Installing APR based Apache Tomcat Native Library

2016-01-27 Thread Yuval Schwartz 
Hello,

tomcat version: 8.0.22
java: jdk1.8.0_05
server: Amazon Linux AMI

When deploying my web application to my production environment (detailed
above), I get a message:



*The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
java.library.path*
So I wanted to install the Apache Tomcat Native library (does this improve
performance even for a web app that doesn't use SSL?)
According to the documentation: http://tomcat.apache.org/native-doc/
I installed the apr-devel and openssl-devel packages with the command:

yum install apr-devel openssl-devel

However, I don't understand the next part of the instructions which
discusses the "make && make install" command.
>From where do I run this command? I searched and I could not find a
"jni/native" directory.
>From where do I run the "./configure --help" command and the other
"./configure" commands?

Thank you.

Should tomcat form login offer redirects to login page besides forward?

2016-01-27 Thread Bernhard Lenz 
I'm currently researching an architectural issue which has been pondering
me for quite some time now.

Tomcat is probably one of the most widely used web servers out there.
It has some really nice build in features to implement authentication
and authorization using
Form Based Authentication and the SingleSignOn valve. Also the database
realms with configurable table and column names and hashing of passwords
are exactly what is needed to develop state of the art web sites.

In my career I've almost exclusively come across (or worked on) web sites
which consist of multiple war modules protected by a single site wide login
page. Examples are myprofile.war for a customer to update his information,
and admin.war for internal users to administer the site, etc etc. All wars
are typically protected by a single login page which matches the style of
the web page.

However it appears that (based on the Servlet Reference Implementation) the
login page can only live within each war's servlet context and therefore
the login page must be copied into each single war. This makes it kind of
hard to maintain the login page, and in case the page needs to be
modified it must be changed in multiple places (namely in each war) instead
of just in one place.

In order to adapt Tomcat better to today's web development practices I
would like to suggest an enhancement for Tomcat to provide some kind
of host level declaration of a login page which overrides the web.xml
definition or takes affect if the login page is not declared inside the
web.xmls. For this the FormAuthenticator's forwardToLoginPage method would
need to be modified to also offer a (conditional) redirect besides just a
forward. In my simple mind such a change shouldn't be too difficult to
implement.

I also looked at glassfish's clone of Tomcat and saw that the glassfish
team did add a redirect to the forwardToLoginPage method, although it
appears not exactly for this purpose

I'm curious to know your thoughts about this enhancement and how to best
proceed with it?

Sincerely
Bernie

RE: WebEx meeting invitation: Apache Tomcat: TLS key and certificate generation

2016-01-27 Thread Cris Berneburg - US 
> The recording for this is now available on the Apache Tomcat YouTube
> channel: https://www.youtube.com/channel/UCpqpJ0-G1lYfUBQ6_36Au_g

Thanks Mark!

> > [SNIP]
> >>
> >> *Apache Tomcat: TLS key and certificate generation* Tuesday, 26 
> >> January 2016
> >> 10:00  |  GMT Time (London, GMT)  |  1 hr
> >>
> >> [SNIP]

--
Cris Berneburg, Lead Software Engineer, CACI


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

SAML SSO (Service Provider) Configurations on Tomcat Server

2016-01-27 Thread Mohammed Soukath Ali 
Hi Team,

We are planning to implement SAML in our Tomcat server. Please provide us 
useful links for SAML Configuration. We will be using Tomcat server as a 
service provider.

Please find the details of the Tomcat Server version which we are using.

Server version: Apache Tomcat/7.0.32
Server built:   Oct 3 2012 08:51:20
Server number:  7.0.32.0
OS Name:Linux
OS Version: 3.0.76-0.11-default
Architecture:   amd64
JVM Version:6.1.058
JVM Vendor: SAP AG

Thanks,
Soukath
Work(O) : 080 - 67147844
Cell  : +91 8971837373

SAML SSO (Service Provider) Configurations on Tomcat Server

2016-01-27 Thread Mohammed Soukath Ali 
Hi Team,

We are planning to implement SAML in our Tomcat server. Please provide us 
useful links for SAML Configuration. We will be using Tomcat server as a 
service provider.

Please find the details of the Tomcat Server version which we are using.

[cid:image001.png@01D1590D.71FA21C0]

Thanks,
Soukath
Work(O) : 080 - 67147844
Cell  : +91 8971837373

url redirect in tomcat 8

2016-01-27 Thread MICHELLE RENEE LARSON 
I have an application iDashboards it is based on tomcat.

