Re: Tomcat Large Payload Truncated

2020-06-29 Thread Bhavesh Mistry
Hi Mark, Thank you for responding. I have one more question. This is spring-boot 2 application REST API server and it does not accept Cookie or session (timeout is set to zero).Auth happens through Authorized header. We have set 10mb for maxPostSize. Does maxSavePostSize takes precedence

Re: Tomcat 9.0.36 - JDK 13/14

2020-06-29 Thread Kiran Badi
Hi Mark, It does not log any errors. Just reverted back to the JDK1.8 version and tried to recreate the issue. I can recreate it. I had a doubt that the logging configuration might have messed up, so had to create a sample war file to check this. Anyone can try this and see if it works for them.

Re: Tomcat 9.0.36 - JDK 13/14

2020-06-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Kiran, On 6/26/20 22:01, Kiran Badi wrote: > we fixed the issue Mark. > > Actually tomcat was running on JDK 1.8 and applications were built > using JDK 13/14.So when they were deployed to tomcat running with > 1.8, they were giving 404. > > Now

Re: Tomcat session replication

2020-06-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Thomas, On 6/27/20 05:52, Thomas Meyer wrote: > Am 27. Juni 2020 11:29:03 MESZ schrieb Mark Thomas > : >> On 27/06/2020 10:19, Thomas Meyer wrote: >>> Hi, >>> >>> A few questions regarding tomcat session replication: >> >> load-balancing and

Re: Tomcat session replication

2020-06-29 Thread Thomas Meyer
Am 29. Juni 2020 22:54:12 MESZ schrieb Christopher Schultz : >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA256 > >Thomas, Hi, > >On 6/27/20 05:52, Thomas Meyer wrote: >> Am 27. Juni 2020 11:29:03 MESZ schrieb Mark Thomas >> : >>> On 27/06/2020 10:19, Thomas Meyer wrote: Hi, A few

Re: Small patch for mod_proxy_ajp

2020-06-29 Thread Thomas Meyer
Am 29. Juni 2020 22:13:10 MESZ schrieb Christopher Schultz : >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA256 > >All, > >IMO mod_proxy_balancer is missing an important feature, and that's the >ability to tell the back-end Tomcat node the current status of the >worke >r. Why would a tomcat

Re: How to encrypt db password in tomcat context.xml

2020-06-29 Thread Carsten Klein
Hi Jürgen and Olaf, I can really understand Jürgen's intentions. The core problem is not security but administrators and so called security panels in "professional" (non-open source related) companies. I really know this from my own experiences. Maybe that's a German problem, since Germans are

Re: How to encrypt db password in tomcat context.xml

2020-06-29 Thread Rémy Maucherat
On Mon, Jun 29, 2020 at 8:03 AM Carsten Klein wrote: > Hi Jürgen and Olaf, > > I can really understand Jürgen's intentions. The core problem is not > security but administrators and so called security panels in > "professional" (non-open source related) companies. I really know this > from my

Announcing ApacheCon @Home 2020

2020-06-29 Thread Rich Bowen
Hi, Apache enthusiast! (You’re receiving this because you’re subscribed to one or more dev or user mailing lists for an Apache Software Foundation project.) The ApacheCon Planners and the Apache Software Foundation are pleased to announce that ApacheCon @Home will be held online, September

RE: Tomcat Connector issue

2020-06-29 Thread George Stanchev
I am sorry, but any ideas how to approach this? I have eliminated the possibility that the client is dropping the connection so it must be something within IIS/Win. Switching to keep_alive=true and HSE_REQ_SEND_RESPONSE_HEADER_EX did not make a difference. In the logs, occasionally I see a

RE: How to encrypt db password in tomcat context.xml

2020-06-29 Thread jonmcalexander
I've written my own vadmin.sh and a vadmin.exe file to take the place of the vault.sh/vault.bat file, just to make things easier here. Just starting testing with some of our app teams before determining if we will move forward with it or not. Dream * Excel * Explore * Inspire Jon McAlexander

Re: AJP error using mod_proxy__ajp

2020-06-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I believe I have determined the cause (or at least the fix) for this: Despite the mod_proxy_ajp documentation, it is using packets larger than 8192 bytes. Setting this on the Tomcat resolves the problem: packetSize="65536" I don't see

RE: How to encrypt db password in tomcat context.xml

2020-06-29 Thread jonmcalexander
-Original Message- From: Rémy Maucherat Sent: Monday, June 29, 2020 1:58 AM To: Tomcat Users List Subject: Re: How to encrypt db password in tomcat context.xml On Mon, Jun 29, 2020 at 8:03 AM Carsten Klein wrote: > Hi Jürgen and Olaf, > > I can really understand Jürgen's intentions.

RE: How to encrypt db password in tomcat context.xml

2020-06-29 Thread Pesonen, Harri
I have implemented a Tomcat vault as well, it is basically a simplified version of https://github.com/web-servers/tomcat-vault My version does not have keystore, so it is much easier to use. It would be great if Tomcat would have this functionality built-in somehow. -Harri -Original

Re: AJP error using mod_proxy__ajp (conclusion: user error)

2020-06-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 6/29/20 12:22, Christopher Schultz wrote: > I believe I have determined the cause (or at least the fix) for > this: > > Despite the mod_proxy_ajp documentation, it is using packets > larger than 8192 bytes. > > Setting this on the Tomcat

Small patch for mod_proxy_ajp

2020-06-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, IMO mod_proxy_balancer is missing an important feature, and that's the ability to tell the back-end Tomcat node the current status of the worke r. I've filed an enhancement in Bugzilla (https://bz.apache.org/bugzilla/show_bug.cgi?id=64338)

Re: Tomcat session replication

2020-06-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 6/27/20 05:29, Mark Thomas wrote: > On 27/06/2020 10:19, Thomas Meyer wrote: >> Hi, >> >> A few questions regarding tomcat session replication: > > load-balancing and session replication are two separate parts of > an overall clustering