Re: Run as nonroot user

In addition to the other suggestions, you might want to try jakarta-commons-sandbox/daemon. It allows Tomcat to bind to port 80, and then changes it to the non-privileged user that you specify (before it actually starts serving requests). "Fabricio Machado" <[EMAIL PROTECTED]> wrote in message ne

Re: How to use Tomcat MBeans with MC4J?

You need to have the JK-Coyote Connector running (even if you don't use Apache), and set: mx.port=9000 in your jk2.properties file. This will start the RMI adapter (on port 1099) as well. However you should be warned that this is buggy in 4.1.x: You will no longer be able to do a clean shutdow

Re: AUTHENTICATE question with WEBDAV.

so that I can bypass the "Login dialog" if the username and password are already got before the request (before the user enters http:///webdav to run the webdav servlet). I have no clue how to do this ... What's the purpose of a VALVE class ? Thanks. > > > Bill Bark

Re: Need help with performance issue - Tomcat 4.1.X

I'm surprised that nobody else has asked this (since it would be one of the first things that I would try if this was happening to me): What is the response from just using telnet? <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > With Tomcat 4.1.x > > We've recently run into an issue

Re: Single Sign-On Question

Single Sign-On doesn't require any database. It simply makes sure that once you have logged-on to one Context, every other Context gets the same userPrincipal. "Rick Roberts" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Does Single Sign-On require an LDAP database or can I do it

Re: Custom ClassLoader configuration problem

WebappLoader is in $CATALINA_HOME/server/lib, so your class must be as well if you want extend it. "Stephen Peck" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Sorry Rita my explaination was a little brief. > > I am using Tomcat 4.0.4 on Debian with JDK 1.3.1 and will be upgrading

Re: newbie question on Tomcat security

Actually, it is easier than that: They can just go the the browser's cache folder and view it from there. As such, you should consider that your .css files are public info, and leave it at that. "epyonne =)" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello All, > > I just deve

Re: [off-topic] need info about FIXME links in Tomcat Documentation?

FIXME means that the last developer to modify it didn't have time to expand on the information that they thought should be included. In your particular case, I don't know of a better reference for this particular FIXME than the javadocs at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/catalina/d

Re: mod_jk round robin problem & stateless session beans

This is a pretty good description of what goes on, and it results in the highly skewed distributions that you are seeing. I had thought that if you are using Apache-2 with the 'worker' MPM, that you should get a better distribution (but haven't tried it myself). With Apache-1.3.x or Apache-2 with

Re: Do we have any control on Tomcat threads?

In the Servlet 2.4-Spec (aka Tomcat 5.x), the RequestListeners come very close to what you probably want. Otherwise, the answer is no. "Agarwal, Naresh" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Hi Web apps in tomcat run in threads spawned by Tomcat. Do we have any control on t

Re: when the browser back button is clicked how can i get the previous page to be displayed instead of a content expired message?

I'm going to assume that you are using 4.1.x, with x > 18, and that the page is question is protected by a security-constraint. By default, Tomcat forbids caching of protected pages. In versions > 4.1.18, you can override this by: If you are not using Form Authenication, then replace For

Re: Where is ContextXmlReader ???

ContextXmlReader is for TC 3.3. The (mostly) equivalent functionality for TC 4.1.x is to put the .xml file in the webapps directory for the Host. Of course this needs to be in the Catalina format, not the TC 3.3 format. <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi. I am in on

Re: apache tomcat mod_webapp

The configuration for mod_webapp in server.xml in TC 5 has been removed. You could try re-adding it, but it likely won't work. mod_webapp is simply not going to be supported in TC 5 (unless, possibly, there is someone that wants to take charge of it and get it to work ;-). "Nicolas Stienne" <[EMA

Re: Running Tomcat as Non-Root

While this is flaming out of control ;-): Let me point out that there is jakarta-commons-sandbox/daemon that allows you to do this right now (i.e. launch as root, Tomcat binds to port 80, and then setuid to a non-privileged user before Tomcat actually handles any request). It also allows you to sto

