Re: CsrfPreventionFilter for REST

Violeta, > > > Hello, > > > > > > ** ** > > > > > > *Background information:* > > > > > > We are trying to protect our RESTful > > > APIs > > > from > > > CSRF attack. > > > > > > The current Tomcat’s CSRF protection filter

Multiple authentication-methods in single a web-app/web.xml

Hi, we are developing a tool with a central repository-server, communication is implementes based on apache-cxf. We use a legacy SOAP-based webservice with HTTP-transport and it worked fine with basic auth. Since we extended our server-side application with a rest-webservice we want to change

RE: Firefox SSL with APR - losing client certificate

Anyone with experience debugging SSL issues (with APR or from Firefox/Chrome side) ? David Balažic > -Original Message- > From: David Balažic [mailto:david.bala...@comtrade.com] > Sent: 10. September 2015 14:58 > To: users@tomcat.apache.org > Subject: RE: Firefox SSL with APR - losing

Re: Tomcat Session issue - Session not expiring on browser close event

Thanks Chris and David for reply. I did change the timeout values from 30 to 10. I have some workflow kind of screens,but I do not store work flows fields data in session. Session contains only attributes which are similar to ids. All data is persisted in the mysql database and I get the data