2012/12/4 Lyallex lyal...@gmail.com:
Hi
I was wondering if this was the right place
to ask a question about running Tomcat 6.0.36 under jsvc on Debian Linux
Yes, this can be asked here
Generic jsvc questions will be more appropriate for the users@ list of
commons.apache.org, but you may get
2012/12/4 Zhi Xie daxie...@gmail.com:
Sorry, I don't find any doc to introduce this. There are a lot of docs to
show how to implement the feature in conf/context.xml.
Context useHttpOnly=true
...
/Context
Who can tell me how to implement the feature in application level?
The
2012/12/4 techienote@gmail.com:
Hi Zhi,
You can set following parameters in web.xml of application.
session-config
cookie-config
http-onlytrue/http-only
securetrue/secure
/cookie-config
/session-config
+1. This is the best way.
Note, that your web application should be using
2012/12/3 Christopher Schultz ch...@christopherschultz.net:
On 12/3/12 8:03 AM, Martin Gamper wrote:
Hey everybody!
I am looking for a solution to reuse a JNDI Property which is set
in the context.xml : in my ${catalina.home}/conf/context.xml
following Environment name=nodeName
Hey,
thanks for the help!
To be clear, I do not want a 0ms timeout... I'm doing research about how
usable the SSL session tracking option is for session management...
With the standard settings it seems very unstable to me, when sending alot
of parallel requests I get a broken socket error
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Orhan,
On 12/4/12 2:12 AM, Orhan Karasakal wrote:
lb1 and lb2 are two loadbalancer, are not they ? But I want to have
only one loadbalancer.
That depends on your definition of load balancer. If you mean a
single IP that routes requests to back-end
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Vincent,
On 12/4/12 9:15 AM, Vincent Goelen wrote:
To be clear, I do not want a 0ms timeout... I'm doing research
about how usable the SSL session tracking option is for session
management... With the standard settings it seems very unstable to
Thanks again for the fast response, sorry for being unclear about some
parts.. First time using the mailing list
I'm using Apache Tomcat Version 7.0.32 on a mac os x 10.7.5, I've tested it
on linux Virtual machine too, got same problems. I'm using JDK 1.6 (don't
think it has any importance here)
First off, thanks to all for the assistance getting my other tomcat
CRL issues working. Converted to APR and tcnative and things seem to
be loading, running well now.
Now, the question has come up - what happens when a user authenticates
with their Smart Card, but then pulls their card and walks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 12/3/12 6:50 PM, André Warnier wrote:
P.S. If you decide to use UrlRewriteFilter, you should be looking
at the documentation
(http://urlrewritefilter.googlecode.com/svn/trunk/src/doc/manual/4.0/index.html),
Cool,
there's a 4.0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
George,
On 11/22/12 12:26 AM, George Chacko Manchimala wrote:
Sorry, I could not locate any tweakings at our end (as you had
mentioned) which.
Could you / anyone provide your views?
I don't believe any version of Tomcat simply tolerates missing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will,
On 12/4/12 12:08 PM, Will Nordmeyer wrote:
First off, thanks to all for the assistance getting my other
tomcat CRL issues working. Converted to APR and tcnative and
things seem to be loading, running well now.
Now, the question has come
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will,
On 12/4/12 12:46 PM, Christopher Schultz wrote:
On 12/4/12 12:08 PM, Will Nordmeyer wrote:
First off, thanks to all for the assistance getting my other
tomcat CRL issues working. Converted to APR and tcnative and
things seem to be
Hi
apache-tomcat-6.0.36
CentOS
uname -m = i686
uname -r = 2.6.18-028stab070.14-ent
uname -s = Linux :-)
jdk1.6.0_07
I have recently upgraded my production server from apache-tomcat-6.0.18 to
6.0.36 so that my live and dev
env's are as similar as possible
6.0.18 runs fine and logs as expected,
2012/12/4 Lyallex lyal...@gmail.com:
Hi
apache-tomcat-6.0.36
CentOS
uname -m = i686
uname -r = 2.6.18-028stab070.14-ent
uname -s = Linux :-)
jdk1.6.0_07
I have recently upgraded my production server from apache-tomcat-6.0.18 to
6.0.36 so that my live and dev
env's are as similar as
On 4 December 2012 18:50, Konstantin Kolinko knst.koli...@gmail.com wrote:
[snip]
Any advice on how I can get the logging working will be much appreciated
Lyallex
handlers = org.apache.juli.FileHandler, java.util.logging.ConsoleHandler
2012/12/4 Lyallex lyal...@gmail.com:
On 4 December 2012 18:50, Konstantin Kolinko knst.koli...@gmail.com wrote:
1. java.util.logging.ConsoleHandler prints to System.err.
