Same here. I terminate all SSL in a load balancer and forward in the
clear back to 8080 or 8081. Application code is peppered non-standard
calls to see things set by a filter to see if it's considered secure
even though Tomcat thinks otherwise. In the more extreme case, I
could consider
.
Gregory Gerard schrieb:
I've got an F5 load balancer running version 9.3 of the software.
I've got several Tomcat installations behind it.
The F5 does all SSL and clear traffic as a reverse proxy, rewriting
headers as needed for cookies and whatnot.
I have one connector on 8080 for the clear
I've got an F5 load balancer running version 9.3 of the software.
I've got several Tomcat installations behind it.
The F5 does all SSL and clear traffic as a reverse proxy, rewriting
headers as needed for cookies and whatnot.
I have one connector on 8080 for the clear traffic.
My problem: I
thanks,
greg
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
that fits with what I saw as well.
A follow up question for 100: why does the spec define this at all and
why does Tomcat not let me work around it when it happily lets me
violate other parts of the spec?
greg
Len Popp wrote:
I'm not sure whether you mean the cookie or the URL parameter,
http://tomcat.apache.org/tomcat-5.5-doc/config/context.html
I can turn cookies on or off but I don't see a similar setting for
URL rewriting.
I've already made my peace with requiring cookies for other reasons.
Possible? Downsides?
I'm seeing a lot of double fetching of content (JavaScript
Same issue here. I had to go through some headache with the load
balancer to duplicate JSESSIONID cookies so they'd be on the domain
level and not just at the host level.
greg
On Feb 27, 2008, at 5:36 PM, Raul Acevedo wrote:
Our app server will be accessed through two different domains,
a very common and simple need.
Is there a simpler way?
Raul
On Wed, 2008-02-27 at 17:48 -0800, Gregory Gerard wrote:
Same issue here. I had to go through some headache with the load
balancer to duplicate JSESSIONID cookies so they'd be on the domain
level and not just at the host level.
greg
Look at the Host header to see how the browser addressed your
webserver and then you can specialize your output.
theHostString = theHttpServletRequest.getHeader(Host);
if (theHostString != null theHostString.trim().length ) {
if (theHostString.startsWith(sub1.)) {
doSub1Content(...);
} else
Hello,
I'm not certain if this message is more correctly posted to the TC
dev list but I think this is more of an end user of TC kind of
question...
I'd like to use a database to consolidate my access logs (many servers).
1. Performance impact? I don't know if the Valve have any ability
Hello,
I had a need for my JavaScript to know the pathing of the webapp it
came from and the most straightforward way was to use the JSP
processor on it.
This worked nicely.
However, I lost all the headers that allow the browser to cache the
contents.
I did my own hacky servlet filter
Tomcat 7.0.55 and 8.0.9 on Mac OS X Mavericks latest
I am doing server sent events with AsyncContext. Basic stuff is working.
I have set the timeout to be infinite so onTimeout() never happens. That’s fine
— I don’t mind hangers on in this case.
Testing with curl, I can get a constant stream
Root cause?
On Feb 28, 2015, at 15:20, Jaroslav Záruba jaroslav.zar...@gmail.com wrote:
Hello again :)
Apparently adding Connection: close header to my response prevents the
evil heaqder to be added.
And it turns out the header isn't the reason why EventSource receives the
message-less
I'm curious as well -- I ran into this too and the only work around I had was
to send a heartbeat which, if the client was gone, would complete the lifecycle
(server sent events in my particular case).
This was ugly and felt wrong so I'd love to know the right thing to do.
On Aug 25, 2015, at
14 matches
Mail list logo
