-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert,
Robert Koberg wrote:
>
> On Feb 6, 2009, at 4:45 PM, Christopher Schultz wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Dave,
>>
>> Dave Pawson wrote:
>>> Only one aspect of security Rob.
>>> As needed I'll look at others
2009/2/7 André Warnier :
> You may even find a ready-made servlet filter that could do that (and many
> other things besides) here :
> http://www.tuckey.org/urlrewrite/
Looks useful. Tks
>
> A servlet filter does not modify (or require you to modify) the application
> in any way; it just sees the
Dave Pawson wrote:
Rob, Christopher, Andre.
Thanks for the input.
As I said to Rob, security is not an issue at the present time.
There is no value in the content returned by the 'server' / end point;
I'm not trying to make it secure. Just respond less than
I otherwise might.
Ok, then let me ma
Rob, Christopher, Andre.
Thanks for the input.
As I said to Rob, security is not an issue at the present time.
There is no value in the content returned by the 'server' / end point;
I'm not trying to make it secure. Just respond less than
I otherwise might.
Thanks for the 'lecture' Andre. I now ap
On Feb 6, 2009, at 4:45 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave,
Dave Pawson wrote:
Only one aspect of security Rob.
As needed I'll look at others later.
Can you suggest alternatives to achieve what I want, rather than
something else?
Instead of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave,
Dave Pawson wrote:
> Only one aspect of security Rob.
> As needed I'll look at others later.
> Can you suggest alternatives to achieve what I want, rather than something
> else?
Instead of using "Accept" header with a magic content-type, how a
Dave Pawson wrote:
2009/2/6 Caldarale, Charles R :
From: Dave Pawson [mailto:dave.paw...@gmail.com]
Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
place to constrain the mime type?
Unless the client specifies that one single mime
type (and no other), I want to reject it
Unless you
Dave Pawson wrote:
Thanks Andre. That paints a good picture!
Only generality I'd like to add. The "general purpose" of my-app web.xml and
'all apps' web.xml. Is it TC 'configuration' (Chaz isn't going to like
that, but I
do like an overview, even if it's only 80%). I'm saying config, since
it pr
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
> 2.4 final or
> 2.5 maint release.
>
> which is TC 6 compliant to please?
RTFM:
http://tomcat.apache.org/
It's on the
2009/2/6 Caldarale, Charles R :
>> From: Dave Pawson [mailto:dave.paw...@gmail.com]
>> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
>> place to constrain the mime type?
>>
>> ? Unclear why Charles?
>
> 1) Filter specifications are documented.
>
2009/2/6 Robert Koberg :
>>> Which is a good reason not to use a valve. Unless you need access to
>>> Tomcat internals, use a filter.
>>
>> ? Unclear why Charles?
>>
>> To make it 'filter' all server traffic?
>> AFAIK I don't need access to any internals.
>
> You seem to be making this much more
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
>
> ? Unclear why Charles?
1) Filter specifications are documened.
2) Filters are not subject to change with every Tomcat release
On Feb 6, 2009, at 10:20 AM, Dave Pawson wrote:
2009/2/6 Caldarale, Charles R :
From: Dave Pawson [mailto:dave.paw...@gmail.com]
Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
place to constrain the mime type?
I'm coming down in favour of a valve, rather than a filter,
to ma
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> >> I'm coming down in favour of a valve, rather than a filter,
> >> to make it container specific,
> >
> > Which is a good reason not to use a valve. Unless you need
> access to Tomcat internals, use a filter.
>
> ? Unclear why Charles?
>
> To m
2009/2/6 Caldarale, Charles R :
>> From: Dave Pawson [mailto:dave.paw...@gmail.com]
>> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
>> place to constrain the mime type?
>>
>> I'm coming down in favour of a valve, rather than a filter,
>> to m
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
>
> I'm coming down in favour of a valve, rather than a filter,
> to make it container specific,
Which is a good reason not
2009/2/6 Caldarale, Charles R :
>> From: Dave Pawson [mailto:dave.paw...@gmail.com]
>> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
>> place to constrain the mime type?