Some other console logging implementations log to System.out.
Do you need a ConsoleHandler at all? (You are effectively
CVE-2012-4534 Apache Tomcat denial of service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- Tomcat 7.0.0 to 7.0.27
- Tomcat 6.0.0 to 6.0.35
Description:
When using the NIO connector with sendfile and HTTPS enabled, if a
client breaks the connection while
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2012-3546 Apache Tomcat Bypass of security constraints
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.29
- - Tomcat 6.0.0 to 6.0.35
Earlier unsupported versions may also be affected
On Tue, Dec 4, 2012 at 12:48 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will,
On 12/4/12 12:46 PM, Christopher Schultz wrote:
On 12/4/12 12:08 PM, Will Nordmeyer wrote:
First off, thanks to all for the assistance getting my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.31
- - Tomcat 6.0.0 to 6.0.35
Description:
The CSRF prevention filter could be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Will,
On 12/4/12 2:47 PM, Will Nordmeyer wrote:
Thanks for the quick response and the thoughts. a 5 minute
timeout wouldn't be acceptable in our environment - theory being,
if user A pulls his smart card out (but didn't log out of the app),
and
2012/11/28 Robert Anderson ranom...@gmail.com:
Hi,
We've some data sources defined in server.xml as following:
...
GlobalNamingResources
...
Resource name=jdbc/proddb1 auth=Container
type=javax.sql.DataSource removeAbandoned=true
removeAbandonedTimeout=300
On 4 December 2012 19:41, Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/12/4 Lyallex lyal...@gmail.com:
On 4 December 2012 18:50, Konstantin Kolinko knst.koli...@gmail.com
wrote:
[snip]
I do not know why it worked in 6.0.18.
No, nor do I but I've (apparently) reproduced the
2012/12/5 Lyallex lyal...@gmail.com:
On 4 December 2012 19:41, Konstantin Kolinko knst.koli...@gmail.com wrote:
2012/12/4 Lyallex lyal...@gmail.com:
On 4 December 2012 18:50, Konstantin Kolinko knst.koli...@gmail.com
wrote:
[snip]
I do not know why it worked in 6.0.18.
No, nor do
2012/12/5 Tony Anecito adanec...@yahoo.com:
Hi Tomcat Developers,
I am using Tomcat 7.0.33 and notice on Tomcat startup my web services startup
in series rather than parallel. If you do not have it you might want to have
an option to startup apps in parallel or assign number of threads that
From: Tony Anecito [mailto:adanec...@yahoo.com]
Subject: Suggestion for improving Tomcat startup performance...
I am using Tomcat 7.0.33 and notice on Tomcat startup my web services
startup in series rather than parallel. If you do not have it you might
want to have an option to startup
Thanks. I can not find any examples or reference to what config file this goes
into. I looked at server.xml and web.xml and did not find it in there. I did
find something called the Engine Container but again no examples or where it
can be found if already existing.
I will keep looking.
Hi Chuck,
According to someone else that is the attribute to use. But as in my last
message I could not find where it is or if not by default in some config file
which config file to use.
Thanks,
-Tony
--- On Tue, 12/4/12, Caldarale, Charles R chuck.caldar...@unisys.com wrote:
From:
Broken pipes don't invalidate the SSL session. They just break the TCP
connection. The SSL session persists, across multiple TCP connections, until
it is specifically invalidated by someone: for example, timed out by the
SSLSessionContext.