Re: How do I get the total number of users logged into my app

I'd go for something a little safer myself. Declaire a HttpSessionListener something like: public class MyCounter implements HttpSessionListener { private boolean registered = false; private int sessionCount = 0; public void sessionCreated(HttpSessionEvent ev) { if(!registere

Re: autoloading TLDs

There are two places in the JSP spec that are relevent. 1) Section 7.4 under the description of (for why it is done at startup). 2) Section 7.3.1 for why it does files of the form WEB-INF/*.tld "Dmitry Beransky" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > > I've noticed th

Re: Adherence to DTD issue

Actually, all declarations must come before any declarations in the 2.2 DTD as well. It's just that Tomcat 3.2.x didn't enforce this. Tomcat 3.3.x does enforce it by default, but you can turn it off (for backwards compatibility reasons). "Shapira, Yoav" <[EMAIL PROTECTED]> wrote in message new

Re: Jasper, Java, and X11 Dependencies

Tomcat out-of-the-box has absolutely zero X11 dependencies. It must be something in your webapp. There are two ways to deal with this: 1) If you are using a 1.4.x JVM, you could try running it as 'headless'. 2) Install Xvfb, to provide a virtual X11 server. "Greg Zoller" <[EMAIL PROTECTED]> wr

Re: Can't get SSL client certificate but can get cipher suite and key size??

It's a well-known bug in TC 4.1.18-4.1.24. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790 for more details. The 4.1.26 release should be coming out later this month with a fix for this. "Darren Marvin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] .ac.uk... Hi all, I a

Re: Tomcat IBM SSL Provider

It mostly works in 4.1.26 (you still need the JSSE jar, but Tomcat won't use it). It should work completely in 4.1.27. If you are impatient, you can always grap the CVS code from jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse and compile it. To work with the IBM JVM, you als

Re: TOMCAT AND TLS CLIENT AUTHN

"Evaristo Camarero" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > Hi all: > > I'm running Tomcat 4.1.24 and I'm trying to configure TLS client authn. > > I have created a SSL connector (in server.xml) > > > port="15445" minProcessors="5" maxProcessors="75

Re: Custom Homepage

Yoav is correct, but I believe that the following sordid hack will work in TC 4.x: 1) In your web.xml file create a servlet-mapping something like: MyWelcomeServlet /index.html 2) Stick a zero length file called 'index.html' at $CATALINA_HOME/webapps/myapp/. 3) Make certain

Re: crazy iPlanet/Tomcat question.

I haven't used iPlanet since it was called Netscape ;-). I believe that you have to 'index.jsp' an index file to iPlanet. You could also try enabling the auto-config and compare that to what you have. Follow the instructions at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/jk.html#Using

Re: Problems compiling tomcat

You don't have the path set correctly for jakarta-commons/fileupload, so it's not finding the jar. "Larry Griffith" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For ad

Re: Tomcat refresh configuration

Probably Safari doesn't read META tags. You could try instead: <% response.setHeader("Cache-Control","no-cache"); response.setHeader("Pragma", "no-cache"); response.setDateHeader("Expires", 1); %> "Mufaddal Khumri" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Well i h

Re: Tomcat reveals its name and version

You simply need to add an engineHeader attribute to the Context element: "Elkin Koren" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > Is it possible to configure Tomcat 3.3.1 to not reveal its name and version > to clients? > Is it possible to do so without rec

Re: Tomcat IBM SSL Provider

AIL PROTECTED] We are using what I thought was the lastest 4.1.24. I did not see an option for download 4.1.26 on the jakarta web page. Tim -Original Message- From: Bill Barker [mailto:[EMAIL PROTECTED] Sent: Monday, July 21, 2003 11:09 PM To: [EMAIL PROTECTED] Subject: Re: Tomcat IBM

Re: achieving a clients (browsers) certificate in a webapp

"Karli Christoph (CSE)" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > we have the ssl-configuration in the file ssl.conf which gets > included by httpd.conf. > > it tells me that the Jk* - entries aren't supposed to be at this > place.. ? > > and if i enter the line > > SSLVerifyCl

Re: JDK Installation Problems

Urm, err, you are trying to run an i586 rpm on a power PC? "Hari Om" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I have problems on installing JDK on Red Hat Linux 7.1 power PC. > I downloaded "j2sdk-1_4_1_03-linux-i586-rpm.bin" - Linux RPM in self > extracting file and followed

Re: TOMCAT AND TLS CLIENT AUTHN

) > at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) > at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA

Re: Can an lb-worker be an ajp13 worker as well ?

