Re: ELB Creating Multiple Sessions with Every Ping

Yuval, On 2/8/16, 6:57 AM, "Christopher Schultz" wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >Yuval, > >On 2/7/16 2:27 AM, Yuval Schwartz wrote: >> tomcat version: 8.0.22 java: jdk1.8.0_05 server: amazon linux ami >> >> This might be outside the

Re: Tomcat 8 Chunked Encoding

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Theo, On 2/8/16 10:17 AM, Theo Sweeny wrote: > Hello All - I'm running Tomcat 8.0.21 on Linux 64x and there is a > recent issue where clients making requests and declaring the header > - Transfer-Encoding:chunked, have their connections hang, with no

Re: ELB Creating Multiple Sessions with Every Ping

On Mon, Feb 8, 2016 at 6:53 PM, Peter Rifel wrote: > Yuval, > > > > On 2/8/16, 6:57 AM, "Christopher Schultz" > wrote: > > >-BEGIN PGP SIGNED MESSAGE- > >Hash: SHA1 > > > >Yuval, > > > >On 2/7/16 2:27 AM, Yuval Schwartz wrote: > >> tomcat

[ANN] Apache Tomcat 9.0.0.M3 available

The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.0.M3. Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language and Java WebSocket technologies. Apache Tomcat 9.0.0.M3 is a milestone release

Re: Fwd: NoClassDefFoundError during graceful shutdown

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hrishikesh, On 2/8/16 9:50 AM, Christopher Schultz wrote: > Hrishikesh, > > On 2/6/16 1:17 PM, Hrishikesh Gadre wrote: >> Thanks for the reply. Let me try this out. But do you think its a >> bug in Tomcat ? > > No. There's nothing Tomcat can do

Re: Fwd: NoClassDefFoundError during graceful shutdown

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hrishikesh, On 2/8/16 9:50 AM, Christopher Schultz wrote: > Hrishikesh, > > On 2/6/16 1:17 PM, Hrishikesh Gadre wrote: >> Thanks for the reply. Let me try this out. But do you think its >> a bug in Tomcat ? > > No. There's nothing Tomcat can do

Re: Fwd: NoClassDefFoundError during graceful shutdown

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hrishikesh, On 2/6/16 1:17 PM, Hrishikesh Gadre wrote: > Thanks for the reply. Let me try this out. But do you think its a > bug in Tomcat ? No. There's nothing Tomcat can do about this, aside from allowing your application to load /more/ classes on

HSTS missing from HTTPS server on tomcat 8.0.27

Hi, We are unable to fix the vulnerability of "HSTS missing from HTTPS server" on apache tomcat 8.0.27 while running on unix operating system. Below is the system configuration: OS Name: HP-UX OS Version:B.11.31 Architecture: IA64N Java Home:

Re: 'javax.xml.parsers.FactoryConfigurationError: Provider for class javax.xml.parsers.DocumentBuilderFactory cannot be created' for Tomcat Valve

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chiranga, On 2/7/16 2:27 AM, Chiranga Alwis wrote: > I think OpenSAML seems to be using > org.apache.xerces.jaxp.DocumentBuilderFactoryImpl. I am actually > having this class within the lib folder of Tomcat. Replacing XML parsers within

Re: ELB Creating Multiple Sessions with Every Ping

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yuval, On 2/7/16 2:27 AM, Yuval Schwartz wrote: > tomcat version: 8.0.22 java: jdk1.8.0_05 server: amazon linux ami > > This might be outside the scope of this forum. I have an ELB > (Elastic Load Balancer) distributing load between two instances >

Tomcat 8 Chunked Encoding

Hello All - I'm running Tomcat 8.0.21 on Linux 64x and there is a recent issue where clients making requests and declaring the header - Transfer-Encoding:chunked, have their connections hang, with no obvious leads in the logs. I'm aware that up to version 8.0.9 there was a Tomcat vulnerability

RE: HSTS missing from HTTPS server on tomcat 8.0.27

Hello! Missing HSTS is not a vulnerability, as Mark pointed out, it is a feature. In your web.xml httpHeaderSecurity org.apache.catalina.filters.HttpHeaderSecurityFilter hstsEnabled true hstsMaxAgeSeconds

