On 24/05/2024 19:28, Brandie Nickey wrote:
Hi all,
I am curious if there are any cons to deploying a webapp without using a war
file.
None.
If you deploy a WAR Tomcat will (by default) unpack it and run it from
the unpacked directory anyway. If you configure Tomcat to run from the
packed
On 24/05/2024 14:31, Jakub Królikowski wrote:
Hi Mark,
It seems to me that this can be tested on any application.
In Tomcat 10.1, if any session attribute is an instance of a new public
class (unknown to Tomcat and to Tomcat class loader), implementing
java.io.Serializable,
then on reloading
Hi Michael,
After re-reading my previous message, I realized it might have been ambiguous
regarding whether I observed caCertificatePath working with or without your
first posted file set from
http://home.apache.org/~michaelo/issues/tomcat/openssl-crash/. To clarify, it
was indeed your first
Hi all,
I am curious if there are any cons to deploying a webapp without using a war
file. Our web app has just always traditionally been 'unzipped' as a set of
folders within the Tomcat/webapps/ROOT directory. However I have been doing
some troubleshooting using procmon.exe from
On Fri, May 24, 2024 at 11:23 AM Mark Thomas wrote:
> Can you provide the simplest web application (with source) that
> replications the problem?
>
> Mark
>
>
> On 23/05/2024 23:45, Jakub Królikowski wrote:
> > Hi,
> >
> > I'm working with Tomcat 10.1.
> >
> > When a user starts using the store
Can you provide the simplest web application (with source) that
replications the problem?
Mark
On 23/05/2024 23:45, Jakub Królikowski wrote:
Hi,
I'm working with Tomcat 10.1.
When a user starts using the store in my web application, I save the
ShopCart object on the "cart" session
On 23/05/2024 17:01, Jerry Malcolm wrote:
I have some servlets that I can't put security constraints on at the
web.xml level. However, deep down in the code there are some places
that I need a user to be logged in. My overall UI ensures this all
works by having certain JSPs with constraints
Hi,
I'm working with Tomcat 10.1.
When a user starts using the store in my web application, I save the
ShopCart object on the "cart" session attribute.
I want the "cart" attributes to return to the session after restarting the
app.
To enable session persistence I added
to the Context. It
I have some servlets that I can't put security constraints on at the
web.xml level. However, deep down in the code there are some places
that I need a user to be logged in. My overall UI ensures this all
works by having certain JSPs with constraints that force the user to log
in before
And the winner is: Chuck
I tried Chrome (instead of the Corporate mandated browser Edge) and I was right
away challenged for credentials.
Thanks for all those who responded.
From: Chuck Caldarale
Sent: Wednesday, May 22, 2024 4:36 PM
To: Tomcat Users List
Subject: {EXTERNAL} Re: Tomcat
> On May 22, 2024, at 13:31, Garber, Frank
> wrote:
>
> Not knowing how it’s supposed to behave, here’s another clue. When I click on
> the “Server Status” button, I never get prompted for credentials.
This sounds like a browser configuration problem. On the first attempt to
access a
Not knowing how it’s supposed to behave, here’s another clue. When I click on
the “Server Status” button, I never get prompted for credentials. Is it a
permissions problem on the server itself. Like the server doesn’t have rights
to the HTML pages?
Thanks in advance,
From: Garber, Frank
Sent:
I’m not sure how the URLs got munged up.
What I have on my side is valid XML, so I’m not worried about that. I’m really
just concerned that the following isn’t working:
Thanks in advance,
From: Chuck Caldarale
Sent: Wednesday, May 22, 2024 2:16 PM
To: Tomcat Users List
> On May 22, 2024, at 10:51, Garber, Frank
> wrote:
>
> I've just installed Tomcat 9.0.89.
> Tomcat runs, and I can get to the console at http://localhost:8080/ but, when
> I click on "Server Status" I get the 401 Unauthorized page.
> I've been editing the conf\tomcat-users.xml file
Hello Group,
I've just installed Tomcat 9.0.89.
First a the first few lines on the Catalina log:
NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED
--add-opens=java.base/java.io=ALL-UNNAMED
--add-opens=java.base/java.util=ALL-UNNAMED
Hello Chris,
Separate server.xml files means that you have to have two separate
Tomcat processes.
