Am 12.06.2015 um 04:01 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 4:34 PM, Arthur Ramsey wrote:
On 06/11/2015 02:35 PM, Christopher Schultz wrote: Arthur,
On 6/11/15 2:14 PM, Arthur Ramsey wrote:
Is anyone aware of a way to mitigate the
On 12/06/2015 13:12, Kaggwa, John wrote:
Hello,
I would like some help with the issue listed below and how to configure it
into my system.
Upgrade to the latest stable 7.0.x release.
Mark
Name
Apache Tomcat Multiple Vulnerabilities Prior To 7.0.50
Risk
4
Intrusive
No
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Rainer,
On 6/12/15 6:32 AM, Rainer Jung wrote:
With existing 1.1.33 you can choose your cipher suite, so that
non-DHE ciphers come first and set SSLHonorCipherOrder such that
the client chooses the first matching cipher and DHE will likely
not
I am trying to update my SSL certificate in tomcat. The webserver keeps
sending the old expired certificate
I am taking over from long gone admins with no config notes, but this
should be straightforward.
The certificate authority support suggests there might be another
configuration..but
Hello,
I would like some help with the issue listed below and how to configure it into
my system.
Name
Apache Tomcat Multiple Vulnerabilities Prior To 7.0.50
Risk
4
Intrusive
No
Description
Multiple vulnerabilities are present in some versions of Apache Tomcat.
Observation
Apache Tomcat is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Adriano,
On 6/11/15 3:54 PM, Adriano Matos Meier wrote:
Exactly!
When I run keytool -list ..., the PrivateKeyEntry now has the
fingerprint for SSL certificate.
I belived that I had lost private key, and I would have to do it
all again
What is the correct way of installing it, because I had downloaded version
apache-tomcat-8.0.23-windows-x64
All the best
JOHN KAGGWA
ASSISTANT IT MANAGER / W DOHA
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: Friday, June 12, 2015 3:50 PM
To: Tomcat Users List
On 12/06/2015 20:15, Balana, Vishal wrote:
Hello,
I am trying to find if removeAbandoned property set to True would leads a
connection returned back to pool and available to be borrowed again?
If not, am I one connection less in pool?
Abandoned connections are removed from the pool. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Kartheek,
On 6/12/15 12:32 PM, kartheek desineedi wrote:
We are facing a weird issue where a similar configuration is
yielding unexpected results for consecutive requests on Tomcat
7.0.54.
We have enabled the request dumper filter on Tomcat 7
kartheek desineedi wrote:
Yes we upgraded to Apache Tomcat 7.0.62 but still the issue is persisting.
Failed request filter did not filter out any params indicating that the
parameters are not malformed.
We are sending all the requests in the SAME manner while most of them
succeed,few of them
Hello,
I am trying to find if removeAbandoned property set to True would leads a
connection returned back to pool and available to be borrowed again?
If not, am I one connection less in pool?
Thanks,
Vishal
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: Fwd: Apache Tomcat 7 -Parameters lost
Are you 100% sure that there is nothing in these requests which could prevent
a correct
parsing of these parameters ? And/or are you sure that when you compare the
tcpdump log
and the
Thanks for your response Christopher.
Consecutive requests in the sense when 5(for example) users send requests
in the normal transaction flow,one of them fails.
The logs at different layers of the request flow indicate that the
parameters are being passed from the original request till the AJP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Douglas,
In addition to what Filip posted...
On 6/11/15 12:18 PM, Douglas Schaible wrote:
Good Day All,
I am having a problem with a connection pool and I was hoping for
some guidance.
I have defined the connection pool below for two
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Andy,
On 6/12/15 12:35 PM, Wang, Andy wrote:
Could this be as simple as the default keepaliveTimeout = 2
(i.e. 20s)
This could certainly be the issue.
Maxim, what does the timing look like with these events?
1. First HTTP request made
2.
Yes we upgraded to Apache Tomcat 7.0.62 but still the issue is persisting.
Failed request filter did not filter out any params indicating that the
parameters are not malformed.
We are sending all the requests in the SAME manner while most of them
succeed,few of them fail.
Which class in the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Kartheek,
On 6/12/15 4:41 PM, kartheek desineedi wrote:
Yes we upgraded to Apache Tomcat 7.0.62 but still the issue is
persisting.
Failed request filter did not filter out any params indicating that
the parameters are not malformed.
We are
Hi Chris,
I have the connection pool defined in /etc/tomcat8/context.xml. Is that the
wrong place the define it? Is what is defined there being copied into each
application? I underplayed some sample application and I am now seeing 10 time
the number of apps being deployed DB connections.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 6/12/15 8:56 AM, Kaggwa, John wrote:
What is the correct way of installing it, because I had downloaded
version apache-tomcat-8.0.23-windows-x64
Do you want to install Tomcat 7 (like the OP seems to want to do), or
do you want to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Maxim,
On 6/12/15 1:53 AM, Maxim Neshcheret wrote:
According to
http://docs.oracle.com/javase/6/docs/technotes/guides/net/http-keepali
ve.html
connections in HTTP 1.1
http://docs.oracle.com/javase/6/docs/technotes/guides/net/http-keepal
Could this be as simple as the default keepaliveTimeout = 15000 (i.e. 15s)
Andy
On 06/12/2015 11:20 AM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Maxim,
On 6/12/15 1:53 AM, Maxim Neshcheret wrote:
According to
Hi all,
We are facing a weird issue where a similar configuration is yielding
unexpected results for consecutive requests on Tomcat 7.0.54.
We have enabled the request dumper filter on Tomcat 7 and it shows that
consecutive requests are missing the parameters.
Due to this our application is
Sorry, correction:
default keepalivetimeout = connectionTimeout = 2 (20s)
Andy
From: Andy Wang [aw...@ptc.com]
Sent: Friday, June 12, 2015 11:31 AM
To: Tomcat Users List
Subject: Re: TCP connections reuse
Could this be as simple as the default
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dan,
On 6/12/15 8:37 AM, Dan Hyatt wrote:
I am trying to update my SSL certificate in tomcat. The webserver
keeps sending the old expired certificate I am taking over from
long gone admins with no config notes, but this should be
24 matches
Mail list logo