2014-06-18 10:45 GMT+04:00 Radha Krishna Meduri -X (radmedur - HCL
TECHNOLOGIES LIMITED at Cisco) :
> Hi Tomcat Users,
>
> We are using Tomcat 6.0.37 version. I have few questions regarding
> JSESSIONIDSSO cookie generated by tomcat.
> As you know, in general each cookie needs to set "httpOnly" an
Thanks Konstantin for your quick reply.
Actually Security Scanners are thinking that "secure" and "httpOnly" flag is
not set and raising as issue. I would like to set these values by overriding
"setHeader" or "addHeader" in the ResponseWrapper, but not working.
Do you have any idea how we can add
2014-06-14 17:30 GMT+04:00 Vimil Saju :
> Hi,
>
> I am using tomcat 7.0.52 and jdk 1.7.0_45. We have a web application which
> has its classpath configured in its own context xml file using
> virtualClasspath attribute of Loader tag. The webapp uses version 3.0 of
> web.xml, The classpath conta
2014-06-18 12:13 GMT+04:00 Radha Krishna Meduri -X (radmedur - HCL
TECHNOLOGIES LIMITED at Cisco) :
> Thanks Konstantin for your quick reply.
> Actually Security Scanners are thinking that "secure" and "httpOnly" flag is
> not set and raising as issue. I would like to set these values by overridin
Hello Chris,
Thank you for your answer.
> Apache ships with mod_evasive that allows you do this. I have used
this in the past with some success. The other alternative I am aware of
is to use mod_security.
It looks interesting.
> I am not aware of anything that will run directly in front of
2014-06-18 11:57 GMT+04:00 Konstantin Kolinko :
>>
>> HTTP/1.1 302 Found
>> Set-Cookie: JSESSIONIDSSO=CF7B7727443A3AAD1AC3AA033E4D98BE; Expires=Thu,
>> 01-Jan-1970 00:00:10 GMT
>> Pragma: No-cache
>> Cache-Control: no-cache
>> Expires: Thu, 01 Jan 1970 00:00:00 UTC
>> Set-Cookie: JSESSIONID=235F42
I recommend that, whatever settings you use, don't just set and forget
them. Monitor your memory usage and tune it to match the
characteristics of your load.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
D
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Konstantin,
On 6/18/14, 5:34 AM, Konstantin Kolinko wrote:
> 2014-06-18 11:57 GMT+04:00 Konstantin Kolinko
> :
>>>
>>> HTTP/1.1 302 Found Set-Cookie:
>>> JSESSIONIDSSO=CF7B7727443A3AAD1AC3AA033E4D98BE; Expires=Thu,
>>> 01-Jan-1970 00:00:10 GMT Prag
Hi,
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Wednesday, June 18, 2014 4:23 PM
> To: Tomcat Users List
> Subject: Re: Regarding JSESSIONIDSSO Cookie maintained by tomcat
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Konstan
please get me out of the mailist.Thank you.
-- Forwarded message --
From: Konstantin Preißer
Date: 2014-06-19 0:05 GMT+08:00
Subject: RE: Regarding JSESSIONIDSSO Cookie maintained by tomcat
To: Tomcat Users List
Hi,
> -Original Message-
> From: Christopher Schultz [mai
I am fairly new to configuring apache web servers. Currently, I have a
vanity url set up in an Apache Load Balancer and that goes to a WebLogic
Cluster running a portal website. I would like to redirect this url to an
antivirus server first. The antivirus server will do its thing and if it's
cle
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 6/18/2014 9:20 AM, Lou Henry wrote:
> I am fairly new to configuring apache web servers. Currently, I
> have a vanity url set up in an Apache Load Balancer and that goes
> to a WebLogic Cluster running a portal website. I would like to
> redirect
Thank you
On Wed, Jun 18, 2014 at 12:40 PM, Mark Eggers wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 6/18/2014 9:20 AM, Lou Henry wrote:
> > I am fairly new to configuring apache web servers. Currently, I
> > have a vanity url set up in an Apache Load Balancer and that goes
On May 21, I installed the windows service version of tomcat 8.0.5 in
order to test an application which required it.
I installed the version that creates a windows service named Tomcat8
I subsequently discovered the application was tested with tomcat7 so I
removed the service using "[CATALINA_HOM
> -Original Message-
> From: Gerry Matte [mailto:ge...@gerrymatte.ca]
> Sent: Wednesday, June 18, 2014 11:53 AM
> To: users@tomcat.apache.org
> Subject: Tomcat 8.0.5 Windows 7 service removal is incomplete
>
> On May 21, I installed the windows service version of tomcat 8.0.5 in
> order to
Thanks Jeffrey.
I managed to locate the Tomcat8 Windows Service using MSCONFIG.
I also discovered that the Tomcat installer installed to the default
location c:\Program Files (x86) in addition to the folder that I
specified as my preferred location. (As a java veteran I still never use
folde
On 6/17/2014 11:34 AM, David kerber wrote:
Running TC 7.0.54 as a service with JRE 7u60, on Windows Server 2008 R2.
What should I use as a guideline for setting the socketBuffer setting in
server.xml? Should it just be big enough to handle a single response
with a little headroom? Or does it h
Hi all,
We are having problem debugging our implementation of JDBCStore session
persistence. We followed guide from this post
http://www.intelligrape.com/blog/2010/07/21/tomcat-6-session-persistence-through-jdbcstore/
and it works in our local machine and our test servers. When we move it on
our p
18 matches
Mail list logo