[ANN] Apache Tomcat 8.5.5 available

2016-09-06 Thread Mark Thomas
The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.5.5. Tomcat 8.x users should normally be using 8.5.x releases in preference to 8.0.x releases. Apache Tomcat 8 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Mark Thomas
On 06/09/2016 20:57, Robert Winch wrote: > Mark, > > Thanks again for your detailed response. > > In addition to the STRICT_SERVLET_COMPLIANCE flag, would you consider > supporting the older RFC if a cookie version was explicitly set on the > Cookie? If applications want to explicitly send

Re: AT WITS END regarding JVM arguments

2016-09-06 Thread James H. H. Lampert
On 9/6/16, 8:05 AM, Christopher Schultz wrote: It's worth noting that, when creating the service from the command-line, the service.bat script will use the current environment to configure the service. That means that CATALINA_HOME and CATALINA_BASE are all used to configure the service.

WAR isolation lifecycle

2016-09-06 Thread Cristian Lorenzetto
It is a common problem to have a war can't unregister correctly in undeploy > phase. a lot of opensource libraries have this problem. So you have to > restart tomcat every time. > But if you have multiple war running and you cant stop other applications?

Re: Tomcat 8.5 Regarding PostResources for Web-Inf\lib and Web-Inf\classes

2016-09-06 Thread Cristian Lorenzetto
*WAR isolation lifecycle.* It is a common problem to have a war can't unregister correctly in undeploy phase. a lot of opensource libraries have this problem. So you have to restart tomcat every time. But if you have multiple war running and you cant stop other applications? 2016-09-05 21:14

Re: Tomcat 8.5 Regarding PostResources for Web-Inf\lib and Web-Inf\classes

2016-09-06 Thread Mark Thomas
On 06/09/2016 09:00, Cristian Lorenzetto wrote: > *WAR isolation lifecycle.* > > It is a common problem to have a war can't unregister correctly in undeploy > phase. a lot of opensource libraries have this problem. So you have to > restart tomcat every time. > But if you have multiple war

[ANN] Apache Tomcat 9.0.0.M10 available

2016-09-06 Thread Mark Thomas
The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.0.M10. Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. Apache Tomcat 9.0.0.M10 is a

Re: How to write a correct HTTP request to Tomcat 8.5.4 instance?

2016-09-06 Thread Terence M. Bandoian
On 9/5/2016 8:09 AM, Klemens Muthmann wrote: Am 05.09.2016 um 14:49 schrieb Tim Watts: On Mon, 2016-09-05 at 14:11 +0200, Klemens Muthmann wrote: Hi, I currently need to implement an HTTP data transmission from an Arduino with WiFi module to a PC running a Tomcat 8.5.4 instance. The Tomcat is

Re: AT WITS END regarding JVM arguments

2016-09-06 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 9/1/16 7:16 PM, James H. H. Lampert wrote: >>> Seems to me that a paraphrase of the third paragraph quoted >>> above ought to be added -- PROMINENTLY -- to the comment lines >>> at the top of catalina.bat and catalina.sh, to keep midrange

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Rémy Maucherat
2016-09-06 18:38 GMT+02:00 Robert Winch : > Thank you for your response. > You're welcome. Rémy

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Mark Thomas
On 06/09/2016 17:38, Robert Winch wrote: > Thank you for your response. > > I don't see how the Tomcat documentation can be fixed unless the Tomcat's > Servlet APIs are going to deviate from the Servlet 3.1 specification. If > Tomcat continues to deviate from the specification, I don't see how

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Robert Winch
Thank you for your response. I don't see how the Tomcat documentation can be fixed unless the Tomcat's Servlet APIs are going to deviate from the Servlet 3.1 specification. If Tomcat continues to deviate from the specification, I don't see how Tomcat 8.5 can claim Servlet 3.1 compliance. Do you

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Robert Winch
Mark, Thank you for the detailed response. I'm looking to assess the full impact of applications that might choose to use LegacyCookieProcessor. Can you elaborate on why using LegacyCookieProcessor is a bad idea? Are you aware of other containers that also use RFC6265? Thanks, Rob On Tue, Sep

Re: Restrict access to manager app by IP

2016-09-06 Thread Mark Thomas
On 06/09/2016 18:29, Christopher Schultz wrote: > Yuval, > > On 9/2/16 9:29 AM, Yuval Schwartz wrote: >> Thanks. I'll give it a shot and let you guys know how it goes. Any >> input on whether I should put this in my applications context.xml >> or in my [host] directory? > > I would do it in the

Re: How to write a correct HTTP request to Tomcat 8.5.4 instance?

2016-09-06 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Terrence, On 9/6/16 10:00 AM, Terence M. Bandoian wrote: > On 9/5/2016 8:09 AM, Klemens Muthmann wrote: >> Am 05.09.2016 um 14:49 schrieb Tim Watts: >>> On Mon, 2016-09-05 at 14:11 +0200, Klemens Muthmann wrote: Hi, I currently need

Re: How to write a correct HTTP request to Tomcat 8.5.4 instance?

