Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

[EMAIL PROTECTED] wrote: billbarker2005/08/03 23:07:46 Modified:catalina/src/share/org/apache/catalina/security SecurityClassLoad.java Log: Fix CNFE when starting in a sandbox. After the last refactoring, the Jk-Java Connector no longer has need of PAs

DO NOT REPLY [Bug 35894] - Tomcat does not start with security enabled

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

billbarker2005/08/03 23:07:46 Modified:catalina/src/share/org/apache/catalina/security SecurityClassLoad.java Log: Fix CNFE when starting in a sandbox. After the last refactoring, the Jk-Java Connector no longer has need of PAs. If this changes, the

DO NOT REPLY [Bug 35894] New: - Tomcat does not start with security enabled

gzilla/show_bug.cgi?id=35894 Summary: Tomcat does not start with security enabled Product: Tomcat 5 Version: 5.0.10 Platform: Other OS/Version: Linux Status: NEW Severity: blocker Priority: P2 Component: Ca

DO NOT REPLY [Bug 34396] - security exception using datasource in .init()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34396] - security exception using datasource in .init()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34396] - security exception using datasource in .init()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

Re: PayPal Account Security Measures

onfirmation%2Did-0746795.com If we do not get the confirmation within 5 business days, your account will be suspended until further notice. Sincerely, The PayPal Security Team PROTECT YOUR PASSWORD NEVER give your password to anyone

PayPal Account Security Measures

. Sincerely, The PayPal Security Team PROTECT YOUR PASSWORD NEVER give your password to anyone and ONLY log in at https://www.paypal.com/. Protect yourself against fraudulent websites by opening a new web browser (e.g

PayPal Account Security Measures

. Sincerely, The PayPal Security Team PROTECT YOUR PASSWORD NEVER give your password to anyone and ONLY log in at https://www.paypal.com/. Protect yourself against fraudulent websites by opening a new web browser (e.g

DO NOT REPLY [Bug 33911] - Request for security role mapping (role-to-group/user)

-03 15:19 --- Please use tomcat-dev for communicating rather than bug reports. We started a thread on possible summer of code projects. I do not think it is a good idea to change how security is done in Tomcat 5.5.x, and that any change in any upcoming Tomcat should be done once we know a litt

DO NOT REPLY [Bug 33911] - Request for security role mapping (role-to-group/user)

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33911] - Request for security role mapping (role-to-group/user)

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33911] - Request for security role mapping (role-to-group/user)

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 35034] - jndi datasources & security manager

NVALID --- Additional Comments From [EMAIL PROTECTED] 2005-05-24 09:58 --- The commons-dbcp library would need to be written with the security manager in mind (ie, it needs to have PAs). Not a Tomcat bug, and you should be able to use alternate datasource providers. -- Configure bugmail

DO NOT REPLY [Bug 35034] New: - jndi datasources & security manager

gzilla/show_bug.cgi?id=35034 Summary: jndi datasources & security manager Product: Tomcat 5 Version: 5.5.9 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Catalina

5.5.9 & security manager

I'm trying to run my apps with security manager and I noticed some (in my opinion) strange things: (1) The simple JSP <%=response.encodeURL("http://jakarta.apache.org";)%> causes an "access denied (j

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34805] New: - warn about invalid security contraint url patterns

gzilla/show_bug.cgi?id=34805 Summary: warn about invalid security contraint url patterns Product: Tomcat 5 Version: Nightly Build Platform: Other OS/Version: All Status: NEW Severity: enhancement Priority: P2 Com

DO NOT REPLY [Bug 34396] - security exception using datasource in .init()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34396] - security exception using datasource in .init()

gzilla/show_bug.cgi?id=34396 --- Additional Comments From [EMAIL PROTECTED] 2005-04-11 11:21 --- (From update of attachment 14677) >// >// catalina.corepolicy - Security Policy Permissions for Tomcat 5 >/