It has a web license or a named user license we use both however now they
want to restrict access to the link that is used for the web license (as
for now it is open to everyone)

 

The main url is https://idashboards.outreach.psu.edu/idashboards

The url for the web is the same with stuff added to the end of the default
url.

 

Is there a way in tomcat to only redirect the link for the web license
url.

Re: WebEx meeting invitation: Apache Tomcat: TLS key and certificate generation

2016-01-27 Thread Rainer Frey (Inxmail GmbH) 
On 27.01.2016, at 13:31, Mark Thomas  wrote:
> 
> All,
> 
> The recording for this is now available on the Apache Tomcat YouTube
> channel: https://www.youtube.com/channel/UCpqpJ0-G1lYfUBQ6_36Au_g

I don’t know whether that has s.th. to do with the WebEX sound option, 
but the sound of the recording is much much better than before. Thanks!

Rainer
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Application throwing ClassCast Exception while upgrading from tomcat 8.0.18 to tomcat 8.0.30

2016-01-27 Thread Adhavan Mathiyalagan 
Hi Mark,

Kindly find my answer for your query

How are you inserting Integers into that Map?

Displaytag(3pp)  introduces the value for the 'table name parameter
tag'(highlighted in bold) as integer in the request .

this is used as identifier for the table name.

Http Request Parameter :

{*d-3034713-p=1*,
Description=[Ljava.lang.String;@9afb582,
SuToken=[Ljava.lang.String;@6eb56ec5,
requestMapping=[Ljava.lang.String;@497b804b,
IVP_Code=[Ljava.lang.String;@4b23e19d,
RequestTimeStamp=[Ljava.lang.String;@20b130f5,
OkButton=[Ljava.lang.String;@51053597,
FW_SubmittedFormPath=[Ljava.lang.String;@2d01760f,
IVP_Description=[Ljava.lang.String;@3aede9de,
SuStepName=[Ljava.lang.String;@59950c0b,
Code=[Ljava.lang.String;@4849d41f}

As the tomcat version ( greater than tomcat 8.0.18) version restricts the
parameter value type to String only Hence the below class cast exception is
thrown .

Caused by: java.lang.ClassCastException: java.lang.Integer cannot be cast
to [Ljava.lang.String;
at
org.apache.catalina.core.ApplicationHttpRequest.getParameter(ApplicationHttpRequest.java:369)
at
org.displaytag.util.DefaultRequestHelper.getParameterMap(DefaultRequestHelper.java:128)
at
org.displaytag.util.DefaultRequestHelper.getHref(DefaultRequestHelper.java:75)
at
com.ccc.ddd.cfw.wcs.uitemplates.taglib.displaytag.ExtendedRequestHelper.getHref(ExtendedRequestHelper.java:191)
at org.displaytag.tags.TableTag.initHref(TableTag.java:1061)
at
com.ccc.ddd.cfw.wcs.uitemplates.taglib.displaytag.TableTag.initHref(TableTag.java:666)
at org.displaytag.tags.TableTag.initParameters(TableTag.java:866)
at org.displaytag.tags.TableTag.doStartTag(TableTag.java:722)
at
com.ccc.ddd.cfw.wcs.uitemplates.taglib.displaytag.TableTag.doStartTag(TableTag.java:712)


Version of the 3PP Used :

Displaytag version : displaytag 1.1
Tomcat Version : tomcat 8.0.30

Kindly suggest me the path forward for the issue.

Thanks in Advance.

Adhavan.M



On Fri, Jan 22, 2016 at 6:46 PM, Mark Thomas  wrote:

