Hello,
Sorry for the delay, I was busy but i also did some more testing. The result
from those tests is that is works oke if the apache/mod_jk are on the same
server as wildfly.
In my original situation apache/mod_jk are on server one and wildfly on server
two. So perhaps it is related to
2014-06-24 21:09 GMT+04:00 Neeraj Sinha neerajsinha@gmail.com:
I am using form based authentication (tomcat 7.0.34) and I have the
implementation of custom realm class which extends RealmBase class. Inside
the getPrincipal() method implementation, I am calling backend service to
save some
2014-06-25 11:57 GMT+04:00 Martin Stolk martin.st...@uplearning.nl:
Hello,
Sorry for the delay, I was busy but i also did some more testing. The result
from those tests is that is works oke if the apache/mod_jk are on the same
server as wildfly.
In my original situation apache/mod_jk are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Konstantin,
On 6/25/14, 5:23 AM, Konstantin Kolinko wrote:
2014-06-24 21:09 GMT+04:00 Neeraj Sinha
neerajsinha@gmail.com:
I am using form based authentication (tomcat 7.0.34) and I have
the implementation of custom realm class which extends
On 25/06/2014 15:35, Christopher Schultz wrote:
Konstantin,
On 6/25/14, 5:23 AM, Konstantin Kolinko wrote:
2014-06-24 21:09 GMT+04:00 Neeraj Sinha
neerajsinha@gmail.com:
I am using form based authentication (tomcat 7.0.34) and I
have the implementation of custom realm class which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 6/25/14, 10:39 AM, Mark Thomas wrote:
On 25/06/2014 15:35, Christopher Schultz wrote:
Konstantin,
On 6/25/14, 5:23 AM, Konstantin Kolinko wrote:
2014-06-24 21:09 GMT+04:00 Neeraj Sinha
neerajsinha@gmail.com:
I am using form
= Description
I believe I may be experiencing a bug in Tomcat or simply misinterpreting
JSR 356. Any thoughts on how to resolve the issue or if I a bug should be
created would be welcome. To reproduce:
1) Authenticate to the application over HTTP. In my instance I am using
Spring Security which
Does anyone know of a way to mitigate this vulnerability until the latest
OpenSSL patch can be applied to the Native Libraries?
Perhaps limiting the cipher list to the list of strongest ciphers available
that are supported by the major browsers?
Is there a listing somewhere of the cipher lists