester source and a
I can't believe that passwords for SSL are stored in the clear. That
places all responsibility of security to the OS, which may not be a good
idea. What happened to defense-in-depth ??
Nathan McMinn wrote:
When was the last time Tomcat had a published exploit?
On a related note, these kind o
I have been researching this issue for a few days, and have come to the
conclusion that apache 2.0.46 is not exporting the entire certificate
chain to tomcat when I use mutually authenticated SSL. I have tried
different configurations, and also some cgi-type programs to determine
whether or no
Has anyone ever developed any code that would prompt a user for a password upon startup? I have read on the mailing list about many people configuring tomcat to perform mutually authenticated SSL, so I think a password would be required in order to open up the key information.
How are people ha
I am writing a C program in Solaris 9 that will use the JNI Invocation API to launch tomcat. I am doing this because I want to prompt the user for a startup password that will open a PKCS12 file. I do not want the password echoed to the screen.
My C program will load a class that I have writte
Hello -
I have an SSL enabled system I am deploying using tomcat, and I would
like to prompt the user for a password to open up an encrypted file.
What is the easiest way to do this using tomcat 4.1.24 ?
thank you.
-
To unsubs
I know that the setting of a session ID was taken out in servlet API 2.1, but is there a way to still set the session ID in tomcat 4.1.24? Is there some type of session manager that I can 'plug in' to tomcat ?
...thank you.
-
...thank you.
Shapira, Yoav wrote:
Howdy,
Use the content-disposition header:
http://www.onjava.com/pub/a/onjava/excerpt/jebp_3/index3.html
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: Monday, June 09, 2003 3:34 PM
To
I need to write a servlet that handles file downloads, so that I can audit who downloaded from where, when..etc.
When I click on the link to download a file, the "Save As" window comes up in my browser(Netscape), and as a default filename I get the servlet name. Is there a way to list the actua
openssl is what I have been using.
PS. If you are doing SSL using a tomcat connector, I could use some
help. My servlets can only get the user's certificate when I run tomcat
in stand-alone mode. I would like it if apache could handle the SSL,
and pass of servlet processing to tomcat.
[EM
need more information.
Galbayar Dorjgotov wrote:
How to export private keystore file to a OpenSSL pem file?
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I get the following error message when I try and add an AJP connector
using the admin tool.
HTTP Status 400 - Invalid path /connector/AddConnector was requested
type Status report
message Invalid path /connector/AddConnector was requested
description The request sent by the client was syntactical
ou if you would like.
Ramsay
Mark W. Webb wrote:
I have the code that you specified working. The problem is that the
request.getAttribute("javax.servlet.request.X509Certificate") call is
returning null. This leads me to believe that apache is only
performing server authentication.
u haven't
separately configured Apache/IIS/iPlanet to request the cert, then certs ==
null.
"Mark W. Webb" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I need to get the user certificate that the user's browser sends to the
server in order to set up a mutu
I need to get the user certificate that the user's browser sends to the
server in order to set up a mutually authenticated SSL connection. Will
a non-SSL connector be able to perform this if I run tomcat with apache
2.0.44?
Does anyone have any experience with SSL and tomcat? I am having a
I am trying to set up JK2 to support SSL. I have a test servlet that I
run in tomcat and on a call to HttpServletRequest.isSecure(), it returns
true. The problem is that I get the following exception in catalina.out:
Apr 2, 2003 1:57:06 PM org.apache.commons.modeler.Registry loadRegistry
INFO:
PKCS12 is a certificate storage file type.
look at "openssl pkcs12"
Jan Fetyko wrote:
Sorry for the dump question but what is pkcs12 ? And how did you use the certification files with that ?
Jf
On Wed, 02 Apr 2003 10:34:34 -0500
"Mark W. Webb" <[EMAIL PROTECTED]>
I ended up using a pkcs12 file instead of a java keystore. Not sure if
this helps, but it looks like you are using openssl, so you should be
able to use the openssl command line tools.
Giulia Hill wrote:
Following the How-to, I have almost successfully activated SSL on tomcat
4.1. The problem
Is there a way to have a servlet get the client certificate that was
used to connect to apache?
