Richard,
I think the rule goes that you should avoid touching server.xml for
something that web.xml can do.
On Sun, Jul 21, 2019 at 4:40 AM Richard Huntrods wrote:
>
> I apologise for top posting in advance, but just a quick update and
> quicker question...
>
> After Konstantin found my typo, I
I apologise for top posting in advance, but just a quick update and
quicker question...
After Konstantin found my typo, I tried editing the global web.xml file
(/conf/web.xml) . In my case, this is actually the file I want based on
the behaviour described by Konstantin as this entire tomcat
Sorry for top-posting. It's the default with my mail program
(thunderbird)...
On 7/20/2019 11:27 AM, Konstantin Kolinko wrote:
> сб, 20 июл. 2019 г. в 17:47, Richard Huntrods :
>> OK. That was really weird.
>>
>> As I said in my message, following the directions on the web did NOT
>> work. It
Thanks. However, what I don't understand is why putting that code into the
webapps WEB-INF/web.xml would cause the behaviour I want in ROOT.
Sadly, this is a production server and I can't play with it except after hours.
EDIT. I tried working with web.xml on my development server, and could not
пт, 19 июл. 2019 г. в 12:47, Victor WILLART :
>
> Hi everybody,
>
>
> I am using Tomcat 8.0, and I am struggling to replace and deploy a WAR file.
>
Tomcat 8.0 has reached End of Life and should not be used anymore. The
replacements are Tomcat 8.5 and 9.0.
>
> I made a new WAR file, named it
сб, 20 июл. 2019 г. в 17:47, Richard Huntrods :
>
> OK. That was really weird.
>
> As I said in my message, following the directions on the web did NOT
> work. It didn't force redirection from http to https.
>
> What it DID end up doing was to kill the tomcat servlet application.
> Before the
Chris,
> Jerry,
>
>> On 7/19/19 13:38, Jerry Malcolm wrote:
> I have had a dedicated hosted environment with WAMP and
> Tomcat for over 15 years. I'm very familiar with everything
> related to that environment... apache http, mysql, dns
> server, the file system, JAMES, and all
Fixed it by brute force.
First, I tried putting the changes ONLY in
../tomcat/webapps/ROOT/WEB-INF/web.xml instead of ../tomcat/conf/web.xml
The good news is that didn't affect the servlet application. The bad
news is now the http://mydomain.com/ started getting the 404 error. So I
undid that
Richard,
> Am 20.07.2019 um 16:47 schrieb Richard Huntrods :
>
> OK. That was really weird.
>
> As I said in my message, following the directions on the web did NOT
> work. It didn't force redirection from http to https.
>
> What it DID end up doing was to kill the tomcat servlet
OK. That was really weird.
As I said in my message, following the directions on the web did NOT
work. It didn't force redirection from http to https.
What it DID end up doing was to kill the tomcat servlet application.
Before the change it was working fine, and after the change it would
only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sumit,
On 7/20/19 08:47, Sumit Bhardwaj wrote:
> Hi,
>
> We are using tomcat 9 and getting following two vulnerabilities in
> security scans.
>
> Cookie Does Not Contain The "secure" Attribute (1) Cookie Does Not
> Contain The "HTTPOnly"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jerry,
> On 7/19/19 13:38, Jerry Malcolm wrote:
I have had a dedicated hosted environment with WAMP and
Tomcat for over 15 years. I'm very familiar with everything
related to that environment... apache http, mysql, dns
server,
If you have a load balancer you will need to add these attributes there as
well...
Sent from my T-Mobile 4G LTE Device
Original message
From: Sumit Bhardwaj
Date: 7/20/19 8:52 AM (GMT-05:00)
To: Tomcat Users List
Subject: Security vulnerabilities with tomcat 9
Hi,
We
Hi,
We are using tomcat 9 and getting following two vulnerabilities in security
scans.
Cookie Does Not Contain The "secure" Attribute (1)
Cookie Does Not Contain The "HTTPOnly" Attribute (1)
We have done things mentioned in
https://geekflare.com/secure-cookie-flag-in-tomcat/
true
true
and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Victor,
On 7/19/19 05:47, Victor WILLART wrote:
> Hi everybody,
>
>
> I am using Tomcat 8.0, and I am struggling to replace and deploy a
> WAR file.
>
>
> I made a new WAR file, named it like the old one, and replaced it
> in my webapps folder.
Richard,
> Am 20.07.2019 um 04:19 schrieb Richard Huntrods :
>
> I tried implementing automatic redirection from HTTP to HTTPS on my
> tomcat today, but it's not working.
>
> First, my system:
> OS: Ubuntu 18.04.2 LTS (server)
> Tomcat: 9.0.22 (installed from tomcat distribution, not via apt
16 matches
Mail list logo
