Re: UTF-8 charset encoding
2007/11/16, Mark Thomas [EMAIL PROTECTED]: Some standard text I wrote a while ago follows. The most useful bit is probably the URIEncoding attribute on the connector. Thanks Mark, I think I read your paper somewhere before I decided to write to this help request. In fact, if you read carefully the last paragraph of my original post, I said that I already tried setting the connector parameter URIEncoding=UTF-8. Unfortunately, this parameter is read after the first parse occurred, as I explained there, making the subsequent setting useless in terms of request body parsing. I think (I didn't investigate further) this is due a Valve I wrote that accesses the request parameters before the Connector.getURIEncoding() is invoked the first time. I solved this with another Valve (which code is copy/pasted from the SetCharacterEncodingFilter) that is invoked as the first in the chain. Thanks, TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: UTF-8 charset encoding
2007/11/19, Ognjen Blagojevic [EMAIL PROTECTED]: Which version of Struts are you using? 1.2.7 does support acceptCharset, as you can see here: Oh, yes, you're right. I'm using version 1.1, that's why probably I don't have that option available. Unfortunately I'm not allowed to upgrade to a newer version... Thanks, again TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: UTF-8 charset encoding
2007/11/19, Ognjen Blagojevic [EMAIL PROTECTED]: I suppose you are using ActionForms. Try to extend ActionForm overriding your reset method which will set the character encoding, before the parameters are processed. Something like this: well, I solved with a Valve that impose a default encoding of UTF-8. This is the perfect solution for me since I read request parameters in other valves that come after in the chain, and I want them correctly encoded. Hence, when the Struts takes control of the application, the request parameters are parsed with the already set correct encoding. Thanks, TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: UTF-8 charset encoding
2007/11/16, Mohsen Saboorian [EMAIL PROTECTED]: I don't know if this is the best solution. You can create a filter for *.* in your web.xml, with the following piece of code: response.setCharacterEncoding(UTF-8); No, unfortunately the parameters are parsed before any filter is invoked. Hence, a flag is set on the request that avoids subsequent parameters re-evaluation: parametersParsed = true; When the filter sets the character encoding, it is too late. thanks, anyway -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: UTF-8 charset encoding
2007/11/16, Tremal Naik [EMAIL PROTECTED]: No, unfortunately the parameters are parsed before any filter is invoked. Hence, a flag is set on the request that avoids subsequent I tried with valve. It looks fine now. But it's really annoying having to impose a default character encoding using a valve. Isn't it possible to tell the browser to send the encoding, somehow? Thanks, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: UTF-8 charset encoding
2007/11/16, Ognjen Blagojevic [EMAIL PROTECTED]: Did you try to put acceptCharset=UTF-8 in the form tag? well, I'm using Struts and it looks the html:form tag doesn't allow any acceptCharset attribute. I tried to set the enctype attribute, but with no effect. Thanks, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
2007/9/7, Bill Barker [EMAIL PROTECTED]: From his examples below, it looks like he wants access to the TC internals. yes, you're right For the OP's original problem, for obvious security reasons TC makes it very hard to access the internal TC objects behind the various Facades from a webapps code (e.g. a Filter). It should be pretty much impossible if you yes, I noticed it's quite hard. That's why I suspected that was not the best way to proceed. The Valve solution works quite fine. I was trying to switch to a Filter-based one since the license validation code is quite complex and I have to duplicate much of my webapp code into the server/lib folder. I'll try to redesign it better. Thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to get Request from RequestFacade
Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
That's the point, I don't know much about request/response wrapping. I don't need the Facade itself, what I need are the real Catalina Request/Response objects hidden behind it. I don't know how to get them from inside a Filter. Thanks, TN 2007/9/6, David Smith [EMAIL PROTECTED]: May I ask what exactly you want to do with the facade? Seems like you could do what you want with a request or response wrapper instead. --David Tremal Naik wrote: Hello, I'v been using a valve to perform license checking in my web application. The method invoke(Request request, Response response) had access to the Request and Response objects, allowing me to perform some advanced operations. For instance, I made use of instructions like: Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); or Session[] managedSessions = request.getContext().getManager().findSessions(); Now, I'm moving the license validation code to a Filter. How do I access org.apache.catalina.connector.Request/Response in the method doFilter()? I see that I can only cast to a RequestFacade object: public void doFilter(ServletRequest sRequest, ServletResponse sResponse, FilterChain chain) throws IOException, ServletException { RequestFacade cRequest = (RequestFacade) sRequest; .. but now, I cannot use the Facade to access the Request. How can I solve this problem? Is it desirable accessing Catalina specific object from a Filter? Should I rewrite my code/ redesign my license validation framework? It is a very complex one, hance it may require some effort. May you redirect me to some useful articles/resources? Many thanks - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