--> ofcourse, we defined two seperate processes for it but still there was
some bug with Tomcat as the webpage is fluctuatiting.
The best fix is to deploy the two applications normally without any
On 2024/05/22 00:05:18 Andy Arismendi wrote:
> Hi Micheal, you had asked to try these -
> http://home.apache.org/~michaelo/issues/tomcat/openssl-crash/. I replaced my
> files with these but Tomcat failed to start at this point with this message -
>
> 22-May-2024 00:02:30.808 INFO [main]
Michael, good news, it’s working now. Issue was on my end, was using a custom
OpenSSL installer that was built with FIPS and it had also put the two openssl
lib DLLs in Window System32, after fixing that Tomcat started without JVM crash
with caCertificatePath set in server.xml.
Thanks!
-Andy
On 2024/05/22 00:05:18 Andy Arismendi wrote:
> Hi Micheal, you had asked to try these -
> http://home.apache.org/~michaelo/issues/tomcat/openssl-crash/. I replaced my
> files with these but Tomcat failed to start at this point with this message -
>
> 22-May-2024 00:02:30.808 INFO [main]
On 2024/05/21 18:04:18 Christopher Schultz wrote:
> Michael,
>
> On 5/21/24 03:32, Michael Osipov wrote:
> > On 2024/05/20 13:30:43 Christopher Schultz wrote:
> >> Michael,
> >>
> >> On 5/20/24 06:52, Michael Osipov wrote:
> >>> On 2024/05/17 15:11:58 Christopher Schultz wrote:
> Michael,
>
Hi Micheal, you had asked to try these -
http://home.apache.org/~michaelo/issues/tomcat/openssl-crash/. I replaced my
files with these but Tomcat failed to start at this point with this message -
22-May-2024 00:02:30.808 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing
Michael,
On 5/21/24 03:32, Michael Osipov wrote:
On 2024/05/20 13:30:43 Christopher Schultz wrote:
Michael,
On 5/20/24 06:52, Michael Osipov wrote:
On 2024/05/17 15:11:58 Christopher Schultz wrote:
Michael,
On 5/17/24 03:42, Michael Osipov wrote:
On 2024/05/16 21:37:34 Christopher Schultz
Hello,
On 5/18/24 23:40, DdC wrote:
Gave up on installing 9.0.88. on Win10.
Why did you give up? ZIP installation is a single command (either via
CMD or UI shell). EXE installer is pretty straightforward, too. There's
also a third-party installer that has a few more features including the
On Tue, May 21, 2024 at 9:33 AM Michael Osipov wrote:
>
> On 2024/05/20 13:30:43 Christopher Schultz wrote:
> > Michael,
> >
> > On 5/20/24 06:52, Michael Osipov wrote:
> > > On 2024/05/17 15:11:58 Christopher Schultz wrote:
> > >> Michael,
> > >>
> > >> On 5/17/24 03:42, Michael Osipov wrote:
>
On 2024/05/20 13:30:43 Christopher Schultz wrote:
> Michael,
>
> On 5/20/24 06:52, Michael Osipov wrote:
> > On 2024/05/17 15:11:58 Christopher Schultz wrote:
> >> Michael,
> >>
> >> On 5/17/24 03:42, Michael Osipov wrote:
> >>> On 2024/05/16 21:37:34 Christopher Schultz wrote:
> Michael,
>
Michael,
On 5/20/24 06:52, Michael Osipov wrote:
On 2024/05/17 15:11:58 Christopher Schultz wrote:
Michael,
On 5/17/24 03:42, Michael Osipov wrote:
On 2024/05/16 21:37:34 Christopher Schultz wrote:
Michael,
On 5/16/24 12:00, Michael Osipov wrote:
On 2024/05/16 15:55:04 Andy Arismendi
On 2024/05/17 15:11:58 Christopher Schultz wrote:
> Michael,
>
> On 5/17/24 03:42, Michael Osipov wrote:
> > On 2024/05/16 21:37:34 Christopher Schultz wrote:
> >> Michael,
> >>
> >> On 5/16/24 12:00, Michael Osipov wrote:
> >>> On 2024/05/16 15:55:04 Andy Arismendi wrote:
> Ok great! Thank
n82...@gmail.com
Dear Chuck Caldarale,
THANKS for your help/ rolling up the sleeves now.
