From: Bill Wang [mailto:bw57...@gmail.com]
Subject: encrypt the database password
So which the plain password, end user may get the password directly.
Only if you don't bother to protect access to your Tomcat server. And if you
don't do that, you've got much, much bigger problems than
dirk ooms wrote:
Hello,
we are running a web application with form based authentication. we now
have a requirement to switch between users (for subsets of users) with a
minimum of user interaction (log out and log in providing username
password is way too much work for the user). so i was
HI Vadzim,
as you like a hot HTTP-JMX access use
http://www.jolokia.org/
chili...
Peter
Am 23.05.2012 um 00:06 schrieb Vadzim Mikhalenak:
On Wed, May 23, 2012 at 12:31 AM, Konstantin Kolinko knst.koli...@gmail.com
wrote:
2012/5/22 Vadzim Mikhalenak vadzim.mikhale...@gmail.com:
Hello
Andre,
thanks for your thoughts on this. i agree that this issue brings me to
'a loop of increasing contradictions'. it's probably good to go one
step back and explain the real-life requirement:
we have an application that is used by many small companies, each
company has its own data and can
Hi,
Now it's working! Follows the script:
1) Tomcat 6.0.35: copy tomcat-jdbc.jar to CATALINA_HOME/lib. Tomcat 7.0.x
is ready.
2) Create a global resource in CATALINA_HOME/conf/server.xml. Attributes
in bold *MUST *be present:
Resource name=jdbc/pgserver auth=Container
Hi,
I have a leaking Tomcat App
I checked the heap with the Eclipse Memory Analyser
and it says
The classloader/component *org.apache.catalina.loader.WebappClassLoader @
0x94532f50*
occupies *376.421.152 (79,51%)* bytes. The memory is accumulated in one
instance of
*java.util.HashMap$Entry[]*
Christian Kaufhold wrote:
Hi,
I have a leaking Tomcat App
I checked the heap with the Eclipse Memory Analyser
and it says
The classloader/component *org.apache.catalina.loader.WebappClassLoader @
0x94532f50*
occupies *376.421.152 (79,51%)* bytes. The memory is accumulated in one
instance of
2012/5/24 Christian Kaufhold kaufhol...@googlemail.com:
Hi,
I have a leaking Tomcat App
I checked the heap with the Eclipse Memory Analyser
and it says
The classloader/component *org.apache.catalina.loader.WebappClassLoader @
0x94532f50*
occupies *376.421.152 (79,51%)* bytes. The memory
2012/5/24 Robert Anderson ranom...@gmail.com:
Sorry, for the wall of text. :)
IIRC there is no support for getConnection(username, password) in
Apache Commons DBCP pool at all, and it was a new feature in Tomcat
JDBC pool at that time.
Yes, it is the problem. I've lost many hours following
yes, there is, search http://tomcat.markmail.org for the same
org.apache.tomcat.util.digester.PROPERTY_SOURCE
is a system property where you can add the code that digests properties in
server.xml
This code can 'decode' your encoded properties
- Original Message -
From: Bill Wang
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dirk,
On 5/23/12 7:01 PM, dirk ooms wrote:
any hint on fast-user-switching or
applications-interacting-with-container-based-authentication are
very welcome.
We use securityfilter for AAA and the user is stored in the session:
you can just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris,
On 5/23/12 7:06 PM, chris derham wrote:
We had an app where support staff can login, and then on a special
form enter the username of the person to impersonate and their own
password (to prevent abuse), and the system then allows them to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert,
On 5/24/12 7:50 AM, Robert Anderson wrote:
Now it's working! Follows the script:
So, how does your script deviate from the Tomcat documentation? It
seems that you followed the docs and now it works. Right?
- -chris
-BEGIN PGP
Chris,
Basically, the ResourceLink documentation doesn't say that to enable shared
pool with different credentials:
1) You have to add tomcat-jdbc.jar in Tomcat 6.0 classpath;
2) You have to put the attributes in global resource definition:
factory=org.apache.tomcat.jdbc.pool.DataSourceFactory
For my Red Hat delivered Tomcat, changes to the connector attribute were
ignored. However, I did find a fix that works.