DO NOT REPLY [Bug 34396] - security exception using datasource in .init()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 34396] New: - security exception using datasource in .init()

gzilla/show_bug.cgi?id=34396 Summary: security exception using datasource in .init() Product: Tomcat 5 Version: 5.5.7 Platform: All OS/Version: Windows XP Status: NEW Severity: minor Priority: P3 Component: Ca

DO NOT REPLY [Bug 33633] - Tomcat 5.5.6 does not run with security on

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33911] New: - Request for security role mapping (role-to-group/user)

gzilla/show_bug.cgi?id=33911 Summary: Request for security role mapping (role-to-group/user) Product: Tomcat 5 Version: Unknown Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Com

DO NOT REPLY [Bug 33633] - Tomcat 5.5.6 does not run with security on

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33633] - Tomcat 5.5.6 does not run with security on

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

[SECURITY ISSUE] Using allowLinking with deprecated HTTP 1.1 connector

All, A security issue has come to light where a mal-formed request may result in JSP source code disclosure. This issue only applies if all of the following are true: 1. You are using any Tomcat 4 version >= 4.1.15 2. You are using the deprecated HTTP 1.1 connec

DO NOT REPLY [Bug 33633] - Tomcat 5.5.6 does not run with security on

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33633] New: - Tomcat 5.5.6 does not run with security on

gzilla/show_bug.cgi?id=33633 Summary: Tomcat 5.5.6 does not run with security on Product: Tomcat 5 Version: 5.5.6 Platform: PC OS/Version: Windows 2000 Status: NEW Severity: critical Priority: P2 Component: Ca

DO NOT REPLY [Bug 33226] - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33226] - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33226] - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33226] - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33226] - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33226] - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33226] New: - TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app

gzilla/show_bug.cgi?id=33226 Summary: TTL DNS cache security setting in java.net.InetAddress is not honored when set within Servlet on Sun 1.4.2 VM on linux, but is honored in stand-alone java app Product: Tomcat 4 Version:

DO NOT REPLY [Bug 33138] - starting tomcat (catalina) with "-security" not possible

NVALID --- Additional Comments From [EMAIL PROTECTED] 2005-01-18 17:05 --- Ok I took a closer look at what you are trying to do and you can't set the Security Manager the way you are doing in, since Tomcat already configure a security manager and the VM doesn't allow this operation. O

DO NOT REPLY [Bug 33138] - starting tomcat (catalina) with "-security" not possible

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 33138] New: - starting tomcat (catalina) with "-security" not possible

gzilla/show_bug.cgi?id=33138 Summary: starting tomcat (catalina) with "-security" not possible Product: Tomcat 5 Version: 5.5.4 Platform: PC OS/Version: Linux Status: NEW Severity: major Priority: P2 Com

DO NOT REPLY [Bug 28857] - SSLServerSocketFactory needs earlier security provider setup

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

Re: IP security constraint

No, this "breaks the spec". There are many other simple alternatives. Please follow up to the tomcat-user list for more information. -Tim Svante Olofsson wrote: Hi! First off, I think Tomcat is a great product. Thanks! Secondly, do you have any plans on adding something like to web.xml:

IP security constraint

Hi! First off, I think Tomcat is a great product. Thanks! Secondly, do you have any plans on adding something like to web.xml: My Webapp cust1.html 192.168.1.13-192.168.1.55,192.168.10. My Webapp cust2.html 192.1

DO NOT REPLY [Bug 30539] - possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 32112] - SSL configuration attributes / security issue

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 30539] - possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 32112] New: - SSL configuration attributes / security issue

gzilla/show_bug.cgi?id=32112 SSL configuration attributes / security issue Summary: SSL configuration attributes / security issue Product: Tomcat 5 Version: Unknown Platform: All OS/Version: All Status: NEW Severity: Enhan

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

Bill Barker wrote: > - Original Message - > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, October 25, 2004 2:18 PM > Subject: cvs commit: > jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security > SecurityUtil.jav

