Wow, I think I’ve gotten more help in 10 minutes from this users group than in
2 weeks from anywhere else I’ve tried.
I’ll try to respond as quickly as I can but I want to test your various
suggestions, so it might be tomorrow before I can do them justice.
Thank you all so much!
Ellen Meiselm
-Original Message-
From: André Warnier (tomcat/perl)
Sent: Monday, February 24, 2020 3:33 PM
To: users@tomcat.apache.org
Subject: Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat
On 24.02.2020 22:04, Christopher Schultz wrote:
> With 8.5.51, requiredSecret is renamed "se
On 24.02.2020 22:04, Christopher Schultz wrote:
With 8.5.51, requiredSecret is renamed "secret" but "requiredSecret"
is still an alias of the same configuration property. If #2 happens
after #1 above, then your actual secret will be the literal string
"true" (oops).
We apologize for this confusi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris,
On 2/24/20 15:53, Chris Cheshire wrote:
> On Mon, Feb 24, 2020 at 3:19 PM Ellen Meiselman
> wrote:
>>
>> Hi,
>>
>> I’m having a lot of trouble configuring the isapi_redirect
>> connector between IIS and Tomcat. I am running out of ideas so
>
On 24/02/2020 20:53, Chris Cheshire wrote:
> On Mon, Feb 24, 2020 at 3:19 PM Ellen Meiselman wrote:
>>
>> Hi,
>>
>> I’m having a lot of trouble configuring the isapi_redirect connector between
>> IIS and Tomcat. I am running out of ideas so it’s time to ask for help from
>> the experts. I think
On Mon, Feb 24, 2020 at 3:19 PM Ellen Meiselman wrote:
>
> Hi,
>
> I’m having a lot of trouble configuring the isapi_redirect connector between
> IIS and Tomcat. I am running out of ideas so it’s time to ask for help from
> the experts. I think the problems remaining are in the tomcat configurat
On 24/02/2020 20:44, calder wrote:
> On Mon, Feb 24, 2020, 14:19 Ellen Meiselman wrote:
>
>> Hi,
>>
>> I’m having a lot of trouble configuring the isapi_redirect connector
>> between IIS and Tomcat. I am running out of ideas so it’s time to ask for
>> help from the experts. I think the problems r
On Mon, Feb 24, 2020, 14:19 Ellen Meiselman wrote:
> Hi,
>
> I’m having a lot of trouble configuring the isapi_redirect connector
> between IIS and Tomcat. I am running out of ideas so it’s time to ask for
> help from the experts. I think the problems remaining are in the tomcat
> configuration a
On 24/02/2020 20:19, Ellen Meiselman wrote:
> Hi,
>
> I’m having a lot of trouble configuring the isapi_redirect connector between
> IIS and Tomcat. I am running out of ideas so it’s time to ask for help from
> the experts. I think the problems remaining are in the tomcat configuration
> area,
Hi,
I’m having a lot of trouble configuring the isapi_redirect connector between
IIS and Tomcat. I am running out of ideas so it’s time to ask for help from the
experts. I think the problems remaining are in the tomcat configuration area,
not the IIS area anymore.
What’s wrong:
The ISAPI mo
> > The second reason is we use Splunk as a log aggregator. In Splunk
>> it is easy to filter these out when looking at the log but having
>> all these almost useless messages significantly adds to the
>> activity of the Splunk forwarder on these systems.
>I'm surprised Splunk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Darryl,
On 2/21/20 12:49, Darryl Philip Baker wrote:
> On 2/21/20, 11:36 AM, "Christopher Schultz"
> wrote:
>
> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256
>
> Darryl,
>
> On 2/21/20 12:15, Darryl Philip Baker wrote:
>> I have taken over the a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Lazar,
On 2/24/20 02:05, Lazar Kirchev wrote:
> Chris,
>
> CookieProcessor.generateCookie(Map<> requestHeaders, Cookie) will
> work perfectly for me and I guess for anyone who needs to check the
> client version.
Want to prepare a PR?
- -chris
>
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 10.0.0-M1.
Apache Tomcat 10 is an open source software implementation of the
Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language,
Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations
specificat
CVE-2020-1938 AJP Request Injection and potential Remote Code Execution
Severity: High
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.30
Apache Tomcat 8.5.0 to 8.5.50
Apache Tomcat 7.0.0 to 7.0.99
Description:
When using the Apache JServ Protocol (AJP),
CVE-2019-17569 HTTP Request Smuggling
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.28 to 9.0.30
Apache Tomcat 8.5.48 to 8.5.50
Apache Tomcat 7.0.98 to 7.0.99
Description:
The refactoring in 9.0.28, 8.5.48 and 7.0.98 introduced a regression.
The resul
CVE-2020-1935 HTTP Request Smuggling
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.30
Apache Tomcat 8.5.0 to 8.5.50
Apache Tomcat 7.0.0 to 7.0.99
Description:
The HTTP header parsing code used an approach to end-of-line parsing
that allowe
17 matches
Mail list logo