single host.
>>> That's just not possible with the one-attribute-to-rule-them-all
>>> configuration
>>> where everything is on the element.
>>>
I have tried all the fancy new cert options and they are cool.
And I do agree that it's more readable.
What woul
doc/config/http.html#SSL_Support
Peter
> Am 10.08.2022 um 00:15 schrieb James H. H. Lampert
> :
>
> I think this may have come up before, but I don't recall how it was resolved.
>
> On customer box #1, I have:
> address=""
> maxThrea
;>> that
> >>> may
> >>>> be in there (e.g. passwords).
> >>>>
> >>>> -chris
> >>>>
> >>>
> >
> > The error says that the client and the server couldn’t find a common
> cipher suite.
> > They couldn’t agree on any cipher.
> > Does your keystore contain a valid private key?
>
> The problem is likely that Tomcat 6 (which is ancient) defaults to TLSv1
> and no higher (this is a guess; I'm not bothering to look at a
> 14-year-old version of Tomcat to figure out what the problem really is).
> The client isn't willing to connect to such an ancient version of any
> protocol, so it fails with the handshake failure.
>
> > Maybe you can try to print out all available cipher suites on your
> environment:
> >
> https://stackoverflow.com/questions/9333504/how-can-i-list-the-available-cipher-algorithms
> > You can add the code to a jsp-page and print out the available
> algorithms.
>
> Try explicitly setting the "enabled protocols" to "TLSv1, TLSv1.1,
> TLSv1.2, TLSv1.3" -- however that's done in that dinosaur of a Tomcat
> version. It might be enabledProtocols="..." if might be
> SSLProtocols="..." and it might have a lot to do with whether or not
> APR/native is being used, too.
>
> -chris
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Could this be an issue with the java jdk security disabled algorithms.
Later versions of jdk 8 disabled TLSv1 and TLSv1.1 by default, and you have
to change the jre/jdk conf/security/java.security file to fix it for older
use cases.
--
*Peter Chamberlain*
This is what I am using. Hope this helps.
https://orclcs.blogspot.com/2017/04/enable-hsts-in-tomcat.html
On Thu, Apr 28, 2022 at 3:11 PM Kaushal Shriyan
wrote:
> Hi,
>
> I am running the tomcat version 9.0.56 on CentOS Linux release 7.9.2009
> (Core) and trying to configure HTTP Strict
Chris,
> Am 14.04.2022 um 23:21 schrieb Christopher Schultz
> :
>
> Peter,
>
>> On 4/14/22 03:45, Peter Kreuser wrote:
>> Chris,
>>>> Am 13.04.2022 um 21:37 schrieb Christopher Schultz
>>>> :
>>> All,
>>> I asked this
s Do you know testssl.sh? If I want to know how to handle a specific tls
problem I check in Dirk's code and start from there...
Peter
> Thanks,
> -chris
>
> -
> To unsubscribe, e-mail: u
PostConstruct is for dependency-injection. A vanilla tomcat does no dependency
injection. Can you confirm you have a vanilla tomcat?
Kind regards
Peter Rader
--
Fachinformatiker AE / IT Software Developer
Peter Rader
Wilsnacker Strasse 17
10559 Berlin - GERMANY
Tel: 0049 (0)30 / 6 29 33 29 6
hostname.
Hope this helps.
On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> Peter,
>
> On 3/24/22 14:54, Peter Chiu wrote:
> > I will email you directly. For the group knowledge, there is nothing
> > special you need to do on
Application builder->Your application->Shared Components->Application
Definition Attributes->Properties->Friendly URLs
On Thu, Mar 24, 2022 at 3:25 PM rupali singh
wrote:
> Hi,
>
> How we can enable friendly url in apex?
>
>
>
> On Fri, Mar 25, 2022, 12:48
Have you consider doing the following
1. custom URL/domain, and
2. enable Friendly URLs in APEX
On Thu, Mar 24, 2022 at 3:09 PM Felix Schumacher <
felix.schumac...@internetallee.de> wrote:
>
> Am 24.03.22 um 19:23 schrieb rupali singh:
>
> hi,
>
> yes context name is apex.
>
> Good to know.
>
>
I will email you directly. For the group knowledge, there is nothing
special you need to do on Tomcat if it is not behind a proxy.
