Re: Let's Encrypt with Tomcat?

2019-12-27 Thread Alex O'Ree
i use letsencrypt with tomcat. i adopted a cronjob/bash script that auto renews the cert before expiration, it then stops tomcat, refreshes the jks files, then restarts tomcat. yeah it's down time, but it is minimal and it works On Thu, Dec 26, 2019 at 7:49 PM James H. H. Lampert <

Re: Intermittent JSP Caching/Compiling Issue while under load

2019-11-04 Thread Alex O'Ree
Sounds a lot like the issue I reported a few months ago On Mon, Nov 4, 2019, 3:12 PM Tim K wrote: > On Mon, Nov 4, 2019, 10:30 AM Mark Thomas wrote: > > > > > Thanks. That helps as it means the issue should be reproducible on a > > single, stand-alone instance. > > > > Mark > > > > I was

Re: user self registration/account creation

2019-10-08 Thread Alex O'Ree
thanks i'll look into it On Mon, Oct 7, 2019 at 3:36 AM Mark Thomas wrote: > On 06/10/2019 20:31, Alex O'Ree wrote: > > i have a password protected web app and would like to provide users with > > the ability to self register for a new account. looks like the easiest

user self registration/account creation

2019-10-06 Thread Alex O'Ree
i have a password protected web app and would like to provide users with the ability to self register for a new account. looks like the easiest way to do this with tomcat is with a jdbc realm to protect the web app and anonymous access to the self registration app. a few questions on this. is

Re: Is it possible to disable JMX?

2019-08-26 Thread Alex O'Ree
you may have to edit catalina.bat and add --no-jmx to the command line On Mon, Aug 26, 2019 at 2:05 PM Pascal Schumacher wrote: > |Hi, > > according to https://tomcat.apache.org/tomcat-9.0-doc/changelog.html it > should be possible to disable JMX when using Tomcat 9.0.20+. > > I tried different

Re: how to enable OCSP for Tomcat w OpenSSL

2019-08-01 Thread Alex O'Ree
This thread was super useful. thanks for sharing On Wed, Apr 17, 2019 at 3:29 PM John Palmer wrote: > I'm still struggling with getting APR/OpenSSL to do the OCSP check. > > I'd appreciate some tips: > versions: Java 8 (1.8.0_202), 64-bit, tomcat 8.5.38, APR 1.2.21 > using APR/OpenSSL (the

Re: on 8.5.40, random tmpFile.renameTo with jsp files

2019-06-11 Thread Alex O'Ree
jsps, now it's closer to 1 of 400. Definitely better, but is it because of the update to the newer code base or is it due to the code change i made. I'll do some more experiments tomorrow to try and narrow it down On Mon, Jun 10, 2019 at 3:32 PM Alex O'Ree wrote: > > Anything unusual

Re: on 8.5.40, random tmpFile.renameTo with jsp files

2019-06-10 Thread Alex O'Ree
Yes I can give it a try. > One more idea. Virus scanner locking files? I've seen it on systems with and without a/v. On the system with it, I was able to temporarily disable it but still got on the tmp.rename error. On Mon, Jun 10, 2019 at 2:48 PM Mark Thomas wrote: > On 10/06/2019 12:08, Alex

Re: on 8.5.40, random tmpFile.renameTo with jsp files

2019-06-10 Thread Alex O'Ree
BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 6/10/19 03:20, Mark Thomas wrote: > > On 07/06/2019 15:35, Alex O'Ree wrote: > >> HTTP Status 500 – Internal Server Error Type Exception Report > >> > >> Message Unable to compile c

Re: on 8.5.40, random tmpFile.renameTo with jsp files

2019-06-10 Thread Alex O'Ree
I am on windows 7. Same partition as the os. On Mon, Jun 10, 2019, 3:20 AM Mark Thomas wrote: > On 07/06/2019 15:35, Alex O'Ree wrote: > > HTTP Status 500 – Internal Server Error > > Type Exception Report > > > > Message Unable to compile class for JSP > > >

Re: on 8.5.40, random tmpFile.renameTo with jsp files

2019-06-07 Thread Alex O'Ree
: > On 06/06/2019 20:38, Alex O'Ree wrote: > > I've upgraded from .34 to .40 somewhat recently (on windows) and have > been > > getting random errors rendering jsp pages recently. The trace is always > > related to jasper failing to rename a file. I'm not really sure what the

on 8.5.40, random tmpFile.renameTo with jsp files

2019-06-06 Thread Alex O'Ree
I've upgraded from .34 to .40 somewhat recently (on windows) and have been getting random errors rendering jsp pages recently. The trace is always related to jasper failing to rename a file. I'm not really sure what the issue is. Has anyone seen this or something similar? Usually retrying the

Re: Jmx example for adding or removing users?