2007/9/6, David Smith [EMAIL PROTECTED]: Ok... do you need them to modify the request and/or response? Or are you trying to pull some information from the original tomcat internals? ok, I don't need to modify the Request or Response. I'm trying to read them. Maybe a Wrapper is too much... TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
2007/9/6, Tremal Naik [EMAIL PROTECTED]: ok, I don't need to modify the Request or Response. I'm trying to read them. by the way, I'd be glad if I was able to read the StandardSession. I mean, even if it's not possible reading the Request, maybe it's easier accessing the Session behind the StandardSessionFacade. Thanks, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to get Request from RequestFacade
2007/9/6, David Smith [EMAIL PROTECTED]: help. I'm still unclear as to why you need access those object. If you could say more about that, someone might be able to offer a better way to do what you want. ok, I need to access some of the Catalina Session specific features. In the Valve invoke() method I perform a call like the following: // update last access for this session Session catalinaSession = request.getSessionInternal(false); catalinaSession.access(); This is very easy to do with an HttpSession as well, but there are other things that come easy with Catalina objects and I'm not able to realise using J2EE specific interfaces, i.e.: // get all sessions active for this manager Session[] managedSessions = request.getContext().getManager().findSessions(); // find a session by ID Session session = request.getContext().getManager().findSession(id); // access the security realm Realm realm = request.getContext().getRealm(); Hence, I'd like to know if I can perform the above operations in a J2ee Filter doFilter() method. Thanks TN - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Euro symbol
Hello, I have problems with the encoding of the euro symbol. I set the charset to UTF-8 in my page: meta http-equiv=Content-Type content=text/html; charset=UTF-8 I submit a form containing the euro symbol in a client account number text field (typed in Internet Explorer in a Windows environment). I set a breakpoint on org.apache.coyote.http11.Http11Processor.process() and check in the eclipse debugger the org.apache.coyote.Request object which is passed as an argument in the adapter.service(request, response) call: encoding=ISO-8859-1 content-type=application/x-www-form-urlencoded and the following is the result of some expressions: request.getParameters().getParameter(accountNo) prints an unprintable char URLEncoder.encode(request.getParameters().getParameter(accountNo),UTF-8)=%C2%80 That is not what I expect, since the UTF-8 encoding for the EURO sign should be %E2%82%AC (correct me if I'm wrong) This causes some trouble since I'll save the client account number with a different encoding then expected. Can you clarify this to me please? -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Euro symbol
2007/4/3, David Delbecq [EMAIL PROTECTED]: as the charset used to encode parameters when submitting form. One possible way i know to prevent such problem is 1) set page encoding to utf-8 2) in the form tag add an acceptCharset=UTF-8 parameter 3) call request.setCharacterEncoding(UTF-8) before getting your first parameter. Thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat 5.5: Jre or Jdk?
Hello, excuse me for the very simple question, but I'm not able to find a reference for it. I'm trying to use Tomcat 5.5.16 with JRE 1.5 installed. When I start it complains that JAVA_HOME environment variable is required, when I set this variable as my JRE root, it complains that JAVA_HOME should point to a JDK, not a JRE. I know that 5.5 version doesn't need the JDK since it incorporates the eclipse compiler. Maybe I missed something in the configuration, can you help me, please? -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5: Jre or Jdk?
2007/3/29, Martin Gainty [EMAIL PROTECTED]: Tomcat officially requires the full JDK, because it needs javac in order to compile JSPs. If you pre-compile all your JSPs, you can get away with running tomcat on a JRE only, but you do so at your own risk. From http://tomcat.apache.org/tomcat-5.5-doc/RELEASE-NOTES.txt In addition, Tomcat 5.5 uses the Eclipse JDT Java compiler for compiling JSP pages. This means you no longer need to have the complete Java Development Kit (JDK) to run Tomcat, but a Java Runtime Environment (JRE) is sufficient. The Eclipse JDT Java compiler is bundled with the binary Tomcat distributions. Tomcat can also be configured to use the compiler from the JDK to compile JSPs, or any other Java compiler supported by Apache Ant. I set the JRE_HOME and *NOT* the JAVA_HOME, since I only have the JRE installed, but when I start tomcat it complains because the JAVA_HOME is not defined. Who is wrong here? The FAQ or the RELEASE-NOTES? thanks, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5: Jre or Jdk?