On Thu, Mar 24, 2022 at 1:51 PM rupali singh
wrote:
> Hi Peter,
>
> Are u using apache web server with tomcat or its only tomcat .
> if possible ca
I have a working APEX SSO against Azure AD or On-Permise AD.
On Thu, Mar 24, 2022 at 1:13 PM rupali singh
wrote:
> HI Team,
>
> We are using apex 21.1 with tomcat 9.54.
> we want to implement SSO for application deployed in Apex with IDCS
> reference URL :
>
>
!
Peter
gpg --verify apache-tomcat-9.0.56.tar.gz.asc.txt apache-tomcat-9.0.56.tar.gz
gpg: Signature made Thu Dec 2 09:31:59 2021 EST using RSA key ID 359E722B
gpg: requesting key 359E722B from hkps server
hkps.pool.sks-keyservers.net<http://hkps.pool.sks-keyservers.net>
gpgkeys: HTTP fetch e
to solve the bug your developers are in charge IMO. Please provide the
stacktrace to your developers in order to solve the problem.
Kind regards
Peter Rader
--
Fachinformatiker AE / IT Software Developer
Peter Rader
Wilsnacker Strasse 17
10559 Berlin - GERMANY
Tel: 0049 (0)30 / 6 29 33 29 6
Fax: 0049
Chris,
> Gesendet: Donnerstag, 09. September 2021 um 22:15 Uhr
> Von: "Christopher Schultz"
> An: users@tomcat.apache.org
> Betreff: Re: Aw: tomcat hangs
> Peter,
>
> On 9/9/21 08:21, Peter Rader wrote:
> > I might noticed a simmilar issue: I ran the JVM in
I might noticed a simmilar issue: I ran the JVM in a linux OS on a VM (in
virtualbox btw). The jdk for some reason request a random number. The JDK asks
the LinuxOS for a new random number (maybe in the hope to use a hardware-based
TRNG). Since this linux in virtualbox is not-so low-level the
iner, it starts for a few seconds and
> stops (port 8080 listens for a while). Nothing in logs.
>
> $ catalina.sh run (tried with "jpda start" or "debug" options as well)
> $ ps aux |grep java --> show the pro
43]
>>
>
The ssl-Options are not attributes on the connector, but the SSLHostConfig
http://tomcat.apache.org/tomcat-10.0-doc/config/http.html#Common_Attributes
http://tomcat.apache.org/tomcat-10.0-doc/config/http.html#SSL_Support
On Mon, 12 Apr 2021, 09:07 Mark Thomas, wrote:
> On 11/04/2021 11:03, Peter Chamberlain wrote:
>
>
>
> > I've been investigating this some more, as I'm not convinced nio2 isn't
> > behaving strangely in this case. I think there may of been some sort of
> > rever
On Fri, 9 Apr 2021 at 18:12, Peter Chamberlain
wrote:
>
>
> On Fri, 9 Apr 2021, 14:10 Christopher Schultz, <
> ch...@christopherschultz.net> wrote:
>
>> Peter,
>>
>> On 4/9/21 06:53, Peter Chamberlain wrote:
>> > Hello,
>> > I've been t
On Fri, 9 Apr 2021, 14:10 Christopher Schultz,
wrote:
> Peter,
>
> On 4/9/21 06:53, Peter Chamberlain wrote:
> > Hello,
> > I've been trying to understand the behaviour of tomcat when handling
> > internal redirects. I'm testing using tomcat 9.0.38. I'm testing using
On Fri, 9 Apr 2021, 14:29 Mark Thomas, wrote:
> On 09/04/2021 11:53, Peter Chamberlain wrote:
> > Hello,
> > I've been trying to understand the behaviour of tomcat when handling
> > internal redirects. I'm testing using tomcat 9.0.38. I'm testing using
> > jdk8 1.8.0_2
Apologies if this has been covered elsewhere before, I have been
searching but haven't found anything particularly clear covering this.
Best regards, Peter
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
f" is always executed, and s is always null.
>
> If you switch the operands, the compiler will fail because you can't assign a
> value to null:
>
> if(null = s ) {
>// Compiler will refuse to compile
> }
>
Isn‘t it true that only one bit difference would result
--x7h.example.com in
Chrome, Edge and Firefox (did not test more).
