to assign read/write
> permission to the file
> to whoever user is running tomcat and remove all
> permissions from group.
> That also assumes that you are running some flavour
> of Unix, but you could
> achieve the same with Win32 security.
>
> -Original Messa
Hey guys,
I have both a keystore password and a database
connection user name/password in cleartext in my
server.xml file and I don't know how to get around
that.
In light of this, has anybody come up with a way to
protect server.xml? Is there a way to encrypt these
passwords? Or perhaps to enc
Is a session cookie supposed to be set for the very
first page one visits of a site, even if no session is
created in the logic to produce that page? (i.e.
getSession() is never called)
Because, from my tests, that seems to be happening for
me. And I don't want it to because I'm actually
passin
; !^(.*)www\.(your domain name goes here)\.com(.*)$
> [NC]RewriteRule ^/(.*)$ http://%{HTTP_HOST}/ [R,L]
> Note: These are extrememly quick and dirty rewrites.
> I needed to bang these out quick. Look on
> apache.org for the different syntax and options you
> may use.--- On Sun 01/04, Sonny S
Hey all,
I set my session timeout to 4 hours with the following
bit of XML in my web.xml, but sessions seem to time
out far sooner than that.
240
Has anybody encountered this before?
I'm using Tomcat 4.1.27.
__
Do you Yahoo!?
Protect your identity with Yah
Hi guys,
Does anybody know how to prevent HTTPS access to
certain pages that don't need the SSL protection? I
know how to protect sensitive pages with HTTPS, but I
noticed users can now access *any* page over an HTTPS
connection, which seems to waste our server resources.
Thanks for any insight
t; When this has happened to me it's usually been
> the
> > database connection pool
> > that I'm using. Or was using. If it looks like
> you
> > had a bunch of
> > connections prior to the restart and very few
> after
> > then you've fo
d be able to give you a
> connection count, but
> the way to get it depends on the database so I can't
> help you there.
>
> --mikej
> -=--
> mike jackson
> [EMAIL PROTECTED]
>
>
>
> > -Original Message-
> > From: Sonny Sukumar [mailto:[EMAI
Hey guys,
I've had the persistent problem with Tomcat (using
Cocoon) over some months now where when I go to bed at
night my Tomcat/Cocoon server is functioning just fine
and I can access all web pages, both static and
dynamically generated (from a backend db).
But when I wake up and try to acce
Hi guys,
I've successfully set up SSL with my Tomcat
installation (4.1.27) with a CA-signed cert I bought,
but now Tomcat presents the certificate everytime I
try to even connect using regular http over port 80.
I thought it was only supposed to be presented when
the browser requests a secure co
Hi guys,
I've successfully set up SSL with my Tomcat
installation (4.1.27) with a CA-signed cert I bought,
but now Tomcat presents the certificate everytime I
try to even connect using regular http over port 80.
I thought it was only supposed to be presented when
the browser requests a secure co
From: Adam Hardy <[EMAIL PROTECTED]>
On 10/11/2003 11:12 PM Sonny Sukumar wrote:
Hi Adam,
Your first step was:
# keytool -genkey -alias tomcat -keyalg RSA
and your last step was:
# keytool -import trustcacerts -file public.crt -alias tomcat
So you used the same alias ("tomcat
From: "Bill Barker" <[EMAIL PROTECTED]>
>
> --I reconfigured the SSL port from 8443 to 443 on our server (as well as
the
> redirect port), and all of a sudden I can connect using SSL. I don't
> understand why 8443 didn't work. Any ideas??
>
There is a well-know bug in MSIE related to security-c
want anyhow, so it's not critical that I figure that out
(although I'm curious!)
Sonny
From: "Sonny Sukumar" <[EMAIL PROTECTED]>
2nd Update:
--I reconfigured the SSL port from 8443 to 443 on our server (as well as
the redirect port), and all of a sudden I can connect u
or the backend (2.1.2) in
conjunction with Tomcat (4.1.27) on Linux (RedHat 7.3).
Sonny
From: "Sonny Sukumar" <[EMAIL PROTECTED]>
Update: I did a "keytool -list" with the "-rfc" options and discovered that
all the certs *are* in fact there, but just that public/
so have the root cert from GeoTrust in there with alias "root". The
root cert is actually an Equifax cert valid from 1998 to 2018, but the
GeoTrust tech support rep told me to use that one. Could this be the
problem?
Other ideas?
Thanks,
Sonny
From: Adam Hardy <[EMAIL PROTECTED]
s actually an Equifax cert valid from 1998 to 2018, but the
GeoTrust tech support rep told me to use that one. Could this be the
problem?
Other ideas?
Thanks,
Sonny
From: Adam Hardy <[EMAIL PROTECTED]>
On 10/11/2003 09:08 PM Sonny Sukumar wrote:
[I sent this once before, but got no re
[I sent this once before, but got no response, and I'm not sure what to do.
Thanks in advance.]
Hi guys,
I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a
CA-signed cert to go with my private key and CA root cert, but I'm confused
as to how to name the alias for the CA-
Hi guys,
I'm trying to setup my Tomcat (4.1.27) server to work with SSL. I got a
CA-signed cert to go with my private key and CA root cert, but I'm confused
as to how to name the alias for the CA-signed-cert and my private key.
The Tomcat SSL How-To is confusing me, becuase it says to give the
19 matches
Mail list logo