2019-05-10 Thread Alex O'Ree
the answer is no but I may have missed something. Can anyone confirm this? On Fri, May 10, 2019 at 7:07 AM Alex O'Ree wrote: > Ahh i missed the exception, had the logs redirected. thanks > > On Fri, May 10, 2019 at 3:46 AM Mark Thomas wrote: > >> On 10/05/2019 03:45

Re: Jmx example for adding or removing users?

2019-05-10 Thread Alex O'Ree
Ahh i missed the exception, had the logs redirected. thanks On Fri, May 10, 2019 at 3:46 AM Mark Thomas wrote: > On 10/05/2019 03:45, Alex O'Ree wrote: > > Well less than perfect. Tomcat out of the box is setup with the users xml > > file. What's ex

Re: Jmx example for adding or removing users?

2019-05-09 Thread Alex O'Ree
i missing something? On Fri, Apr 26, 2019 at 7:14 PM Alex O'Ree wrote: > Ahh perfect, thanks. > > On Fri, Apr 26, 2019 at 12:34 PM Mark Thomas wrote: > >> On 26/04/2019 12:11, Alex O'Ree wrote: >> > I am looking for a way to programmatically add or remove user accou

Re: Jmx example for adding or removing users?

2019-04-26 Thread Alex O'Ree
Ahh perfect, thanks. On Fri, Apr 26, 2019 at 12:34 PM Mark Thomas wrote: > On 26/04/2019 12:11, Alex O'Ree wrote: > > I am looking for a way to programmatically add or remove user accounts > > using tomcats user xml file as a store without restarting tomcat. Can > this >

Jmx example for adding or removing users?

2019-04-26 Thread Alex O'Ree
I am looking for a way to programmatically add or remove user accounts using tomcats user xml file as a store without restarting tomcat. Can this be done using jmx?

Re: JMS Testing

2018-12-17 Thread Alex O'Ree
JMS is a programming api that is an abstraction for a messaging service. There's a bunch of implementations of the JMS API, such like car's have the same human to car interface (steering wheel, pedals, etc), however there's tons of types and manufacturers. Tomcat serves up web content. Some JMS

Re: [SECURITY] CVE-2018-11784 Apache Tomcat - Open Redirect

2018-10-18 Thread Alex O'Ree
Roger that, thanks On Thu, Oct 18, 2018, 9:38 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 10/18/18 11:08, Alex O'Ree wrote: > > Basically. I start with the tomcat distro, apply m

Re: [SECURITY] CVE-2018-11784 Apache Tomcat - Open Redirect

2018-10-18 Thread Alex O'Ree
AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 10/14/18 18:06, Alex O'Ree wrote: > > Is there perhaps a patch that can be applied or better yet, a list > > of jars that are wer

Re: [SECURITY] CVE-2018-11784 Apache Tomcat - Open Redirect

2018-10-14 Thread Alex O'Ree
Is there perhaps a patch that can be applied or better yet, a list of jars that are were affected by this? (I'm just trying to find a simple way to patch a large volume of servers) On Wed, Oct 10, 2018 at 10:23 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED

Re: Tomcat with half open tcp sockets

2018-10-04 Thread Alex O'Ree
Sorry, mobile typo. Soap stack, as in cxf, axis, sun jaxws ri On Thu, Oct 4, 2018, 12:57 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 10/3/18 20:25, Alex O'Ree wrote: > > T

Re: Tomcat with half open tcp sockets

2018-10-03 Thread Alex O'Ree
< ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 9/29/18 08:31, Alex O'Ree wrote: > > Does tomcat detect or mitigate against half open tcp connections? > > Not directly. Basically, that's the OS's job

Tomcat with half open tcp sockets

2018-09-29 Thread Alex O'Ree
Does tomcat detect or mitigate against half open tcp connections? I recently ran into an issue where something in between a java jaxws client and a jaxws service running in tomcat is interfering with the tcp stream. Resolving this client side has been a challenge due the transmitting thread

websocket endpoints not released

2018-08-31 Thread Alex O'Ree
I ran into a strange issue today. Running tomcat 8.5 with a websocket endpoint + some javascript to wire up a browser to the socket. All works as normal, however sometimes if the user refreshes the browser, it seems as if second web socket is opened by the browser. This leads to the user seeing

