Am 2020-02-29 um 12:05 schrieb Mark Thomas:
On 29/02/2020 10:40, Michael Osipov wrote:
Am 2020-02-29 um 10:09 schrieb Thomas Meyer:
Hi,
Instead of configuring the container for client cert Auth change the
webapp:
1) define a realm in local context.xml
2) add resp security constraint only
On 29/02/2020 10:40, Michael Osipov wrote:
> Am 2020-02-29 um 10:09 schrieb Thomas Meyer:
>> Hi,
>>
>> Instead of configuring the container for client cert Auth change the
>> webapp:
>> 1) define a realm in local context.xml
>> 2) add resp security constraint only for rest api calls
>
> This
Am 27. Februar 2020 10:58:01 MEZ schrieb "Martynas Jusevičius"
:
>Hi list,
>
>I'm using a Docker image based on tomcat:8.0-jre8. It serves as an
>end-user facing webapp but also as a REST API which authenticates
>using client certificates. The same URLs serve both purposes, however
>only
On 29/02/2020 00:22, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK
INFORMATION INC at Cisco) wrote:
> Hello,
>
> We're running Tomcat 7 and need to implement SSL. We are using APR/OpenSSL,
> but I can't get the intermediate certificates pulled in when starting Tomcat.
> The
> server
Hi
I would like to request some help, on a vm I run tomcat behind nginx,
nginx is configured as following:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header
Am 2020-02-29 um 12:13 schrieb Mark Thomas:
On 29/02/2020 11:07, Michael Osipov wrote:
Am 2020-02-29 um 12:05 schrieb Mark Thomas:
On 29/02/2020 10:40, Michael Osipov wrote:
Tomcat does not support renegotiation of TLS contexts based
on URLs like HTTPd.
Yes it does.
If you specify
Am 2020-02-29 um 14:05 schrieb Thomas Meyer:
Am 29. Februar 2020 13:10:13 MEZ schrieb Mark Thomas :
On 29/02/2020 11:23, Michael Osipov wrote:
Am 2020-02-29 um 12:13 schrieb Mark Thomas:
On 29/02/2020 11:07, Michael Osipov wrote:
Am 2020-02-29 um 12:05 schrieb Mark Thomas:
On 29/02/2020
Am 2020-02-29 um 10:09 schrieb Thomas Meyer:
Am 27. Februar 2020 10:58:01 MEZ schrieb "Martynas Jusevičius"
:
Hi list,
I'm using a Docker image based on tomcat:8.0-jre8. It serves as an
end-user facing webapp but also as a REST API which authenticates
using client certificates. The same URLs
On 29/02/2020 11:23, Michael Osipov wrote:
> Am 2020-02-29 um 12:13 schrieb Mark Thomas:
>> On 29/02/2020 11:07, Michael Osipov wrote:
>>> Am 2020-02-29 um 12:05 schrieb Mark Thomas:
On 29/02/2020 10:40, Michael Osipov wrote:
>>
>>
>>
> Tomcat does not support renegotiation of TLS
On 29/02/2020 11:07, Michael Osipov wrote:
> Am 2020-02-29 um 12:05 schrieb Mark Thomas:
>> On 29/02/2020 10:40, Michael Osipov wrote:
>>> Tomcat does not support renegotiation of TLS contexts based
>>> on URLs like HTTPd.
>>
>> Yes it does.
>>
>> If you specify CLIENT-CERT auth for a sub-set
сб, 29 февр. 2020 г. в 15:33, Alexander Curvers :
>
>
Note the "". Those are comment wrappers in XML.
The above definition is commented-out and thus is ignored.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For
Am 29. Februar 2020 13:10:13 MEZ schrieb Mark Thomas :
>On 29/02/2020 11:23, Michael Osipov wrote:
>> Am 2020-02-29 um 12:13 schrieb Mark Thomas:
>>> On 29/02/2020 11:07, Michael Osipov wrote:
Am 2020-02-29 um 12:05 schrieb Mark Thomas:
> On 29/02/2020 10:40, Michael Osipov wrote:
>>>
>>>
On 28/02/2020 22:26, Martynas Jusevičius wrote:
> Yes the clients connect only directly to nginx.
>
> So the proxy config within 2 pairs of containers is like this:
>
> # website service; clientAuth=false
> nginx:80 -> tomcat:8080
> nginx:443 -> tomcat:8443
>
> # API service; clientAuth=true
Am 2020-02-29 um 12:13 schrieb Mark Thomas:
On 29/02/2020 11:07, Michael Osipov wrote:
Am 2020-02-29 um 12:05 schrieb Mark Thomas:
On 29/02/2020 10:40, Michael Osipov wrote:
Tomcat does not support renegotiation of TLS contexts based
on URLs like HTTPd.
Yes it does.
If you specify
On 29/02/2020 13:05, Thomas Meyer wrote:
> Am 29. Februar 2020 13:10:13 MEZ schrieb Mark Thomas :
>> On 29/02/2020 11:23, Michael Osipov wrote:
>>> Am 2020-02-29 um 12:13 schrieb Mark Thomas:
On 29/02/2020 11:07, Michael Osipov wrote:
> Am 2020-02-29 um 12:05 schrieb Mark Thomas:
>>
HI i know. that comment block was just an example, my real config has
several host sections, none of them with commented blocks
I should over un-commented before i posted here on the mailinglist to
prevent confusion.
Its really about host, and perhaps headers.
Regards
Alexander
On Sat, 29 Feb
Am 2020-02-29 um 15:12 schrieb Mark Thomas:
On 29/02/2020 13:05, Thomas Meyer wrote:
Am 29. Februar 2020 13:10:13 MEZ schrieb Mark Thomas :
On 29/02/2020 11:23, Michael Osipov wrote:
Am 2020-02-29 um 12:13 schrieb Mark Thomas:
On 29/02/2020 11:07, Michael Osipov wrote:
Am 2020-02-29 um
Thanks! I actually needed proxyPort="443" to make the URL
https://localhost, but your suggestion did the trick.
On Sat, Feb 29, 2020 at 11:12 AM Mark Thomas wrote:
>
>
>
> On 28/02/2020 22:26, Martynas Jusevičius wrote:
> > Yes the clients connect only directly to nginx.
> >
> > So the proxy
18 matches
Mail list logo
