I'm really sorry to post birthday-congrats into this list, however:
One of the dinosaurs and most helpful souls of this list is enjoying
his birthday today, if I'm not mistaken.
Therefore, Chuck, all the best and have a great day!
Besides, thanks again for all the help you've provided to this
Hi Chris,
first, thanks for your answer, I really do apprecciate it!
On Thu, Apr 28, 2011 at 5:00 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Gregor could cheat and write a session-data-fetch servlet in the main
webapp and call it from the ancillary webapp. Just use URL-based
Hi there,
somehow I'm stuck here:
We do have a pre-packaged Tomcat 6 which contains our new CMS, running
on Gentoo Linux.
The ROOT-app contains the aboved mentioned CMS.
Now I do have to integrate some legacy servlets residing each in it's
own Context, and for aurthorization-issues I have to
Chris,
On Wed, Dec 1, 2010 at 10:10 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
I agree with Mladen: MySQL doesn't actually need root privileges for
anything at all, so this is a good description of your desires, but not
a really great example.
Tomcat doesn't root-privileges
Mladen,
On Thu, Dec 2, 2010 at 12:37 PM, Mladen Turk mt...@apache.org wrote:
On 12/02/2010 12:05 PM, Gregor Schneider wrote:
If your developers need to see the stdout of the Tomcat
on the production server then you have a serious problem.
The first one that I find (well funny
Konstantin,
On Tue, Nov 30, 2010 at 9:42 PM, Konstantin Kolinko
knst.koli...@gmail.com wrote:
The above one is tomcat-native, aka Tomcat-Apr,
a library that provides code for Http11AprProtocol and AjpAprProtocol
connectors.
This one is commons-daemon, which gives you jsvc.
Christopher,
On Tue, Nov 30, 2010 at 10:33 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Apache httpd acts this way:
Sure, since Apache is usually started within root-context (sbin) -
so that does make sense.
When talking about servers, I'm not talking about a webserver but a
Hi André,
long time no see ;)
On Wed, Dec 1, 2010 at 12:20 PM, André Warnier a...@ice-sa.com wrote:
As far as I know, these startup scripts are created by the packagers of
Debian, RedHat etc.. when they wrap Tomcat in a platform-specific package.
/They/ are the ones who decide how they call
Hi guys,
we had some issues due to a memory-leak here and used this opportunity
to upgrade our Tomcat from 5.5.20 to 5.5.31.
Here's our current environment:
tom...@www2:~/local/tomcat55/bin$ ./version.sh
Using CATALINA_BASE: /home/tomcat/local/tomcat55
Using CATALINA_HOME:
Mladen,
Believe it or not, this is intentional and correct behavior.
Almost any server behaves like that.
thanks for sharing your views on this one, which I, however, do not share at
all
besides, no server behaves like you're stating:
if an application is started in a non-root-context and
2010/6/18 Mikolaj Rydzewski m...@ceti.pl:
Luca Gervasi wrote:
i can read my /etc/passwd from a malicious jsp.
Where can i find infos on limiting filesystem access / visibility ?
1st thing to do:
run tomcat as user tomcat (or whatever username u like) with
limited rights - that should at
is the environment-variable $logs specified?
rgds
gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/
skype:rc46fi
Pid,
I believe the problem here is that Fiona tried to use
File=$\{logs\}/stdout.log
However, this will only work if an environment-variable logs is
defined - which is IMHO no default configuration.
Cheers
Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp:
Have a look at www.jahia.org.
It's a really powerful java based CMS, setup procedure is a walk in
the park. Beside the EE-version ($$$) there's a community-edition for
free, having most of the features of the EE edition. They have a big
community, so support's also there.
Cheers
Gregor
--
just
Sorry if I drop in here getting a bit off-topic, howver:
On Mon, May 17, 2010 at 1:54 PM, Pid p...@pidster.com wrote:
On 17/05/2010 12:36, Stephen . wrote:
HTTPD can handle authentication, or Tomcat can, but not both at the same
AFAIK. The AJP Connector will need it's 'tomcatAuthentication'
On Wed, May 12, 2010 at 3:51 PM, o-rabbit rju...@gmail.com wrote:
Is there something more I need to do??
yes: read the clustering-how-to:
http://tomcat.apache.org/tomcat-6.0-doc/cluster-howto.html
rgds
gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp:
On Wed, May 12, 2010 at 7:21 PM, o-rabbit rju...@gmail.com wrote:
I am glad everyone does not think like you do!