Re: org.apache.tomcat.jdbc.pool casting to original connection class

2018-08-28 Thread Alex O'Ree
>From what i understand, the postgres jdbc driver does support reading/writing from a result set or command via a input or output stream, however from my testing, it looks like it just buffers the whole thing in memory. I actually had one case where i was able to insert 1.2GB of content into a

Re: org.apache.tomcat.jdbc.pool casting to original connection class

2018-08-27 Thread Alex O'Ree
I'm storing large files. Postgres has a limit for blobs and uses a different api for larger stuff. Cut off is 1gb On Mon, Aug 27, 2018, 7:19 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > >

Re: org.apache.tomcat.jdbc.pool casting to original connection class

2018-08-27 Thread Alex O'Ree
I figured it out. Classpath issue. I had the postgres driver in my web app and in tomcat's lib folder. Removing from the web app fixed it. On Mon, Aug 27, 2018 at 9:47 AM Alex O'Ree wrote: > Unfortunately, it's not working. I've tried unwrap for both > org.postgresql.jdbc.PgConnection (co

Re: org.apache.tomcat.jdbc.pool casting to original connection class

2018-08-27 Thread Alex O'Ree
Unfortunately, it's not working. I've tried unwrap for both org.postgresql.jdbc.PgConnection (concrete class) and org.psotgresql.PGConnection (interface) and both of them fail to unwrap. Any other suggestions? On Sun, Aug 26, 2018 at 10:04 AM Alex O'Ree wrote: > Perfect, thanks > > On

Re: org.apache.tomcat.jdbc.pool casting to original connection class

2018-08-26 Thread Alex O'Ree
Perfect, thanks On Fri, Aug 24, 2018, 5:05 PM Torsten Krah wrote: > The isWrapperFor(..) and unwrap(..) methods on the connection API should > work for this. >

org.apache.tomcat.jdbc.pool casting to original connection class

2018-08-24 Thread Alex O'Ree
I have a use case where i need to downcast a pooled database connection down to the native class that is in use for the driver. Unfortunately I don't see any APIs that I can use to do this. Is there any backdoors or mechanisms I can use? Background, I'm using postgres with tomcat 8.5 and need to

Re: user lockout realm, logging ip addresses

2018-08-18 Thread Alex O'Ree
, 2018 at 9:58 AM, Alex O'Ree wrote: > after looking at the code, it's not a simple 1 liner and would require a > number of api changes. I was able to get it working, but it is a large > change set. Anyone that extends or builds a custom one of these: > -Realm > -AuthenticatorBase

Re: user lockout realm, logging ip addresses

2018-08-18 Thread Alex O'Ree
impact. I'm not sure how this community feels about API changes and backwards compatibility. For the PR, do you all have a branch naming strategy? On Sat, Aug 18, 2018 at 8:20 AM, Alex O'Ree wrote: > Cool beans. I can do a PR if there's interest. > > On Sat, Aug 18, 2018 at 7:59 AM, Ch

programmatically adding new users to tomcat-users.xml

2018-08-18 Thread Alex O'Ree
I'd like to provide users a mechanism to create their own user accounts via browser instead of requiring access to the server + editing xml files. I found this solution here https://stackoverflow.com/a/39770319/1203182 and i found the APIs here

Re: user lockout realm, logging ip addresses

2018-08-18 Thread Alex O'Ree
Cool beans. I can do a PR if there's interest. On Sat, Aug 18, 2018 at 7:59 AM, Christopher Schultz < ch...@christopherschultz.net> wrote: > Mark and Alex, > > > On Aug 18, 2018, at 05:46, Mark Thomas wrote: > > > >> On 18/08/18 10:36, Olaf Kock wrote: > >

user lockout realm, logging ip addresses

2018-08-17 Thread Alex O'Ree
Is it possible to configure the user lockout realm to log what ip address the failed login attempt came from? I know the information needed will also be in the access log but added it to the "attempt to login from a locked account" message would be super helpful. Would it be more advisable to

Re: Programmatically unlocking an account?

2018-08-13 Thread Alex O'Ree
No problem. Thanks! On Mon, Aug 13, 2018, 3:52 AM Mark Thomas wrote: > On 13/08/18 00:32, Alex O'Ree wrote: > > Thanks everyone. Would it be possible to get this backported to 8.5? > > Done. Although I'm afraid it just missed the cut for the 8.5.33 release. > It will be

Re: Programmatically unlocking an account?

