Enabling SSL on Tomcat 6
Hello, I am trying to enable SSL on Tomcat 6 without any luck. I am using a self signed cert. I have placed my entries in the server.xml file below. Any thoughts on what I am doing wrong? I also pasted below the steps that I used to generate the cert. Connector port=443 protocol=org.apache.coyote.http11.Http11NioProtocol maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true clientAuth=false sslProtocol=TLS SSLEngine=on SSLCertificateFile=/ssl/server.csr SSLCertificateKeyFile=/ssl/server.key SSLPassword=password / WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLEngine' to 'on' did not find a matching property. Jan 17, 2011 9:50:54 PM org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLCertificateFile' to '/ssl/server.csr' did not find a matching property. Jan 17, 2011 9:50:54 PM org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLCertificateKeyFile' to '/ssl/server.key' did not find a matching property. Jan 17, 2011 9:50:54 PM org.apache.catalina.startup.SetAllPropertiesRule begin WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'SSLPassword' to 'password' did not find a matching property. Steps to create a cert: #selfsigned cert using openssl openssl genrsa -des3 -out server.key 1024 openssl req -new -key server.key -out server.csr cp server.key server.key.org openssl rsa -in server.key.org -out server.key openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt keytool -genkey -alias tomcat -keyalg RSA -keystore /ssl/tomcatks keytool -certreq -alias tomcat -file tomcat.csr -keystore /ssl/tomcatks echo 02 serial.txt openssl x509 -CA server.crt -CAkey server.key -CAserial serial.txt -req -in tomcat.csr -out tomcat.cer -days 365 keytool -import -alias serverCA -file server.crt -keystore /ssl/tomcatks - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Windows Authentication against multiple domains
Hello, We have this capability in our open source identity and access management solution where you can use more then one use more then one repository for authentication. You may be able to use just the authentication service as taking on the rest of it may be more then what you need. The project is OpenIAM on sourceforge. We will be putting a new release this weekend. If you are interested in taking a look, let me know and I can send you a link. Regards Suneet On 2/9/07, Uwe_77 [EMAIL PROTECTED] wrote: Sure, I will let you know. Perhaps we need third party tools. Doese someone knows a solution? -- View this message in context: http://www.nabble.com/RE%3A-Windows-Authentication-against-multiple-domains-tf3203321.html#a8895171 Sent from the Tomcat - User mailing list archive at Nabble.com. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Classloader or Security Issue?
Hello, I am trying to call an EJB from tomcat 5.5.20. The EJB is is located on Websphere 6.1. I am able to get the JNDI context, but when I lookup the bean, I get the exception below. I confirmed that its not a classpath issue as the ibmorb.jar, which contains the UtilDelegateImpl class, is in the common/lib directory in tomcat. This problem is only happening on Solaris. Both tomcat and WAS 6.1 are on Solaris. When I run this on Windows, it works just fine. Any thoughts on what this could be and how I can get around this? Thanks in advance. SEVERE: An exception or error occurred in the container during the request processing java.lang.NoClassDefFoundError: com/ibm/CORBA/iiop/UtilDelegateImpl at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:620) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124) at java.net.URLClassLoader.defineClass(URLClassLoader.java:260) at java.net.URLClassLoader.access$100(URLClassLoader.java:56) at java.net.URLClassLoader$1.run(URLClassLoader.java:195) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at java.lang.ClassLoader.loadClass(ClassLoader.java:299) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:268) at java.lang.ClassLoader.loadClass(ClassLoader.java:299) at java.lang.ClassLoader.loadClass(ClassLoader.java:299) at java.lang.ClassLoader.loadClass(ClassLoader.java:251) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:242) at javax.rmi.CORBA.Util.loadDelegateClass(Util.java:358) at javax.rmi.CORBA.Util.createDelegateIfSpecified(Util.java:342) at javax.rmi.CORBA.Util.clinit(Util.java:53) at com.ibm.rmi.corba.PluginRegistry.instantiatePlugins(PluginRegistry.java :116) at com.ibm.rmi.corba.ORB.instantiatePlugins(ORB.java:1386) at com.ibm.rmi.corba.ORB.orbParameters(ORB.java:1298) at