FYI:
André is well know to this group as one of the persons trying their
very best to help anybody having problems regarding Tomcat.
If you didn't receive any answer helping you
On Tue, May 11, 2010 at 7:53 AM, Gregers Blach gregbl...@netscape.net wrote:
PHPMyAdmin would be a very nice add-on in order to better support MySQL
databases.
...and likely to dig a few security wholes...
if you really, really want to go for php, esp. PHPMyAdmin, be sure to
configure it to
On Tue, May 11, 2010 at 10:28 AM, Gregers Blach gregbl...@netscape.net wrote:
Hi all,
1. No one recommends running PHP on Tomcat. Instead running httpd is
recommended.
right
2. No one is able to provide me with a guide for setting up Tomcat to run
PHP. I guess this must be because no
No idea if it has to do with your problem, but
On Mon, May 10, 2010 at 2:21 AM, red phoenix rodphoe...@gmail.com wrote:
Info: validateJarFile(Q:\Tomcat\webapps\MyApp\WEB-INF\lib\servlet-api.jar) -
jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class:
Marc,
what gives if you call http://192.168.0.6:8080?
Rgds
Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/
skype:rc46fi
On Fri, May 7, 2010 at 9:11 PM, Yucca Nel yucca...@live.co.za wrote:
modify serve.xml but how will I do this in production?
load server.xml into any editor of your choice, change it, restart
tomcat, that's about it
loads od support
what's that supposed to be?
rgds
gregor
--
just because
Provided your logfiles are rolling daily:
echo Number of errors i file: `grep ERROR [logfilename here] | wget -l`
as a start.
Seriously:
Analyze your requirements and have somebody write a small script which
you put into your crontab. Said script can be a simple one or as
complex as you like
Just a shot from the hip:
When you run TC from the comand-line, I figure you're using
startup.bat, right? So, maybe there are some env-variables set in this
script (or catalina.bat, classpath.bat), which are not set when
running tomcat.exe as a service?
Forget my comments in case you're running
Could you please come back on that issue next week?
My crystal ball is just out for maintenance, and without it I'm not
able to read your logs containing the error-message...
Rgds
Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp:
Karthik,
*If* any OutOfMemoryError occurs within Tomcat, the reason for said
error will be some faulty webapp, meaning it is likely to crash any
other servlet-container, too.
Therefore, stick to the rules I pointed out above, and you'll be fine:
Make sure you have some solutions ready in case
Karthik,
AFAIK there is no study telling the likeliness of any web- /
application-server to crash.
If there wer such a study, you'd have to specify a 'lot' of possible
crash-scenarioes - startung at misbehaviour of admins, ddos, bad
webapps etc.
Make sure you have some solutions ready in case
On Tue, Apr 20, 2010 at 12:54 PM, banto banto...@gmail.com wrote:
Hi,
i know this can be a silly question but i have the following issue:
i want to call my web app with a standard URL as http://host:port/myString
how does the url look like when you call your webb-app currently?
how would
On Tue, Apr 20, 2010 at 3:00 PM, Shinan Kassam shin...@gmail.com wrote:
I currently have custom authentication working using JDBCRealm. Hence, I
have some database parameters in server.xml as well as my application. Is it
possible to use a portion of the URL as a parameter to connect to a
Don't know if you guys are aware of it, but the above mentioned system
have been compromised.
According to their blog
(https://blogs.apache.org/infra/entry/apache_org_04_09_2010), the ASF
infrastructure-team recommends to change your passwords for said
systems.
Rgds
Gregor
--
just because
On Tue, Apr 13, 2010 at 7:46 PM, Jon Brisbin
jon.bris...@npcinternational.com wrote:
We use automatic restarts on OutOfMemory errors and it works fantastically. I
don't do it the way described here, though. I use the JVM's
-XX:OnOutOfMemoryError option. I add the following to CATALINA_OPTS:
Hi there,
we do observer a strange behaviour of memory-consuption when running
Tomcat within native mode (via jsvc).
First, our configuration:
Using CATALINA_BASE: /srv/someServer/catalina_base
Using CATALINA_HOME: /srv/someServer/catalina_base
Using CATALINA_TMPDIR:
Hi Mark,
On Thu, Apr 8, 2010 at 1:48 PM, Mark Thomas ma...@apache.org wrote:
On 08/04/2010 12:12, Gregor Schneider wrote:
Anybody has an idea what I might be missing here?