2018-08-12 Thread Alex O'Ree
Thanks everyone. Would it be possible to get this backported to 8.5? On Tue, Jun 26, 2018 at 12:17 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 6/25/18 8:49 PM, Alex O'Ree wrote: >

Re: Requirements for servlet session attributes?

2018-07-03 Thread Alex O'Ree
" wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alex, On 7/1/18 7:48 AM, Alex O'Ree wrote: > I was working on attempting to increase performance on a web app > which calls a jaxws service on behalf of the user. The process for > creating the jaxws client is somewhat slow so

Requirements for servlet session attributes?

2018-07-01 Thread Alex O'Ree
I was working on attempting to increase performance on a web app which calls a jaxws service on behalf of the user. The process for creating the jaxws client is somewhat slow so I was to try and cache the the jaxws client object as an HTTP session attribute. It doesn't work for some reason. What

Re: tomcat with laptop + windows sleep

2018-06-28 Thread Alex O'Ree
I also see a lot of jdbc/my name is not bound in this context. Unable to find jdbc On Thu, May 24, 2018, 5:30 PM Alex O'Ree wrote: > Yes it is a tomcat managed data source with postgres. The cpu usage is my > app trying to get a managed data source. Perhaps the jdbc driver is the &

Re: tomcat with laptop + windows sleep

2018-06-28 Thread Alex O'Ree
un 3, 2018 at 11:13 AM, Alex O'Ree wrote: > I did not copy any tomcat specific jars. I have validation queries > implemented programmatically. > > On Sun, Jun 3, 2018 at 8:44 AM, Felix Schumacher internetallee.de> wrote: > >> >> >> Am 02.06.2018 um 20:51 schrieb Al

Re: Programmatically unlocking an account?

2018-06-25 Thread Alex O'Ree
D MESSAGE- > Hash: SHA256 > > Alex, > > On 6/25/18 3:24 PM, Alex O'Ree wrote: > > Is it possible to programmatically unlock an account that's been > > locked via the lockoutrealm and the simple xml user store? > > Regardless of the user-storage mechanism, the

Programmatically unlocking an account?

2018-06-25 Thread Alex O'Ree
Is it possible to programmatically unlock an account that's been locked via the lockoutrealm and the simple xml user store? If so, how?

Re: tomcat with laptop + windows sleep

2018-06-03 Thread Alex O'Ree
I did not copy any tomcat specific jars. I have validation queries implemented programmatically. On Sun, Jun 3, 2018 at 8:44 AM, Felix Schumacher < felix.schumac...@internetallee.de> wrote: > > > Am 02.06.2018 um 20:51 schrieb Alex O'Ree: > >> I think I've narrowed it d

Re: tomcat with laptop + windows sleep

2018-06-02 Thread Alex O'Ree
: > > > Am 24. Mai 2018 23:30:10 MESZ schrieb Alex O'Ree : > >Yes it is a tomcat managed data source with postgres. The cpu usage is > >my > >app trying to get a managed data source. Perhaps the jdbc driver is the > >issue. .. > > Care to post your configuration? Ma

Re: tomcat with laptop + windows sleep

2018-05-24 Thread Alex O'Ree
-- > Hash: SHA256 > > Alex, > > On 5/22/18 7:39 PM, Alex O'Ree wrote: > > I've noticed a behavioral difference from tomcat 7 to 8.5. In v7, I > > used to be able to put a computer to "sleep" with tomcat running. > > On resume, everything would be just fin

tomcat with laptop + windows sleep

2018-05-22 Thread Alex O'Ree
I've noticed a behavioral difference from tomcat 7 to 8.5. In v7, I used to be able to put a computer to "sleep" with tomcat running. On resume, everything would be just fine. On tomcat 8.5, i'm noticing that all database connections are basically dropped and do not appear to to restart/resume

Re: Tomcat Silent Remote Uninstall - How to do it?

2018-04-20 Thread Alex O'Ree
Pretty sure there is a script in the bin folder that can be ran from an elevated the command line. Something like 'service install', then call 'net start tomcat8' On Fri, Apr 20, 2018 at 4:53 PM, < ross.a.reichenber...@wellsfargo.com.invalid> wrote: > Hello, > I need to know how to silently

Re: User session validation

2018-03-29 Thread Alex O'Ree
Thanks for the info On Thu, Mar 29, 2018, 12:30 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 3/28/18 7:20 PM, Alex O'Ree wrote: > > Does tomcat do any validation on session id's

User session validation

2018-03-28 Thread Alex O'Ree
Does tomcat do any validation on session id's based on up addresses? I'm thinking that if some one intercepts the session token and tries to use it from another ip address, then it's feasible to detect this and invalidate the session.