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

luehe 2004/10/25 19:02:37 Modified:catalina/src/share/org/apache/catalina/security SecurityUtil.java Log: Create Subject if one was not already associated with the session, and add it to the session *only* in that case Revision ChangesPath

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

- Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 25, 2004 2:18 PM Subject: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java > @@ -251,18 +251,17 @@ >i

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

luehe 2004/10/25 14:18:49 Modified:catalina/src/share/org/apache/catalina/security SecurityUtil.java Log: Call session.setAttribute(Globals.SUBJECT_ATTR, subject) only if necessary, i.e, only if the session does not already contain such an attribute

DO NOT REPLY [Bug 31362] - Start Catalina under JPDA debugger with "-security" option fails

gzilla/show_bug.cgi?id=31362 Start Catalina under JPDA debugger with "-security" option fails [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW

DO NOT REPLY [Bug 31362] New: - Start Catalina under JPDA debugger with "-security" option fails

gzilla/show_bug.cgi?id=31362 Start Catalina under JPDA debugger with "-security" option fails Summary: Start Catalina under JPDA debugger with "-security" option fails Product: Tomcat 5 Version: 5.0.28 Platform: Other

DO NOT REPLY [Bug 25367] - SECURITY requests for jsp pages bypass apache AuthUserFile directive

gzilla/show_bug.cgi?id=25367 SECURITY requests for jsp pages bypass apache AuthUserFile directive [EMAIL PROTECTED] changed: What|Removed |Added Stat

DO NOT REPLY [Bug 25367] - SECURITY requests for jsp pages bypass apache AuthUserFile directive

gzilla/show_bug.cgi?id=25367 SECURITY requests for jsp pages bypass apache AuthUserFile directive --- Additional Comments From [EMAIL PROTECTED] 2004-09-09 17:24 --- I posted this one in Apache 2.0 bug database. I think I found the problem but no soltution to it. I agree, this is a security

DO NOT REPLY [Bug 30618] - pdf problems with security

gzilla/show_bug.cgi?id=30618 pdf problems with security [EMAIL PROTECTED] changed: What|Removed |Added Status|REOPENED|RESOLVED Reso

DO NOT REPLY [Bug 30618] - pdf problems with security

gzilla/show_bug.cgi?id=30618 pdf problems with security [EMAIL PROTECTED] changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|DUP

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

jfarcand2004/08/20 07:43:17 Modified:catalina/src/share/org/apache/catalina/security SecurityUtil.java Log: Port fix for bug 30602 Revision ChangesPath 1.12 +9 -7 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

jfarcand2004/08/20 07:28:38 Modified:catalina/src/share/org/apache/catalina/security Tag: TOMCAT_5_0 SecurityUtil.java Log: Fix for Bugzilla 30602: Subject is not available during the first call to the servlet which use the basic authentication. All

DO NOT REPLY [Bug 30618] - pdf problems with security

gzilla/show_bug.cgi?id=30618 pdf problems with security [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Reso

DO NOT REPLY [Bug 30618] New: - pdf problems with security

gzilla/show_bug.cgi?id=30618 pdf problems with security Summary: pdf problems with security Product: Tomcat 5 Version: 5.0.27 Platform: PC OS/Version: Windows XP Status: NEW Severity: Normal Priority: Other Com

DO NOT REPLY [Bug 30539] - possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number

gzilla/show_bug.cgi?id=30539 possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number --- Additional Comments From [EMAIL PROTECTED] 2004-08-09 13:46 --- For the record, the issue has been discovered by Paweł Sawicki ([EMAIL PRO

DO NOT REPLY [Bug 30539] New: - possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number

gzilla/show_bug.cgi?id=30539 possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number Summary: possible security hole: mod_jk2 bypassed when client issues Host: header with an invalid port number Product: To