>>
>> Unless the client specifies that one single mime
>> type (and no other)
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
> Is it TC 'configuration' I'm saying config, since
> it provides response mime types, params etc.
Strictly speaking,
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
>
> Unless the client specifies that one single mime
> type (and no other), I want to reject it
Unless you have an extremely spe
Thanks Andre. That paints a good picture!
Only generality I'd like to add. The "general purpose" of my-app web.xml and
'all apps' web.xml. Is it TC 'configuration' (Chaz isn't going to like
that, but I
do like an overview, even if it's only 80%). I'm saying config, since
it provides
response mime
Well, I'n not Chuck, but to answer your question:
On Fri, Feb 6, 2009 at 11:39 AM, Dave Pawson wrote:
>
> Is a filter the right TC tool for that Charles?
>
Yes
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
g
2009/2/5 Caldarale, Charles R :
>> From: Dave Pawson [mailto:dave.paw...@gmail.com]
>> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
>> place to constrain the mime type?
>>
>> Unless the client requests application/xml I want to refuse the
>>
> From: André Warnier [mailto:a...@ice-sa.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
> (*) Of course if the browser is IE, it doesn't matter anyway,
> because IE will not believe what the server tells it and do
> i
Dave Pawson wrote:
Hi Rob
2009/2/5 Robert Koberg :
On Feb 5, 2009, at 1:28 PM, Caldarale, Charles R wrote:
From: Dave Pawson [mailto:dave.paw...@gmail.com]
Subject: TC6 ${CATALINA_HOME}/conf/web.xml Is this the place
to constrain the mime type?
Just to clear up your question above : no
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: Re: TC6 ${CATALINA_HOME}/conf/web.xml Is this the
> place to constrain the mime type?
>
> Unless the client requests application/xml I want to refuse the
> request.
I don't think you quite appreciate the situati
Hi Rob
2009/2/5 Robert Koberg :
>
> On Feb 5, 2009, at 1:28 PM, Caldarale, Charles R wrote:
>
>>> From: Dave Pawson [mailto:dave.paw...@gmail.com]
>>> Subject: TC6 ${CATALINA_HOME}/conf/web.xml Is this the place
>>> to constrain the mime type?
>>>
>
On Feb 5, 2009, at 1:36 PM, Dave Pawson wrote:
2009/2/5 Caldarale, Charles R :
From: Dave Pawson [mailto:dave.paw...@gmail.com]
Subject: TC6 ${CATALINA_HOME}/conf/web.xml Is this the place
to constrain the mime type?
I want to 'reject' (if that's the right word) any http get
On Feb 5, 2009, at 1:28 PM, Caldarale, Charles R wrote:
From: Dave Pawson [mailto:dave.paw...@gmail.com]
Subject: TC6 ${CATALINA_HOME}/conf/web.xml Is this the place
to constrain the mime type?
I want to 'reject' (if that's the right word) any http get
with mime type != applic
2009/2/5 Caldarale, Charles R :
>> From: Dave Pawson [mailto:dave.paw...@gmail.com]
>> Subject: TC6 ${CATALINA_HOME}/conf/web.xml Is this the place
>> to constrain the mime type?
>>
>> I want to 'reject' (if that's the right word) any http get
>>
> From: Dave Pawson [mailto:dave.paw...@gmail.com]
> Subject: TC6 ${CATALINA_HOME}/conf/web.xml Is this the place
> to constrain the mime type?
>
> I want to 'reject' (if that's the right word) any http get
> with mime type != application/xml
Do you mean .html an
I want to 'reject' (if that's the right word) any http get
with mime type != application/xml
I see in web.xml in the conf directory
xml
application/xml
Is this the right place to do it please?
regards
--
Dave Pawson
XSLT XSL-FO FAQ.
Docbook FAQ.
http://www.dpawson.co.u
31 matches
Mail list logo