That Java Heap Space + Perm Gen Space OS process Space
You are missing the memory used for:
- native code
- gc
What do you wnat to test specifically? JSPs? Servlets? or just some
common Java classes being used by a Servlet / JSP?
Rgds
Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@
You can telnet port 80 without any problems? Well, that means there's
some application running using port 80, otherwise you wouldn't be able
to telnet on port 80.
What gives netstat -a?
Rgds
Gregor
--
just because you're paranoid, don't mean they're not after you...
gpgp-fp:
ah. come on, chuck, why's that everyone is picking on my nick? *sic*
i'm reading and posting from my mobile, which is why i may have not
seen andre's post
cheers
gregor
---
just because you're paranoid doesn't mean they're not after you...
Am 19.03.2010 um 18:16 schrieb Caldarale, Charles R
Correct me if I'm wrong, but afaik ICD-10 is nothing but a code
describing the hierarchy-structure of disorders like asthma, hayfever,
cancer etc issued by the WHO.
I do not see how Tomcat or any other web- / application-server should
support such a standard: It's the application (here: servlet
Thread-Dump on Windows:
If I'm not mistaken, the key-combination CtrlBreak should do the
trick on /most/ JVMs
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
Hi Chuck,
is he running TC as a service? I couldn't find any information on that
in the post - otoh, as Rainer pointed out, my eysight seems not to be
the best...
Just tested it with a sample Java-Swing-Application:
- getting a thread-dump with ctrl/break on JDK 1.5, don't get it
with JDK 1.6 -
hm, there are only two possible scenarioes I can think of:
- either the key-combination ctrl-brk is somehow intercepted in the
swing-app I was using (actually pretty unlikely)
- german keyboard might interfere
but only with 1.6?
strrange...
cheers
gregor
--
just because your paranoid,
I'm a bit puzzled:
In your previous tests it looked like that Apache is outperforming
(ok, not really) Coyote w APR when the files grew bigger.
In your last results I can't see that pattern - actually, I don't see
/any/ pattern...
Any idea how come?
Cheers
Gregor
--
just because your
Hi guys,
I'm about to update an old Tomcat-instance (5.5.quite_old) to the
latest 5.5, also I'm about to update an outdated mod_jk to the latest
version.
The old config of mod_jk had quite some depricated directions
included, so I changed them (opefully) according to the doc I found
Hi Rainer,
On Mon, May 18, 2009 at 9:35 PM, Rainer Jung rainer.j...@kippdata.de wrote:
The error means: you told mod_jk to use it, but you forgot to define it.
All vhost-definitions within Apache are alike when it comes to the
jk-specs, thus I'm just posting a sample vhost-definition:
hi guys,
i'm wondering where - except from the source - i could find the
information of what the log-format-parameters actually mean.
example:
JkLogStampFormat [%a %b %d %H:%M:%S %Y]
that's the default format-string, however, in the docs
Chris,
On Thu, May 7, 2009 at 4:07 AM, Christopher Schultz
ch...@christopherschultz.net wrote:
A few questions:
Chris, maybe you'll get the hang of this Valve if I explain the
business-requirement I had:
My primary target was to cirumvent the problem having a framed
web-app, where some
Pid,
On Thu, May 7, 2009 at 2:01 PM, Pid p...@pidster.com wrote:
Alternative:
I don't have this to hand anymore since the original site was changed
and I'm not the dev for it anymore, but we put a frame-busting
javascript on the login page instead, it loaded our preferred start URL
instead
I've suggested a patch to issues.apache.org which might be helpful if
Sid wants to implement his own Valve.
My patch is a new valve, which diverts the call to a pre-defined URL
if j_security_check is called (I had to circumvent the fact that after
j_security_check Tomcat is always forwarding to
Thing is, that we have multiple boxes (Debian) running with multiple
hosters, so every layout of those boxes is different (i.e. one has
Tomcat in /var/lib, the other one in /usr/local, next one in
/home/apps/tomcat).
Since *some* of our servlets (i.e. our own SSO-mechanism) are runnung
in all
Whish I could have made it to London, however, since I'm packed here
like never b4 and - most important - my wife is due with our first kid
within the next couple of weeks, I earned a few vetoes :(
And concerning why it's quiet on the list:
In most European countries today is labour-day meaning
Hi guys,
I know it's not a real Tomcat-topic, however, it's close to and I'm
wondering if anyone on this list might come up with some kind of a
smart solution.
