As said previously, the same jaas configuration and application works on
tomcat 6 and 7 but fails on 8.5 and 9.0. The tomcat is started as windows
service.
I even set the CATALINA_BASE and CATALINA_HOME in windows environment
variables.
On Tue, Jan 8, 2019 at 11:55 AM Rémy Maucherat wrote:
> On
I have question (using Tomcat 9.0.12 on Windows 10), and I'd like
someone on the Tomcat development team to clarify a distinction for me
regarding resource charsets and octet decoding in a particular format. I
am not a newbie, and although the answer to my question may seem
obvious, it goes to
On Tue, Jan 8, 2019 at 8:03 PM Mark Thomas wrote:
> This looks like an environmental issue. Debugging is probably your best
> option to get to the bottom of this.
>
Maybe I broke it with my refactorings, but I'm not very sure at the moment
since you couldn't reproduce it. I can also see that
Unfortunately, I inherited this system from someone who hacked it together
before he left, so I'm just trying to use a quick/minimal approach.
I think that tomcat6 was setup with the init.d approach and would like to keep
v8 similar if at all possible.
I'm not bad with scripting and init
Not having an issue, but if I upgrade I will it seems .. bo!
init.d is so engraved in my neural patterns it will be a shame to have
such a useless deep groove.
I hate the names, too .. that's what happens when you give marketing
people too much leash. Not only do they seem to forget how to
On 08/01/2019 18:06, Mark Thomas wrote:
> This works for me with a clean install of trunk (with appropriate
> configuration). There have been no relevant changes since 9.0.14.
>
> It looks like the CATALINA_BASE environment variable is not set or can't
> be found for some reason. It might be
On Tue, Jan 8, 2019 at 9:58 AM John Dale wrote:
> I'm using init.d and a custom script complete with single command
> deploy using git hooks.
>
> git push master pushes, builds, and bounces Tomcat. I like
> it very much .. building and deploying can be such a pain.
>
> Is systemd something
Hi,
Tomcat’s default error handler has showServerInfo set to true by default. This
is not a good security practice because it exposes Tomcat’s version (version
disclosure).
Is there a reason why this property is not set to false by default?
Thanks,
Karim
On 08/01/2019 21:31, Garret Wilson wrote:
But as discussed above, this is completely wrong: the resource character
encoding of a request sent in `application/x-www-form-urlencoded` should
have absolutely no bearing on how the encoded octets within that
resource are decoded.
That is not
Igal Sapir wrote:
John Larsen wrote:
Setup an init script.
On modern Linux systems you should really use systemd instead of the old
init scripts.
Depends on your definition of modern. Most Docker containers, many
versions of Linux and all versions of Unix use init scripts. Docker at
least
Hello,
I'm running Tomcat-8.5 with TLS and I've noticed substantial memory growth
with requests over time, to the point that if I run Tomcat in Docker and
make constant requests to it, Docker will kill the container due to
excessive memory utilization. The problem occurs with standalone Tomcat as
Hi, Mark, and thanks for some quick response. You provided some info I
wasn't aware of. Some responses below:
On 1/8/2019 9:57 PM, Mark Thomas wrote:
On 08/01/2019 21:31, Garret Wilson wrote:
But as discussed above, this is completely wrong: the resource
character encoding of a request
Hi Mark,
Agree that hiding the version is not the way to deal with vulnerabilities.
Having said that, revealing information about the stack or its version in the
error handler to the world can still be a security issue.
What kind of debugging are we expecting when the server type and version
On 08/01/2019 23:30, Zamani, Karim wrote:
Hi,
Tomcat’s default error handler has showServerInfo set to true by default. This
is not a good security practice because it exposes Tomcat’s version (version
disclosure).
Is there a reason why this property is not set to false by default?
Yes.
On 07/01/2019 23:38, Jean-Pascal Houde wrote:
> Hello,
>
> I'm having a problem that seems to occur only since Tomcat 9.0.14. I'm using
> Tomcat installed as a service on a Windows 2012 R2 server.
> The service starts normally, but stopping it from the Windows Services window
> takes a long
Hi Christopher,
This is no issue with loading jaas.config. The file is loaded fine. I've
set the java options as below.