Re: Tomcat shutdown, webapp vs database pools

2018-03-17 Thread Alex O'Ree
Thanks for the info. I'll investigate further into the listeners. On Sat, Mar 17, 2018 at 4:27 AM, Mark Thomas <ma...@apache.org> wrote: > On 16/03/18 22:42, Alex O'Ree wrote: > > I have a war file that defines a context.xml file, some cxf based web > > services and a few o

Tomcat shutdown, webapp vs database pools

2018-03-16 Thread Alex O'Ree
I have a war file that defines a context.xml file, some cxf based web services and a few other background tasks using quartz that are initialized in a servlet context listener. When tomcat shuts down, it appears that tomcat stops the database connection pool before the cxf services or the quartz

Re: intermittent connectivity failure under ssl

2018-03-09 Thread Alex O'Ree
, you'll need a windows box to replicate (x64) On Fri, Mar 9, 2018 at 3:01 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 3/9/18 2:50 PM, Mark Thomas wrote: > > On 09/03/18 19:39, Alex

Re: intermittent connectivity failure under ssl

2018-03-09 Thread Alex O'Ree
that comes with the windows build of tomcat has something wrong with it. On Mon, Mar 5, 2018 at 9:29 AM, Alex O'Ree <spyhunte...@gmail.com> wrote: > thanks. what else could be cause this? Chrome says error empty response > frequently > > On Mon, Mar 5, 2018 at 9:27 AM,

Re: intermittent connectivity failure under ssl

2018-03-05 Thread Alex O'Ree
thanks. what else could be cause this? Chrome says error empty response frequently On Mon, Mar 5, 2018 at 9:27 AM, Rémy Maucherat <r...@apache.org> wrote: > On Mon, Mar 5, 2018 at 2:59 PM, Alex O'Ree <alexo...@apache.org> wrote: > > > I may be on to something. I found

Re: intermittent connectivity failure under ssl

2018-03-05 Thread Alex O'Ree
be related to the problem as it looks like the protocol attribute must be one of HTTP/1.1, etc. Assuming this is the issue, which attribute can i used to specify my overridden class? On Fri, Mar 2, 2018 at 1:58 PM, Alex O'Ree <alexo...@apache.org> wrote: > Remy, what more information

Re: intermittent connectivity failure under ssl

2018-03-02 Thread Alex O'Ree
Remy, what more information would you like? Any more info on the issue that you are referencing? On Fri, Mar 2, 2018 at 10:56 AM, Rémy Maucherat <r...@apache.org> wrote: > On Fri, Mar 2, 2018 at 4:19 PM, Alex O'Ree <alexo...@apache.org> wrote: > > > Ran into a strange pr

intermittent connectivity failure under ssl

2018-03-02 Thread Alex O'Ree
Ran into a strange problem, not too sure what the problem is. Basically, I'm getting intermittent connectivity from a http client to tomcat but only through SSL using the Http11NioProtocol. Some http requests go through, others fail with the stack trace below. Usually, restarting tomcat fixes it,

SSL: Unexpected end of file from server

2018-03-01 Thread Alex O'Ree
I have a CXF web service client accessing a CXF SOAP service running in tomcat. I'm seeing intermitent issues only when using SSL and I'm not entirely sure why. The client logs the following SocketException: Unexpected end of file from server at sun.net.www.http.Client.parseHTTPHeader I'm using

Re: No reliable way to know if the request emerged from localhost

2018-02-27 Thread Alex O'Ree
I think this means, no remote http access, but allow admins remote desktop access. Once in a local desktop sessions, allow the http access since the request comes from local host This issue is get remote address usually returns a non loop back ip address, even if the url was to localhost On

Re: using default cacerts AND custom keystore

2018-02-21 Thread Alex O'Ree
anything related to SSL, key stores, trust stores, X509 certificates, etc will do that to you! On Mon, Feb 19, 2018 at 9:16 AM, Chris Cheshire wrote: > On Fri, Feb 16, 2018 at 2:11 PM, Christopher Schultz > wrote: > > -BEGIN PGP SIGNED