2007/3/29, Caldarale, Charles R [EMAIL PROTECTED]: was clearly aware of. Unfortunately, it often takes quite a while for the doc to catch up to reality. Not only the documents, but it looks that a bug that has been marked as resolved in version 5.5.9 has not really been resolved or reintroduced in 5.5.16 http://issues.apache.org/bugzilla/show_bug.cgi?id=32081 It really looks that the guys there at Apache don't care of us, ignorant windows users ;) -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5: Jre or Jdk?
2007/3/29, Tremal Naik [EMAIL PROTECTED]: It really looks that the guys there at Apache don't care of us, ignorant windows users ;) I quote from the bug report: I'm leaving the bug open for Windows, but I really don't care about the problem All my windows clients (who are not developers), will appreciate this ;) -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat 5.5: Jre or Jdk?
2007/3/29, Caldarale, Charles R [EMAIL PROTECTED]: I just tried it with 5.5.23, and JRE_HOME without JAVA_HOME works properly on both JRE 5 and 6. ok, thanks, I'll upgrade our clients tomcat. In the meanwhile, a small fix to the windows batches was sufficient. -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
server/lib annoys me
Hello to you all, Going further into the building of my application the percentage of classes I need to include into the server/lib folder is growing too much. In a few days all my application will be deployed there instead of the webapps folder! The point is I defined a Valve which performs license checking and it needs to access the DB. Despite I defined a business delegate to let the web tier classes accessing the business tier, I still need to include in the server/lib area all the classess necessary to perform a db call. When I deployed my application in Jboss I didn't need to do all this mess. Jboss was picking all the necessary classes form my app WEB-INF/lib How can I get rid of this disturbing Tomcat feature? Thank for your help, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server/lib annoys me
I need to perform license checking before the user authenticate. Filters filter the request only after authentication, do they? Thanks TN 2007/3/19, Peter Crowther [EMAIL PROTECTED]: From: Tremal Naik [mailto:[EMAIL PROTECTED] The point is I defined a Valve which performs license checking and it needs to access the DB. Why not a Filter? That could then be webapp-specific. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server/lib annoys me
2007/3/19, David Delbecq [EMAIL PROTECTED]: I don't understand why you try to do a webapp specific stuff (licence checking) in a server context (a valve). Well, my license is limiting the number of contemporary sessions, i.e. there is a limit on the number of users can be logged in at the same time. So, I need to filter user requests after web app startup. I may do this after the user has authenticated himself, but this means that then I should force his logout somehow, and this is more complicated than simply barring the users at the source. I'd like to point out that my valve has been defined at the application specific level, in the webapps\MyApp\META-INF\context.xml file Thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server/lib annoys me
2007/3/19, David Kerber [EMAIL PROTECTED]: session.invalidate() is complicated? Not at all, but I cannot login the user and then simply redirect him to the login form next time he'll perform some action. This would be confusing. If I could simply use the axe to make my job, my dear, I would never be late! The point here is that my very complicate licensing system updates a lot of stuff on server side when the user logs in succesffully, and all that jazz must be rolled back when the user logs out. So, barring him before authentication for me is the best solution, if it is not possible, I'll find another solution. Please, bear in mind my original question was is it possible avoid using server/lib? I never asked for java/j2ee programming lessons thanks, -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server/lib annoys me
2007/3/19, Tremal Naik [EMAIL PROTECTED]: Please, bear in mind my original question was is it possible avoid using server/lib? I never asked for java/j2ee programming lessons Of course, I accept all suggestions I receive gratefully, I'm not a some kind of troll, the last comment was a specific response to David Kerber's relatively useless answer thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: server/lib annoys me
2007/3/19, David Delbecq [EMAIL PROTECTED]: How about having your webapp implements some kind on 'license checking service' and, at webapp startup, put it available at the JNDI level? You valve (or realm) could then access this named service and simply issue a 'can i log in one more user?' request. This way all you have in server/lib is a simple interface and the valve itself. All buisness logic will be implemented by webapp. These are all valid ideas. I'll discuss them with my team, thrying to find the one that suits our needs thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to retrieve principal
Hello, I want to retrieve the user principal where I don't have the request available i.e. I cannot use the method HttpServletRequest.getUserPrincipal() I need in particular the user name. May you suggest something appropriate? -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve principal
2007/2/28, Peter Crowther [EMAIL PROTECTED]: We got round this by putting the name into a ThreadLocal variable from a place where we *did* have access to it, then reading it later - messy, I see, you use the same approach as JBoss. So, you mean there is no way to get the user principal using tomcat security framework. Ok, thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve principal