Most of you may know the typical first lines of any log4j.xml-config-file:
?xml version=1.0 encoding=UTF-8 ?
!DOCTYPE
On Sun, Apr 19, 2009 at 9:43 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
How about pointless? Somewhat akin to debating the number of angels that can
dance on the head of a pin.
Why pointless? The answer is obvious: 42
scnr...
Gregor
--
just because your paranoid, doesn't
Hi Mark,
- I think an overview of thenew features of Tomcat 7 would be great
- Fillip did a talk about the new Servlet Specs 3.0
- Concerning how often questions regarding mod_jk are showing up in
the list: mod_jk - HowTo / Best practices
- I very much liked the talk becoming a tomcat
Hi André,
On Thu, Apr 16, 2009 at 1:15 PM, André Warnier a...@ice-sa.com wrote:
Mark Thomas wrote:
[...]
How about a session like :
Everything you always wanted to know about connecting Apache httpd and
Tomcat, but never dared to ask
yepp, and Woody Allen as the presenter ;)
If you can't
Hi Mark,
On Thu, Apr 16, 2009 at 12:44 PM, Mark Thomas ma...@apache.org wrote:
The conference organisers took copies of our slides and promised us they
would upload them for us. Oh well. I uploaded mine myself. I'll see if
Filip can do the same.
well, on some talks the guys having the chair
How about
exec dir=${TOMCAT}/bin/ executable=./shutdown.sh /
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/
skype:rc46fi
On Thu, Apr 2, 2009 at 3:37 PM, Taylan Develioglu
tdevelio...@ebuddy.com wrote:
I think a seperate overview of attributes per connector would be clearer.
+1
Somebody got some time to change it in the TC trunk and cis able to
reate a bugzilla-RFE with a patch?
Any volunteers welcome ;)
Rgds
On Thu, Apr 2, 2009 at 7:30 PM, Je suis la poubelle laps...@gmail.com wrote:
On Fri, Mar 27, 2009 at 5:34 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Setting charset/encoding is to specify computerized information. It's
not just a matter of language. If setting charset in
On Thu, Apr 2, 2009 at 7:30 PM, Dan Armbrust
daniel.armbrust.l...@gmail.com wrote:
What would be doing this? Something in my app is preventing this
severe error from being passed up to tomcat to be logged - but then my
app doesn't log it either - probably because it is stopped before it
ever
On Wed, Apr 1, 2009 at 12:07 PM, Mighty Tornado
mighty.torn...@gmail.com wrote:
Where can I obtain it?
You wrote before:
I get the following exception in the log when I start the server up:
== localhost.2009-03-03.log ==
at
On Wed, Apr 1, 2009 at 4:22 PM, Peter Crowther
peter.crowt...@melandra.com wrote:
And, indeed, that Apache + mod_security + mod_jk + Tomcat has fewer
vulnerabilities than just Tomcat.
Since I'm interested on hard data, too, hand over the facts, please.
It's just that I'm curious...
Rgds
Hi André,
On Wed, Apr 1, 2009 at 4:52 PM, André Warnier a...@ice-sa.com wrote:
Gregor Schneider wrote:
Unfortunately my apps are working like charm, so I ain't got an
example to cpy and post here... *cough*
Angeber.
Promise to conserve my next exception-log and will send it to you
Peter,
On Wed, Apr 1, 2009 at 4:58 PM, Peter Crowther
peter.crowt...@melandra.com wrote:
And, indeed, *assuming* that Apache + mod_security + mod_jk + Tomcat has
fewer vulnerabilities than just Tomcat.
I'd also be very interested to see the evidence (either way) on that.
See, I believe in
Martin,
On Wed, Apr 1, 2009 at 6:53 PM, Martin Gainty mgai...@hotmail.com wrote:
Gregor
can you elucidate any documented security holes in Apache HTTPD?
Most of them are fixed, but it proofs that there are quite some, and I
bet there will be some full disclosure in future.
For a start:
If you haven't specified a console-logger:
catalina.out
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/
On Tue, Mar 31, 2009 at 10:56 AM, Rainer Frey (Inxmail GmbH)
rainer.f...@inxmail.de wrote:
Then, is this intended behavior, or a bug?
Rainer
Making a long story short:
It's expected behaviour.
From the Tomcat 6 documentation
(http://tomcat.apache.org/tomcat-6.0-doc/deployer-howto.html):
Chris,
my experience with those scanners (slowest on top):
- Symantec (Norton)
- Kaspersky
- McAffee
However, those experiences are based on workstations only.