Possibility of simplifying a UI vs services war setup

2018-02-21 Thread Alex O'Ree
Hi everyone, yet another email. I'm not too sure who to ask but I figured the tomcat crew would be a good place to start. Maybe SO is more appropriate I have a two web app (war files) system, one containing just the UI and the other containing a collection of CXF soap services and some rest

Http with client certificate authentication

2018-02-21 Thread Alex O'Ree
Howdy folks, If I setup a tomcat connector in server.xml with clientAuth="true" and have the key store for tomcat and a trust store is the following true? - all public key certificates issued by CA's the trust store are allowed in? - all user public key certificates in the trust store are

Re: Error parsing HTTP request header, HTTP method names must be tokens

2018-02-21 Thread Alex O'Ree
Thanks. I'll try the logging change to see if i can at least narrow it down a bit more. On Wed, Feb 21, 2018 at 7:49 PM, Konstantin Kolinko <knst.koli...@gmail.com> wrote: > 2018-02-21 22:19 GMT+03:00 Alex O'Ree <alexo...@apache.org>: > > That's the error message. The prob

Re: TomcatCon Training: Tomcat for Administrators

2018-02-21 Thread Alex O'Ree
@Mark I just found the videos from the last tomcatcon. I actually watched/listened to them all. Great to here the inside scoop on stuff, hope you all make more! I think i must have ran into most of the issues that were discussed and rewrote most of my application (primarily due to me using

Re: Error parsing HTTP request header, HTTP method names must be tokens

2018-02-21 Thread Alex O'Ree
e, Feb 20, 2018 at 4:01 PM, Alex O'Ree <alexo...@apache.org> wrote: > > I keep running into the an IllegalArgumentException at or near startup of > > tomcat 8.5 with a bunch of cxf web services deployed and I have no idea > > what's causing it. The error message mentions tu

Error parsing HTTP request header, HTTP method names must be tokens

2018-02-20 Thread Alex O'Ree
I keep running into the an IllegalArgumentException at or near startup of tomcat 8.5 with a bunch of cxf web services deployed and I have no idea what's causing it. The error message mentions turning on logging at the debug level. Question: Assuming i need to edit the logging.properties file,

Re: web socket user roles

2018-02-09 Thread Alex O'Ree
I think I answered my own question. Looks like `ServerEndpointConfig.Configurator` is the class i want and it can be attached to annotations of the web socket endpoint On Fri, Feb 9, 2018 at 4:42 PM, Alex O'Ree <alexo...@apache.org> wrote: > Is there any kind of trickery to get user r

web socket user roles

2018-02-09 Thread Alex O'Ree
Is there any kind of trickery to get user roles from a web socket server running in tomcat? I'm looking at javax.websocket.Session and I'm not seeing anything other than obtaining the user principle. Further more, aside from SSL/TLS, are there any other security related guides that I should be

How does tomcat handle session ids?

2018-02-07 Thread Alex O'Ree
I was recently perusing security implementation guides and ran across one that required that sessions id's be "destroyed" after use and not reused. >From my understanding, it looks like the java/tomcat/servlet equivalent is the jessionid. I'm assuming this is probably a randomly generated id but I

Re: jsp precompile options

2018-01-28 Thread Alex O'Ree
Mark, thanks for the clarification. I don't know why I assumed it was needed. Awesome! Juan, I'll give that one a shot, thanks! On Sun, Jan 28, 2018 at 5:45 AM, Mark Thomas <ma...@apache.org> wrote: > On 27/01/18 13:35, Alex O'Ree wrote: > > Using tomcat 8.5... > >

jsp precompile options

2018-01-27 Thread Alex O'Ree
Using tomcat 8.5... I have a web app that still uses jsp's and i'm looking into a few options to (a) aid development and (b) reduce or eliminate the need for the JDK in a production setup and just run a JRE. (a) Making development easier. My project is maven based and I'd like to run some kind

Re: ALv2 Tomcat Training material

2018-01-25 Thread Alex O'Ree
Understanding web.xml Understanding webapps without web.xml Security, authn and authz, ldap setups fIle system permissions On Jan 25, 2018 6:04 AM, "Mark Thomas" wrote: > On 08/01/18 09:39, Mark Thomas wrote: > > On 05/01/18 22:09, Don Flinn wrote: > >> Hi Mark, > >> > >> I

Re: No movement at Debug mode

2018-01-21 Thread Alex O'Ree
Do you mean you cannot get a debugger to attach to Tomcat and thus step through your app? Make sure you start tomcat with "catalina jpda run". I think it listens on port 8000 by default. You can then use just about any IDE to attach the debugger via JPDA to localhost port 8000. On Sun, Jan 21,

Re: Valve to dump response messages?

2018-01-15 Thread Alex O'Ree
wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 1/13/18 9:03 PM, Alex O'Ree wrote: > > After googling, I've found the request dumper valve, but I was > > wondering if there was an equivalent for response content? I have > > been abl

Valve to dump response messages?

2018-01-13 Thread Alex O'Ree
After googling, I've found the request dumper valve, but I was wondering if there was an equivalent for response content? I have been able to rig up a http servlet filter that can capture and log response messages but i was looking for a more universal way to accomplish this for all http

Re: Skip resource path in TLD scanner?

2017-11-18 Thread Alex O'Ree
I'm having similar issues after updating from tomcat7 to tomcat8.5. The build script for my app adds some sql drivers to tomcat's lib folder, specifically the derby driver. On bootup tomcat logs a ton of error messages saying that it couldn't find (what looks to be) internationalized resource

Re: URL-encoding and "#"

2017-10-15 Thread Alex O'Ree
...@flyingfischer.ch <i...@flyingfischer.ch> wrote: > Am 13.10.2017 um 12:48 schrieb Alex O'Ree: >> Well that explains a lot. Similar issue for me. With url encoding, tomcat >> is dropping back slash and the plus symbol. > > While I think it is perfectly eligible to strive for

Re: URL-encoding and "#"

2017-10-13 Thread Alex O'Ree
Well that explains a lot. Similar issue for me. With url encoding, tomcat is dropping back slash and the plus symbol. On Oct 13, 2017 3:01 AM, "Mark Thomas" wrote: > On 13/10/2017 07:38, Peter Kreuser wrote: > > Chris, > > > > > > > > > > Peter Kreuser > >> Am 13.10.2017 um

Re: installing certificates

2017-10-09 Thread Alex O'Ree
Graphical keystore tool - http://keystore-explorer.org/ It may make things easier On Mon, Oct 9, 2017 at 6:13 PM, Adam Pease wrote: > Hi Chris, > Many thanks for the quick response! There's a lot of new terminology (to > me) to all this and it's quite confusing

Re: Tomcat unstable after updating apache http client

2017-10-05 Thread Alex O'Ree
Ill see if I can make a test war they'd reduces it to the minium. On Oct 5, 2017 8:04 AM, "Mark Thomas" <ma...@apache.org> wrote: On 05/10/17 12:12, Alex O'Ree wrote: > I ran into a strange issue the other day. Running tomcat 7.0.81. I have a > war file with apache h

Tomcat unstable after updating apache http client

2017-10-05 Thread Alex O'Ree
I ran into a strange issue the other day. Running tomcat 7.0.81. I have a war file with apache http client vs 4.3.3. I was having some issues with my code in the war and experimented with updating the http client to 4.5.3. The result was bizarre. Tomcat would start as normal but stop serving

tomcat7 eol date?

2017-09-23 Thread Alex O'Ree
Is there an approximate or estimated date in which ASF will stop supporting patches for Tomcat7? I'm assuming that the tomcat major versions are tied to oracle's support for the JRE, which implies that when oracle stops supporting JRE7 that tomcat7 support will stop around the same time. Is that

Re: publishing tomcat server as maven artifact

2017-09-23 Thread Alex O'Ree
They weren't, other than that releases were happening at some point. Ahh sorry you're right. What about the other variants, such as the windows x64 builds with the service wrappers? On Sat, Sep 23, 2017 at 4:05 AM, Mark Thomas <ma...@apache.org> wrote: > On 23/09/17 02:27, Alex O'

publishing tomcat server as maven artifact

2017-09-22 Thread Alex O'Ree
In light of the recent security issues, has the tomcat dev's ever consider publishing the tomcat server as a maven artifact? I just tomcat as a base server for Apache jUDDI and for several other projects whereby I create preconfigured tomcat instance. It's also super useful for integration

Re: Invalid characters in request header

2017-09-09 Thread Alex O'Ree
Is there a way too log whatever the offending header was? On Sep 9, 2017 6:30 AM, "Martynas Jusevičius" wrote: > Well then you're out of luck. Everything is as expected though, at least on > your end -- client sends invalid request, gets error response. What else do >