2007/2/28, Christopher Schultz [EMAIL PROTECTED]: Well, what /do/ you have available? That was my question: What do I have available?. May any of the following be useful? I'm confused, really. Server server = ServerFactory.getServer(); Service service = server.findService(Catalina); Engine engine = (Engine) service.getContainer(); Host host = (Host) engine.findChild(engine.getDefaultHost()); String lcName = myContext; Context context = (Context) host.findChild(lcName); Realm realm = context.getRealm(); -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve principal
2007/2/28, Christopher Schultz [EMAIL PROTECTED]: How is it that you have code that needs request-specific information, but no access to the request? Are you forced into this situation by other components (through a callback mechanism or something like that)? Or, is this the result of poor planning? well, the code has been designed to run into jboss. In a clustered configuration the request was not available in the Business tier. The Jboss SecurityAssociations classes where doing the job of propagating the principal to the BT. Now we deployed the same code in tomcat, where a subset of the classes have been included from those componing the BT. Hence, we are developing the same application for both the environments and we'd like to mantain the classes as general as possible. Think of a log4j utility that must be called from either the WT and the BT. We don't want to introduce a new version of the log helper (we don't want to make things too complicated). We want to build the some code and it works wether deployed in tomcat or jboss. We are there at 99%, I still need the user principal but I can solve using the ThreadLocal. And a Valve, maybe... -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Modifying the response
Hello, I'm using SSLExt to manage https redirection in a Struts 1.1 project. SSLExt (http://sslext.sourceforge.net/) is a framework to let Struts application easily switch back and forth from a secure channel when a page displays sensitive data (i.e. password input forms) If the user requests a page marked as secure, sslext performs a redirection to a https URL. Sslext extracts all the request parameters and adds them as a query string to the redirection URL. An example request-response follow: REQUEST - POST http://cor319.ciccio-pasticcio.com:8080/bitastar/admin/usersAdminAction.do HTTP/1.0 [.] actionName=verylongparameter RESPONSE - HTTP/1.1 302 Moved Temporarily Location: https://cor319.ciccio-pasticcio.com:8443/bitastar/admin/resetPasswords.do?verylongparameter As you can see above, the parameter 'actionName' has been extracted and added to the redirection URL as quesry string. This causes Explorer 6 giving the error Cannot find server. Mozilla Firefox is working fine. I'd like to filter the response to strip the unnecessary query string from the Location header. Should I use a Valve or a Filter or what? May you give me some hints or point me to the right resources (documentation-tutorials) to solve this problem? Thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Modifying the response
2006/11/2, Tremal Naik [EMAIL PROTECTED]: I'd like to filter the response to strip the unnecessary query string from the Location header. Should I use a Valve or a Filter or what? I noticed that I can change the header Location after the invoke() call in a Valve: getNext().invoke(request, response); String location = response.getHeader(Location); if (location != null) { response.setHeader(Location, https://cor319.whatever.com:8443/;); } I don't get an IllegalStateException as I expected. Why? Do you think this is a correct way to proceed? thanks -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Modifying the response
2006/11/2, Pid [EMAIL PROTECTED]: Using a valve seems a bit crazy, even a filter seems excessive. ok, what do you suggest? I'm not quite clear on what the problem is; is it that IE is misbehaving, or is it that your app is gaining a query string where it's unnecessary? both. If Mozilla Firefox has not problems with the same app while IE has (as I wrote in my original post), the conclusion is that IE is misbehaving. My app, then, is adding an unnecessary query string (as I wrote in my original post). But I don't have control on it. (SSLExt is adding that string, as I wrote in my original post) If the query string is unnecessary, try to determine why it's getting added to the end of the redirected url. Your SSLExt may be misconfigured, or not doing it's job properly - or the Struts components doing something improperly. I inspected SSLExt source code and I see that this is the desired behaviour. Unfortunately, there is no way to configure SSLExt to avoid edding the above string. You can see it from the source code. If it's meant to be there, and the problem lies with IE you should examine the request/response that is causing IE to 404. The request/response is that one that I pasted (in my original post). After the 302 response (+ very long Location) by the server IE doesn't send anymore requests and only displays the error. So, that is not really a 404, but simply a IE bug You may find the IE Developer toolbar helpful, along with a close examination of what happens on the server when IE tries to request the URL in the redirected response. E.g. configure an access log valve and watch the log as each browser type hits the urls. check that both see the same thing. when I decided to post to this list I already performed all the above tasks. If you read carefully my original post you noticed that. I was not looking for a teacher to tell me how to debug my code. I was expecting someone gave me his opinion on a possible solution. thanks anyway -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Modifying the response
2006/11/2, Caldarale, Charles R [EMAIL PROTECTED]: There is a known bug in IE6 that loses the port number while handling redirects. This thread may be related: yes, I use a valve to filter all incoming request to fix this problem. Or it might not be. You could try IE7 to see if that cures it. I'll try, thanks Unfortunately the clients may not want to upgrade -- TREMALNAIK - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] AIX filtering Explorer?