Some of us have just given up on Windows entirelySure.I have installed
tomcat also on two unix boxes among which ubuntu,2019 before the transition now
required.Dealing here with a legacy situation.[[[
> On May 18, 2024, at 22:40, DdC wrote:
>
> Gave up on installing 9.0.88. on Win10.
Some of us have just given up on Windows entirely…
> Succeeded with 10.1.23 andjdk-18.0.2.1.The lib directory has j2ee.jar, which
> I have used in earliertomcat versions.
Not lately. I can’t recall when
Dear Tomcatters,
Gave up on installing 9.0.88. on Win10. Succeeded with 10.1.23
andjdk-18.0.2.1.The lib directory has j2ee.jar, which I have used in
earliertomcat versions.Compilation of a system was OK apart from some warnings
because Java haschanged since the code was written.There is a
Michael,
On 5/17/24 03:42, Michael Osipov wrote:
On 2024/05/16 21:37:34 Christopher Schultz wrote:
Michael,
On 5/16/24 12:00, Michael Osipov wrote:
On 2024/05/16 15:55:04 Andy Arismendi wrote:
Ok great! Thank you for taking the time and making the effort to look into this
Michael, much
Hello all.
I have a question about connection close header in http/1.1 protocol.
While configure k8s environment run Spring Boot Server with Application
Load Balancer(a.k.a ALB)
I heard there are chance to client can get 503 from ALB.
ALB are communicating with a pod using HTTP/1.1 in my case.
On 2024/05/16 21:37:34 Christopher Schultz wrote:
> Michael,
>
> On 5/16/24 12:00, Michael Osipov wrote:
> > On 2024/05/16 15:55:04 Andy Arismendi wrote:
> >> Ok great! Thank you for taking the time and making the effort to look into
> >> this Michael, much appreciated!
> >
> > Here is a
Lavanya,
On 5/15/24 09:09, lavanya tech wrote:
Hi Chris,
If i remove this from server.xml file i have the below error.
Message java.lang.NoClassDefFoundError: org/towl/indexer/web/Prefix
Description The server encountered an unexpected condition that prevented
it from
Lavanya,
On 5/15/24 09:09, lavanya tech wrote:
Hi Chris,
If i remove this from server.xml file i have the below error.
Message java.lang.NoClassDefFoundError: org/towl/indexer/web/Prefix
Description The server encountered an unexpected condition that prevented
it from
Michael,
On 5/16/24 12:00, Michael Osipov wrote:
On 2024/05/16 15:55:04 Andy Arismendi wrote:
Ok great! Thank you for taking the time and making the effort to look into this
Michael, much appreciated!
Here is a dynamically linked, patched version until there is an official
release:
On 2024/05/16 15:55:04 Andy Arismendi wrote:
> Ok great! Thank you for taking the time and making the effort to look into
> this Michael, much appreciated!
Here is a dynamically linked, patched version until there is an official
release:
Ok great! Thank you for taking the time and making the effort to look into this
Michael, much appreciated!
-Andy
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail:
On 2024/05/15 20:35:08 Michael Osipov wrote:
> On 2024/05/15 14:41:43 Michael Osipov wrote:
> > Good news. I can reproduce on Windows:
> > 15-May-2024 16:40:31.092 INFORMATION [main]
> > org.apache.coyote.AbstractProtocol.init Initialisiere
> > ProtocolHandler["https-openssl-apr-18444"]
> >
On 2024/05/15 14:41:43 Michael Osipov wrote:
> Good news. I can reproduce on Windows:
> 15-May-2024 16:40:31.092 INFORMATION [main]
> org.apache.coyote.AbstractProtocol.init Initialisiere
> ProtocolHandler["https-openssl-apr-18444"]
> 15-May-2024 16:40:31.144 WARNUNG [main]
>
> You need to do what the instructions state: create a FIFO and specify its
> name in the CATALINA_OUT variable. For example, do
Ah, yes,
mkfifo catalina.out
fixed it for me. I had no idea what a fifo is, now I knew.
Kind regards
> On May 15, 2024, at 12:43, Peter Rader wrote:
>
> my catalina.out is getting bigger and bigger.
(I should Insert a philosophical discussion on not using stdout for application
logging here, but I’ll leave that for some other time.)