> On 22/01/2016 13:01, Adhavan Mathiyalagan wrote:
> > Hi Mark,
> >
> > Kindly let me know if you can conclude if the issue is on the client side
> > of application or  tomcat restriction that has/will be reverted.
>
> Until you answer my previous question, this thread is not going to
> progress.
>
> Mark
>
>
> >
> > Note : As i mentioned already the application was working without issues
> > with tomcat version <= 8.0.18
> >
> > Thanks ,
> > Adhavan
> >
> >
> >
> > On Wed, Jan 20, 2016 at 4:17 AM, Mark Thomas  wrote:
> >
> >> On 19/01/2016 16:37, Adhavan Mathiyalagan wrote:
> >>> Thanks Mark ! Please find my answer
> >>>
> >>> Figure out what is inserting something other than String[] as the value
> >>> into a Map instance.
> >>>
> >>> There are lot of places in Client we insert 'Integer' datatype
> (Also
> >>> other datatypes) .I fear that it is going to be more
> >>> tedious thing to identify and fix all the client code.
> >>>
> >>>  Is there any other way or path forward to fix this ? (Like upgrading
> the
> >>> displaytag version
> >>> which is currently 1.1)  Or Is the modifying the Client Code is the
> only
> >>> path forward ?
> >>
> >> It depends. How are you inserting Integers into that Map? I'm trying to
> >> figure out if this is a client code bug or if the restriction that was
> >> added to Tomcat was overly strict and needs to be reverted.
> >>
> >> Mark
> >>
> >>
> >>>
> >>> Thanks Again !
> >>>
> >>> On Tue, Jan 19, 2016 at 8:12 PM, Mark Thomas  wrote:
> >>>
>  On 19/01/2016 13:39, Adhavan Mathiyalagan wrote:
> 
>  
> 
> > What i could understand is application is throwing exception due to
>  change
> > in the getParameter method of ApplicationHttpRequest class ,which
> >> earlier
> > was accepting all datatypes (like Integer)
> > is now restricted to 'String'  datatype only .
> >
> > Kindly let me know why this change has been done ( in the
> getParameter
> > method of ApplicationHttpRequest class)
> 
>  If only the Apache Tomcat project used some form of version control
>  system where every change to the source code was tracked along with a
>  comment that explained why...
> 
> > and the suggest me the path forward
> > for fixing the issue.
> 
>  Figure out what is inserting something other than String[] as the
> value
>  into a Map instance.
> 
>  Mark
> 
> 
>  -
>  To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>  For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> >>>
> >>
> >>
> >> -
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>
> >>
> >
>
>
>

RE: SAML SSO (Service Provider) Configurations on Tomcat Server

2016-01-27 Thread Mohammed Soukath Ali 
Hi Mader,

Thanks for your reply. This is exactly what we are looking for. Can you please 
provide us the required documents so that it will be of great help for our 
implementation. Please provide us the prerequisite steps as well.

Thanks,
Soukath
Work(O) : 080 - 67147844
Cell  : +91 8971837373

-Original Message-
From: Mader, Michael [mailto:michael.ma...@tyson.com] 
Sent: Wednesday, January 27, 2016 6:55 PM
To: users@tomcat.apache.org
Subject: RE: SAML SSO (Service Provider) Configurations on Tomcat Server

-Original Message-
From: Mohammed Soukath Ali [mailto:mohammedsou...@vmware.com] 
Sent: Wednesday, January 27, 2016 2:50 AM
To: users@tomcat.apache.org
Subject: SAML SSO (Service Provider) Configurations on Tomcat Server

Hi Team,

We are planning to implement SAML in our Tomcat server. Please provide us 
useful links for SAML Configuration. We will be using Tomcat server as a 
service provider.

Please find the details of the Tomcat Server version which we are using.

Server version: Apache Tomcat/7.0.32
Server built:   Oct 3 2012 08:51:20
Server number:  7.0.32.0
OS Name:Linux
OS Version: 3.0.76-0.11-default
Architecture:   amd64
JVM Version:6.1.058
JVM Vendor: SAP AG

Thanks,
Soukath
Work(O) : 080 - 67147844
Cell  : +91 8971837373

Mohammed,

Might I suggest you take a look at 
https://urldefense.proofpoint.com/v2/url?u=http-3A__shibboleth.net_=BQIFAg=Sqcl0Ez6M0X8aeM67LKIiDJAXVeAw-YihVMNtXt-uEs=Gy_ezApbeMAxM7AF85Hx5QXKzupcujEKT5giJ_B01U4=ExT620pBOfIatfPE-Q2s0yi3yflGsUi0gmAosM_TAuQ=CevPsI8gJlN_wJrrjL8VumyD-mM0cCntSXZIKstkDDM=
 .  They have a product for both the Service Provider and Identity Provider.

Because of your JVM vendor, it appears that you're trying to implement SAML for 
Business Objects, correct?  If that is the case, you're needing the SAML 
Service Provider side.  For that, we did use the Service Provider product in 
conjunction with Apache HTTPD and configuring Business Object with trusted 
authentication.

