Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

Wow, I think I’ve gotten more help in 10 minutes from this users group than in 2 weeks from anywhere else I’ve tried. I’ll try to respond as quickly as I can but I want to test your various suggestions, so it might be tomorrow before I can do them justice. Thank you all so much! Ellen Meiselm

RE: At wits end: Difficulties with IIS ISAPI connector and Tomcat

-Original Message- From: André Warnier (tomcat/perl) Sent: Monday, February 24, 2020 3:33 PM To: users@tomcat.apache.org Subject: Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat On 24.02.2020 22:04, Christopher Schultz wrote: > With 8.5.51, requiredSecret is renamed "se

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

On 24.02.2020 22:04, Christopher Schultz wrote: With 8.5.51, requiredSecret is renamed "secret" but "requiredSecret" is still an alias of the same configuration property. If #2 happens after #1 above, then your actual secret will be the literal string "true" (oops). We apologize for this confusi

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Chris, On 2/24/20 15:53, Chris Cheshire wrote: > On Mon, Feb 24, 2020 at 3:19 PM Ellen Meiselman > wrote: >> >> Hi, >> >> I’m having a lot of trouble configuring the isapi_redirect >> connector between IIS and Tomcat. I am running out of ideas so >

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

On 24/02/2020 20:53, Chris Cheshire wrote: > On Mon, Feb 24, 2020 at 3:19 PM Ellen Meiselman wrote: >> >> Hi, >> >> I’m having a lot of trouble configuring the isapi_redirect connector between >> IIS and Tomcat. I am running out of ideas so it’s time to ask for help from >> the experts. I think

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

On Mon, Feb 24, 2020 at 3:19 PM Ellen Meiselman wrote: > > Hi, > > I’m having a lot of trouble configuring the isapi_redirect connector between > IIS and Tomcat. I am running out of ideas so it’s time to ask for help from > the experts. I think the problems remaining are in the tomcat configurat

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

On 24/02/2020 20:44, calder wrote: > On Mon, Feb 24, 2020, 14:19 Ellen Meiselman wrote: > >> Hi, >> >> I’m having a lot of trouble configuring the isapi_redirect connector >> between IIS and Tomcat. I am running out of ideas so it’s time to ask for >> help from the experts. I think the problems r

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

On Mon, Feb 24, 2020, 14:19 Ellen Meiselman wrote: > Hi, > > I’m having a lot of trouble configuring the isapi_redirect connector > between IIS and Tomcat. I am running out of ideas so it’s time to ask for > help from the experts. I think the problems remaining are in the tomcat > configuration a

Re: At wits end: Difficulties with IIS ISAPI connector and Tomcat

On 24/02/2020 20:19, Ellen Meiselman wrote: > Hi, > > I’m having a lot of trouble configuring the isapi_redirect connector between > IIS and Tomcat. I am running out of ideas so it’s time to ask for help from > the experts. I think the problems remaining are in the tomcat configuration > area,

At wits end: Difficulties with IIS ISAPI connector and Tomcat

Hi, I’m having a lot of trouble configuring the isapi_redirect connector between IIS and Tomcat. I am running out of ideas so it’s time to ask for help from the experts. I think the problems remaining are in the tomcat configuration area, not the IIS area anymore. What’s wrong: The ISAPI mo

Re: Novice Tomcat Admin Question - Filtering log output

> > The second reason is we use Splunk as a log aggregator. In Splunk >> it is easy to filter these out when looking at the log but having >> all these almost useless messages significantly adds to the >> activity of the Splunk forwarder on these systems. >I'm surprised Splunk

Re: Novice Tomcat Admin Question - Filtering log output

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Darryl, On 2/21/20 12:49, Darryl Philip Baker wrote: > On 2/21/20, 11:36 AM, "Christopher Schultz" > wrote: > > -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > > Darryl, > > On 2/21/20 12:15, Darryl Philip Baker wrote: >> I have taken over the a

Re: cookie configurations for Tomcat 7

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Lazar, On 2/24/20 02:05, Lazar Kirchev wrote: > Chris, > > CookieProcessor.generateCookie(Map<> requestHeaders, Cookie) will > work perfectly for me and I guess for anyone who needs to check the > client version. Want to prepare a PR? - -chris >

[ANN] Apache Tomcat 10.0.0-M1 available

The Apache Tomcat team announces the immediate availability of Apache Tomcat 10.0.0-M1. Apache Tomcat 10 is an open source software implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations specificat

[SECURITY] CVE-2020-1938 AJP Request Injection and potential Remote Code Execution

CVE-2020-1938 AJP Request Injection and potential Remote Code Execution Severity: High Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.30 Apache Tomcat 8.5.0 to 8.5.50 Apache Tomcat 7.0.0 to 7.0.99 Description: When using the Apache JServ Protocol (AJP),

[SECURITY] CVE-2019-17569 HTTP Request Smuggling

CVE-2019-17569 HTTP Request Smuggling Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.28 to 9.0.30 Apache Tomcat 8.5.48 to 8.5.50 Apache Tomcat 7.0.98 to 7.0.99 Description: The refactoring in 9.0.28, 8.5.48 and 7.0.98 introduced a regression. The resul

[SECURITY] CVE-2020-1935 HTTP Request Smuggling

CVE-2020-1935 HTTP Request Smuggling Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.30 Apache Tomcat 8.5.0 to 8.5.50 Apache Tomcat 7.0.0 to 7.0.99 Description: The HTTP header parsing code used an approach to end-of-line parsing that allowe