2016-09-06 Thread Mark Thomas
On 05/09/2016 13:11, Klemens Muthmann wrote: > Hi, > > I currently need to implement an HTTP data transmission from an Arduino > with WiFi module to a PC running a Tomcat 8.5.4 instance. The Tomcat is > running under Ubuntu 16.04. > > The problem is that, since there are no HTTP libraries on

Re: Restrict access to manager app by IP

2016-09-06 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 9/6/16 2:23 PM, Mark Thomas wrote: > On 06/09/2016 18:29, Christopher Schultz wrote: >> Yuval, >> >> On 9/2/16 9:29 AM, Yuval Schwartz wrote: >>> Thanks. I'll give it a shot and let you guys know how it goes. >>> Any input on whether I

Re: Restrict access to manager app by IP

2016-09-06 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Yuval, On 9/2/16 9:29 AM, Yuval Schwartz wrote: > Thanks. I'll give it a shot and let you guys know how it goes. Any > input on whether I should put this in my applications context.xml > or in my [host] directory? I would do it in the

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Mark Thomas
On 06/09/2016 19:02, Robert Winch wrote: > Mark, > > Thank you for the detailed response. > > I'm looking to assess the full impact of applications that might choose to > use LegacyCookieProcessor. Can you elaborate on why using > LegacyCookieProcessor is a bad idea? It isn't that

Re: AW: How to set up a separate configuration for a Tomcatapplication

2016-09-06 Thread Fung
Mark, Now I got it.Sincerely,Thank you very much. Fung -- Original -- From: "Mark Thomas";; Date: Mon, Sep 5, 2016 11:54 PM To: "Tomcat Users List"; Subject: Re: AW: How to set up a separate configuration for a

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Mark Thomas
On 06/09/2016 18:11, Mark Thomas wrote: > On 06/09/2016 17:38, Robert Winch wrote: >> Thank you for your response. >> >> I don't see how the Tomcat documentation can be fixed unless the Tomcat's >> Servlet APIs are going to deviate from the Servlet 3.1 specification. If >> Tomcat continues to

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Robert Winch
Mark, Thanks again for your detailed response. In addition to the STRICT_SERVLET_COMPLIANCE flag, would you consider supporting the older RFC if a cookie version was explicitly set on the Cookie? Cheers, Rob On Tue, Sep 6, 2016 at 1:21 PM, Mark Thomas wrote: > On 06/09/2016

Header values when using HttpServletResponse.sendRedirect()

2016-09-06 Thread Joe Tseng
All, I inherited a codebase that calls HttpServletResponse.sendRedirect() to another page after a user is successfully logged in. I want to be able to insert a header value before that redirection is executed. I tried to simply add a HttpServletResponse.addHeader()/.setHeader() to the response

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Rémy Maucherat
2016-09-06 23:04 GMT+02:00 Mark Thomas : > I was assuming that Servlet 4.0 would update to RFC6265 so 9.0.x would > be no change. 8.0.x uses the legacy parser by default so we are only > talking about 8.5.x. here. > > The reason I was fine with adding this to

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Rémy Maucherat
2016-09-06 19:11 GMT+02:00 Mark Thomas : > This looks like something that is a good fit for > STRICT_SERVLET_COMPLIANCE. My current thinking is if this is set, change > the default CookieProcessor to LegacyCookieProcessor. > > I think I'm -1 for using the strict compliance flag

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Mark Thomas
On 06/09/2016 21:29, Rémy Maucherat wrote: > 2016-09-06 19:11 GMT+02:00 Mark Thomas : > >> This looks like something that is a good fit for >> STRICT_SERVLET_COMPLIANCE. My current thinking is if this is set, change >> the default CookieProcessor to LegacyCookieProcessor. >> > I

Re: How to write a correct HTTP request to Tomcat 8.5.4 instance?

2016-09-06 Thread Klemens Muthmann
Am 05.09.2016 um 16:16 schrieb André Warnier (tomcat): > On 05.09.2016 15:09, Klemens Muthmann wrote: >> Am 05.09.2016 um 14:49 schrieb Tim Watts: >>> On Mon, 2016-09-05 at 14:11 +0200, Klemens Muthmann wrote: Hi, I currently need to implement an HTTP data transmission from an

[ANN] Apache Tomcat 8.0.37 available

2016-09-06 Thread Mark Thomas
The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.0.37. Please note that Tomcat 8.x users should normally be using 8.5.x releases in preference to 8.0.x releases. Apache Tomcat 8.0 is an open source software implementation of the Java Servlet, JavaServer Pages, Java

RE: AT WITS END regarding JVM arguments

2016-09-06 Thread Mekkelsen Madden, Steve
-Original Message- From: James H. H. Lampert [mailto:jam...@touchtonecorp.com] Sent: Tuesday, September 06, 2016 6:59 PM To: Tomcat Users List Subject: Re: AT WITS END regarding JVM arguments On 9/6/16, 8:05 AM, Christopher Schultz wrote: > It's worth noting

Re: Tomcat 8.5.4 uses RFC 6265 by default which does not appear to be Servlet 3.1 compliant

2016-09-06 Thread Robert Winch
Mark / Rémy, Thanks again for your responses. I'd like to point out one more thing. Mark stated: > To date, the only problem we have seen with RFC6265 that comes to mind > is that Tomcat rejects domain values with leading '.' when an > application creates a cookie. The problem I am

Using server Web.xml Mime Types Data

2016-09-06 Thread George Sexton
Is there any easy way that I can use the mime types in the Tomcat server level web.xml file? I know I can parse the XML myself, I was just wondering if there's a way to get the data already defined. -- George Sexton *MH Software, Inc.* Voice: 303 438 9585 http://www.connectdaily.com