EJP
_
From: Vincent Goelen
2012/12/5 Tony Anecito adanec...@yahoo.com:
Thanks. I can not find any examples or reference to what config file this
goes into.
I looked at server.xml and web.xml and did not find it in there. I did
find something called the Engine Container but again no examples or
where it can be found if
Ok I found a Engine reference in the server.xml for the catalina service. I
am guessing that the attribute should go in there somewhere. I will look at the
engine documentation to see how to add it.
Thanks,
-Tony
--- On Tue, 12/4/12, Tony Anecito adanec...@yahoo.com wrote:
From: Tony
From: Tony Anecito [mailto:adanec...@yahoo.com]
Subject: RE: Suggestion for improving Tomcat startup performance...
Don't top-post.
Ok I found a Engine reference in the server.xml for the catalina
service. I am guessing that the attribute should go in there somewhere.
I will look at the
From: Tony Anecito [mailto:adanec...@yahoo.com]
Subject: RE: Suggestion for improving Tomcat startup performance...
Reply to the list, not to individuals.
Not sure what you mean by Top Post.
http://ck.wikia.com/wiki/TopPosting
http://mailformat.dan.info/quoting/top-posting.html
I only
2012/11/23 Christopher Schultz ch...@christopherschultz.net:
On 11/21/12 4:42 AM, Andrei Petru Mura wrote:
TheProcessing.logoutSubscriberByMac(mac) has that code on it:
public static void logoutSubscriberByMac(String mac) { try {
Process proc = Runtime.getRuntime().exec(logout subscriber
yes but he needs to achieve a reliable connection between himself and the
SSLServer (at least until key negotiation has completed)
broken pipe(s) are a bear to debug but you have a few tools available to you:
netstat SSLServerIP
-- if you see ANY intervening nodes hanging more than 4 sec drop
Ok it is working startup time went from 18 seconds down to a little over 8
seconds.
Also, if there is some other email group I should be using for technical
questions about use of Tomcat please let me know.
Regards,
-Tony
--- On Tue, 12/4/12, Caldarale, Charles R chuck.caldar...@unisys.com
Jim,
Check your Tomcat version.
http://localhost:8080/
Stephen
On Dec 4, 2012, at 2:47 PM, Mark Thomas ma...@apache.org wrote:
CVE-2012-4534 Apache Tomcat denial of service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- Tomcat 7.0.0 to 7.0.27
-
Got it. Thanks, guys.
2012/12/4 Konstantin Kolinko knst.koli...@gmail.com
2012/12/4 techienote@gmail.com:
Hi Zhi,
You can set following parameters in web.xml of application.
session-config
cookie-config
http-onlytrue/http-only
securetrue/secure
/cookie-config
2012/12/3 Caldarale, Charles R chuck.caldar...@unisys.com:
From: Weixiang [mailto:kurt.weixi...@huawei.com]
Subject: Tomcat7.0-Setting property 'threadPriority' did not find a matching
property
I config in my server.xml for a HTTP Connector named MGMT:
I am Getting Errors while Starting Tomcat
And I dont Know What to DO.
I am Sending Error Logs which is as Follwos.
Dec 05, 2012 11:09:42 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal
performance in
See below, and please do not top post.
On 12/4/2012 10:17 PM, Jugal Thakkar wrote:
I am Getting Errors while Starting Tomcat
And I dont Know What to DO.
I am Sending Error Logs which is as Follwos.
Dec 05, 2012 11:09:42 AM org.apache.catalina.core.AprLifecycleListener init
INFO:
Esmond Pitt wrote:
Broken pipes don't invalidate the SSL session. They just break the TCP
connection. The SSL session persists, across multiple TCP connections, until
it is specifically invalidated by someone: for example, timed out by the
SSLSessionContext.
Ah. That would explain some other
43 matches
Mail list logo