> In order to have smaller catalina.out I noticed this
Hi,
my catalina.out is getting bigger and bigger.
In order to have smaller catalina.out I noticed this environment-variable:
CATALINA_OUT_CMD
Inside the catalina.sh is documented:
# CATALINA_OUT_CMD (Optional) Command which will be executed and receive
# as its stdin the
Good news. I can reproduce on Windows:
15-May-2024 16:40:31.092 INFORMATION [main]
org.apache.coyote.AbstractProtocol.init Initialisiere
ProtocolHandler["https-openssl-apr-18444"]
15-May-2024 16:40:31.144 WARNUNG [main]
org.apache.tomcat.util.net.SSLUtilBase.getEnabled Tomcat interprets the
Hi Chris,
>
If i remove this from server.xml file i have the below error.
Message java.lang.NoClassDefFoundError: org/towl/indexer/web/Prefix
Description The server encountered an unexpected condition that prevented
it from fulfilling the request.
Exception
Ah wasn’t sure if attachments worked, log content information below. Yea the
docs just say directory for trusted CA PEM certificates.
TOMCAT DOCS
https://tomcat.apache.org/tomcat-9.0-doc/config/http.html: caCertificatePath
(OpenSSL only) Name of the directory that contains the certificates
Lavanya,
On 5/15/24 04:43, lavanya tech wrote:
Though to write you privately, regaridng the tomcat url redirection as
the mail chain is getting more big big
It's better to post to the list, so anyone in your situation can learn
from it.
Let me know if its fine for you and here is what I
On 2024/05/15 01:51:41 Andy Arismendi wrote:
> ADDITIONAL ENVIRONMENT INFO UPDATE:
>
> libtcnative: org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> Loaded Apache Tomcat Native library [1.3.0] using APR version [1.7.4].
>
> CRASH LOG
>
> See enclosed: hs_err_pid4464.log
>
>
On 2024/05/14 20:27:02 Christopher Schultz wrote:
>
>
> On 5/14/24 15:23, Andy Arismendi wrote:
> > Sure thing -
> >
> > ADDITIONAL ENVIRONMENT INFO:
> >
> > libtcnative: tcnative-1.dll is included in the Tomcat 9.0.89 64-bit Windows
> > zip download, not sure about the version...
> > OpenSSL
On 2024/05/15 01:51:41 Andy Arismendi wrote:
> ADDITIONAL ENVIRONMENT INFO UPDATE:
>
> libtcnative: org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
> Loaded Apache Tomcat Native library [1.3.0] using APR version [1.7.4].
>
> CRASH LOG
>
> See enclosed: hs_err_pid4464.log
ADDITIONAL ENVIRONMENT INFO UPDATE:
libtcnative: org.apache.catalina.core.AprLifecycleListener.lifecycleEvent
Loaded Apache Tomcat Native library [1.3.0] using APR version [1.7.4].
CRASH LOG
See enclosed: hs_err_pid4464.log
c_rehash.pl
I didn’t have perl, tried strawberry perl, it didn’t
Lavanya,
On 5/14/24 15:11, lavanya tech wrote:
You are right. We need aliasing here which means the URL in the browser
does not change.
May I know where should I put the below rewrite files ?
# Redirect everything that is not server.lbg.com to
# server.lbg.com. Don't worry about /towl yet.
On 5/14/24 15:23, Andy Arismendi wrote:
Sure thing -
ADDITIONAL ENVIRONMENT INFO:
libtcnative: tcnative-1.dll is included in the Tomcat 9.0.89 64-bit Windows zip
download, not sure about the version...
OpenSSL version: 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024) (with
FIPS
On 2024/05/14 19:23:47 Andy Arismendi wrote:
> Sure thing -
>
> ADDITIONAL ENVIRONMENT INFO:
>
> libtcnative: tcnative-1.dll is included in the Tomcat 9.0.89 64-bit Windows
> zip download, not sure about the version...
> OpenSSL version: 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
Sure thing -
ADDITIONAL ENVIRONMENT INFO:
libtcnative: tcnative-1.dll is included in the Tomcat 9.0.89 64-bit Windows zip
download, not sure about the version...
OpenSSL version: 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024) (with
FIPS 140-2)
Regarding expecting a directory of
Hi Chris,
You are right. We need aliasing here which means the URL in the browser
does not change.
