Re: jsp:forward & encodeURL()

2002-07-22 Thread G . Kersten 

Power-Netz \(Schwarz\) <[EMAIL PROTECTED]>
Betreff: jsp:forward & encodeURL()
schrieb am 18.07.02:


>Hi,

>we found out that encodeURL() should not be used for URL for
> calls with TC 3.3.x .
>It just does not work. I think the forward takes filenames instead of
>URLs, right?

Nearly. You should use:

- an address relative to the current page, or
- an absolute address, starting from the context root.

If you don't define any web-applications, your context root is just the  
document root.

To forward from http://myserver.de/myfolder/mycontent.jsp to http:// 
myserver.de/myfolder/newpage.jsp, use:

- newpage.jsp
- /myfolder/newpage.jsp

But you must not include the server name!


Gerd

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: mod_jk option explainations - if you'd be so kind

2002-07-17 Thread G . Kersten 

Eddie Bush <[EMAIL PROTECTED]>
Betreff: mod_jk option explainations - if you'd be so kind
wrote on 2002-07-15:

>Hi, could someone tell me the function of the following, please?

>JkExtractSSL On
>JkHTTPSIndicator HTTPS
>JkSESSIONIndicator SSL_SESSION_ID
>JkCIPHERIndicator SSL_CIPHER
>JkCERTSIndicator SSL_CLIENT_CERT


These options control the way, how SSL information is included in the request  
submitted to tomcat. As these values are the default values, you may ignore  
or leave them altogether.

No black magic with proxies or redirects ...

Gerd Kersten

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

SSL environment variable: key size

2002-06-02 Thread G . Kersten 

I need to know the keysize, which is actually used in a SSL connection.

There are no environment variables like HTTPS or HTTPS_KEYSIZE like on  
Netscape Webserver, and even following all hints in tomcat-ssl-howto.html we  
didn't see any new request parameter.

Funny enough, there are two attributes (session_id, cipher_suite), but not  
the key_size we are looking for. This attribute shall be supported from  
Servlet 2.3, but Tomcat 3.3 is not more than Servlet 2.2.

Any other idea how to get the SSL key size?

We use Tomcat 3.3, Apache 1.3.22, mod_ssl 2.8.5 on Solaris 5.7, JDK 1.2.2.


Gerd Kersten



...Extract of the httpd.conf ..



##
## SSL Environment variables [added by gke]
##

# Should mod_jk send SSL information to Tomcat (default is On)
JkExtractSSL On
# What is the indicator for SSL (default is HTTPS)
JkHTTPSIndicator HTTPS
# What is the indicator for SSL session (default is SSL_SESSION_ID)  
JkSESSIONIndicator SSL_SESSION_ID
# What is the indicator for client SSL cipher suit (default is SSL_CIPHER)  
JkCIPHERIndicator SSL_CIPHER
# What is the indicator for the client SSL certificated (default is  
SSL_CLIENT_CERT)
JkCERTSIndicator SSL_CLIENT_CERT

##
## SSL Virtual Host Context
##


#  General setup for the virtual host
DocumentRoot "/usr/local/www"
ServerName ipent01.mydomain.de
ServerAdmin [EMAIL PROTECTED]
#ErrorLog /usr/local/httpd/logs/error_log
#TransferLog /usr/local/httpd/logs/access_log
#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on

[...]

# "jsp" added [gke, 16.05.02]

SSLOptions +StdEnvVars +ExportCertData
#SSLOptions +StdEnvVars


SSLOptions +StdEnvVars


[...]





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 



--
To unsubscribe, e-mail:   
For additional commands, e-mail:

SSL and JSP session

2002-06-02 Thread G . Kersten 

We enable URL rewriting by response.encodeUrl(url), and it works fine for  
https URL's. But there is no longer any session tracking when we shift to  
https. I guess this because the Java URL class treats a https URL as  
"malformed URL".

On the other hand, I've heard that wise people use the SSL session instead of  
the simple jessionid for SSL connections. But how to enable this? Do we have  
to write it ourself?

We use Tomcat 3.3, Apache 1.3.22, mod_ssl 2.8.5 on Solaris 5.7, JDK 1.2.2.