<[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi all. > Can an lb worker be an ajp13 worker as well ? > I mean, you don't really need to allocate a whole box just for load > balancing, or do you ? Wouldn't it be nice to have 3 Tomcats all ajp13 > as well as lb workers ? > Switch of

Re: HELP! Client Authentication in Tomcat 4.1.24

Bug #15790 is only if you are fronting Tomcat with Apache/IIS/SunONE. If you are using the stand-alone connector, it doesn't apply. I'm guessing that this isn't your problem, since you'd get a different error. To use this setup, you need to be using MemoryRealm. The default DataSourceRealm does

Re: tomcat 4.1.24 ssl with ibm jdk 1.4

With 4.1.26 you should be able to use IBM's 1.4 JVM with the jsse jar in server/lib. It will work without the jsee jar anywhere on the machine in 4.1.27. If you need it before then, you can grab the source files from the CVS and compile the fixed version yourself. "Francois Lascelles" <[EMAIL PR

Re: HttpRequest and HttpResponse from pageContext?

HttpServletRequest req = (HttpServletRequest)pageContext.getRequest(); HttpServletResponse res = (HttpServletResponse)pageContext.getResponse(); "Gil Hauer" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > Given a PageContext object, is there any way to get back to the > Ht

Re: How to get client certificate at apache2.x + ssl + tomcat4.1.x

It's a well-known bug in TC 4.1.18-4.1.24 (and has come up on this list at least three times this week alone, so check the archives :). See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790 for more details. The 4.1.26 release should be coming out later this month with a fix for this. "zhan

Re: Using Tomcat and j2ee.jar

Since Sun has traditionally used Tomcat in it's J2EE RI, it is generally a-bad-idea to mix the j2ee.jar and Tomcat, since they are likely to be using different builds. The best way to do what you want is to just use the JavaMail and Activation jars (linked to from http://java.sun.com/products/java

Re: where is sign.sh from mod_ssl ???

It seems that it is only distributed with the Apache-1.3.x version of mod_ssl. In my experience, it is usually worth the trouble in the long run to do a full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to issue your own certs. <[EMAIL PROTECTED]> wrote in message news:[EMAIL P

Re: Mod_jk on Solaris - has anyone actually ever built it?

I've built it many times on 2.7 ;-). On 2.6, I've only ever built version 1.1 (the one that ships with TC 3.3). The PITA part of the process is to install the GNU tools that it requires. This means 'libtool', 'autoconf', 'automake', and 'GNU make'. Also, at least while you are building, 'GNU ma

Re: SingleSignOn on within an aliased Host

This should really be in the FAQ (if it isn't already). For security reasons, if you establish a session under https on TC 4.x and higher, the session is not accessible if you later fall back to http. TC 3.3.1 doesn't have this restriction, but TC 3.3.2 release will (with an option to turn it off

Re: Tomcat: SSL client authentication

You can't generally use a self-signed client cert with JSSE (you can configure PureTLS to accept it, but another bug means that you'd have to wait for 4.1.26). The work-around is way too much trouble for the sysadmin, and I don't feel like being an enabler for a true hideous design. So, you'll ju

Re: Re[2]: Tomcat: SSL client authentication

>From your 1., your client cert is self-signed, not signed by your CA cert. Since this amounts to telling the server "I am Dmitry, because I said so", it's a security-risk to accept self-signed client certs, so most HTTPS servers won't accept them. (Of course, it is also the same security-risk to

Re: Post-authentication tasks

"Sasha Borodin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > Where in the AUTH process does the session get created? Does Tomcat > > create a session, even if the AUTH failed? This would invalidate this > > whole idea. The creation of a session object would no longer imply tha

Re: HTTPS session strangeness with Tomcat 4.0.6

Filip is correct. In more detail, what is happening is that you establish a session with your HTTPS login page. When you drop out of HTTPS, you establish a new session under HTTP. Now when you re-login, your login page uses the HTTP-established session, so it is still available to your HTTP page

Re: TC on port 80: run as root?