I have tomcat 4.1.24 running as the backend to apache 2.0.44. Clients
set up a mutually authenticated SSL connection to apache, and all
servlet requests get forwarded to tomcat. What connector sh
(they are a dime a dozen out there) a FileWatchdog, which
checks a file every x seconds to see if it has been modified. If so, it
sends an event to your MyServletConfig or somewhere else, which re-reads
the servlet config.
Yoav Shapira
Millennium ChemInformatics
-Original Message-----
From: Ma
I have some config information that I set up for my servlets. This
information is stored in serialized files. I will need my servlets to
access this information in their normal processing. Is there some
mechanism either in the servlet API or tomcat that will allow me to
'cache' this informat
helps,
Janne
- Original Message -
From: "Mark W. Webb" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 28, 2003 11:04 PM
Subject: mutual SSL authentication
How can I set up SSL on tomcat 4.1 that will allow the server and client
to authenticate each other
How can I set up SSL on tomcat 4.1 that will allow the server and client
to authenticate each other? from what I can tell, it looks like the
SSL-HOWTO only addresses server authentication. I have this set up on
apache, would I be better off just running tomcat on top of apache?
thanks...
Is there a way to make a context run in SSL mode only? I can get the context
to work in both. The context is also an apache SSL based virtual host.
Should that matter?
--
Mark Webb
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
Ema
I have placed a prop.properties file in the WEB_INF/lib directory of my
tomcat context. The servlet keep throwing an Exception saying that it
cannot
find the ResourceBundle. Where should I place this file? From what I have
read, the prop.properties file should go into the WEB-INF/lib directory.
I have placed a prop.properties file in the WEB_INF/lib directory of my
tomcat context. The servlet keep throwing an Exception saying that it cannot
find the ResourceBundle. Where should I place this file? From what I have
read, the prop.properties file should go into the WEB-INF/lib directo
I have placed a .properties file in my TOMCAT_HOME/lib directory, and I get
and error saying that it cannot find the .properties file. Is this the right
place to put it?
I have modified the SnoopServlet servlet to print out the claspath and that
looks fine. The property file is in the classp
What do I do in order to get SSL only for the tomcat contexts? I have set up
a SSL virtual host in apache, and my context points to the same directory for
tomcat. The servlets and JSP load fine, but they load fine in http and
https. I only want to be able to run the servlets and JSP in https
Is there a way to make a context run in SSL mode only? I can get the context
to work in both. The context is also an apache SSL based virtual host.
Should that matter?
--
Mark Webb
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
Ema
I want to use the admin username and password, but I do not know what they
are. Where can I find this information ??
--
Mark Webb
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
Email: [EMAIL PROTECTED]
I am getting the following errors when I try and load a servlet from the
webapps/servlets directory...
2001-03-19 09:23:06 - Ctx( /servlets ): 404 R( /servlets +/HelloWorldExample
+ null) null
2001-03-19 09:24:29 - Ctx( /servlets ): 404 R( /servlets + /SessionExample +
null) null
Here is the
here are a few notes on where I am.
1. I have noticed that in the conf/jni_server.xml file, I have an entry that
points to a file c:/jakarta-tomcat/bin/win32/i386/jni_connect.dll. I am
running in linux, do this obviously is no good. I cannot find a linux
equivalent to this file. The contect
I am not sure how you can set up SSL for only certain context sections. If
you use virtual hosts in apache you should be able to set up different
directories with different security levels. This is what I am trying to do,
but the virtual host in apache cannot server jsp or servlets right now.
I am trying to get SSL working with tomcat. I have been unsuccessful in
getting tomcat 3.2.1 to work with SSL, I can get apache to use SSL, and I can
get tomcat 3.2.1 to work with servlets and JSP(See posting from earlier
today). My question is, is tomcat4 going to be any easier or better to
Hello, I am trying to set up tomcat to work with apache in serving SSL based
servlets. I have installed tomcat 3.2.1, and apache-1.3.14-11. I have also
installed mod_ssl-2.7.1-11, and tomcat-mod-3.2.1-1. I start up tomcat, then
apache, and I can load web pages(.html files) from the virtual h
83 matches
Mail list logo