-Djava.security.auth.login.config=C:\Program Files\Apache Software
Foundation\Tomcat 9.0\conf\jaas.config
The above path is correct. Just to verify if the file is loaded, I
On Tue, Jan 8, 2019 at 7:45 AM Rémy Maucherat wrote:
> On Tue, Jan 8, 2019 at 4:25 PM Jean-Pascal Houde
> wrote:
>
> > "Catalina-utility-1" prio=1 tid=15 WAITING
> >
>
Is DestroyJavaVM supposed to be the only non-daemon thread at that point?
Thanks,
Igal
>
> Ok, so the new default for the
On 08/01/2019 15:45, Mark Thomas wrote:
> On 08/01/2019 15:25, Jean-Pascal Houde wrote:
>> Thanks all,
>
>
>> "Catalina-utility-1" prio=1 tid=15 WAITING
>> at sun.misc.Unsafe.park(Native Method)
>> at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
>> at
>>
All,
I just installed Tomcat 8.5 on RedHat.
The previous tomcat6 install was setup so that I could use the linux service
command to start and stop.
I'd like to take that feature away from the tomcat6 install and
add it for the new tomcat85 install.
I'd also like for tomcat85 to
Setup an init script.
This is similar to how I do it.
https://gist.github.com/katesclau/0ff6e41fd698e94eb43c
John Larsen
On Tue, Jan 8, 2019 at 10:01 AM Joel Saunders
wrote:
> All,
>
>
>
> I just installed Tomcat 8.5 on RedHat.
>
>
>
> The previous tomcat6 install was setup so that I could
On Tue, Jan 8, 2019 at 9:08 AM John Larsen wrote:
> Setup an init script.
>
On modern Linux systems you should really use systemd instead of the old
init scripts.
I've written in the past a script that can be used as a systemd template,
so it allowed for multiple services to be run on
I simply tie systemd with the init script. Our servers host around 20-30
tomcat instances. I found it easier do it this way.
John Larsen
On Tue, Jan 8, 2019 at 10:26 AM Igal Sapir wrote:
> On Tue, Jan 8, 2019 at 9:08 AM John Larsen
> wrote:
>
> > Setup an init script.
> >
>
> On modern
I'm using init.d and a custom script complete with single command
deploy using git hooks.
git push master pushes, builds, and bounces Tomcat. I like
it very much .. building and deploying can be such a pain.
Is systemd something that is available on debian wheezy?
Is init.d going out of
On Tue, Jan 8, 2019 at 9:39 AM John Larsen wrote:
> I simply tie systemd with the init script. Our servers host around 20-30
> tomcat instances. I found it easier do it this way.
>
It's easier for you because you're more familiar with the init scripts, but
tying a modern system into an older
This works for me with a clean install of trunk (with appropriate
configuration). There have been no relevant changes since 9.0.14.
It looks like the CATALINA_BASE environment variable is not set or can't
be found for some reason. It might be related to running as a Windows
service - that needs
On 08/01/2019 15:25, Jean-Pascal Houde wrote:
> Thanks all,
> "Catalina-utility-1" prio=1 tid=15 WAITING
> at sun.misc.Unsafe.park(Native Method)
> at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
> at
>
On Tue, Jan 8, 2019 at 4:25 PM Jean-Pascal Houde wrote:
> "Catalina-utility-1" prio=1 tid=15 WAITING
>
Ok, so the new default for the utility thread is non daemon so you should
have your fix there. Is nothing calling Server.destroy then ? Normally it
should (Catalina.stop does it) and the
Thanks all,
Here is a more detailed service log (at FINE level):
[2019-01-08 09:45:21] [debug] ( prunsrv.c:885 ) [ 2752] reportServiceStatusE:
dwCurrentState = 3, dwWin32ExitCode = 0, dwWaitHint = 3000,
dwServiceSpecificExitCode = 0
[2019-01-08 09:45:21] [info] ( prunsrv.c:984 ) [ 8792]
All,Problem resolved!
Ok. The change to the context.xml file controls if/what external ips can
access the webapp. That was one thing that had to be changed from an initial
install, but that wasn’t my final issue.
The final issue was that I couldn't authenticate properly against my
29 matches
Mail list logo