I do know that at least some of those scanners do have different
enterprise soltutions.
However, I guess experiences may vary, so you
Wesley,
if Germany is an option, I'd have 2 recommendations for you:
One lowcost (starting at @ €40-something) and one premium-hoster
(starting @ around € 250 per box).
Prices are per month, and it's
We're using both of them for our company and we're highly satisfied.
Drop me a line if you
On Tue, Mar 31, 2009 at 5:19 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Subject: Re: Profiling tomcat applications with -Xrunhprof (Tomcat runs
asa Windows Service)
Are you trying to get profiling data, or are you
Since you're not using an original Tomcat-download but a pre-packaged version:
- Did you do an emerge recently?
- What gives netstat -lnp?
- What's the Centos-package-maintainer's oppinion on that?
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp:
On Mon, Mar 30, 2009 at 6:35 PM, Yassine elas...@users.sourceforge.net wrote:
if i were you i would use only eclipse + tomcat for my development and
when ever i want to
test some Apache related configurations i will then do the
configurations manually.
afaik there is nothing (plug in) that
Wes,
On Mon, Mar 30, 2009 at 7:23 PM, Wesley Acheson
wesley.ache...@gmail.com wrote:
It was because of the SSL stuff I haven't learnt how to set up SSL with
tomcat.
I'm curious: What's the benefit having Tomcat run in SSL-mode for
Servlet / JDP-development?
Okay but as far as I know when
Sergio,
please do the following:
- remove (rename) your catalina.out and try to start Tomcat with
/etc/init.d/tomcat5 start (or whatever name your startup-script has)
After that, the log-file should hopefully be a bit shorter.
I'm a bit puzzled since your having quote /some/ errors in the
Chuck,
actually Nirvana is a pretty good place but for serialized /
de-serialized sessions ;)
Anyway:
On Mon, Mar 30, 2009 at 8:38 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
Are you saying you run a production Tomcat under Eclipse? That's insane.
I'm understanding this
Jon,
On Mon, Mar 30, 2009 at 8:45 PM, jo...@catholic-doc.org wrote:
There is no native JDBC driver for Navision, so I have to use the ODBC
version.
ODBC is usually already a show-stopper on Java
I think I may have found the problem, but I do not know how to fix it. All
of our systems
Chuck,
On Mon, Mar 30, 2009 at 8:52 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
Perhaps, but then why would the OP be concerned about losing session
information when updating with Eclipse, if this were only for
test/development?
Maybe the he's too lazy to login every time?
Martin,
I believe the OP doesn't know what an .so-file is.
I'm also not sure if there's something like execute-privileges in Windows.
Besides, he's talking about Tomcat 6, and I can't find anything like a
shared-folder in Tomcat 6.
My knowledge about all this library-stuff on MS Windows (btw:
Brandon,
within the Context-definition of the COntext *from* where you want to
forward, you'll have to specify
Context path=[Pfad] crossContext=true ... /
Forwarding works like this:
ServletContext otherContext = servletContext.getContext(/othercontext);
// The context may be null if the
Brandon,
please reply to the list so that other ppl also benefit from this.
On Sun, Mar 29, 2009 at 3:22 PM, behofm...@gmail.com wrote:
Thanks for the quick reply! After using the approach you mentioned, I would
then use the RequestDispatcher to complete the forward to the new context.
1st: I Agree to Yassine that it would be helpful if you could provide some logs.
2nd: If I'm not mistaken, you're using the Tomcat5-syntax which has
changed since Tomcat 6.
Have l look here: http://tomcat.apache.org/tomcat-6.0-doc/config/realm.html
I.e., the username-attribute becomes
Mea culpa, Chuck, you're right...
On Fri, Mar 27, 2009 at 3:21 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
A week in Amsterdam, and... How much have you guys been drinking? :-)
erm... actually I wasn't drinking :)
so let's just wait for the logs
Cheers
Gregor
--
just
http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/win64/
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
Martin,
On Sat, Mar 21, 2009 at 9:50 PM, Martin Gainty mgai...@hotmail.com wrote:
test driven means if I create a component as a developer I need to install a
JUnit testcase that will test the requisite function
Actually there's a bit more behind it.
Usually, you start to design an
Pieter,
I'll be there starting on Tuesday Hackaton (actually will be arriving
sometime on Monday) and stay until Friday.
