Re: Java 10; JAXB; and Tomcat 9

Le 03/05/2018 à 00:42, Jerry Malcolm a écrit : > Thanks for the input.  I haven't been keeping up with Java EE for a > while.  I tried to download EE instead of SE and got a few gigabytes of > "GlassFish server".  Couldn't even find the jaxb jar files in that > package.  I haven't researched what

Re: Java 10; JAXB; and Tomcat 9

On 5/2/2018 4:37 PM, Emmanuel Bourg wrote: Le 02/05/2018 à 23:14, Jerry Malcolm a écrit : I just did a clean install of TC 9 on a new system.  I downloaded the latest JDK, (10).  My code started getting errors about JAXB Exception class not found.  I had already faced this with the JAMES

Re: Java 10; JAXB; and Tomcat 9

Le 02/05/2018 à 23:14, Jerry Malcolm a écrit : > I just did a clean install of TC 9 on a new system.  I downloaded the > latest JDK, (10).  My code started getting errors about JAXB Exception > class not found.  I had already faced this with the JAMES installation > and found out JAXB was removed

Java 10; JAXB; and Tomcat 9

I just did a clean install of TC 9 on a new system.  I downloaded the latest JDK, (10).  My code started getting errors about JAXB Exception class not found.  I had already faced this with the JAMES installation and found out JAXB was removed in Java 9+, but was still available if called out. 

Re: tomcat 6 vulnerability scan default error page help

You need to unpack catalina.jar in tomcat lib directory, then go to org\apache\catalina\util\, open ServerInfo.properties and edit it server.info=Apache Tomcat server.number= server.built= You need to set to empty these variables, as shown above. Save the file. Pack as jar again Put in the

Re: tomcat 6 vulnerability scan default error page help

On 02/05/18 20:51, Leon Rosenberg wrote: > Hi Mark, > > I agree with you that the complaint about version number is rather a minor > one, however, I've had the same situation as one of our projects had to > pass through a PCI Compliance test, and this is what they really test for. Don't get me

Re: tomcat 6 vulnerability scan default error page help

Hi Mark, I agree with you that the complaint about version number is rather a minor one, however, I've had the same situation as one of our projects had to pass through a PCI Compliance test, and this is what they really test for. regards Leon On Wed, May 2, 2018 at 9:42 PM, Mark Thomas

Re: tomcat 6 vulnerability scan default error page help

On 02/05/18 20:27, Berneburg, Cris J. - US wrote: > We are getting dinged by a vulnerability scan for the default not-found error > page being returned by Tomcat for a Status 404. > > On my dev server when requesting an invalid URL, Tomcat returns a Status 404 > page that displays the Tomcat

Re: tomcat 6 vulnerability scan default error page help

Hi Cris, try to add following to your web.xml 404 /error404.html regards Leon On Wed, May 2, 2018 at 9:27 PM, Berneburg, Cris J. - US wrote: > We are getting dinged by a vulnerability scan for the default not-found > error page being returned

tomcat 6 vulnerability scan default error page help

We are getting dinged by a vulnerability scan for the default not-found error page being returned by Tomcat for a Status 404. On my dev server when requesting an invalid URL, Tomcat returns a Status 404 page that displays the Tomcat version. Right, I need to do something about that. However,

Re: Jsp pages with scriptlet and javadoc comments loaded in char[]

On 5/2/2018 07:30, M. Manna wrote: Hi Mark, Basically, our application has quite a lot of large objects which are singletons. When we checked the list of char[] objects loaded in the memory, some of them showed JspServlet related Strings and had commented code loaded into char[]. we have quite

Re: tomcat9 j_security_check request.getRequestURI() incorrect after POST

Mark, you can reproduce it using the FormAuthentication example in the examples ( http://localhost:8080/examples/jsp/security/protected/) edit index.jsp 1. add the line "RequestURI: <%= request.getRequestURI() %>" in begin of body 2. change the method of the form from GET to POST scenario: 1.

