?
For the educational/hardening aspect, it could be nice to team up
with/involve OWASP?
I am surely interested to pitch in on this topic!
Kind regards,
Maarten van Hulsentop
Op di 29 sep. 2020 om 13:26 schreef Mark Thomas :
> Hi all,
>
> We (the Tomcat community) have some funding fr
lt
- Modify [tomcat]/conf/web.xml, change url pattern
/ to /*
(for default)
- PUT possible
- GET retrieves the content for the JSP -> not vulnerable right now?
Thank you for your feedback,
Regards,
Maarten van Hulsentop
Dear Tomcat users,
We are using Apache Tomcat 7 to run our product on, using a number of
features of the Tomcat product, such as the SPNego mechanism. For security
reasons we keep up with the latest supported versions of both Tomcat and
the Oracle JRE. Lately, we have found out that the
practices?
Thank you!
Regards,
Maarten van Hulsentop
Hello all,
We are encountering an issue with the use of the SingleSignOn valve and
SPNego and are looking for a best practice on this. Let me describe our
situation;
Our suite consists of multiple end-user webapplications but also a few
webapplications that accept interaction from other systems.
Hello Violeta,
On the security vulnerability site https://tomcat.apache.org/security-7.html,
issue
CVE-2014-0050http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050is
still reported to be fixed in 7.0.51, which is stated as not yet
released.
I assume the fix is delivered in 7.0.52 as
to me, once we
have migrated to Tomcat 8.
Regards,
Maarten
2014/1/1 Christopher Schultz ch...@christopherschultz.net
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Leo,
On 12/31/13, 3:58 PM, Leo Donahue wrote:
On Dec 31, 2013 3:15 AM, Maarten van Hulsentop
maar...@vanhulsentop.nl wrote
opinions about this, things i missed, or (even better!)
your solution :)
Thank you in advance!
Regards,
Maarten van Hulsentop
://www.sergefonville.nl
2013/12/31 Maarten van Hulsentop maar...@vanhulsentop.nl
Hello,
We are using Tomcat to host a number of web applications as a uniform
solution. We trying to implement something that seems to be an odd
requirement, even though it is really a use case for us.
We would like
?
Regards,
Maarten van Hulsentop
10 matches
Mail list logo