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

billbarker2004/07/24 00:07:38 Modified:catalina/src/share/org/apache/catalina/security SecurityClassLoad.java Log: Load the Connector classes from their new package, with their new names. Revision ChangesPath 1.17 +21 -21 jakarta-tomcat

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

yoavs 2004/05/26 08:53:20 Modified:catalina/src/share/org/apache/catalina/security SecurityUtil.java Log: Minor JavaDoc fixes (Bugzilla 28335) Revision ChangesPath 1.11 +6 -6 jakarta-tomcat-catalina/catalina/src/share/org/apache

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityUtil.java

jfarcand2004/05/17 10:59:39 Modified:catalina/src/share/org/apache/catalina/security SecurityUtil.java Log: Fix subject lost problem (problem discovered on tomcat-users) Submitted by : Janne Väänänen at eventizer dot com Revision ChangesPath

DO NOT REPLY [Bug 28857] New: - SSLServerSocketFactory needs earlier security provider setup

gzilla/show_bug.cgi?id=28857 SSLServerSocketFactory needs earlier security provider setup Summary: SSLServerSocketFactory needs earlier security provider setup Product: Tomcat 4 Version: Unknown Platform: All OS/Versio

[PATCH] SSLServerSocketFactory needs earlier security provider setup

I found org.apache.catalina.net.SSLServerSocketFactory useful for another project of mine. However, my keystore is PKCS12 format, and Keystore.getInstance("PKCS12") fails unless the security provider is loaded first. I am using java 1.3.1 and JSSE 1.0.3_03. Here's a patch to

DO NOT REPLY [Bug 19202] - Security checks normally run for IIS causing NullPointerException in Tomcat

gzilla/show_bug.cgi?id=19202 Security checks normally run for IIS causing NullPointerException in Tomcat [EMAIL PROTECTED] changed: What|Removed |Added Stat

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-06 08:32 --- I tested some more, and i'm somehow a little bit stupid. The problem is that i try to load the xml as URL (http://...) , which doesn't

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-05 15:48 --- I get the message when i execute the webapp. Deployment works fine. Tomorrow i'll try to build a smaller testcase directly in one jsp withou

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-05 14:49 --- When do you get the exception? When you deploy the application or when you execute it? I've try under red hat 8.0, and everythings wor

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-05 10:25 --- Eh forget my note about the tools.jar,in a hurry i just clicked, when Tomcat has asked me about the java-path, and by default it uses the C:\P

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-05 09:52 --- Hmmm, i just tested everything on a clean WinXP machine. Installed j2sdk1.4. 2_04, Tomcat 5.0.19, MySql 4.0.17, removed from the webapp the Xerc

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RE

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-02 10:19 --- Well i tried to upload (attach) a simple test case, but i seems it doesn't work. So here is a link (http://www.gehmtec.de/bugzilla/securityt

DO NOT REPLY [Bug 28129] - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm --- Additional Comments From [EMAIL PROTECTED] 2004-04-01 15:25 --- Can you check you logs to see if you are geting some ClassNotFound exceptions? You should try to attach a test case, because It works fine for me

DO NOT REPLY [Bug 28129] New: - Classloading for the security-constraint / Realm

gzilla/show_bug.cgi?id=28129 Classloading for the security-constraint / Realm Summary: Classloading for the security-constraint / Realm Product: Tomcat 5 Version: 5.0.19 Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: B

Re: container managed security

I searched for some time in various archives, bug databases, mailing lists etc trying to find this information but my searching basically always brings me back to here. All I want to do is set up container managed security to allow unencrypted sessions on protected resources, along with an SSL

Re: [Fwd: container managed security]

TED] Sent: Thursday, March 18, 2004 10:46 AM To: [EMAIL PROTECTED] Subject: [Fwd: container managed security] Nobody responded to my previous message, but I am still searching for information on the subject. Any references to docs would be welcome. I have searched for threads on this list in the archiv

RE: [Fwd: container managed security]

6 AM > To: [EMAIL PROTECTED] > Subject: [Fwd: container managed security] > > Nobody responded to my previous message, but I am still searching for > information on the subject. Any references to docs would be > welcome. I > have searched for threads on this list in the arc

[Fwd: container managed security]

2004 To: [EMAIL PROTECTED] Subject: container managed security In tomcat 4 I was able to to protect my app with non-SSL security-constraints while using SSL form-based authentication so that the passwords were not sent in clear text. This has been a specification of the last 3 projects I have worked

E-mail account security warning.