May I know where should I put the below rewrite files ?
# Redirect everything that is not server.lbg.com to
# server.lbg.com. Don't worry about /towl yet.
RewriteCond %{HTTP_HOST}
On 2024/05/14 18:21:36 Andy Arismendi wrote:
> Hi, just ran into this today. The JVM is crashing when caCertificatePath is
> added to server.xml. I tried the latest Zulu JRE 8 and 11 but still had the
> crash.
>
>
> ENVIRONMENT
>
> Tomcat: 9.0.89 (64-bit Windows zip)
> OS: Windows Server 2019
Hi, just ran into this today. The JVM is crashing when caCertificatePath is
added to server.xml. I tried the latest Zulu JRE 8 and 11 but still had the
crash.
ENVIRONMENT
Tomcat: 9.0.89 (64-bit Windows zip)
OS: Windows Server 2019
JVM:
openjdk version "1.8.0_322"
OpenJDK Runtime Environment
Lavanya,
On 5/14/24 09:12, lavanya tech wrote:
IMHO removing the port number is always the preferred solution — I never
did it
can we achieve this with tomcat or we need to setup an reverse proxy here.
Your application uses whatever internal URLs it wants. Are you building
those yourself,
Hi Chris,
>
> IMHO removing the port number is always the preferred solution — I never
> did it
>
>>
>> can we achieve this with tomcat or we need to setup an reverse proxy here.
>>
>
> Your application uses whatever internal URLs it wants. Are you building
> those yourself, or are you asking
Lavanya,
On 5/14/24 03:47, lavanya tech wrote:
Hi Chris,
Tried the below steps. I have the redirection working. But the URL is not
in the browser anymore.
1)
2) /conf/Catalina/localhost --> I added the below in rewrite.config
RewriteCond %{HTTP_HOST} ^example\.lbg\.com$
Hi Chris,
Tried the below steps. I have the redirection working. But the URL is not
in the browser anymore.
1)
2) /conf/Catalina/localhost --> I added the below in rewrite.config
RewriteCond %{HTTP_HOST} ^example\.lbg\.com$
RewriteCond %{REQUEST_URI} !^/towl$
RewriteRule
Hi Chris,
Sorry, If I did confuse. It’s important that
https://server.lbg.com:8443/towl is always working. Goal is not to disable
/towl, but just redirect or aliasing
https//example.lbg.com/ to https://server.lbg.com:8443/towl
Thanks,
Lavanya
On Monday, May 13, 2024, Christopher Schultz
Lavanya,
On 5/13/24 05:57, lavanya tech wrote:
Somehow made it work now i can only access urls as you mentioned before
https://example.lbg.com and https://server.lbg.com with port 8443 and with
out
https://example.lbg.com/towl and https://server.lbg.com/towl --> I have an
error now File not
Kalaivani,
On 5/13/24 06:13, GANESAN, Kalaivani wrote:
I have a question regarding upgrading to 9.0.86.
The current version is 9.0.8 and needs to be upgraded to 9.0.86.
We have apache tomcat running in our openptk servers.
Do you have any detailed steps on the process?
We have downloaded
Hi,
I have a question regarding upgrading to 9.0.86.
The current version is 9.0.8 and needs to be upgraded to 9.0.86.
We have apache tomcat running in our openptk servers.
Do you have any detailed steps on the process?
We have downloaded apache-tomcat-9.0.86.tar.gz.
Thanks,
Kalaivani G
Hi Chris,
Somehow made it work now i can only access urls as you mentioned before
https://example.lbg.com and https://server.lbg.com with port 8443 and with
out
https://example.lbg.com/towl and https://server.lbg.com/towl --> I have an
error now File not found.
So i think we need to make work
Hi Chris,
Where are you defining the RewriteValve itself?
Defined rewritevalve here
resource="conf/rewrite.config" />
2) reated rewrite.config and added as below under conf/
RewriteCond %{REQUEST_URI} ^/towl/(.*)
RewriteRule ^/towl/(.*)
Lavanya,
On 5/10/24 06:03, lavanya tech wrote:
If we create new java.filter as below then we can redirect the urls ?
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import
Lavanya,
On 5/10/24 04:37, lavanya tech wrote:
I tried the below and have the issues.