- Mike Mader

--
This email and any files transmitted with it are confidential and intended 
solely for the use of the addressee. If you are not the intended addressee, 
then you have received this email in error and any use, dissemination, 
forwarding, printing, or copying of this email is strictly prohibited. Please 
notify us immediately of your unintended receipt by reply and then delete this 
email and your reply. Tyson Foods, Inc. and its subsidiaries and affiliates 
will not be held liable to any person resulting from the unintended or 
unauthorized use of any information contained in this email or as a result of 
any additions or deletions of information originally contained in this email.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: WebEx meeting invitation: Apache Tomcat: TLS key and certificate generation

2016-01-27 Thread Mark Thomas 
All,

The recording for this is now available on the Apache Tomcat YouTube
channel: https://www.youtube.com/channel/UCpqpJ0-G1lYfUBQ6_36Au_g

Mark


On 18/01/2016 15:14, Mark Thomas wrote:
> On 18/01/2016 15:09, Mark Thomas wrote:
>> Hello,
>> Mark Thomas invites you to join this WebEx meeting.
> 
> All,
> 
> I have configured this meeting to use VoIP rather than teleconference
> for the audio as from previous WebEx presentations that appeared to be
> the preferred option (and for reasons I won't go into it has to be VoIP
> or telephone, I can't enable both at the same time).
> 
> I have also purchased a headset so, hopefully, the audio should be
> better this time around.
> 
> As I have said before, we are still experimenting with this to figure
> out what works best so please bear with us if things aren't perfect on
> the day.
> 
> Hope to see you there,
> 
> Mark
> 
> 
>>
>>  
>>
>> *Apache Tomcat: TLS key and certificate generation*
>> Tuesday, 26 January 2016
>> 10:00  |  GMT Time (London, GMT)  |  1 hr
>>
>>  
>>
>> *Join WebEx meeting*
>> 
>>
>>
>> Meeting number:  642 376 220
>>  
>>
>>  
>>
>> Add this meeting
>> 
>> to your calendar. (Cannot add from mobile devices.)
>>
>>  
>>
>> Can't join the meeting? Contact support.
>> 
>>
>>  
>>
>> IMPORTANT NOTICE: Please note that this WebEx service allows audio and
>> other information sent during the session to be recorded, which may be
>> discoverable in a legal matter. By joining this session, you
>> automatically consent to such recordings. If you do not consent to being
>> recorded, discuss your concerns with the host or do not join the session.
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: SAML SSO (Service Provider) Configurations on Tomcat Server

2016-01-27 Thread Mader, Michael 
-Original Message-
From: Mohammed Soukath Ali [mailto:mohammedsou...@vmware.com] 
Sent: Wednesday, January 27, 2016 2:50 AM
To: users@tomcat.apache.org
Subject: SAML SSO (Service Provider) Configurations on Tomcat Server

Hi Team,

We are planning to implement SAML in our Tomcat server. Please provide us 
useful links for SAML Configuration. We will be using Tomcat server as a 
service provider.

Please find the details of the Tomcat Server version which we are using.

Server version: Apache Tomcat/7.0.32
Server built:   Oct 3 2012 08:51:20
Server number:  7.0.32.0
OS Name:Linux
OS Version: 3.0.76-0.11-default
Architecture:   amd64
JVM Version:6.1.058
JVM Vendor: SAP AG

Thanks,
Soukath
Work(O) : 080 - 67147844
Cell  : +91 8971837373

Mohammed,

Might I suggest you take a look at http://shibboleth.net/.  They have a product 
for both the Service Provider and Identity Provider.

Because of your JVM vendor, it appears that you're trying to implement SAML for 
Business Objects, correct?  If that is the case, you're needing the SAML 
Service Provider side.  For that, we did use the Service Provider product in 
conjunction with Apache HTTPD and configuring Business Object with trusted 
authentication.

- Mike Mader

--
This email and any files transmitted with it are confidential and intended 
solely for the use of the addressee. If you are not the intended addressee, 
then you have received this email in error and any use, dissemination, 
forwarding, printing, or copying of this email is strictly prohibited. Please 
notify us immediately of your unintended receipt by reply and then delete this 
email and your reply. Tyson Foods, Inc. and its subsidiaries and affiliates 
will not be held liable to any person resulting from the unintended or 
unauthorized use of any information contained in this email or as a result of 
any additions or deletions of information originally contained in this email.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org