How to remain with emoji IDN in the browser URL?
Kind regards
Peter Rader
--
Fachinformatiker AE / IT Software Developer
Peter Rader
Wilsnacker Strasse 17
10559 Berlin - GERMANY
Tel: 0049 (0)30 / 6 29 33 29 6
Fax: 0049 (0)30 / 6 29 33 29 6
cat-9.0-doc/ssl-howto.html
>>> http://tomcat.apache.org/tomcat-10.0-doc/ssl-howto.html
>>>
>>> ```
>>>
>>> >> protocol="org.apache.coyote.http11.Http11NioProtocol"
>>> port="8443" maxThrea
ser, it complained,
> something to the general effect of "weak signature algorithm."
>
I guess they never upgraded their CA and still sign the certs with SHA1 or even
MD5.
They should change that for sure!
Peter
> While it's not really my problem (and is only connected t
On Mon, 12 Oct 2020 at 14:50, Mark Thomas wrote:
> On 12/10/2020 13:53, Mark Thomas wrote:
> > On 12/10/2020 12:49, Mark Thomas wrote:
> >> On 12/10/2020 12:19, Peter Henderson wrote:
> >>> Hello fellow tomcat users.
> >>>
> >>> My enviro
seeing this exception when I upgraded my projects build tool
version
from
sbt.version=1.3.10
to
sbt.version=1.4.0
Is this a tomcat bug, a build tool bug or most likely something I'm doing
wrong?
Thanks
Peter.
[0]
https://github.com/bollinger/NegativeDate
[1]
https://github.com/bollinger
!
To me a bug in the scanner plugin!
My 2ct.
Peter
> Am 27.08.2020 um 09:47 schrieb Mark Thomas :
>
> On 27/08/2020 06:31, Terence M. Bandoian wrote:
>> On 8/26/2020 11:27 PM, Pratik Shrestha wrote:
>
>
>
>>> For me, there are two options for the fix which I am no
Tomcat version 7 used to send the error 'ERR_EMPTY_RESP' which
> should still be okay.
>
> We already tried to find the fix for this issue on the web but in vain.
>
> Kindly help if anyone has found a way to fix it.
>
> Regards,
> Pratik
Peter
--
Hello Mohan,
please tell if you are using
1. the JSP technology inside the application
2. what JDK version on server-side
Kind regards
Peter Rader
--
Fachinformatiker AE / IT Software Developer
Peter Rader
Wilsnacker Strasse 17
10559 Berlin - GERMANY
Tel: 0049 (0)30 / 6 29 33 29 6
Fax: 0049
her bugzilla or the
release notes!
> Please suggest the probable fix to make this smooth.
>
For now it maybe as simple as sending SIGKILL to the java process.
Apparently some resources in your app don‘t want to terminate.
My 2ct.
Peter
>> On Sat, Jul 25, 2020 at 11:03 AM Kushagra Bin
g/docs/2.4/mod/mod_proxy.html#proxypass
>
> Apparently, the documentation would recommend something like the following:
>
>
>ProxyPass "!"
>
>
>ProxyPass "!"
>
>
> I think that the above is probably easier to read and more spe
> Betreff: Re: Aw: Re: /META-INF/resources/ and Chrome's DevTools
> On 06/04/2020 09:16, Peter Rader wrote:
> > Hello Konstantin Kolinko,
> >
> > I tried to use the PreResource but it does not work.
> >
> > 2020-04-06 10:13:05 WARNUNG org.apache.tomcat.util.
ssary for your tomcat application need to be sent or
maybe rewritten.
You may need to set the correct attributes on your connector, so the URLs are
correctly rewritten (port 8080/8443 in tomcat should be https 443 to the
outside! Cookies may
Any idea?
>
> Gesendet: Montag, 16. März 2020 um 01:01 Uhr
> Von: "Konstantin Kolinko"
> An: "Tomcat Users List"
> Betreff: Re: /META-INF/resources/ and Chrome's DevTools
> ??, 15 ???. 2020 ?. ? 13:47, Peter Rader :
> >
> > I have my def
ntext]
>
Since beside the frontend.jar I have other jars who serve static resources.