Apache starts running as root, and binds to port 80 during initialization. Then to server requests (at least on *nix systems, and the details my very for Apache 2.0 depending on the MPM), it forks itself. The child process then changes it's identity to the non-privileged user. However, since the

Re: Production server tuning

In theory, I'd go with Kwok's recommendation: one Apache with it's own load-balancer, and 3 Tomcats instead of 3 Apaches. However, in the real-world, this would require you to upgrade to Apache 2.0.x with the 'worker' MPM. Yes, for your current config, you need to have your maxProcessors somewhe

Re: Filter and servlet mapping problem

By the time it has gotten to your Filter, Tomcat has already decided on which Servlet will serve the request (and it is too late to change it's mind :). You need to do something like: String oldURI = unWritePath(request.getServletPath()+request.getPathInfo()); RequestDispatcher rd = getServl

Re: Leaving the streams open in Servlets

"Kunnumpurath, Meeraj" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > > Is there anyway I can leave the output stream to the browser open and use it > to strean data even after the request thread has returned from the service > method of the Servlet. I am trying to achieve a s

Re: Apache2/Tomcat 4.1.24 hang with "..%5c.." pattern !!!

Apache2/Tomcat 4.1.24 hang with "..%5c.." pattern !!!Yes, it does look like that is a bug in Tomcat :-(. It's patched now in the CVS. "Kwan, Kenneth Y" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Just found if "..%5c.." is contained in request url, apache2/tomcat will hang fo

Re: HTTPS session strangeness with Tomcat 4.0.6

eafter, remain in an https session while I navigate back and forth > between the secure and public areas. Each pass through the index.jsp forces > a new logon. > > I'm confused!! Why does Netscape work when IE won't? How can I downgrade > my session from https to http wh

Re: Production server tuning

"Antonio Fiol Bonnín" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Bill Barker wrote: > > >In theory, I'd go with Kwok's recommendation: one Apache with it's own > >load-balancer, and 3 Tomcats instead of 3 Apaches. However

Re: Production server tuning

"David Rees" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Bill Barker wrote: > > "Antonio Fiol Bonnín" <[EMAIL PROTECTED]> wrote: > >> However, I am worried about what you say about Apache 2.0.x and the > >>

Re: Way to cleanup *before* session terminates ?

Sorry Charlie (ok, I couldn't resist :), but there isn't a way to do this in Tomcat 4.x and lower. However, the (current draft of the) 2.4 Servlet-Spec has changed the behavior, and so in Tomcat 5.x you can define a HttpSessionListener that will get called before the session is invalidated. "Cha

Re: Tomcat and Acces Control Lists

You'll need to modify your web.xml file to add s. I'd suggest picking up a Servlet and/or Tomcat book (the wrox one seems to be popular on the list, but I've never read it). "Sandy Voellinger" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] I am fairly new to Tomcat and am trying to s

Re: Threading Question

"Roggeveen, Brian P" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > I was wondering if it is safe to assume that when using the multithreaded > model, a single unique thread will handle each incoming request? In other > words, does the servlet container implement a thread

Re: JSP Parser

Jasper doesn't depend on Tomcat internals. It can be used on it's own, or even as the JSP Parser for another Servlet-Container. "Tim Lee" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > I'm interested in finding just a jsp parser and not an entire applicaiton > server. I

Re: Servlet BufferedOutputStream Question?

