Am 21.04.23 um 07:03 schrieb jonmcalexan...@wellsfargo.com.INVALID:
No, there is no error and no stack trace. Everything works, just the hsts
header isn't in the list of headers.
The lowest hanging fruit: HSTS is only defined on https - on http it
doesn't have any meaning and Tomcat would be
No, there is no error and no stack trace. Everything works, just the hsts
header isn't in the list of headers.
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastru
Any more details on the request?
Are you hitting an error 400? Like with ip address on a name based host?
That is handled prior to the filter and so you don't see the header!
Peter
> Am 20.04.2023 um 22:40 schrieb jonmcalexan...@wellsfargo.com.invalid:
>
> Hellow again.
>
> I hae another app
Hellow again.
I hae another app team that is getting hit with a QID 11827 stating that the
hsts Security header is missing. We have reviewed the web.xml and the
appropriate section and filter are present. hstsEnabled is set to true.
Performing a curl aganst the site does NOT show the hsts STRIC
Thank you!
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515
William,
On 4/20/23 13:56, William L. Cunningham wrote:
Unfortunately, I'm not privy to the developer side of things. I'm
infrastructure trying to help the development side. So I'm not sure
how to provide what you're asking for. I'll see if I can get some
assistance on that though.
Point your
AddOn, if you use the native TLS implementation with openssl you can't
configure the TLS 1.3 ciphers which should be used with the ciphers
attribute, you will get all the ones which are enabled by default for TLS
1.3 in openssl.
Tomcat does still not support to configure them, you can look through
Unfortunately, I'm not privy to the developer side of things. I'm
infrastructure trying to help the development side. So I'm not sure how to
provide what you're asking for. I'll see if I can get some assistance on that
though.
Just for the sake of curiosity, I just installed the 8.5.88 in a
I chose option 1 and re-wrote everything. It was fun
Kevin Huntly
Email: kmhun...@gmail.com
Cell: 716/424-3311
-BEGIN GEEK CODE BLOCK-
Version: 1.0
GCS/IT d+ s a C++ UL+++$ P+(++) L+++ E---
W
Thank You!!!
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell
Kevin,
On 4/17/23 17:56, Kevin Huntly wrote:
I'm getting the following exception when I try to access my webapp:
17-Apr-2023 17:52:55.982 SEVERE [catalina-exec-1]
org.apache.catalina.core.ApplicationDispatcher.invoke Servlet.service() for
servlet [jsp] threw exception
java.lang.ClassNo
Torsten,
On 4/17/23 19:31, Torsten Krah wrote:
Use logAbandoned as a boolean parameter
+1
remoteAbandoned is only a band-aid; you need to fix your application.
In development, I always run with maxTotal="1" and logAbandoned="true"
and maxWaitMillis="1". This will help you find connectio
Kevin,
On 4/19/23 07:07, Kevin Huntly wrote:
I'm guessing its not possible to have the cluster setup with a session
database?
Yeah, you usually pick one: database or cluster.
If you pick cluster, then the cluster is your database (don't let all
the nodes go down!). If you pick database, ther
Harri,
On 4/18/23 07:43, Harri Pesonen wrote:
Hello, we have:
Tomcat/8.5.83
Windows Server 2016
java.version=11.0.12
java.vendor=Azul Systems, Inc.
sun.arch.data.model=64
Sometimes Tomcat fails to start our application because of this error:
06:45:58.230 ERR> (Catalina-startStop-1)
(org.apac
Konstantin,
On 4/18/23 09:39, Konstantin Kolinko wrote:
You can also download from Maven Central. Tomcat releases are also
published there.
This is the "correct" answer for anything Maven-related IMO.
-chris
-
To unsubscribe
This is what I have:
Kevin Huntly
Email: kmhun...@gmail.com
Cell: 716/424-3311
-BEGIN GEEK CODE BLOCK-
Version: 1.0
Is this actually Kosher?
Open your Tomcat server
Open your server.xml file in tomcat
Add the connector with TLS protocol as below
Now, restart your Tomcat.
If so, do we just add t
Hi Christopher,
I mean, for an SSL/TLS Connector, since you can't put TLS1.2 and TLS1.3 in the
same connector, is it best to create separate connectors for each protocol, OR
just go with TLS 1.3?
Thanks,
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vic
Hello Chris,
thank you for the quick reply :)
> -Ursprüngliche Nachricht-
> Von: Christopher Schultz
> Gesendet: Donnerstag, 20. April 2023 17:31
> An: users@tomcat.apache.org
> Betreff: Re: ServletFileUpload not available in Tomcat 10.1
>
> Thomas,
>
> On 4/20/23 10:26, Thomas Hoffma
In Windows, the installer define Initial memory pool: 128 MB and Maximum memory
pool: 256 MB, the configuration is available in the Tomcat8w gui app.
I see the same on Tomcat 8 and 9.
-Original Message-
From: Christopher Schultz
Sent: jueves, 20 de abril de 2023 09:21 a. m.
To: users@to
Thomas,
On 4/20/23 10:26, Thomas Hoffmann (Speed4Trade GmbH) wrote:
we are upgrading from Tomcat 10 to Tomcat 10.1
We are currently using
ServletFileUpload.isMultipartContent(request)
(from org.apache.tomcat.util.http.fileupload.servlet.ServletFileUpload)
It seems that the whole Servlet was re
Jon,
On 4/20/23 10:12, jonmcalexan...@wellsfargo.com.INVALID wrote:
Since TLS 1.2 and 1.3 don't/can't play well with each other (no mixed
mode)
What do you mean by this?
[...] is it best to have a TLS 1.2 connector and a separate TLA 1.3
connector on a different port, or just go to a TLS 1.3
Pratik,
On 4/20/23 03:35, pratik.kulka...@shell.com.INVALID wrote:
I guess you're right, Tomcat 9 allocates less default memory compared to Tomcat
8; I checked our logs and below are the memory parameters which seem to be
passed in,
Tomcat 9 -
14-Apr-2023 02:47:55.567 INFO [main]
org.apache
Hello,
we are upgrading from Tomcat 10 to Tomcat 10.1
We are currently using
ServletFileUpload.isMultipartContent(request)
(from org.apache.tomcat.util.http.fileupload.servlet.ServletFileUpload)
It seems that the whole Servlet was removed in Tomcat 10.1
https://github.com/apache/tomcat/tree/main
Hiya,
Just trying to see if I'm thinking straight.
Since TLS 1.2 and 1.3 don't/can't play well with each other (no mixed mode), is
it best to have a TLS 1.2 connector and a separate TLA 1.3 connector on a
different port, or just go to a TLS 1.3 connector and hope for backward compat?
Wanting t
Thanks Chris,
I guess you're right, Tomcat 9 allocates less default memory compared to Tomcat
8; I checked our logs and below are the memory parameters which seem to be
passed in,
Tomcat 9 -
14-Apr-2023 02:47:55.567 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command li
26 matches
Mail list logo