This means I must have multiple docBases what is not possible AFAIK.
>
> Best regards,
> Konstantin Kolinko
Kind regards
Peter Rader
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
I wrote a little WebFilter for this task.
https://github.com/enexusde/devtools-tomcat-bypass
Kind regards
Peter Rader
--
Fachinformatiker AE / IT Software Developer
Peter Rader
Wilsnacker Strasse 17
10559 Berlin - GERMANY
Tel: 0049 (0)30 / 20 9930560
Fax: 0049 (0)30 / 20 9930561
Handy: 0049 (0
. Pack the war
3. Redeploy the war.
This process takes a length of about 5 minutes. It is reloading the application
and package the jars/wars for the sake of 1 byte change.
The Question:
Can I map a single resource to a file dynamically without reloading the
application.
Kind regards
Peter
I am pretty sure that you could use the JVM/JDK's endorsed folder. They usually
have their place in \lib\endorsed .
Kind regards
Peter Rader
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional command
if - a WAR is rejected because of its size, the Manager would
never ever write "Hey dude, I am deploying your web application XXX!". Right?
Anyway I found it by myself.
> On 2/2/20 4:48 PM, Peter Rader wrote:
> > The old version of the application had a daemon that hav
> Please post updates to the original thread.
This is the original thread.
> As suggested in the original thread, it was a permissions issue ...
> permission denied because the port was already in use : )
Why do you think it is a permission issue? I already disproved that! How can
you break it
The old version of the application had a daemon that have not yet finished his
execution.
Unfortuantely there is no further logging why the old version not stoped yet.
I expected to have the "mvn redeploy" waiting forever for this deamon-locked
problem. What I can not do is write a bug report
Thank you for your reply.
> Always look for the last "Caused by" in a stack trace for root cause. An
> "IOException: Error writing to server" is indicative of a permissions
> issue - I would start there, possibly the user account running the process.
As pointed out in No. 3 the log said that the
0 FINE [http-nio-80-exec-6]
org.apache.coyote.http11.Http11InputBuffer.parseRequestLine Received [PUT
/manager/text/deploy?path=xxx==true HTTP/1.1
Please notice the two deployment threads: -6 and -5
Any ideas?
Kind regards
Peter Rader
--
Fachinformatiker AE / IT Software Developer
Peter
Chris,
> Am 28.01.2020 um 18:02 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Peter,
>
>> On 1/28/20 11:30 AM, Peter Kreuser wrote:
>> Peter Kreuser
>>> Am 28.01.2020 um 16:34 schrieb Christopher
Chris,
Peter Kreuser
> Am 28.01.2020 um 16:34 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Peter,
>
>>>>> On 1/27/20 3:35 PM, logo wrote:
>> Could you try
>> openssl pkcs12 -export -in my.crt -
Hi Palod,
i think you can do it with:
JAVA_OPTS="$JAVA_OPTS -Djavax.net.debug=ssl,handshake"
Regards
peter
Von:"Palod, Manish"
An: "users@tomcat.apache.org"
Datum: 16.01.2020 15:58
Betreff:Tomcat 7: Access Valve pattern cipher, SSL P
- Weitergeleitet von Peter Köhler/BN/DWD am 15.01.2020 15:50 -
Von:Peter Köhler
An: "Tomcat Users List"
Datum: 15.01.2020 15:49
Betreff:Antwort: Tomcat9, JSP, CSS and JS not loading in Firefox
Von:Léa Massiot
An: users@tomcat.apache.org
Datum: 15.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Dear Lea,
maybe
https://stackoverflow.com/questions/48248832/stylesheet-not-loaded-because-of-mime-type
helps.
Regards
Peter
"
I have thought that clientAuth="want" andsslProtocol="TLS" allow
X509 authentification over tomcat-users.xml .
What can i do to solve that problem?
Thanks
Peter
Peter,
> Am 13.01.2020 um 16:49 schrieb Peter Rader :
>
>
>> Peter,
>> Can you find what you are looking for here?
>>
>> >
>> ?
>
> No! There is no such node or any similar content. And there simply can not be
> such a node because all th
> Peter,
>
> Can you find what you are looking for here?
