RE: Tomcat service switches to another JDK under the hood

2022-04-11 Thread Jan Tosovsky
c:/... set CATALINA_HOME=c:/.. set PATH=%JAVA_HOME%/bin;%PATH% and use only this file to start tomcat. Put there other variables eg. JAVA_OPTS in case you have some other jvm variables. Do not rely on MS Windows variables settings. Regards, Zdenek Henek On Mon, Apr 11, 2022 at 12:18 PM Ja

Tomcat service switches to another JDK under the hood

2022-04-11 Thread Jan Tosovsky
We have a mixed JDK environment on our internal Windows Server. Tomcat is installed using the service installer and its service configuration points to the JDK 17 as it serves some internal apps requiring JDK 12+. JAVA_HOME points to older JDK 8. PATH variable contains link to JDK 8, but

Deleting web.xml on tomcat exit

2018-06-06 Thread Jan Tosovsky
Dear All, I use tomcat as a Liferay portal engine. It is usually stopped in two steps. There is Shutdown button available in Liferay Control panel, which stops the webapp. Once this is finished, it is safe to stop tomcat via the standard shutdown script. If tomcat is stopped differently: *

_jspService is exceeding the 65535 bytes limit

2018-02-07 Thread Jan Tosovsky
Dear All, I've updated ancient tomcat to 8.0.49 and deployed app now throws '65535 bytes limit' exception for certain JSPs. Following this (older) thread https://stackoverflow.com/questions/5484253/jspservice-is-exceeding-the-6553 5-bytes-limit I changed that mappedfile parameter, but it didn't

RE: [Hardening] Running tomcat under a specific account

2015-02-26 Thread Jan Tosovsky
On 2015-02-26 Christopher Schultz wrote: On 2/26/15 5:23 AM, Aurélien Terrestris wrote: I agree with Leon. As do I. Apache httpd can change the attack surface somewhat, but if requests can still come from an untrusted remote client through to the application server, then you still have to

RE: [Hardening] Running tomcat under a specific account

2015-02-26 Thread Jan Tosovsky
On 2015-02-26 Aurélien Terrestris wrote: It makes me remember this doc which is not bad for securing Tomcat : https://www.owasp.org/index.php/Securing_tomcat This is a good one. I've also found this: http://server.dzone.com/articles/hacking-liferay-%E2%80%93-securing It would be nice to

[Hardening] Running tomcat under a specific account

2015-02-25 Thread Jan Tosovsky
Dear All, there are plenty resources mentioning it is a must to run tomcat as a dedicated user with limited permissions. Is it still true when tomcat doesn't run standalone, but via Apache web server connected via AJP? That webserver already runs in the restrictive mode. Thanks, Jan

RE: Clearing ResourceBundle cache

2014-06-03 Thread Jan Tosovsky
On 2014-06-02 Jan Tosovsky wrote: in my Java webapp I switched to UTF-8 encoded properties files. I've implemented a custom ResourceBundle http://stackoverflow.com/questions/3645491/i18n-with-utf-8-encoded- properties-files-in-jsf-2-0-appliaction but my strings are still displayed

Clearing ResourceBundle cache

2014-06-02 Thread Jan Tosovsky
Dear All, in my Java webapp I switched to UTF-8 encoded properties files. I've implemented a custom ResourceBundle http://stackoverflow.com/questions/3645491/i18n-with-utf-8-encoded-propertie s-files-in-jsf-2-0-appliaction but my strings are still displayed incorrectly. The original ASCII

RE: Compressed SVG support (*.svgz) in Tomcat

2013-12-29 Thread Jan Tosovsky
On 2013-12-28 David Law wrote: On 28/12/2013 19:34, Christopher Schultz wrote: What type of data do you have on the disk? Its all standard stuff. As specified by W3C, compressed SVG's are just SVG's (which are just XML) compressed with gzip, with a Mime-Type of image/svg+xml, and

RE: Visible passwords in realm

2013-11-20 Thread Jan Tosovsky
On 2013-11-20 williamissey...@tsys.com wrote: Is there any way to not have the password visible in the realm for example for active directory realm? You can extend the default JNDIRealm: import org.apache.catalina.realm.JNDIRealm; import org.slf4j.Logger; import org.slf4j.LoggerFactory;