1)proxyPort="443" and proxyName="example.lbg.com" to the connector
2) remanmed towl.war to ROOT.war
3) created rewrite.config and added as below under conf/
Where are you defining the RewriteValve itself?
Hi Chris,
If we create new java.filter as below then we can redirect the urls ?
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebFilter("/*")
public
Hi Chris,
I tried the below and have the issues.
1)proxyPort="443" and proxyName="example.lbg.com" to the connector
2) remanmed towl.war to ROOT.war
3) created rewrite.config and added as below under conf/
RewriteCond %{REQUEST_URI} ^/towl/(.*)
RewriteRule ^/towl/(.*) https://example.lbg.com/%1
Lavanya,
On 5/9/24 13:48, lavanya tech wrote:
Thank you so much for your explanation. I will try these options.
Do server and example both resolve to the same IP?
-yes
Good, that significantly reduces the complexity required, since you can
do it will a single process (Tomcat) in a
Hi Chris,
Thank you so much for your explanation. I will try these options.
Do server and example both resolve to the same IP?
-yes
So I need follow both 4a/b and 5a/b steps here or any of them ?
If I setup exactly by using below steps , then I should access both the
urls right ?
Mark and Chuck,
On 5/9/24 09:35, Chuck Caldarale wrote:
You need the web.xml entries because you have extra configuration
items (the settings) that aren’t part of the
default JSP servlet definition.
+1
If you didn't need to upload files to your JSP, you wouldn't have needed
any of this in
Lavanya,
On 5/9/24 02:58, lavanya tech wrote:
Just giving background again of this topic again.
1) The application team who is working they wanted to access the url
https://server.lbg.com:8443/towl —> which should redirect or point to
https://example.lbg.com
Is that a typo? You want
> On May 9, 2024, at 01:25, Mark Foley wrote:
>
>> Does the JSP need to reference the "program" (servlet?) at all?
> The program, as shown above didn'twork at all until I put that servlet
> definition on WEB-INF/web.xml, so I suppose the answer is "yes". As to why, I
> have not a clue.
A
Hi Chris,
Thanks.
Just giving background again of this topic again.
1) The application team who is working they wanted to access the url
https://server.lbg.com:8443/towl —> which should redirect or point to
https://example.lbg.com
Is that a typo? You want specifically
On 5/7/2024 4:52 PM, Christopher Schultz wrote:
Mark,
On 5/3/24 12:16, Mark Foley wrote:
On 4/23/24 18:44, Chuck Caldarale wrote:
uploadfile
uploadfile
/schDistImportResults.jsp
The first servlet is named “uploadfile”.
On Apr 23, 2024, at 12:42, Mark Foley wrote:
Now I
Lavanya,
On 5/8/24 06:48, lavanya tech wrote:
I figured out how I can it make it work with 443. Now the URls are working.
I added iptables route 443 to 8443 and it started working.
nslookup example.lbg.com
Non-authoritative answer:
Name:server.lbg.com
Address: 192.168.200.105
Aliases:
Hello Chris,
I figured out how I can it make it work with 443. Now the URls are working.
I added iptables route 443 to 8443 and it started working.
nslookup example.lbg.com
Non-authoritative answer:
Name:server.lbg.com
Address: 192.168.200.105
Aliases: example.lbg.com
I have some
Joey,
On 5/7/24 10:50, Joey Cochran wrote:
Coud this be the culprit ?
${CATALINA_BASE}/conf/context.xml
Possible, but the report was that every single request generates a new
JSESSIONID, not that every session seems to have expired and needs to be
re-initialized.
Mark,
On 5/3/24 12:16, Mark Foley wrote:
On 4/23/24 18:44, Chuck Caldarale wrote:
uploadfile
uploadfile
/schDistImportResults.jsp
The first servlet is named “uploadfile”.
On Apr 23, 2024, at 12:42, Mark Foley wrote:
Now I need to add another program to the system that
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 9.0.89.
Apache Tomcat 9 is an open source software implementation of the Java
Servlet, JavaServer Pages, Java Unified Expression Language, Java
WebSocket and JASPIC technologies.
Apache Tomcat 9.0.89 is a bugfix and
Coud this be the culprit ?
