JNDI look up with tomcat 8.5.6

Hi, We are upgrading the tomcat from apache-tomcat-7.0.59 to apache-tomcat-8.5.6. We are setting the custom class loader as we required for our application and JNDI look up is not working with tomcat 8 earlier it was working fine with tomcat 7. Pleas help regarding that. -- Thanks and Regards

Re: Does Tomcat8 NIO2 connector support Apache CometEvent?

Mark Thomas 於 2016年11月1日 週二 下午6:06寫道： > On 01/11/2016 09:44, Bruce Huang wrote: > > Hi all, > > > > We have a simple servlet which implements Apache CometEvent for long > > polling connection on tomcat8. It works well when we used > > org.apache.coyote.http11.Http11NioProtocol,

Re: Vulnerability from PCI scan

On 11/1/2016 5:25 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Carl, On 11/1/16 5:11 PM, Carl K. wrote: Control Scan has returned this as a vulnerability in Tomcat 8.0.38: Vulnerable version of Apache Tomcat: 8.0.38 Risk: High (3) Port: 443/tcp Protocol:

Re: Vulnerability from PCI scan

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Carl, On 11/1/16 5:11 PM, Carl K. wrote: > Control Scan has returned this as a vulnerability in Tomcat > 8.0.38: > > Vulnerable version of Apache Tomcat: 8.0.38 > > Risk: High (3) Port: 443/tcp Protocol: tcp Threat ID: > web_dev_tomcatver > >

Vulnerability from PCI scan

Control Scan has returned this as a vulnerability in Tomcat 8.0.38: Vulnerable version of Apache Tomcat: 8.0.38 Risk: High (3) Port: 443/tcp Protocol: tcp Threat ID: web_dev_tomcatver Details: 404 Error Page Cross Site Scripting Vulnerability 12/21/09 Apache Tomcat is prone to a cross-site

Re: [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources

Excellent mark..thankyou..i am just trying to learn as much as i can and that gives me so good data to evaluate paths of understanding... look forward to communicating again.. rich On Tue, Nov 1, 2016 at 4:30 PM, Mark Thomas wrote: > On 01/11/2016 19:56, R Paul wrote: > > Hi

Re: tomcat 7.0.54 /jdk 1.8 - only TLS_RSA_* ciphers work

On 01/11/2016 20:40, Christopher Schultz wrote: > Daba, > > On 11/1/16 4:33 PM, capt.spock wrote: >> Stumped with this issue...environment tomcat 7.054 with openjdk >> version "1.8.0_111" OpenJDK Runtime Environment (build >> 1.8.0_111-b15) > >> Couple of servers with below config in server.xml

Re: tomcat 7.0.54 /jdk 1.8 - only TLS_RSA_* ciphers work

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daba, On 11/1/16 4:33 PM, capt.spock wrote: > Stumped with this issue...environment tomcat 7.054 with openjdk > version "1.8.0_111" OpenJDK Runtime Environment (build > 1.8.0_111-b15) > > Couple of servers with below config in server.xml throws

tomcat 7.0.54 /jdk 1.8 - only TLS_RSA_* ciphers work

Stumped with this issue...environment tomcat 7.054 with openjdk version "1.8.0_111" OpenJDK Runtime Environment (build 1.8.0_111-b15) Couple of servers with below config in server.xml throws warning in Catalina and browsers have issue connecting. INFO: The APR based Apache Tomcat Native

Re: [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources

On 01/11/2016 19:56, R Paul wrote: > Hi Mark > met you at pivotal...in toronto.. > i have been watching these forums for some time..and just seeing the > quantity of emails > are these people experiencing a normal number of issues with gettting > tomcat to work with their software? I think what

Re: (TC7+) Why was the Realm argument removed for GenericPrincipal?

On 01/11/2016 18:12, calder wrote: > We have an application that runs on Tomcat6. For Tomcat7+, two of our > .java files require modification. The modifications are mostly > concerned with the invocation of the > org.apache.catalina.realm.GenericPrincipal constructor - see the > MyappRealm class

Re: [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources

Hi Mark met you at pivotal...in toronto.. i have been watching these forums for some time..and just seeing the quantity of emails are these people experiencing a normal number of issues with gettting tomacat to work with their software? Can you catergorize some of those issues to me..as student

(TC7+) Why was the Realm argument removed for GenericPrincipal?

We have an application that runs on Tomcat6. For Tomcat7+, two of our .java files require modification. The modifications are mostly concerned with the invocation of the org.apache.catalina.realm.GenericPrincipal constructor - see the MyappRealm class just below - this is the TC6 version. For

Re: currentThreadCount and currentThreadsBusy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rallavagu, On 10/31/16 4:02 PM, Rallavagu wrote: > On 10/31/16 12:54 PM, Mark Thomas wrote: >> On 31/10/2016 19:52, Rallavagu wrote: >>> As per >>> https://tomcat.apache.org/tomcat-7.0-doc/config/executor.html >>> it appears "maxIdleTime" could be

Re: Async servlet and request recycling

On 25/10/2016 09:59, Mark Thomas wrote: > Thanks for this. > > While I haven't had a chance to look into this, there is enough > information here to justify opening a bug report. That has the added > advantage that it won't get forogtten. I've found the time to look at this. There was a bug.

Re: Does Tomcat8 NIO2 connector support Apache CometEvent?

On 01/11/2016 09:44, Bruce Huang wrote: > Hi all, > > We have a simple servlet which implements Apache CometEvent for long > polling connection on tomcat8. It works well when we used > org.apache.coyote.http11.Http11NioProtocol, however, we have now changed to > using

Does Tomcat8 NIO2 connector support Apache CometEvent?

Hi all, We have a simple servlet which implements Apache CometEvent for long polling connection on tomcat8. It works well when we used org.apache.coyote.http11.Http11NioProtocol, however, we have now changed to using org.apache.coyote.http11.Http11Nio2Protocol and it will not work properly.