Tomcat standard error page - security issue
Hello How can I change standard Tomcat error page ? It prints Tomcat version and our auditors said it might be a security issue. I have servlets and JSP pages in my app. I have error-page directive in all JSP pages, however in case of Null Pointer Exception it's seems not working. thanx in advance Maris Orbidans www.datapro.lv - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
I can't use SAXON XML parser in my WEB app, please help
hello all I want to use SAXON XML parser in my WEB app. I put saxon.jar and saxon-jdom.jar in web-inf/lib of my web app. Now Tomcat doesnt work at all, it throws at startup: [ERROR] Digester - -Digester.getParser: javax.xml.parsers.ParserConfigurationException: AElfred parser is non-validating javax.xml.parsers.ParserConfigurationException: AElfred parser is non-validating It seems that Tomcat tries to SAXON as default XML parser. I tried to move Xerces and jaxp jar's from common/endorsed to /server/lib, it didnt work, ClassCastException was thrown, it seems because of duplicated classes loaded by saxon.jar and xmlParserAPIs.jar. (classes are different but with the same name ) I was very upset, because I have read in Tomcat docs: Common - This class loader contains additional classes that are made visible to both Tomcat internal classes and to all web applications. xerces.jar - The XML parser that is visible by default to Tomcat internal classes and to web applications. This can be overridden, for a particular web application, by including your desired parser in /WEB-INF/lib. I use Tomcat 4.1.18 and jdk 1.3.1. (NOT LE) thanx in advance Maris Orbidans - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat and Apache+SSL integration issues
hello all We have finished a large project which was based on Tomcat and Struts farmework. Now our client wants to use SSL. Our architecture is as follows: Client-ssl content-Apache (MOD_SLL) -unencrypted content- Tomcat We use Tomcat 4.1.18 (have tried also 4.0) and Apache HTTP server 1.3.27. SSL support is installed in Apache, and it uses mod_proxy (NOT mod_jk) to talk to Tomcat. It doesnt work very well , if I go to https:// and login succesfully, IE shows a warning message you are gonna be redirected to a non-secure connection and it goes back to http:// I have tried Tomcat+SSL without Apache HTTP server and all worked perfectly. Also I am not sure that mod_proxy (with ProxyPass and ProxyPassReverse in httpd.conf file) is enough, or should we use mod_jk ? Does anybody have some ideas how to solve it ? thanx Maris Orbidans app. architect - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tomcat and Apache+SSL integration issues
we have Tomcat and Apache on different hosts. Do we need to install Tomcat on Apache's host too ? Apache HTTP server needs config file workers.properties. It has a property Tomcat_home which points to Tomcat installation. Maris -Original Message- From: Lajos [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 6:26 PM To: Tomcat Users List Subject: Re: Tomcat and Apache+SSL integration issues Maris - I have done this on several occasions with mod_jk without any problem. I can't compare it to mod_proxy, since I rarely use it, but I suggest you try mod_jk. Regards, Lajos Mris Orbidns wrote: hello all We have finished a large project which was based on Tomcat and Struts farmework. Now our client wants to use SSL. Our architecture is as follows: Client-ssl content-Apache (MOD_SLL) -unencrypted content- Tomcat We use Tomcat 4.1.18 (have tried also 4.0) and Apache HTTP server 1.3.27. SSL support is installed in Apache, and it uses mod_proxy (NOT mod_jk) to talk to Tomcat. It doesnt work very well , if I go to https:// and login succesfully, IE shows a warning message you are gonna be redirected to a non-secure connection and it goes back to http:// I have tried Tomcat+SSL without Apache HTTP server and all worked perfectly. Also I am not sure that mod_proxy (with ProxyPass and ProxyPassReverse in httpd.conf file) is enough, or should we use mod_jk ? Does anybody have some ideas how to solve it ? thanx Maris Orbidans app. architect - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Lajos Moczar Open Source Support, Consulting and Training Cocoon Developer's Handbook (www.amazon.com/exec/obidos/tg/detail/-/0672322579) _ _ / \ / /___\ / / \ / http://www.galatea.com -- powered by AzSSL - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: I can't use SAXON XML parser in my WEB app, please help
thank you yes I managed to get SAXON XSLT engine to work with Tomcat's XERCES parser. Changed classname in file javax.xml.parsers.SAXParserFactory in saxon.jar Maris Orbidans -Original Message- From: Mitchell, Edmund [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 6:22 PM To: 'Tomcat Users List' Subject: RE: I can't use SAXON XML parser in my WEB app, please help Mike Kay, the creator of Saxon, says: This problem is caused by the fact that you have made AElfred the default XML parser. Tomcat needs a validating parser for its own use, and AElfred isn't a validating parser. You can usually solve the problem by changing the order of things on the classpath, or by removing the file META-INF/javax.xml.parsers.SAXParserFactory from saxon.jar. Searching the Saxon mailing list for tomcat will give further suggestions. HTH Edmund -Original Message- From: Maris Orbidans [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 10:42 AM To: [EMAIL PROTECTED] Subject: I can't use SAXON XML parser in my WEB app, please help hello all I want to use SAXON XML parser in my WEB app. I put saxon.jar and saxon-jdom.jar in web-inf/lib of my web app. Now Tomcat doesnt work at all, it throws at startup: [ERROR] Digester - -Digester.getParser: javax.xml.parsers.ParserConfigurationException: AElfred parser is non-validating javax.xml.parsers.ParserConfigurationException: AElfred parser is non-validating It seems that Tomcat tries to SAXON as default XML parser. I tried to move Xerces and jaxp jar's from common/endorsed to /server/lib, it didnt work, ClassCastException was thrown, it seems because of duplicated classes loaded by saxon.jar and xmlParserAPIs.jar. (classes are different but with the same name ) I was very upset, because I have read in Tomcat docs: Common - This class loader contains additional classes that are made visible to both Tomcat internal classes and to all web applications. xerces.jar - The XML parser that is visible by default to Tomcat internal classes and to web applications. This can be overridden, for a particular web application, by including your desired parser in /WEB-INF/lib. I use Tomcat 4.1.18 and jdk 1.3.1. (NOT LE) thanx in advance Maris Orbidans - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]