Re: Adding regular expression support to CORS filter

2020-09-27 Thread Carsten Klein
Any comments on that? Is it worth preparing a PR?

Adding regular expression support to CORS filter

2020-09-21 Thread Carsten Klein
Hi there, I'd like to contribute a CORS filter enhancement, making it accept both wildcard-based and 'regular expression'-based expressions for its allowed origins list. I know this from a project based on Jetty, which has support for, at least, simple wildcard matching (*). Specifying

Re: How to encrypt db password in tomcat context.xml

2020-06-29 Thread Carsten Klein
- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- -- Mit freundlichen Grüßen Carsten Klein mail: c.kl...@datagis.com [mailto:c.kl...@datagis

Re: Should Tomcat 10 enable response compression by default?

2020-06-10 Thread Carsten Klein
Although I believe that buggy clients are no longer a problem today, compression may introduce complications when Tomcat runs behind a reverse proxy as it is often the case. If your front-end server (e.g. Apache) needs to modify the responses (e.g. with mod_proxy_http), you'll end up with a

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-20 Thread Carsten Klein
Hi there, what to do next to get things moving? Seems like there's nothing more to implement for the addition right now. Should I just create a PR in the apache/tomcat repository? And/or post some lines to the dev mailing list? Carsten

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-20 Thread Carsten Klein
Jonathan, On Tue, Feb 18, 2020 at 5:29 PM Jonathan S. Fisher wrote: For older versions of tomcat, I'd suggest adding an additional option that causes GenericPrincipal to drop the password after authentication is complete, by default if persistAuthentication is enabled, which alleviates your

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-19 Thread Carsten Klein
Chris, there is a new PR #2, I messed up my branch and had to setup a new one... Still a bit new to GIT... https://github.com/cklein05/tomcat/pull/2 Actually, I decided to just add the String array. That's not too bad either, right? Have a look at the latest code and comment in PR #2.

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-19 Thread Carsten Klein
Hi there, had to re-setup my branch... Nevertheless, updated PR is available now. Some last things... The pattern for default sessionAttributeValueClassNameFilter must even be extended to match String arrays as well (roles are stored that way). In order to keep the pattern smaller, one

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-18 Thread Carsten Klein
Hi there, most of the issues discussed with/suggested by Mark Thomas should be in place now. The renamed PR should now show a much better code basis for further discussions. b) Please add a changelog entry for this addition. Still looking for the change log file... Carsten

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-18 Thread Carsten Klein
j) At a minimum, new Manager attributes need to be added here: https://github.com/apache/tomcat/blob/master/webapps/docs/config/manager.xml Here's an online preview of the updated Manger documentation: http://office.datagis.com/pub/tomcat-9.0.x/docs/config/manager.html These are the

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-18 Thread Carsten Klein
Open the pull request in your own fork... this link should work: https://github.com/cklein05/tomcat/compare/cklein05:master...cklein05:session-manager-persist-authentication?expand=1 Done. Carsten - To unsubscribe, e-mail:

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-18 Thread Carsten Klein
Mark, Please don't be put off by the number of comments and suggested changes. I think the core idea is sound and meets a valid requirement that some users have. To some extent, the volume of comments reflects that fact I'm responding to a clear proposal and explanation. This is a good thing in

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-18 Thread Carsten Klein
On Tue, Feb 18, 2020 at 9:19 AM Carsten Klein wrote: Rémy, Can you describe an actual use case for this ? Without clustering, I don't understand why the auth persistence is useful at all [when using clustering, the delta manager persists that auth information]. To be honest, that's also

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-18 Thread Carsten Klein
Rémy, Can you describe an actual use case for this ? Without clustering, I don't understand why the auth persistence is useful at all [when using clustering, the delta manager persists that auth information]. To be honest, that's also the case for session persistence itself, which does not

Re: Enhancement: New option 'persistAuthentication' for session manager

2020-02-17 Thread Carsten Klein
Jonathan, I'm not quite sure whether it's not too early for a PR... :-) I was waiting for some remarks on my code, prior to officially release a PR. Can't you just do a Compare on GitHub? Carsten Can you open a PR so we can diff your changes? Very excited to see this! We used a workaround

Enhancement: New option 'persistAuthentication' for session manager

2020-02-17 Thread Carsten Klein
Hi there, finally, I got my first Tomcat enhancement ready. You can view its code at my Tomcat fork on GitHub: https://github.com/cklein05/tomcat/tree/session-manager-persist-authentication Before I'm opening an enhancement in Tomcat's Bugzilla, maybe, Mark and Christopher (or whoever else

Re: Tomcat 7.x.x, 8.x.x, 8.5.x and 9.x.x: Session serialization w/o authentication related information

2019-12-02 Thread Carsten Klein
On 01/12/2019 23:04, Mark Thomas wrote: I'm with you. And likely our setup is special in a way. However, I've rarely seen that you have to re-enter credentials in a professional web application like Google or Facebook, for example. Yes. But if those apps were running on Tomcat I doubt