Urm, no. The browser will request each image on it's own separate Request. There is no way that the Server can anticipate what the browser will ask for next. "Dylan Swales" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Someone PLEASE Help! I have been having hassles when using a Bu

Re: connectionTimeout

"Geralyn M Hollerman" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Bill Barker wrote: > > > It depends on which you are using. The value of "0" is > > simply > > that both the Http-Coyote and the Jk-Coyote would both behave as t

Re: Front Controller Servlet

I agree that the design isn't the greatest (but I've seen much worse ;-). To do what you want, in FCServlet try something like: if(request.getServletPath().endsWith(".jsp")) { RequestDispatcher rd = getServletContext().getNamedDispatcher("jsp"); rd.forward(request, response);

Re: jsps xhtml and Internet Explorer

MSIE has a bad habit of ignoring Content-Type, so I don't know that this will work. However, what you want is: (of course, change the charset if you aren't using iso-latin-1). <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi there, > anoyone know this one? > > I have

Re: Automatic switch from http to https doesn't work for IE, does for Netscape

This is a known problem with MSIE. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13861 for more details. "Murray" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Tomcat 4.0.6 > Windows 2000 > IE 5, SP3 > Netscape 7.02 > > > I have a website which is part public, part secure.

Re: Digest

I agree with Nikola. Firstly, even if you could access Catalina internals, you are calling the wrong method. You would need to call getDigest(String userName, String Pass). From the RealmBase code, you probably want something like: <% MessageDigest md = MessageDigest.getInstance("MD5"); Strin

Re: aliases under tomcat

Eventually, you'll need to have your DNS server recognize the names. But to get started, you can just edit your system's host file and make "fr.localhost" etc. aliases for localhost. "Julien Martin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Hello, In order to internationalize a

Re: Servlet mapping for root directory in a webapp?

Alternatively, having a zero-length index.html file in your directory, together with a should also work. "Shapira, Yoav" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Howdy, >Today I changed it to: > > > MainView > /index.html > >

Re: Installing IIS Certificates in Tomcat?

"Robert J. Sanford, Jr." <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > That's great advice but it doesn't answer my basic question of whether or > not I can import a certificate that was issued based on a request generated > by IIS. Since I don't use IIS, I don't know the answer.

Re: ServletContext.getInitParameter() for a Bean?

I'm sure that other people will offer their favorites, but I'm going to offer: " /> "Rick Roberts" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > What is recomended technique for reading initialization parameters from a Bean? > > -- > *

Re: Does anyone know the cause of this exception ?

The usual reason is simply that the user hit the "stop" button in the browser. "Mufaddal Khumri" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > The root cause below told me that the Cataglog_jsp.java threw an error > at Line 75. > > Line 75 in that file is: > JspRuntimeLibrary.inclu

Re: can't find jk_nt_service.exe

It's in the 3.3 distribution only: http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/bin/win32/i386/ "Bostick, Tom" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I've searched the site over... > > Neither the Jakarta or Tomcat-4 folders has a win32/ix86 folder. > > Wh

Re: tomcat-4.1.24 compile error issue with commons-fileupload????

Either: 1) get the HTMLManagerServlet.java file from 4.1.27 2) look in the CVS, and apply the patch to your copy 3) get commons-fileupload-B1 "David Kramer" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Im trying to compile tomcat 4.1.24 from source and Im receiving the below > err

Re: Client SSL certificates signed by Windows Certificate Server

"Martin Jericho" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I am trying to use Windows Certificate Server to sign my client > certificates. > > First I tried to use a certificate that was generated in IE, but that didn't > seem to work (has anyone gotten this to work before?), s

Re: Inclusion of Mail/Activation and JAAS in TC5?

I would imagine so, since redistributing the jar files violates their License. I'm surprised that they still ship with TC4.1. "Halstead, Chris" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] The JAR files for the Mail/Activation and JAAS APIs are included with the TC4.1 binary distri

Re: Tuning KeepAlive Connections?

You can (effectively) disable KeepAlive connections by setting the 'maxKeepAliveRequests="1"' attribute on the Connector. Tomcat 5 has a more intuitive option, but it works the same way. If you have the maxKeepAliveRequests > 1, then the 'connectionTimeout' attribute on the Connector determines h

Re: Tuning KeepAlive Connections?