${CATALINA_BASE}/conf/context.xml
From: Hamdan Khan
Sent: Tuesday, May 7, 2024 9:09 AM
To: users@tomcat.apache.org
Subject: [EXTERNAL] RE: After Windows Server Restart, tomcat generating New
JSESSIONID even with
Thank you Mark,
We have har files when the server is in error state, it shows that the
jsessionid is sent in request.
*Is there a reverse proxy in the mix?*
No. we directly access tomcat.
*Are you using sessions at all*
Yes, we are using the default tomcat session in debugger it says
We need to split between constrained and unconstrained delegation. Let's stay
with uncontrained, simplest one.
For that to happen you need:
* Enable it for the service account (acceptor side)
* Set the delegate flag (also there is a policy) on the security context
(initiator side)
Try again.
On 06/05/2024 11:05, Hamdan Khan wrote:
Hello everyone,
We're having a problem with Tomcat on Windows servers. It only happens when:
Tomcat is running as a service (automatically started by Windows).
The Windows server automatically restarts for updates.
After the restart, Tomcat starts
Hello everyone,
We're having a problem with Tomcat on Windows servers. It only happens when:
Tomcat is running as a service (automatically started by Windows).
The Windows server automatically restarts for updates.
After the restart, Tomcat starts creating new session IDs for
every request, even
On 4/23/24 18:44, Chuck Caldarale wrote:
uploadfile
uploadfile
/schDistImportResults.jsp
The first servlet is named “uploadfile”.
On Apr 23, 2024, at 12:42, Mark Foley wrote:
Now I need to add another program to the system that does file uploads. I
created another
Thanks for the reply Michael,
I'm trying to achieve retrieving delegated credentials. I'm confused by the
debug output because I'm being told that authentication succeeded but no
indication of why I'm not receiving delegated credentials other than there
are none.I have looked over the delegation
Hi,
I think in the end it boils down to something very simple (and probably very
complicated from another perpsective ): Can the id of a piece of software be
used to find vulnerabilities?
In the context of this mailing list and the example you brought up with
defaulting to pkg:maven, the
Just as an FYI that we established an official TG (Task Group) for
PURL in yesterdays Ecma TC54 (CycloneDX) meeting:
https://docs.google.com/document/d/1BkBd4PRhpP_u1WO_GueYB89vehT_HPKgFMMfbTuKWV4/edit#heading=h.si64e7edhupe
This will take a bit to get set up but this may be something some
people
Thanks for bringing this up! The topic of software (artifact)
identification is indeed a tricky one. CPEs have long been the main
contender, but are not great for the SBOM (and 'vulnerability scanning'
based on SBOMs) use case because CPE allocations need through the NVD CPE
team, and generally
On 2024/05/02 19:20:59 Tom Delaney wrote:
> Hi All,
>
> Sorry for the duplicate requests. The first one was accidentally flagged
> for Google's new Confidential Mode which happened to be flagged.
> I have a red hat 9.2 server hosting a web application on a single instance
> of Apache Tomcat. This
Hi All,
Sorry for the duplicate requests. The first one was accidentally flagged
for Google's new Confidential Mode which happened to be flagged.
I have a red hat 9.2 server hosting a web application on a single instance
of Apache Tomcat. This instance is behind an apache HTTP server on version
Tom Delaney has sent you an email via Gmail confidential mode:
[image: Gmail logo]Re: SPNEGO GSSCaller {UNKNOWN} No Delegated Creds
On 02/05/2024 06:15, Piyush Sharma wrote:
Hi,
How to forward custom headers from frontend tomcat to backend tomcat witn
mod_jk?
When using mod_jk the front end is always httpd, not Tomcat.
You don't need to do anything. mod_jk passes all the http headers it
receives.
*Scenario :*
1.
Hi,
How to forward custom headers from frontend tomcat to backend tomcat witn
mod_jk?
*Scenario :*
1. APP1 : Apache (mod_jk) + Tomcat
2. APP2 : Apache (mod_jk) + Tomcat
Now, when a user accesses APP1 it add fews headers via SSO app user details
etc..
I can see in Tomcat logs as by adding
Tom Delaney has sent you an email via Gmail confidential mode:
[image: Gmail logo]SPNEGO GSSCaller {UNKNOWN} No Delegated Creds
1 - 100 of 137158 matches
Mail list logo