In tomcat5.conf, after all other settings are added to JAVA_OPTS, add the value
you desire for max parameter count like this:
# RH KB 100383
# Override default max parameter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert,
On 5/24/12 10:57 AM, Robert Anderson wrote:
Chris,
Basically, the ResourceLink documentation doesn't say that to
enable shared pool with different credentials:
1) You have to add tomcat-jdbc.jar in Tomcat 6.0 classpath;
2) You have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 5/24/12 8:42 AM, Konstantin Kolinko wrote:
2012/5/24 Christian Kaufhold kaufhol...@googlemail.com:
Hi,
I have a leaking Tomcat App I checked the heap with the Eclipse
Memory Analyser and it says
The classloader/component
dirk ooms wrote:
Andre,
thanks for your thoughts on this. i agree that this issue brings me to
'a loop of increasing contradictions'. it's probably good to go one
step back and explain the real-life requirement:
we have an application that is used by many small companies, each
company has its
André Warnier wrote:
dirk ooms wrote:
Andre,
thanks for your thoughts on this. i agree that this issue brings me to
'a loop of increasing contradictions'. it's probably good to go one
step back and explain the real-life requirement:
we have an application that is used by many small
Is this the same server with the Wicket app you posted about earlier ?
If so, you have a Wicket app that is storing the
SessionFactoryObjectFactory on a page as a class member. Wicket stores
each page a user has been to in the user's session. If the page has
class members, then it serializes them
Exactly, I had no way of knowing because the documentation of ResourceLink
does not inform these details. :)
Konstantin was perfect in his description in bugzilla.
On Thu, May 24, 2012 at 12:06 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
1.2.32 and 1.2.35 work fine.
[Wed May 23 15:56:32 2012] [32504:1138178368] [debug]
jk_open_socket::jk_connect.c (609): trying to connect socket 22 to
0.0.0.0:0
Connecting to 0.0.0.0:0 ?
Yeah, I balked at that too.
[Wed May 23 15:56:32 2012] [32504:1138178368] [debug]
Anthony J. Biacco wrote:
Please point out the workers.properties config line from my OP that's
incorrect. I didn't change configs at all from 1.2.32-1.2.35-1.2.36.
How could the config all of a sudden be incorrect with 1.2.36? The
changelog doesn't mention anything about deprecated or changed
You have the worker app-03 referenced both as a worker in its own
right,
and as a balanced
worker. Isn't this a bit strange ?
Normally, if it is accessed via the balancer, you do not list it in
workers.list.
I have it in the list because sometimes I reference a specific worker in
the
Chris, Andre,
thanks for sharing your thoughts, it helped me to see things more clear.
changing a user object in the session is something i already did. the
problem with this was (and which was triggering my initial question) is
that a new user could have access rights to more functionality than
dirk ooms wrote:
Chris, Andre,
thanks for sharing your thoughts, it helped me to see things more clear.
changing a user object in the session is something i already did. the
problem with this was (and which was triggering my initial question) is
that a new user could have access rights to more
How about your barcode (or card or whatever) idea, to allow users to switch
id on-the-fly
? I am curious as to how you implement that.
after some user has logged in in a 'normal/standard' way (using e.g.
form-based, container-managed), there is a text input field in the
header of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dirk,
On 5/24/12 4:51 PM, dirk ooms wrote:
changing a user object in the session is something i already did.
I misspoke: SF stores the /user principal/ in the session. When you
change that, the identity of the current user (roles and all) changes.
On 05/24/2012 09:40 PM, Anthony J. Biacco wrote:
I'm still puzzled as to why this behavior just changed between .35 and
.36
OK, but if you follow the recommended configuration
by making sure that workers which are members of lb are not
listed inside worker.list, does it works?
Regards
--
m trying to do a setup of tomcat clustering in which one tomcat is on port
8080 and other one is on 8081.
i have downloaded the tomcat-connector in the modules folder of my apache.i
built it using build-unix.sh by downloading the script from net as it was
nt already there in the downloaded
30 matches
Mail list logo