> -Original Message- > From: news [mailto:[EMAIL PROTECTED] Behalf Of Bill Barker > Sent: Friday, August 08, 2003 12:00 AM > To: [EMAIL PROTECTED] > Subject: Re: Tuning KeepAlive Connections? > > > You can (effectively) disable KeepAlive connections by setting the > 

Re: connectionTimeout

It depends on which you are using. The value of "0" is simply that both the Http-Coyote and the Jk-Coyote would both behave as the docs describe for "-1". For the Jk-Coyote Connector, you usually want the connectionTimeout disabled, or at least set to a large value (e.g. 5min). The mod_jk modul

Re: Client SSL certificates signed by Windows Certificate Server

"Martin Jericho" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > - Original Message ----- > From: "Bill Barker" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, August 11, 2003 2:03 PM > Subject: Re: Client

Re: off-topic, need help in scrolling

The only limitation of using JSP 1.1 is that you have to use a BodyTag instead of an IterationTag. Otherwise, the logic is similar. An example would be a bit too big to post here, but the idea is that you save the ending index in the Session (and, if you can afford to save the list, save it in th

Re: Tomcat 4.1.18 and SQUID

"Brian Peterson" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Let me try again. > > I've done a lot of testing, and reading. > > Tomcat doesn't honor a HTTP/1.0 Connection: keep-alive when it comes from > SQUID. I've upgraded Tomcat to 4.1.27 (latest stable), and I am still > see

Re: problem importing thawte certificate into keystore

Easiest is probably to use openssl to create a pkcs12 file, and use that as your keystore. I don't feel like answering this question twice in one week, so search the archives for the "Installing IIS Certificates in Tomcat?" thread. Your issues are the same as his. "bob tod" <[EMAIL PROTECTED]> w

Re: Where to find jakarte-tomcat-jasper src tarball???

It is packaged with the 4.1.x tarball (ditto for 5.0.x). You'll find it in the 'jasper' directory where you unpacked the tarball. "David Kramer" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I have searched all over the web looking for this tarball. I found the CVS > repository t

Re: Japanese Characters in JSP's

I don't know why cp1251 et. al. work (probably they are single-byte encodings, and shift_jis is multi-byte). However, try adding: <[EMAIL PROTECTED] contentType="text/html; charset=shift_jis" %> to your page. This will tell Tomcat that the Writer should use "shift_jis" as it's encoding. Since yo

Re: mod_jk-problem with rewritten urls

This is supposed to be fixed in the upcoming mod_jk 1.2.5. It's still being evaluated, but you can get the early-access from http://cvs.apache.org/~glenn/jakarta-tomcat-connectors-jk-1.2.5-src.tar.gz. "Karsten Dello" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > dear list, > > i

Re: Question about ssl and tomcat

You need to set the redirectPort attribute on the Connector to point to Apache's SSL port. However, since this defaults to 443, I'm guessing that the real problem is that you don't have your JkMount statements defined in your SSL VirtualHost. <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTE

Re: url-pattern and realms security

It's a Tomcat implementation detail, but I believe that 4.1.x does a first-match (so moving "/*" to the end of the list should work). The Servlet 2.4 spec is much more specific about what to do in your case, so Tomcat 5 and WebLogic should do the same thing when they come out. "Madere, Colin" <[E

Re: can a taglib include a .jsp file ?

Assuming that your Tag extends TagSupport try: pageContext.include("mySomething.jsp"); "Mufaddal Khumri" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I know what the problem is and I know what I am trying to do wont get > translated... thats why i have asked for a better solut

Re: From which apache virtual host did a request come from?

Have you tried request.getHeader("host"); ? "Mike Curwen" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Our Tomcat has one . There is also only one webapp to which any > request to the foo.com domain should go. > > Apache vhost blah.foo.com -> TC default host, default webapp > A

Re: Tomcat 4.1 & https problem

"full path to mykeystore" is a very unusual name for a file. ;-). "Hou, Rowena" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > > I've been running Tomcat as a standalone Web server for a while. My project > run fine at http with sign applet. I want to switch from HTTP to HTTPS

Re: Apache_SSL+Tomcat_nonSSL+mod_proxy

I assume that you mean the client-cert. Firstly, I don't think that you can get this passed from mod_proxy to Tomcat (but I could be wrong, I've never tried :). It looks like the client doesn't have any valid certs to send (the blank dialog). You could try setting 'SSLVerifyClient optional' to v

Re: Tomcat 4.1.24 with JDK 1.4.1_03 compiled version wont start

Did you do an 'ant clean' between builds? Otherwise, you might be using the j-t-c classes that were compiled w/o JMX. As a test, I commented out the references to 'jmx' and 'modeler' in by build.properties, and did a clean build. Once I commented out the two JMX listeners, Tomcat worked perfectl

Re: From which apache virtual host did a request come from?