2006/4/4, Tremal Naik [EMAIL PROTECTED]: I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? from the Tomcat SSL howto: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html sslProtocol - It is reported that IBM's 1.4.1 implementation of the TLS protocol is not compatible with some popular browsers. In this case, use the value SSL. Now it works. Alternatively, you can leave the default settings but enable the TLS protocol in IE using Tools - Internet Options - Security bye -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] AIX filtering Explorer?
2006/4/4, Sheets, Jerald [EMAIL PROTECTED]: Do you have a web proxy in your environment? That would be transparent, or hand-configured. We don't use a proxy to connect to the Tomcat, normally. I've configured it only to inspect the request headers that are sent by the browsers. An example of a MSIE GET request followed by a CONNECT is: 1144165210.106 42 10.0.2.210 TCP_MISS/302 452 GET http://rsaixtest.cicciopasticcio.com:8080/cicciastar/ - DIRECT/10.0.2.202 text/html [Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*\r\nAccept-Language: en-gb\r\nCookie: JSESSIONID=9F008108B1A0C248DE6357F135FF7CD4\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\nHost: rsaixtest.cicciopasticcio.com:8080\r\nProxy-Connection: Keep-Alive\r\n] [HTTP/1.1 302 Moved Temporarily\r\nServer: Apache-Coyote/1.1\r\nPragma: No-cache\r\nCache-Control: no-cache\r\nExpires: Thu, 01 Jan 1970 01:00:00 GMT\r\nLocation: https://rsaixtest.cicciopasticcio.com:8443/cicciastar/WEB-INF/jsp/logon/logon.jsp\r\nContent-Type: text/html;charset=iso-8859-1\r\nContent-Length: 0\r\nDate: Tue, 04 Apr 2006 15:42:07 GMT\r\nConnection: keep-alive\r\n\r] 1144165210.113 3 10.0.2.210 TCP_MISS/200 124 CONNECT rsaixtest.cicciopasticcio.com:8443 - DIRECT/10.0.2.202 - [User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)\r\nHost: rsaixtest.cicciopasticcio.com:8443\r\nContent-Length: 0\r\nProxy-Connection: Keep-Alive\r\nPragma: no-cache\r\n] [] While Firefox says: 1144225430.516 78 10.0.2.210 TCP_MISS/302 517 GET http://rsaixtest.cicciopasticcio.com:8080/cicciastar/ - DIRECT/10.0.2.202 text/html [Host: rsaixtest.cicciopasticcio.com:8080\r\nUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1\r\nAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Language: en-us,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 300\r\nProxy-Connection: keep-alive\r\n] [HTTP/1.1 302 Moved Temporarily\r\nServer: Apache-Coyote/1.1\r\nPragma: No-cache\r\nCache-Control: no-cache\r\nExpires: Thu, 01 Jan 1970 01:00:00 GMT\r\nSet-Cookie: JSESSIONID=BC2376254AD401F328599C5148E41032; Path=/\r\nLocation: https://rsaixtest.cicciopasticcio.com:8443/cicciastar/WEB-INF/jsp/logon/logon.jsp\r\nContent-Type: text/html;charset=iso-8859-1\r\nContent-Length: 0\r\nDate: Wed, 05 Apr 2006 08:25:49 GMT\r\nConnection: keep-alive\r\n\r] 1144225494.522 63999 10.0.2.210 TCP_MISS/200 24904 CONNECT rsaixtest.cicciopasticcio.com:8443 - DIRECT/10.0.2.202 - [User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1\r\nProxy-Connection: keep-alive\r\nHost: rsaixtest.cicciopasticcio.com:8443\r\n] [] I'm checking if this has nothing to do with the different byte order of the AIX operating system, but at the moment I'm only guessing TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] AIX filtering Explorer?