Gerd Kersten

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

SSL environment variables from apache mod_ssl

2002-05-22 Thread G . Kersten 

I desperately need the SSL environment variables like HTTPS or HTTPS_KEYSIZE,  
which should be delivered from mod_ssl to the JSP engine, after Apache has  
established a HTTPS connection. Especially I have to check the actual key  
size.

In tomcat-ssl-howto.html it is described how to adjust httpd.conf. Although I  
follow the guidelines, nothing happens. Is there something to be taken care  
of on the Tomcat side?

If I copy the JkExtractSSL etc. commands into the VirtualHost section, there  
is no Tomcat connection at all (no interceptor initiated, JSP source is  
delivered unprocessed).

Any ideas?

We use Tomcat 3.3, Apache 1.3.22, mod_ssl 2.8.5 on Solaris 5.7, JDK 1.2.2.


Gerd Kersten



...Extract of the httpd.conf ..



##
## SSL Environment variables [added by gke]
##

# Should mod_jk send SSL information to Tomcat (default is On)
JkExtractSSL On
# What is the indicator for SSL (default is HTTPS)
JkHTTPSIndicator HTTPS
# What is the indicator for SSL session (default is SSL_SESSION_ID)  
JkSESSIONIndicator SSL_SESSION_ID
# What is the indicator for client SSL cipher suit (default is SSL_CIPHER)  
JkCIPHERIndicator SSL_CIPHER
# What is the indicator for the client SSL certificated (default is  
SSL_CLIENT_CERT)
JkCERTSIndicator SSL_CLIENT_CERT

##
## SSL Virtual Host Context
##


#  General setup for the virtual host
DocumentRoot "/usr/local/www"
ServerName ipent01.mydomain.de
ServerAdmin [EMAIL PROTECTED]
#ErrorLog /usr/local/httpd/logs/error_log
#TransferLog /usr/local/httpd/logs/access_log
#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on

[...]

# "jsp" added [gke, 16.05.02]

SSLOptions +StdEnvVars +ExportCertData
#SSLOptions +StdEnvVars


SSLOptions +StdEnvVars


[...]





--
To unsubscribe, e-mail:   
For additional commands, e-mail:

SecurityManager: write access on webapp?

2002-04-18 Thread G . Kersten 

Hi, I've activated tomcat.policy by starting Tomcat 3.3 with "-sandbox".  
Read, write, and delete access for any folder follow the permissions I grant  
in tomcat.policy.

But without granting anything, I have not just read access to my webapp dir  
(which is located outside the Tomcat directory structure), but also write  
access -- which is exactly that I intended to block by using the  
SecurityManager. At least, delete requests are blocked by SecurityException.

A bit puzzling. We use JDK 1.2.2 on Solaris 5.8. Any ideas?
(Sorry for 2nd posting, but we desperately need an answer.)

Thanks,

Gerd Kersten

--
To unsubscribe:   
For additional commands: 
Troubles with the list:

Reloadable: reloads also JSP pages?

2002-04-14 Thread G . Kersten 

Hi, a detail I haven't yet found, neither in the archives nor in the user- 
guide: Does the "reload" attribute in context not just control reloading of  
servlets, but also recompiling of JSP pages?

I observed that behaviour with "reload=false", i.e. the users still got the  
old version of changed JSP pages. Thus I switched back to "reload=true",  
although this isn't recommended for production sites. Our site has frequent  
changes of JSP pages, but servlets are updated rather seldom. Is there any  
other switch to control recompiling (or caching) of JSP pages?


Gerd Kersten

--
To unsubscribe:   
For additional commands: 
Troubles with the list:

SecurityManager: write access on webapp?

2002-04-14 Thread G . Kersten 

Hi, I've activated tomcat.policy by starting Tomcat 3.3 with "-sandbox".  
Read, write, and delete access for any folder follow the permissions I grant  
in tomcat.policy.

But without granting anything, I have not just read access to my webapp dir  
(which is located outside the Tomcat directory structure), but also write  
access -- which is exactly that I intended to block by using the  
SecurityManager. At least, delete requests are blocked by SecurityException.

A bit puzzling. We use JDK 1.2.2 on Solaris 5.8. Any ideas?

Thanks,

Gerd Kersten

--
To unsubscribe:   
For additional commands: 
Troubles with the list: