Chris,
Weird, when going thru IIS to TC, it's not compressed:
HTTP/1.1 200 200
Content-Type: application/json;charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/10.0
Date: Fri, 23 Jul 2021 16:34:30 GMT
Content-Length: 3210105
That has likely nothing to do with TC. It's an IIS or
Sorry Mark, I've clicked the wrong button in my mail client :(
On 28.06.2021 15:29, Mark Thomas wrote:
Note that Tomcat 7 is no longer supported.
I guess it's nearly the same for all versions of Tomcat.
That looks more like some form of configuration issue but I always found the
Kerberos
Hi there,
I have two questions about Tomcat's Integrated Windows Authentication:
Tomcat is stuck on version 7.0.52 on an outdated Ubuntu 14.04 LTS.
1. useDelegatedCredential = true
I'm using JNDIRalm together with the SPNEGO authenticator. If the
Realm's option 'useDelegatedCredential' is
Roberto,
On 21.06.2021 18:31, Roberto Benedetti wrote:
Hello,
in our product we subclassed JNDIRealm to return a custom Principal with
attributes retrieved from Active Directory (bug 65391 is going to add support
for that).
We overrode authenticate(DirContext, String, String) to retrieve
Gustavo,
On 20.06.21 04:54, Gustavo Almeida wrote:
"Configuration Reference - The Manager Component" says:
"A Manager element MAY be nested inside a Context component. If it is not
included, a default Manager configuration will be created automatically"
My Context has no nested Manager
On 01/06/2021 10:18, Mark Thomas wrote:
I don't know if you can. I suspect not. By all means see if you can. I'm
mildly curious to find out the answer. Whether you can or not, you don't
need to.
I found nothing to re-trigger the Travis CI build so far. However, now
the CI test is
Mark,
On 01/06/2021 09:28, Mark Thomas wrote:
We have been seeing that a lot lately. As far as I can tell, it is an
issue with Travis CI.
Can you use the PR anyway? Can/must I re-trigger the Travis build?
Carsten
-
To
Mark,
On 01/06/2021 09:15, Mark Thomas wrote:
Start Tomcat with:
catalina jpda run
(or start but I typically use run as I nearly always want to see what is
logged to the console)
In Eclipse go to Debug > Debug Configurations > Remote Java Application
> New Configuration. Browse to the
Chris,
On 28/05/2021 23:16, Christopher Schultz wrote:
Yeah, about that...
https://openjdk.java.net/jeps/411
IMO this is a Bad Thing for Java. If someone was looking for a reason to
abandon the whole Java ecosystem, this would be it. Well, we had a good
run.
Now we can all run
Mark,
On 27/05/2021 18:56, Carsten Klein wrote:
Concerning removal of class UserDatabaseRealm.UserDatabasePrincipal:
I will provide a PR and file a corresponding issue in Bugzilla soon.
My PR and Bugzilla issue are present. However, Travis CI build failed
on arm64 architecture for the PR
Mark,
On 28/05/2021 10:35, Mark Thomas wrote:
No doubt that UTF-8 is the better encoding for messages and language
files. And yes, my Eclipse actually does not use the version built by
Ant. I use the start-tomcat.launch configuration file for starting
Tomcat. Actually it only takes a
Hi there,
I'm facing character set encoding problems in quite a recent Tomcat 10
setup. I noticed that with the http://localhost:8080/manager/html
application in a browser (my browser) set to German language.
My Tomcat runs from within Eclipse, built with the official build.xml
file. I'm
Chris, Mark,
On 27/05/2021 22:11, Christopher Schultz wrote:
After re-reading this, you mentioned reflection while asking how much we
trust in Collections.unmodifiableMap(). I didn't get that right, my bad.
However, I thought of reflection in order to implement a deep copy
mechanism.
Chris, Mark,
On 27/05/2021 22:11, Christopher Schultz wrote:
What's the primary use-case for these kinds of attributes?
This has been described in detail here:
http://mail-archives.apache.org/mod_mbox/tomcat-users/202104.mbox/ajax/%3Cb9a2a913-f00f-f5bf-ca05-8ea4f8663ca9%40datagis.com%3E
Mark,
On 27/05/2021 18:19, Mark Thomas wrote:
I will note that it isn't uncommon to have to log out and back in again
to pick up newly allocated groups/roles in other environments.
Yes, you are right. Didn't see it that way so far. We're talking about
live updates for a session during its
On 27/05/2021 10:59, Mark Thomas wrote:
As far as I can tell, removing UserDatabasePrincipal, relying on
GenericPrincipal and User remaining an internal object not exposed via
the Servlet API would achieve the same result with less code.
At this point I am looking for a reason not to
Hi Mark,
thanks for sharing your ideas :)
On 26/05/2021 19:56, Mark Thomas wrote:
Given that the attributes may well be security related, you would need
to make sure neither the Map nor any of the keys/values could be
modified. Protecting the Map is easy. Protecting the keys/values is a
Hi there,
as already discussed here:
http://mail-archives.apache.org/mod_mbox/tomcat-users/202104.mbox/ajax/%3Cb9a2a913-f00f-f5bf-ca05-8ea4f8663ca9%40datagis.com%3E
I'm implementing an enhancement for querying configurable extra user
attributes through some of the Realm classes from the "user
Hi there,
are there other comments on that? I'd like to implement this and want to
provide a CR On GitHub, if there is a fair chance, that this enhancement
will make it into Tomcat :)
Trying to summarize what has been discussed so far: (read the other
posts for more information)
The
Hi Olaf,
also, I only picked your statements for an answer.
On 08.04.21 13:53, Olaf Kock wrote:
It would be cool, absolutely.
Even cooler if "the desired extra attributes" could be agreed upon - or
even what would be desirable in user management (is user + roles enough?
That requires
Hi there,
from a servlet, the logged on user is represented by a Principal
instance, which has a getName() to get the logon name of that user. In
most cases, that is a more or less cryptic name like c.klein or m.scott.
Some of our customers like the name of the currently logged on user be
Guten Morgen Peter :)
Guten Morgen Carsten and All
[...]
I may add, that a French Café au lait (pronounced Olé, which is not French :-O
) is also an option.
Maybe my German coffee expertise is kind of narrow and shaped by
personal experience (having my coffee w/o milk)...
OLE? Isn't
(And dutch people. Where are they in this discussion by the way ? (but
they have only one type of coffee I think)).
Dutch people may only have one type of coffee (actually I don't know).
But remember, Dutch people have 'Coffee Shops' offering stuff far beyond
coffee... :) Is there a
Chris,
On 9/28/20 02:40, Christopher Schultz wrote:
Carsten,
On 9/27/20 05:53, Carsten Klein wrote:
Any comments on that? Is it worth preparing a PR?
Regular expressions are fairly expensive.
Yes, but my measurements of the HashSet-lookups were wrong, since
hashValue() of a String gets
Any comments on that? Is it worth preparing a PR?
Hi there,
I'd like to contribute a CORS filter enhancement, making it accept both
wildcard-based and 'regular expression'-based expressions for its
allowed origins list.
I know this from a project based on Jetty, which has support for, at
least, simple wildcard matching (*). Specifying
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
--
--
Mit freundlichen Grüßen
Carsten Klein
mail: c.kl...@datagis.com [mailto:c.kl...@datagis
Although I believe that buggy clients are no longer a problem today,
compression may introduce complications when Tomcat runs behind a
reverse proxy as it is often the case. If your front-end server (e.g.
Apache) needs to modify the responses (e.g. with mod_proxy_http), you'll
end up with a
Hi there,
what to do next to get things moving? Seems like there's nothing more to
implement for the addition right now. Should I just create a PR in the
apache/tomcat repository? And/or post some lines to the dev mailing list?
Carsten
Jonathan,
On Tue, Feb 18, 2020 at 5:29 PM Jonathan S. Fisher wrote:
For older versions of tomcat, I'd suggest adding an additional option that
causes GenericPrincipal to drop the password after authentication is
complete, by default if persistAuthentication is enabled, which alleviates
your
Chris,
there is a new PR #2, I messed up my branch and had to setup a new
one... Still a bit new to GIT...
https://github.com/cklein05/tomcat/pull/2
Actually, I decided to just add the String array. That's not too bad
either, right? Have a look at the latest code and comment in PR #2.
Hi there,
had to re-setup my branch... Nevertheless, updated PR is available now.
Some last things...
The pattern for default sessionAttributeValueClassNameFilter must even
be extended to match String arrays as well (roles are stored that way).
In order to keep the pattern smaller, one
Hi there,
most of the issues discussed with/suggested by Mark Thomas should be in
place now. The renamed PR should now show a much better code basis for
further discussions.
b) Please add a changelog entry for this addition.
Still looking for the change log file...
Carsten
j) At a minimum, new Manager attributes need to be added here:
https://github.com/apache/tomcat/blob/master/webapps/docs/config/manager.xml
Here's an online preview of the updated Manger documentation:
http://office.datagis.com/pub/tomcat-9.0.x/docs/config/manager.html
These are the
Open the pull request in your own fork... this link should work:
https://github.com/cklein05/tomcat/compare/cklein05:master...cklein05:session-manager-persist-authentication?expand=1
Done.
Carsten
-
To unsubscribe, e-mail:
Mark,
Please don't be put off by the number of comments and suggested changes.
I think the core idea is sound and meets a valid requirement that some
users have. To some extent, the volume of comments reflects that fact
I'm responding to a clear proposal and explanation. This is a good thing
in
On Tue, Feb 18, 2020 at 9:19 AM Carsten Klein wrote:
Rémy,
Can you describe an actual use case for this ? Without clustering, I
don't
understand why the auth persistence is useful at all [when using
clustering, the delta manager persists that auth information]. To be
honest, that's also
Rémy,
Can you describe an actual use case for this ? Without clustering, I don't
understand why the auth persistence is useful at all [when using
clustering, the delta manager persists that auth information]. To be
honest, that's also the case for session persistence itself, which does not
Jonathan,
I'm not quite sure whether it's not too early for a PR... :-) I was
waiting for some remarks on my code, prior to officially release a PR.
Can't you just do a Compare on GitHub?
Carsten
Can you open a PR so we can diff your changes? Very excited to see this! We
used a workaround
Hi there,
finally, I got my first Tomcat enhancement ready. You can view its code
at my Tomcat fork on GitHub:
https://github.com/cklein05/tomcat/tree/session-manager-persist-authentication
Before I'm opening an enhancement in Tomcat's Bugzilla, maybe, Mark and
Christopher (or whoever else
On 01/12/2019 23:04, Mark Thomas wrote:
I'm with you. And likely our setup is special in a way. However, I've
rarely seen that you have to re-enter credentials in a professional web
application like Google or Facebook, for example.
Yes. But if those apps were running on Tomcat I doubt
41 matches
Mail list logo