com.ibm.rmi.corba.ORB.set_parameters(ORB.java:1206) at com.ibm.CORBA.iiop.ORB.set_parameters(ORB.java:1662) at org.omg.CORBA.ORB.init(ORB.java:337) at com.ibm.ws.orb.GlobalORBFactory.init(GlobalORBFactory.java:86) at com.ibm.ejs.oa.EJSORBImpl.initializeORB(EJSORBImpl.java:179) at com.ibm.ejs.oa.EJSClientORBImpl.init(EJSClientORBImpl.java:83) at com.ibm.ejs.oa.EJSClientORBImpl.init(EJSClientORBImpl.java:59) at com.ibm.ejs.oa.EJSORB.init(EJSORB.java:102) at com.ibm.ws.naming.util.Helpers.getOrb(Helpers.java:309) at com.ibm.ws.naming.util.WsnInitCtxFactory.getInitialContextInternal( WsnInitCtxFactory.java:392) at com.ibm.ws.naming.util.WsnInitCtx.getContext(WsnInitCtx.java:117) at com.ibm.ws.naming.util.WsnInitCtx.getContextIfNull(WsnInitCtx.java:712) at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:171) at javax.naming.InitialContext.lookup(InitialContext.java:351) at com.diamelle.revproxy.policy.RemoteContext.lookup(Unknown Source) at com.diamelle.revproxy.plugin.TomcatProxyValve.invoke(Unknown Source) at org.apache.catalina.core.StandardEngineValve.invoke( StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java :148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection (Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket( PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt( LeaderFollowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run( ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595)
Classpath Issue
Hello, I am working in creating a proxy that will run in Tomcat 5.5. I have the module registered in the server.xml. The module needs to communicate with some ejbs running on Websphere 6.1. I placed the necessary IBM jar files in the tomcat/common/lib directory. On a a windows box, it works fine. However, on Solaris, I keep getting NoClassDefFound errors even though I have confirmed that the classes are in the jars. Any thoughts on what could be causing this? or should I place the files elsewhere to include them in the classpath? Thanks in advance. Suneet
Securing Tomcat
Hello, I am using Tomcat as a Reverse Proxy through a pluggin that we have built. One of the questions that I am being asked is how do we make the installation of tomcat secure as it needs to be placed in the DMZ. Is there any place where I can find a list of known security issues in Tomcat and how to harden it so that its less prone to attack. Thanks Suneet
Re: Securing Tomcat
Thanks Darren and Satya. I will check these. Regards Suneet On 1/19/07, Darren [EMAIL PROTECTED] wrote: http://www.owasp.org/index.php/Securing_tomcat covers some areas which may be of interest to you. On 19 Jan 2007, at 14:04, Suneet Shah wrote: Hello, I am using Tomcat as a Reverse Proxy through a pluggin that we have built. One of the questions that I am being asked is how do we make the installation of tomcat secure as it needs to be placed in the DMZ. Is there any place where I can find a list of known security issues in Tomcat and how to harden it so that its less prone to attack. Thanks Suneet - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Classpath Issue
Hi Satya, I am using RMI (IIOP) to communicate with Webpshere. How can I increase the debug level? Sorry, I am a little new to this. Regards Suneet On 1/19/07, Satya Narayan [EMAIL PROTECTED] wrote: Sunnet, Cheers, Satya - Original Message From: Suneet Shah [EMAIL PROTECTED] To: users@tomcat.apache.org Sent: Friday, 19 January, 2007 8:58:50 AM Subject: Classpath Issue Hello, I am working in creating a proxy that will run in Tomcat 5.5. I have the module registered in the server.xml. The module needs to communicate with some ejbs running on Websphere 6.1. I placed the necessary IBM jar files in the tomcat/common/lib directory. On a a windows box, it works fine. However, on Solaris, I keep getting NoClassDefFound errors even though I have confirmed that the classes are in the jars. I think you have placed it in the proper place. I am not really sure of its failure in Solaris if it worked in Windows. The classloader of tomcat should be OS independent. Any thoughts on what could be causing this? or should I place the files elsewhere to include them in the classpath? I suggest you increase the debug level and see the way it is loaded and where exactly it is throwing this issue. Also, what is the mode of comm between TC and WS. Is it JMS/RMI or some other mechanism?? Thanks in advance. Suneet __ Yahoo! India Answers: Share what you know. Learn something new http://in.answers.yahoo.com/