>
>
>
>
> ?
No! There is no such node or any similar content. And there simply can not be
such a node because all the connector-xml-nodes are self-closing as you might
have already noticed. AFAIK I should not c
m
> > org.apache.coyote.http11.Http11Protocol
> > to
> > org.apache.coyote.http11.Http11NioProtocol
>
> Full Connector configurations (with sensitive data masked)?
TC8=
TC9=
Masks:
- XXX keystore CA
- keystore or truststore
I recently moved from T8 to T9 to use PKI.
My keystore contains multiple CAs.
I had to modify the ssl-connector from
org.apache.coyote.http11.Http11Protocol
to
org.apache.coyote.http11.Http11NioProtocol
Unfortunately the attribute "keyAlias" seems to not be supported in the NIO
Zahid,
you‘re talking to one of the most respected members of the community like this?
STFU or leave.
This calls for an ban!
Peter
> Am 08.01.2020 um 06:06 schrieb Zahid Rahman :
>
>
>>
>> A version of what?
> MAVEN
> MAVEN
> MAVEN
>
> In light of thi
lement and is that complexity justified by the benefit it brings?
>
Just thinking how to handle “n” Host headers at various locations in the
request... 8-0
> At this point, I'm not sure.
>
> So far we are looking at a feature required b
header field and to any
> request message that contains more than one Host header field [[WITH A
> CONFLICTING VALUE]]] or a Host header field with an invalid field-value.
> "
That would be a good idea - maybe only in conjunction with setting
rejectIllegalHeaderName=false
If
ration of concerns, add a separate user with a longer one and shell
friendly password only with the role below...
> Or do I need to give the manager user an additional role? Currently, I have:
>
manager-jmx
(and maybe for other script-actions manager-script)
Peter
> --
> JHHL
&
# Completed on Mon Jan 6 21:17:22 2020
>
> Other than the one obvious line near the bottom,
>> -A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
> I'm not entirely sure what all of this means, nor do I remember what I did to
> set it up.
Heureka!
So you may
same that you did for 443
forwarding to redirect 80 to tomcat port 8080.
IIKS, hope I was not too confusing???
Peter
Peter Kreuser
> Am 30.12.2019 um 20:01 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> James,
>
> On 12/2
James,
> Am 28.12.2019 um 00:33 schrieb James H. H. Lampert :
>
>
>>>
>>> Am I to understand that Tomcat 8.5.40 can use the ".cer," ".ca.crt" and
>>> ".key" files directly, instead of the Java Keystore file?
Correct!
> If so, then that could potentially simplify things: if I have HTTPD
Chris,
Peter Kreuser
> Am 27.12.2019 um 21:14 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
>>
> but the idea is that certbot has "plug-ins" and we'd need to
> supply a "tomcat" plug-in that d
Mark,
Peter Kreuser
>> Am 16.12.2019 um 16:05 schrieb Mark Thomas :
>>
>> On 16/12/2019 12:55, Mark Thomas wrote:
>>> On 15/12/2019 09:33, logo wrote:
>>
>>> Mark can you confirm that this is a bug?
>> Confirmed.
>> I'm looking
t;> >>> className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener"
>>>> rmiRegistryPortPlatform="10001" rmiServerPortPlatform="10002"
>>>> useLocalPorts="true" />
>>>>
>>>>
>>>> Upon startup I see in logs : INFO [ma
Mark,
Peter Kreuser
>>> Am 03.12.2019 um 14:31 schrieb Mark Thomas :
>> On 03/12/2019 12:50, logo wrote:
>> Sumit,
>> Am 2019-12-03 13:11, schrieb Sumit Bhardwaj:
>>> Hi Experts,
>>> We have a requirement from a customer, where in case of 404, wh
Chris,
> Am 13.11.2019 um 02:35 schrieb Christopher Schultz
> :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Peter,
>
>> On 11/10/19 19:05, Peter Kreuser wrote:
>> Chris,
>>
>>>
>>> Am 09.11.2019 um 03:58 schri
isn't
> request-specific).
>
> Would it be inappropriate to add the CSRF_NONCE to the request
> attributes so that application code could use it directly if
> necessary? Something like this:
>
>
> ...