Re: Insert key-store implementation into Tomcat Connector

Thank you for the information. Mark Boon On 5/2/18, 3:35 AM, "Mark Thomas" wrote: On 02/05/18 01:48, Mark Boon wrote: > In the Tomcat TLS Connecter configuration, there’s the trustManagerClassName that can be set to a Java implementation of the X509TrustManager

Re: Problem finding native shared library (.so)

On Wed, May 2, 2018 at 2:51 AM, Reynolds, Scott wrote: > Hi, > > I'm trying to deploy a webapp to Tomcat 8.0.39 on CentOS 7 x86_64 that > depends on native shared libraries. I can't install the shared libraries > in a system-wide location because there are multiple

Re: Jsp pages with scriptlet and javadoc comments loaded in char[]

Hi Mark, Basically, our application has quite a lot of large objects which are singletons. When we checked the list of char[] objects loaded in the memory, some of them showed JspServlet related Strings and had commented code loaded into char[]. we have quite a lot of Strings loaded in memory

Re: slow or timeout with client certificate and some http client against tomcat 8.5 with Nio2 OpenSSL implementation

On Wed, May 2, 2018 at 12:22 PM Mark Thomas wrote: > On 02/05/18 09:31, Rémy Maucherat wrote: > > On Wed, May 2, 2018 at 5:19 AM Hugh H wrote: > > > >> Hi Mark, > >> > >> Here are the logs you requested > >> > >> client: > >>

Re: Information on sessionCacheSize !

On 02/05/18 01:18, Utkarsh Dave wrote: > Hello Team and Tomcat users, > > I am trying to gather more information and the effect of parameter > "sessionCacheSize" in server.xml for a ssl connector. > I see this from the documentation "The number of SSL sessions to maintain > in the session cache."

Re: Insert key-store implementation into Tomcat Connector

On 02/05/18 01:48, Mark Boon wrote: > In the Tomcat TLS Connecter configuration, there’s the trustManagerClassName > that can be set to a Java implementation of the X509TrustManager interface. > There’s also a configuration called keystoreFile from which it will read the > certificate-key pair

Re: slow or timeout with client certificate and some http client against tomcat 8.5 with Nio2 OpenSSL implementation

On 02/05/18 09:31, Rémy Maucherat wrote: > On Wed, May 2, 2018 at 5:19 AM Hugh H wrote: > >> Hi Mark, >> >> Here are the logs you requested >> >> client: >> https://1drv.ms/t/s!Aii8T4l0bnqVlyAuRIjSuluBe8vy >> >> server: >> https://1drv.ms/u/s!Aii8T4l0bnqVlx-TGo6I0dMXZxG1 >>

Re: Jsp pages with scriptlet and javadoc comments loaded in char[]

On 02/05/18 10:31, M. Manna wrote: > Hi All, > > I had a specific question regarding JSPs loaded in web-application > container for jasper to compilation. If I have a JSP page which has > scriptlet and javadoc comments/code comments, aren't those loaded into the > char[] of JSP pages too? No. >

Jsp pages with scriptlet and javadoc comments loaded in char[]

Hi All, I had a specific question regarding JSPs loaded in web-application container for jasper to compilation. If I have a JSP page which has scriptlet and javadoc comments/code comments, aren't those loaded into the char[] of JSP pages too? I understand that Jasper compiles the JSPs but those

Re: slow or timeout with client certificate and some http client against tomcat 8.5 with Nio2 OpenSSL implementation

On Wed, May 2, 2018 at 5:19 AM Hugh H wrote: > Hi Mark, > > Here are the logs you requested > > client: > https://1drv.ms/t/s!Aii8T4l0bnqVlyAuRIjSuluBe8vy > > server: > https://1drv.ms/u/s!Aii8T4l0bnqVlx-TGo6I0dMXZxG1 > > > I checked the system clock right before my testing