Hi everybody, I marked this message as OT because it may not pertain to Tomcat, even if I presume so. I have a problem with a Jboss/Tomcat 5.5 installed on an IBM AIX machine. The application redirects user requests to an encrypted channel at login: 1) The browser sends an unsecure request. 2) the request is redirected to a secure channel I have no problem with Firefox, while IE looks as if it get lost. The secure request does not arrive on the tomcat server. Where did it go? I've put a proxy in the middle so I'm pretty sure the connect request is made on the correct URL. The application works fine on a windows environment. Did anyone experience anything similar? -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/16, Mladen Turk [EMAIL PROTECTED]: Yes. Servlet spec 2.4 Thank you very much. Persons like you make me loosing faith in the Open Source. I think I'll call the guys at IBM... -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/17, Mladen Turk [EMAIL PROTECTED]: Go and troll somewhere else. sorry, I thought you where pissing on me. I didn't understand your real intentions. I will manage the request to get what I'm looking for. Thanks, -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: context.xml: ClassNotFoundException
2006/3/16, Filip Hanik - Dev Lists [EMAIL PROTECTED]: your valve classes have to be in common/lib or common/classes or server/lib or server/classes for security purposes, the best place would be server/lib or server/classes Filip Well, I put the classes in a jar deployed in server/lib ok, now everything looks fine. Thanks -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to retrieve an user Principal?
Hello, how can i retrieve an user principal? I don't want to get it from the request, but directly from the underlying security framework. My application, when developed in Jboss, uses an instruction like the following: org.jboss.security.SecurityAssociation.getPrincipal(); Is there something similar in Tomcat? May you please point me to the correct resource (documentation, web page)? Thanks -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/16, Caldarale, Charles R [EMAIL PROTECTED]: ??? That doesn't make any sense to me. There may be may users connected to Tomcat at any given time; if you don't get the one corresponding to a specific request (or associated session), what do you think you're getting? well, I don't know how it works, but it works! In Jboss I mean. The method I was talking about is as follows: public static Principal getPrincipal() { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(getPrincipalInfoPermission); if (peekRunAsIdentity() != null) return peekRunAsIdentity(); if (server) return (Principal) threadPrincipal.get(); else return principal; } No (visible) reference to the session of the user, but if invoked it returns the correct user principal. It's useful in all those situations you don't have the session, like helper classes, and you don't want an additional argument to your method (like a String session ID). It allows writing simpler and cleaner code. -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to retrieve an user Principal?
2006/3/16, Mladen Turk [EMAIL PROTECTED]: JBoss getPrincipal() figures that from the request, Maybe, but it doesn't require I pass the request as an argument, ir returns the principal from whenever I call it in the code, simply, even in those classes which doesn't have a request variabile. It allows me writing security helpers, for instance, which can be used from within pluggable JAAS Login Modules, where the request is not available at all. So my question follows: is there anything similar in Tomcat? cheers -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: context.xml: ClassNotFoundException
2006/2/23, Caldarale, Charles R [EMAIL PROTECTED]: Can you verify that the following does not exist: conf\Catalina\[hostname]\CiccioPasticcio.xml where [hostname] is usually localhost? the file exists, but it's identical to the one I put in my app META-INF. Even if I delete it, it's re-created. -- TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
context.xml: ClassNotFoundException
Hello, I have a problem with Tomcat 5.5 I created a file CiccioPasticcio.war with my application. I have to filter user requests using Tomcat Valves, so I wrote a context.xml file with the following Context cookies=true crossContext=false Valve className=com.ciccio.pasticcio.web.valve.LoginErrorMessageValve / Valve className=com.ciccio.pasticcio.web.valve.LicenseRequirementsValve / Valve className=com.ciccio.pasticcio.web.valve.TomcatFixValve / /Context The file is in the folder CiccioPasticcio.war\META-INF\context.xml The Valve classes are in the war into the following locations: CiccioPasticcio.war\WEB-INF\classes\com\ciccio\pasticcio\web\valve\LoginErrorMessageValve.class . When I start tomcat I have the following SEVERE: Begin event threw exception java.lang.ClassNotFoundException: com.ciccio.pasticcio.web.valve.LoginErrorMessageValve at java.net.URLClassLoader$1.run(URLClassLoader.java:200) ... SEVERE: Parse error in default web.xml java.lang.ClassNotFoundException: com.ciccio.pasticcio.web.valve.LoginErrorMessageValve I really canot figure out where I failed. Can you help me? TREMALNAIK - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]