I added mime types to conf/web.xml for xls and ppt:
application/vnd.ms-excel
application/vnd.ms-powerpoint
and this works fine when I access tomcat directly,
However, when I access tomcat via our IIS server in
the firewall (SSL), they are sent as text. Other MS filetypes
(doc,
: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
Sent: Saturday, May 18, 2002 12:34 PM
To: Tomcat Users List
Subject: Re: Tomcat 4 clears login parameters?
On Sat, 18 May 2002, Lawlor, Frank wrote:
Date: Sat, 18 May 2002 01:00:11 -0500
From: Lawlor, Frank [EMAIL PROTECTED]
Reply
We solved our problem by getting the latest cos.jar.
Our original code was from the rather old code in
the original article from the O'Reilly site, which
doesn't seem to handle non-text files properly.
Frank Lawlor
Athens Group, Inc.
(512) 345-0600 x151
Athens Group, an employee-owned
One problem that Tomcat web apps have is that
the login page remains in the browser history
and if the user navigates to one
of these and tries to use it, they get a rather
incomprehensible result.
In Tomcat 3.x we had a good solution (the only
one I have been able to find anywhere) which
We have been using the O'Reilly multipart upload code, but
are having problems uploading image (jpg, gif) files. I have
tried this on Tomcat 3.3, 4.0.3 and 4.0.425 with same results.
Same results going thru IIS front end and talking
directly to tomcat on port 8080.
The uploaded file is
/start instead.
Charlie
-Original Message-
From: Lawlor, Frank [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 06, 2002 12:09 PM
To: 'Tomcat (E-mail)'
Subject: manager reload not processing new security constraints
Tomcat 4.0.3:
If I add a security constraint
reads server.xml on reload. You can use the
manager's stop/start instead.
Charlie
-Original Message-
From: Lawlor, Frank [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 06, 2002 12:09 PM
To: 'Tomcat (E-mail)'
Subject: manager reload not processing new security constraints
Tomcat 4.0.3:
If I add a security constraint to the web.xml of my application
and do a manager/reload of the app, it claims to have
restarted the app OK, but the new constraint is not effected.
If I restart Tomcat, the new constraint does take effect.
Is this a bug in the manger reload?
I tested nightly build 4.0.425 and the
problem with getRemoteUser() == '' is
fixed there.
Frank Lawlor
Athens Group, Inc.
(512) 345-0600 x151
Athens Group, an employee-owned consulting firm integrating technology
strategy and software solutions.
-Original Message-
From: Lawlor
The problem (in Tomcat) IS that getRemoteUser()
doesn't return null. Tomcat does not support
multiple logins. If you look at the code you
will see that it does a getRemoteUser() and
if not null and not authenticated by Tomcat, it
bails.
I tried it on 4.0.3, as someone suggested, and
it still
Did you follow all the directions in the
SSL HowTo exactly:
You need to provide more detail on the error.
What is the full stack trace with the error
message.
Look in the logs in the log directory and
note any messages that occur that may be
connected with the problem.
Frank Lawlor
Athens
How are you trying to connect?
What is the URL you are using?
Is there anything in the logs?
I assume you followed all the
directions in the How-to?
Frank Lawlor
Athens Group, Inc.
(512) 345-0600 x151
Athens Group, an employee-owned consulting firm integrating technology
strategy and software
I'm no expert here, but for the types of things
in your example, you need to enable the java
system security (also controls access to the
filesystem, etc).
You enable this by starting Tomcat with the
- security option. The permissions given to
your app are defined, I believe, in tomcat.policy
In my application I would like to have some way to
get the following information programmatically from my
app about the deployed environment:
1) the deployed name of my web app (although I
developed it as 'Foo', it can be deployed as
anything). I know how to get this from the
URL
In the startup.bat (?) change the 'start'
to 'run' so you can see the error messages
after running startup on the command line.
Frank Lawlor
Athens Group, Inc.
(512) 345-0600 x151
Athens Group, an employee-owned consulting firm integrating technology
strategy and software solutions.
During development and deployment I discovered
that many types of errors while reading the web.xml
file would result in the app coming up (at least
partly), but with no security.
This seems like a serious security exposure in
a production environment.
I believe this is potentially a serious
Yes, strange.
I ran into a couple of odd things when I turned java security on.
One problem I saw once related to processing files in jars.
If you are really desperate, unzip xerces.jar and servlet.jar
into the neighboring classes dir (and remove the jars) and
see if it helps. Make sure the
I also just remembered that Xerces seems to have problems
sometimes resolving paths correctly. I found that it would
'assume' the wrong base file directory location for resolving
DTDs. To see if this might be the case you can create
a /javax/servlet/resources/web-app_2_3.dtd
and put it in
When I start tomact 4.0.2 with the -security option I get
the errors below. If I move it to server\lib the tomcat startup
problems go away, but the app startup gets SAX classNotFound errors.
After the error info is the first part of the output with
set CATALINA_OPTS=-Djava.security.debug=all
There are other differences between 3.x and 4.x that
require wrapper.properties changes. Failure to start
the service is most often a wrapper.properties problem.
You do not have to un/reinstall the service to make
wrapper.properties changes. Just stop/start.
Here are some of the key lines in
In Tomcat 4.x take a look at the manager application which is
included.
Frank Lawlor
Athens Group, Inc.
(512) 345-0600 x151
Athens Group, an employee-owned consulting firm integrating technology
strategy and software solutions.
--
To unsubscribe: mailto:[EMAIL PROTECTED]
For additional
How are you writing the file?
Using the File class you can specify the desired directory.
The file path to your app is
getServletContext().getRealPath(/)
If you have java security enabled, you need to give your
app permission to write there.
Frank Lawlor
Athens Group, Inc.
(512) 345-0600
Here are some of my aded catalina.policy statements:
1. // Allow read of SAX Parser name
permission java.util.PropertyPermission
org.xml.sax.driver, read;
2. Allow the Autoweb application to do whatever it wants:
I've run into some problems with 4.0.2.
- I do NOT have persistent sessions enabled in server.xml
I can initially deploy a web app by placing the .war file in
webapps dir.
However, if I try to redeploy I run into problems. To re-deploy
I ususally stop Tomcat, delete the current app
I've run into some problems with 4.0.2.
- I do NOT have persistent sessions enabled in server.xml
I can initially deploy a web app by placing the .war file in
webapps dir.
However, if I try to redeploy I run into problems. To re-deploy
I ususally stop Tomcat, delete the current app
This is what I want to do:
1) I want to setup a database which includes multiple realms
2) user are linked to realms
3) I want to use protect a servlet with basic authentication, and I want
to
be able refer to the correct realm when performing the authentication
(this
means sending
In my login.jsp I need to know what URL the person used
to cause the login. The only thing I've found is that
the attribute tomcat.auth.originalLocation has this.
This appears very specific to Tomcat. Is there any more
general way to determine this information?
Frank Lawlor
Athens Group,
27 matches
Mail list logo