> value="<%= request.getAttribute("CSRF_NONCE") %&g
Hi James,
Peter Kreuser
> Am 02.10.2019 um 08:05 schrieb
> :
>
> Tomcat 7.0.63 and above.
>
> Navigate to the tomcat conf directory and open the web.xml with a text editor.
>
> In the filter section of the web.xml add the following filter
>
Isn‘t that what client certs are for?
Https to identify Server A, Client cert to authenticate Server B?
Message integrity should then be unnecessary?!
Or am I missing a piece?
Peter
> Am 09.09.2019 um 21:10 schrieb M. Manna :
>
> Why not use JWT cookies/tokens? You sign your claims
Jessica,
Peter Kreuser
> Am 07.08.2019 um 14:33 schrieb Alten, Jessica-Aileen
> :
>
> Dear all,
>
> I have a problem with the Tomcat 9.0.22 configuration for TLSv1.3 using
> jdk8u222-b10_openj9-0.15.1 on Windows Server 2016. In principle TLSv1.3
> works, but I wan
, but as your keystore is causing troubles, I‘m
not really able to troubleshoot that.
After all, you may have to reread on cert handling with keytool vs. openssl.
I prefer the openssl way ;-).
Peter
Peter Kreuser
> Am 06.08.2019 um 19:50 schrieb Munzer Khatib :
>
> Hi Peter
> I dont have
t the PEM to
pkcs12/keystore format
Care to try the following command?
openssl pkcs12 -export -in cert.pem -inkey privkey.pem -name tomcat -certfile
fullchain.pem -passout pass:changeit -out jssekeystore
Peter
> I am not sure why but it seems the new one is not linking all cert
; let it completely freak out.
Just for the test of it: great idea!
But one of the first hardening actions on Tomcat is to disable standard error
pages and version info. Server header removed (set to IIS if you like!)
You
H_AES_256_GCM_SHA384
>
> ... calling the others "weak". I think that's because they consider
> anytning that isn't using ECDHE+GCM to be "weak". Well, it's the best
> we can do right now without going up to TLSv1.3.
>
> Anyhow, if the client
Java. Unless you set specific values on the connection.
Or on the commandline.
Could you please let us know the Java version and maybe the Connection
settings? JAVA_OPTS?
> --
> James H. H. Lampert
>
> --
---
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
Just my 2ct
Peter
-
To unsubscribe,
atalina.realm.RealmBase.hasResourcePermission No role found:
> TOPS_INTL_FIELD_USER_MIA
> 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed
> accessControl() test
>
>
>
> The error mess
alter session set NLS_NUMERIC_CHARACTERS
= '.,'") into the context.xml file in the app. META-INF directory:
But still not working.
Has somebody idea how to solve it?
thank you
Peter
Hi Luis,
Its alright. I have uninstalled tomcat on zos USS and will attempt to run an
install using the tomcat JCL instead.
Thanks anyway.
Peter
-Original Message-
From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com]
Sent: 25 March 2019 12:55
To: Tomcat Users List
Subject: Re
or is there an error with my
config with permissible usernames.
Regards
Peter M Henriques
Support Engineer - Mainframe Support Group
D: +44-1293-872072 | T: +44-1293-872000 | www.macro4.com<http://www.macro4.com/>
[cid:image001.png@01D4E2EB.B0AA26C0]<http://www.macro4.com/>
[cid:
Hi James,
> Am 18.03.2019 um 23:49 schrieb James H. H. Lampert :
>
> I've just (same customer as before) been asked about
> ECDHE-ECDSA-CHACHA20-POLY1305
> and ECDHE-RSA-CHACHA20-POLY1305
>
> and I can't find either one on the Sun or IBM JSSE cipher lists for Java 8.
>
Most certainly only
Oh,
and yes I’ve heard about them and used the RSA version!
Peter
> Am 18.03.2019 um 23:49 schrieb James H. H. Lampert :
>
> I've just (same customer as before) been asked about
> ECDHE-ECDSA-CHACHA20-POLY1305
> and ECDHE-RSA-CHACHA20-POLY1305
>
> and I can't find either
Hi Mark,
I have resolved this issue. I apparently chose the wrong java location and
config. There is a pre installed IBM JDK pack. I used this one rather then the
one I installed(OpenJDK) and can start up Tomcat now.
