2012/9/22 Violeta Georgieva violet...@apache.org:
Hello,
** **
*Background information:*
We are trying to protect our RESTful
APIshttp://en.wikipedia.org/wiki/Representational_state_transfer
from
CSRF attack.
The current Tomcat’s CSRF protection filter provides proper
On 24/09/12 17:52, Mark Thomas wrote:
On 24/09/2012 11:41, Brian Burch wrote:
I draw the following conclusions:
1. A client that can accept a Set-Cookie for JSESSIONID will be able to
maintain a persistent session (is that incorrectly overloading a
reserved word?), no matter whether the
On Sep 25, 2012, at 8:46 PM, Ray Collins wrote:
I am using Tomcat7.0. The web application I created executes a script from
the command line using Runtime.getRuntime(). This script sends an http:
request to another server that is on the local network. For Some
reason the script executes as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ray,
On 9/25/12 8:46 PM, Ray Collins wrote:
I am using Tomcat7.0. The web application I created executes a
script from the command line using Runtime.getRuntime(). This
script sends an http: request to another server that is on the
local
Hi all-
I have a question about Tomcat 7.0.27. I have a webserver that I enabled S= SL
access for. I have purchased a 3rd party cert. However; I am having trouble
installing the cert on the server. Whenever, I go to
https://myserver.mycompany.com,
I receive the This site is untrusted
Je serai absent(e) du 26/09/2012 au 01/10/2012.
Je répondrai à votre message dès mon retour.
En cas de problème urgent, merci de vous adresser à dsp-cspit-cellul...@edf.fr
avec le mot clé [GED] dans l'objet.
Vous pouvez adresser vos demandes de support GED à la boite DSP-CSPIT-CELLULEDI
Mike,
Sounds like you installed it perfectly, otherwise no https connection to
your web server would be possible. The problem with trust is on the
client/browser side. You need to install the 3rd party Root CA cert on
your client so your browser will trust your server's certificate.
Regards,
The browser says the cert is issued by the server itself and it should be
issued by the 3rd party CA (in this case, GoDaddy), right?
-Original Message-
From: Adamus, Steven J. [mailto:steven.j.ada...@saic.com]
Sent: Wednesday, September 26, 2012 3:34 PM
To: Tomcat Users List
Subject:
So, your web server is using a self-signed cert, and not the one you
purchased. Installation of your 3rd part cert depends on which HTTPS
connector you're using, APR (OpenSSL-based) or the JSSE-based connector.
Good documentation on both are out there, but make sure you follow the
correct one or
Yup
Going the Apache Web Server route now. Also evaluating RedHat's JBoss EWS
On Wed, Sep 19, 2012 at 2:05 PM, Pid * p...@pidster.com wrote:
On 19 Sep 2012, at 16:59, Hassan Schroeder hassan.schroe...@gmail.com
wrote:
On Wed, Sep 19, 2012 at 8:02 AM, Jay Rao jay...@gmail.com wrote:
Is
10 matches
Mail list logo