On 18/3/20 2:57 pm, Brian Burch wrote:
I have done quite a lot of experiments, but I will stick to the case
which appears to have produced the most encouraging(!) results.
I stumbled across
https://logging.apache.org/log4j/2.x/log4j-appserver/index.html.
This short page has significant o
On 18/3/20 5:18 pm, Brian Burch wrote:
Could resist tinkering a bit more, but I'll be in trouble because I'm
late for dinner!!
Success! I have just created the catalina.log file formatted according
to my own log4j2.xml.
Yes, it was my stupid mistake, but I'll write tomorrow about what it
Grande Brian, congrats!
Sorry, I've just read your message, a bit late to the party: time ago I had
cooked a tomcat9 container + log4j2 with a sample spring-boot app deployed.
You can have a look here [1]
Cheers,
Luis
[1]
https://db-blog.web.cern.ch/blog/luis-rodriguez-fernandez/2019-03-keeping
On 18.03.20 01:04, James H. H. Lampert wrote:
> On 3/17/20 3:50 PM, Mark Thomas wrote:
>> The XXS might be valid. I assume the tool provided a sample URL you
>> could use to validate the finding. That should point you in the right
>> direction but feel free to ask here if more help is required.
>
On 17.03.2020 21:43, Maxfield, Rebecca A wrote:
Ah, some problems are arising because, I suppose, the startup process wants to
create or touch something in ../logs and that's now all the way over in
/var/lib/tomcat8. How do I move on from here?
Try (as root) : service tomcat8 start (or resta
On 17/03/2020 23:30, Martynas Jusevičius wrote:
> Tomcat does not allow DELETE by default? I’m using 8.0.x with Jersey and I
> don’t think I used any config to enable it.
By default, HttpServlet (which pretty much every servlet extends)
returns a 405 for a DELETE.
The Servlets that Tomcat impleme
Thank you so much Mark!
Moving to Tomcat 9.0.33 indeed solved the problem I was facing.
Thanks,
Amit
-Original Message-
From: Mark Thomas
Sent: Tuesday, March 17, 2020 1:06 PM
To: users@tomcat.apache.org
Subject: Re: [EXTERNAL] Re: Uploads breaking post upgrade to 9.0.31
On 17/03/2020
On 18/03/2020 00:04, James H. H. Lampert wrote:
> On 3/17/20 3:50 PM, Mark Thomas wrote:
>> The XXS might be valid. I assume the tool provided a sample URL you
>> could use to validate the finding. That should point you in the right
>> direction but feel free to ask here if more help is required.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
James,
On 3/17/20 18:31, James H. H. Lampert wrote:
>
> On 3/17/20 3:18 PM, Martynas Jusevičius wrote:
>> why should DELETE or OPTIONS not be enabled? They are standard
>> HTTP methods.
>
> True, but (quoting the audit report)
>> . . . [DELETE] may
Hi JHHL
> security audit on the Tomcat server we maintain
My condolences. :-) We're gone through several scans over the past couple
years too. Yeah, it's a pain.
If you can get the report details, it may provide enough info to pinpoint the
exact problems. Checkmarx scanning software does,
On 3/18/20 1:16 AM, Olaf Kock wrote:
Are you sure that this is for tomcat, not for your own application?
Actually, since on-screen it looks like one of ours, I was already
leaning to that conclusion, and had brought it to the attention of our
webapp developer.
Thanks for all the responses
Hello,
When I deploy my war it produces the below error message, telling me
to pass the "--enable-preview". I can add the "--enable-preview" to
my tomcat start.sh script dev environment to resolve the problem.
However, if I launch the production tomcat using the jsvc binary (to
bind to port 443
I was tasked with writing a web application that needs to forward a http
request to each server after checking certain headers.
Of course I can use a library like apache http client to reconstruct and
send the data.
But if you think about it, this is a very unreasonable and bad way.
Suppose you ne
13 matches
Mail list logo