It seems that I had a momentary lapse here. A better suggestion is to use request.getServerName();. The 'host' header will also include the port number (if it's a non-standard port). "Bill Barker" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >

Re: Vedr.: RE: Fetching protected URL in Tomcat

Of course I could make a patch for this (it's really easy to do :). However I won't, since I consider getting a patch submission to indicate that the feature is actually important enough to someone that they would take the time to figure out how to do it. If it's not that important to them, then

Re: two way trust

There have been very many client-cert changes since 4.1.12. For using Sun's JVM (which you seem to be using), you probably need to upgrade to at least 4.1.24. For other vendors, you need to upgrade to 4.1.27. In particular, 4.1.12 uses JSSE 1.0.x, so you need to upgrade to take advantage of JSSE

Re: url-pattern and realms security

"Madere, Colin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > That is a concrete path and you must be joking if you are suggesting to > explicitly define each and every URL as a "web-resource". The idea of > hierarchical authorization of resources is a very sound idea and other au

Re: port 8009 security (ajp13)

Well, you have, like two options (that you would already know about if you had bothered to RTFM ;-). 1) In server.xml set the 'address=localhost' parameter on the Connector. 2) In jk2.properties set 'channelSocket.address=localhost' "yo" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]

Re: Starting Tomcat w/ commons-daemon

The Tomcat.sh file is meant to be a template for the file that you install in '/etc/init.d'. In particular, it sets the JAVA_HOME variable to where a 1.3.1 JVM would live on a Solaris box (which is most likely the cause of your errors). Most of the other variable will likely need to be modified a

Re: Error when I start Jakarta-tomcat(Cont)

Correct. You need to do 'ls -lL /bin/sh' to be sure. However, if the link is there, I'd guess that what it links to is probably there. More likely, Tomcat's 'startup.sh' script isn't executable (e.g. you used the ".zip" download, or copied from a Windows machine). "victor pereira" <[EMAIL PROTE

Re: About heap size, gc and newsize

At least in Tomcat, the HttpRequests aren't short-lived ;-). If you are using Sun's JVM, then I'd try -Xincgc first (otherwise, consult your vendor's docs for the correct option). In many cases it hurts performance, but in some it improves it dramatically. Your mileage may vary ;-). <[EMAIL PRO

Re: Tomcat cannot find subclass

Unlike Tomcat 4, Tomcat 3 uses a delegating ClassLoader. This means that jars in lib/apps can't see classes in WEB-INF/classes. Also, as long as the jar is in lib/apps, Tomcat 3 will load classes from there in preference to the same jar in WEB-INF/lib. "James C. McMaster (Jim)" <[EMAIL PROTECTED

Re: Exception get SSL attributes - SSLPeerUnverifiedException: peer not authenticated.

I just ported the patch from the j-t-c HEAD. Yes, the error is harmless (except for the disk space it takes up :). TC 4.1.28 should be quieter. If you need it sooner, then you can grab it from the CVS and re-compile. "Chris Massam" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > H

Re: Server.xml

Of course, one way is to comment out the http connector. The other way is to include a security-constraint in your web.xml something like: SSL area /protected/* CONFIDENTIAL This forces all URLs under /myapp/protected to use SSL to process them. Of c

Re: classpath issues and system properties

"srinivas reddy" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > I am using tomcat 4.1.24. I have a couple of > questions. > > 1. Online documentation about class loader says, > System class loader operates on CLASSPATH. I have > included j2ee.jar in my CLASSPATH, but tomcat is

Re: How to apply for the hotfix of 4.1.27?

All you have to do is to unzip the file into $CATALINA_HOME (with the "use pathnames option if that isn't the default), and it will end up in the correct place. The correct place is: $CATALINA_HOME/server/classes/org/apache/catalina/core/StandardContext.class . This works since Tomcat's ClassLoad

<    2   3   4   5   6   7   8   9   10   11   >