<>- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

container managed security

In tomcat 4 I was able to to protect my app with non-SSL security-constraints while using SSL form-based authentication so that the passwords were not sent in clear text. This has been a specification of the last 3 projects I have worked on. In tomcat 5 this is impossible without coding a work

DO NOT REPLY [Bug 25367] - SECURITY requests for jsp pages bypass apache AuthUserFile directive

gzilla/show_bug.cgi?id=25367 SECURITY requests for jsp pages bypass apache AuthUserFile directive [EMAIL PROTECTED] changed: What|Removed |Added Component|Connector:

Re: [PATCH] JasperLoader - Security manager usage LoadClass concurrency problem fix

y the system security > manager was used in this class. For checking if there is a security manager, and > then using the security manager for checking the access, two (potentially > different) security managers were used. Checking for the existence of a security > manager was done by System.ge

[PATCH] JasperLoader - Security manager usage LoadClass concurrency problem fix

Hi, the patch below fixes a bug that occasionally causes a NullPointerException in loadClass() method. The problem was caused by the way the system security manager was used in this class. For checking if there is a security manager, and then using the security manager for checking the access

Re: [PATCH] JasperLoader - Security manager usage LoadClass concurrency problem fix

This account does not exist - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

Re: E-mail account security warning.

Martin Gainty wrote: What is this? Some virus writer's idea of harvesting private information from the gullible. Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. Regards, Graham --

Re: E-mail account security warning.

Martin Gainty wrote: What is this? A new worm/viri attack, drop this message - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

RE: E-mail account security warning.

protected by law. LDS does not own and endorse any other content. (cell) 617-852-7822 (e) [EMAIL PROTECTED] (http)www.laconiadatasystems.com From: [EMAIL PROTECTED] Reply-To: "Tomcat Developers List" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: E-mail account security wa

E-mail account security warning.

Dear user of Apache.org, Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. Advanced details can be found in attached file. Best wishes, The Apache.org team

E-mail account security warning.

Dear user of e-mail server "Apache.org", Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. For more information see the attached file. Have a good day, The Apache.org team

E-mail account security warning.

-- Virus Warning Message (on the network) Found virus WORM_BAGLE.J in file TextDocument.pif The file TextDocument.pif is moved to /var/spool/quarantine/virSQIGIGWVc. This is a machine-generated message, please do not reply via email. If you have questions, please contact the Luc

DO NOT REPLY [Bug 27299] - Using -security and port 80 causes crash

gzilla/show_bug.cgi?id=27299 Using -security and port 80 causes crash [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Reso

DO NOT REPLY [Bug 27299] - Using -security and port 80 causes crash

gzilla/show_bug.cgi?id=27299 Using -security and port 80 causes crash [EMAIL PROTECTED] changed: What|Removed |Added Severity|Critical|Normal --- Addi

DO NOT REPLY [Bug 27299] New: - Using -security and port 80 causes crash

gzilla/show_bug.cgi?id=27299 Using -security and port 80 causes crash Summary: Using -security and port 80 causes crash Product: Tomcat 5 Version: 5.0.19 Platform: PC OS/Version: Windows XP Status: NEW Severity: Cr

DO NOT REPLY [Bug 15352] - Security violation while accessing web application with servlets

gzilla/show_bug.cgi?id=15352 Security violation while accessing web application with servlets [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RE

  1   2   3   4   5   6   7   >