Btw., I found this site quite helpful:
http://aceu2009.crowdvine.com/
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp:
On Sat, Mar 21, 2009 at 1:06 AM, Richard Langly
richard.ringo.lan...@gmail.com wrote:
If you mean that there are no modifications to the original request or even
the response, then yes. It's to be a transparent proxy.
So why do you try do build your own proxy?
I've a similar setup using
Richard:
Are you looking for a transparent proxy? I.e., circumvent some censorship?
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
On Fri, Mar 20, 2009 at 12:10 PM, i_am_superman ee...@objectivation.nl wrote:
If anyone else has another idea, please respond.
How about a self-seigned cert?
A nasty browser-window will pop up once, however, the users could
import the server-cert into their browser, and then they#re done
Rgds
On Fri, Mar 20, 2009 at 12:36 PM, André Warnier a...@ice-sa.com wrote:
Considering the amount of taxpayer money that governments are currently
pumping into failed financial institutions and car makers, I'm sure they
could afford a 400 € certificate, no ?
Or is it that bad ?
+1
Cheers
Peter,
On Fri, Mar 20, 2009 at 2:05 PM, i_am_superman ee...@objectivation.nl wrote:
I just don't
understand it; how do hosting companies host 2 sites on one box with a
certificate each? That'll be a lot of IP address juggling..
Well, we f.e. do have a box 8ok, actually two boxes behind a
Just ask them to google for security-issues linked to PHP and issues
linked to any servlet-container (aka Tomcat).
If they want it more specific, ask them to read through some relevant
mailing-list-archives such as full-disclosure.
OK, that's not about performance, but we f.e. do not use PHP due
This is not a Tomcat-related question but a question relating to
Servlets in general.
http://edocs.bea.com/wls/docs61/webapp/web_xml.html#1017571
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key
André,
On Wed, Mar 18, 2009 at 7:37 PM, André Warnier a...@ice-sa.com wrote:
Nope, just that after people keep throwing mysterious acronyms at me, and
several of them start to use the same ones, I get curious.
Since I believe one of those people was me, I hope throwing stuff at
you didn't
André,
two questions:
what type of conenction is the servlet using? Is it RMI, Socket, something else?
If you're not happy with Wireshark, there might be an approach which
takes a bit more effort but might work in case the Java-classes are
not obfuscated:
Talking RMI:
- try to decompile the
On Wed, Mar 18, 2009 at 3:47 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Wireshark does full TCP capture but also understands protocols, so it
will show you only the HTTP details for a particular packet, etc.
But will this help to find out the characterset of encoded string in
On Mon, Mar 16, 2009 at 3:10 PM, Mikolaj Rydzewski m...@ceti.pl wrote:
It doesn't work for me. By default Tomcat uses ISO-8859-1 encoding. And it
will try this encoding to parse input parameters.
That's true, I'm doing the same here for German Umlaute, however:
One link in the Wiki is
If found this one:
http://www.w3.org/TR/html401/interact/forms.html#adef-accept-charset
Actually, to me it's not clear why Tomcat should believe the input
being encoded in ISO8859-1, when one can give a detailled information
how the form-data is encoded.
If I understand it correctly, one can
Since Struts is very well tested on Tomcat (btw: which versions are
you running?), I wouldn't believe this being a Tomcat / Struts-problem
but a problem of your app.
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not after you...
gpgp-fp:
So how should we help you then without knowing your application?
Remeber: This is a Tomcat-mailinglist. However, since some guys here
do have quite some Struts-know, maybe you're lucky if providing
sufficiant information...
Rgds
Gregor
--
just because your paranoid, doesn't mean they're not
- take a look into your server.xml-file:
somewhere you shoudl find the Host-element:
just add the attribute appBase in there and you're set.
however, since you're running a pre-packed Tomcat, I don't know where
centOS is storing the Tomcat-config-files - will be your part to find
that out.
Chris,
On Fri, Mar 13, 2009 at 2:59 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Generator: 10 fingers and some brain
Cute.
I do have the copyright on that one, however, I put it under the GPL -
ooops - did I say GPL? I mean Apache License 2.0 ;)
Regds
Gregor
--
just
Chris,
On Fri, Mar 13, 2009 at 3:18 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
Another potential reason for using separate Connectors is to
(somewhat) guarantee availability of each of your webapps. If you have
an Executor with 100 threads available, a single webapp('s users)
1 - 100 of 466 matches
Mail list logo