Re: HSTS missing from HTTPS server on tomcat 8.0.27

On 08/02/2016 14:49, dku...@ccilindia.co.in wrote: > Hi, > > We are unable to fix the vulnerability of "HSTS missing from HTTPS server" That is a not a security vulnerability. It is a configuration choice. > on apache tomcat 8.0.27 while running on unix operating system. Below is > the system

Having Java websocket server in tomcat handle ISO8859_1

I have an application that sends binary websocket messages between a class and the web application using a websocket server written in java. The data being sent from the java class is encoded in a binary buffer with the bytes in ISO8859_1. However, when I receive the bytes on the websocket server

RE: Relative redirects in light of recent changes

In Tomcat 7.0.67 with no "useRelativeRedirects" set on the context (which defaults it to "true"), I see GET http://hostname/myapp?m=n=p ==> 302: "login?a=b=d" Now, this is expected behavior given the fix for [1] [1] http://bz.apache.org/bugzilla/show_bug.cgi?id=56917 I reread

Re: Having Java websocket server in tomcat handle ISO8859_1

On 08/02/2016 18:41, Jason Ricles wrote: > I have an application that sends binary websocket messages between a > class and the web application using a websocket server written in > java. > > The data being sent from the java class is encoded in a binary buffer > with the bytes in ISO8859_1.

Re: Having Java websocket server in tomcat handle ISO8859_1

On 08.02.2016 20:27, Jason Ricles wrote: The message is built and sent in a javaclass connected to a websocket server for the web application also written in java then the message is passed to the webpage which uses javascript 1) on this list, do not "top post". See :

Re: Empty *jsp_java file after upgrade to Tomcat 8.0.26

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yasi, On 2/1/16 8:17 PM, Yasi Xi (yxi) wrote: > Hi, Dear Mark T and all > > Sorry to resend this mail. I don't quite understand Mark's comment > on this problem. > > WHAT IS THE PROBLEM > > I'm doing Tomcat upgrade for my J2EE server.

Re: Having Java websocket server in tomcat handle ISO8859_1

The message is built and sent in a javaclass connected to a websocket server for the web application also written in java then the message is passed to the webpage which uses javascript On Mon, Feb 8, 2016 at 2:25 PM, André Warnier (tomcat) wrote: > On 08.02.2016 19:41, Jason

Re: Having Java websocket server in tomcat handle ISO8859_1

On 08.02.2016 19:41, Jason Ricles wrote: I have an application that sends binary websocket messages between a class and the web application using a websocket server written in java. The data being sent from the java class is encoded in a binary buffer with the bytes in ISO8859_1. However, when

Relative redirects in light of recent changes

Hi, Recent changes to Tomcat altered the behavior of our applications a bit so I've got couple of questions. The versions in questions are 7.0.64 and 7.0.67. I am aware of which is also described in the changelog for 7.0.67. I have a filter acts on application "/myapp" that does a redirect in

Re: Having Java websocket server in tomcat handle ISO8859_1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, On 2/8/16 3:43 PM, Mark Thomas wrote: > On 08/02/2016 18:41, Jason Ricles wrote: >> I have an application that sends binary websocket messages >> between a class and the web application using a websocket server >> written in java. >> >> The

RE: Relative redirects in light of recent changes

Hi, Recent changes to Tomcat altered the behavior of our applications a bit so I've got couple of questions. The versions in questions are 7.0.64 and 7.0.67. I am aware of which is also described in the changelog for 7.0.67. I have a filter acts on application "/myapp" that does a redirect

Re: Relative redirects in light of recent changes

On 08/02/2016 21:55, George Stanchev wrote: > > > Hi, > > Recent changes to Tomcat altered the behavior of our applications a bit so > I've got couple of questions. The versions in questions are 7.0.64 and > 7.0.67. I am aware of which is also described in the changelog for 7.0.67. There are

Re: Having Java websocket server in tomcat handle ISO8859_1

On 08.02.2016 23:31, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, On 2/8/16 3:43 PM, Mark Thomas wrote: On 08/02/2016 18:41, Jason Ricles wrote: I have an application that sends binary websocket messages between a class and the web application using a