Thanks
Peter
-Original Message-
From: Mark Thomas [mailto:ma
HI,
I also saw this issue that could be related:
https://serverfault.com/questions/824107/authorization-required-to-install-jzos-batch-launcher/824367
Regards
Peter
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: 12 March 2019 11:41
To: users@tomcat.apache.org
Hi,
Apologies...8.5.38
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: 12 March 2019 11:41
To: users@tomcat.apache.org
Subject: Re: Issue with TomCat 8.5 under z/OS2.3 and USS
On 12/03/2019 11:32, Peter Henriques wrote:
> Hello,
>
>
>
> My Envi
s reasons for this error. The closest or more
relevant issue I have seen is :
http://www-01.ibm.com/support/docview.wss?uid=swg1PM54627
I have even attempted to use su under USS shell but it just ignores this
authority.
Is there a way I can modify the supplied JCL(TCJOB, TCENV) to add superuser
privi
body else? You may
need help from the developer.
Best regards
Peter
>> On Wed, Feb 27, 2019 at 9:20 PM logo wrote:
>>
>>
>> Hello Nitin,
>>
>> Am 27.02.2019 16:34, schrieb Nitin Kadam:
>>
>> > Hello Team,
>> >
>> > I
, the right settings for your needs and intensive
testing. You may really break inline Javascript in your pages (css too).
Please check out the great websites of Scott Helme on the Headers
https://Securityheaders.io or https://scotthelme.co.uk/csp-cheat-sheet/
Peter
> Am 19.02.2019 um 19:13 schr
d examples webcontext. The are a
couple more hardening suggestions.
But keep the updates coming. 8.5.13 is a bit aged and the next scan will come.
Just the 2cts of an application security guy.
Peter
> Tripwire isn't trying to see if HTTP PUT is enabled. He is opening a false
> positi
Tomcat 8.5.32
>> 12085
>> Apache Tomcat Default Files
>> The following default files were found
>> :/nessus-check/default-404-error-page.html
>> Delete the default index page and remove the example JSP and servlets.
did you also remove the default files under we
unsubscribe
>> Again, many thanks.
>
> No problem. Happy to help. Thanks for your assistance with this issue.
> Your test case and debug logs were invaluable. I couldn't have fixed
> this without them.
>
> Mark
>
Do you mind to share more about the root cause? I’ve followed this mail
communication from the start and am curious.
Let me tell you that your endurance on all the tricky issues here is admirable!
Thank you for that!
Peter
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
hank You;
>
> Chris Cheltenham
> Technology Services
> The School District of Philadelphia
>
> Work # 215-400-5025
> Cell # 215-301-6571
Best regards
Peter
the once used
session with stored values alive.
That is essentially not a requirement to tomcat but to the developer who
implements the webapp.
If that would always be the case (and of course for tomcat to keep track of
active ids) would make session id reuse not a big deal.
My 2cts.
Peter
PS
BTW:
> Am 23.01.2018 um 13:56 schrieb Peter Kreuser <l...@kreuser.name>:
>
> Algirdas,
>
>
>
>> Am 23.01.2018 um 13:27 schrieb Algirdas Veitas <apvei...@gmail.com>:
>>
>> Andre, my apologies for bringing up a topic that has been repeated ad
ave access to all the information anyhow. But
any other users around will not be able to read the conf, even the java opts of
the process will be invisible.
Just my 2cts.
Peter
> Don't want to restart an old thread, so if preferred, we can stop the
> discussion. Thank you for your time.
>
)478 838336
> jean-pierre.urk...@devoteam.com
>
>
>
>
>
> Maatschappelijke zetel Devoteam NV/SA
> Belgicastraat 17 - 1930 Zaventem
> VAT: BE 0466.475.275 / RPM Bruxelles - RPR Brussel
>
>
Best regards
Peter
y try https://testssl.sh and download the script from there.
That works in internal networks.
It even simulates connects with different clients (eg Chrome)
Peter
> On Fri, Dec 22, 2017 at 9:37 AM, Thomas Delaney <tdelaney@gmail.com>
> wrote:
>
>> The site is interna
1 - 100 of 1777 matches
Mail list logo