Re: Getting user role membership without context

2017-08-16 Thread Alex O'Ree
p through the JNDIRealm with a debugger (I use > Eclipse) to see exactly what is going on. If you aren't set up for that, > enabling debug logging for the JNDIRealm should provide some insight but > it might not answer everything. > > Mark > > > On 04/08/17 21:24, Alex O'Ree

Re: Question - JVM Host display page

2017-08-06 Thread Alex O'Ree
Try Tomcat/webapps/root/index.jsp On Aug 6, 2017 7:44 AM, "bebe böbe" wrote: > Hi, > > I reserved the domain "palibacsi.de" with "JVM Host". > When someone visits the page, I want it to display my "index.html" file. > Instead it now displays the Tomcat homepage. > How

Re: Getting user role membership without context

2017-08-04 Thread Alex O'Ree
text, it's returning false. I'm assuming there's something wrong with the JNDI realm configuration but since it works correctly under normal circumstances and not using the reflection solution, I'm a bit puzzled and am unsure how to proceed. On Wed, Jul 19, 2017 at 11:20 AM, Alex O'Ree

Re: Storing JNDI binding password using encryption

2017-07-19 Thread Alex O'Ree
her Schultz <ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Alex, > > On 7/19/17 1:53 PM, Alex O'Ree wrote: >> On Wed, Jul 19, 2017 at 12:09 PM, Mark Thomas <ma...@apache.org> >> wrote: >>> On 19/07/1

Re: Storing JNDI binding password using encryption

2017-07-19 Thread Alex O'Ree
wrote: > On 19/07/17 16:22, Alex O'Ree wrote: >> Assuming I had access to a reversible encryption mechanism and wanted >> to store the JNDI binding password in an encrypted form by extending >> the JNDIRealm class, which method should i override to encrypt the >> passwor

Storing JNDI binding password using encryption

2017-07-19 Thread Alex O'Ree
Assuming I had access to a reversible encryption mechanism and wanted to store the JNDI binding password in an encrypted form by extending the JNDIRealm class, which method should i override to encrypt the password stored in server.xml on the fly?

Re: Getting user role membership without context

2017-07-19 Thread Alex O'Ree
Got it to work! Thanks Mark! On Wed, Jul 19, 2017 at 10:40 AM, Mark Thomas <ma...@apache.org> wrote: > On 19/07/17 15:34, Alex O'Ree wrote: >> Context.findChild and findChildren returns an instance of "Container". >> It looks like StandardWrapper extends Container,

Re: Getting user role membership without context

2017-07-19 Thread Alex O'Ree
..@apache.org> wrote: > On 18/07/17 23:21, Alex O'Ree wrote: >> Nice, any idea which method I need to call? > > You already have the Context so you want > > Context.findChildren() > > for a list of all the Wrappers (and it is the wrapper object you need) or > > Con

Re: Getting user role membership without context

2017-07-18 Thread Alex O'Ree
Nice, any idea which method I need to call? On Jul 18, 2017 3:54 PM, "Mark Thomas" <ma...@apache.org> wrote: > On 18/07/17 17:41, Alex O'Ree wrote: > > Alright, quick update on this. > > > > At this point, I have servlet context and a username running off the

Re: Getting user role membership without context

2017-07-18 Thread Alex O'Ree
P defined group or role into what the application is expecting. Am I on the right path here? On Sun, Jul 16, 2017 at 6:18 PM, Alex O'Ree <alexo...@apache.org> wrote: > bugger, this time replying with the correct reply address. Not sure > if the previous reply went through. > &g

Re: Getting user role membership without context

2017-07-16 Thread Alex O'Ree
in ApplicationContextFacade and ApplicationContext I'll also further investigate the JMX/Mbean method with JNDI as it will probably be more sustainable in the long run On Sun, Jul 16, 2017 at 3:55 PM, Mark Thomas <ma...@apache.org> wrote: > On 16/07/17 15:31, Alex O'Ree wrote: >> Thanks for th

Re: Getting user role membership without context

2017-07-16 Thread Alex O'Ree
as it will probably be more sustainable in the long run On Sun, Jul 16, 2017 at 3:55 PM, Mark Thomas <ma...@apache.org> wrote: > On 16/07/17 15:31, Alex O'Ree wrote: >> Thanks for the clarification. To add to my description >> >> I'm running a task on the users be

Re: Getting user role membership without context

2017-07-16 Thread Alex O'Ree
Thanks for the clarification. To add to my description I'm running a task on the users behalf on a background thread with a task scheduler. I need to get the roles when the task is ran in case of a change in role membership between the time the task is scheduled and when it is executed. It

  1   2   >