Aditi Sinha wrote:
>We are using Tomcat 7.0.32 in our application. During a security scan
>CVE-2012-5568 was reported.
>
>Is there a configuration which can help us prevent this vulnerability?
>
>I went through the http://tomcat.apache.org/security-7.html but could
>not
>find any detail on the
Hi,
We are using Tomcat 7.0.32 in our application. During a security scan
CVE-2012-5568 was reported.
Is there a configuration which can help us prevent this vulnerability?
I went through the http://tomcat.apache.org/security-7.html but could not
find any detail on the same.
Thanks & R
On 1/24/2013 11:52 AM, Casper Wandahl Schmidt wrote:
See inline
Med venlig hilsen/Kind regards
Casper W. Schmidt
Den 24-01-2013 02:32, Christopher Schultz skrev:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BBQ,
On 1/23/13 12:09 AM, bxqdev wrote:
i need to map a custom paths, like "/pa
On 1/24/2013 5:32 AM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BBQ,
On 1/23/13 12:09 AM, bxqdev wrote:
i need to map a custom paths, like "/path1" and "/path2", (not root
"/" path), of the same webapp to a custom domains.
as i said i need this mapping: ${sa
Is there a to load a properties file that is dropped in the
${catalina.base}/lib directory?
When I try the following it returns null:
MyClass.class.getResourceAsStream(PROPERTY_FILE_NAME)
I realize I can do the following, but I don't want the code to be server
specific:
props.load(new Fi
On 25/01/2013, at 6:09 AM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> André,
>
> On 1/24/13 12:14 PM, André Warnier wrote:
>> Now, considering this, there are a number of possibilities : - the
>> documentation is totally wrong - there is a bug in Tomca
I was loading the datasource using Spring
In order for it to work it must be
Also the Realm definition was not correct. The name of the JAAS class
should be in a jaas.conf file, not in the Realm definition.
Hope that helps someone else running into similar issues. Thanks
"whartung" for the
Here is the NIO connector:
Normal servlet requests work, just not the Comet.
After I sent this email, I installed the APR and switched back to the
standard connector:
The log then showed that the APR connector was being used, but I get the
same message when I try to use the comet servlet.
T
On 22/01/2013 16:52, Andrew Winter wrote:
> I am trying to implement a Comet process.
> Tomcat 6.0.36
> Red Hat Enterprise Linux Server release 6.2 (Santiago)
> Java 7u11 (32 bit)
>
> I have implemented CometProcessor. I am using the NIO connector.
> When I try the servlet I get: HTTP method GET
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 1/24/13 12:14 PM, André Warnier wrote:
> Now, considering this, there are a number of possibilities : - the
> documentation is totally wrong - there is a bug in Tomcat - your
> Tomcat server is not using this server.xml - or, it being rath
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 1/24/13 1:01 PM, Peter Lavin wrote:
> ClassLoader contextClassLoader =
> Thread.currentThread().getContextClassLoader();
>
> // this line was missing in earlier note //this calls the class
> below FileClassLoader cl = new
> FileClassLoad
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Andrew,
On 1/24/13 12:59 PM, Andrew Winter wrote:
> We have a COBOL back end that handles the core functions of our
> product. The only way we have for the servlet based front end to
> get at that data is via a type 1 odbc driver. It is a real pain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Vishal,
On 1/24/13 8:47 AM, Vishal-sh Sharma wrote:
> I get the following error in catalina.log when i connect the
> tomcat server over http. However https works fine.
>
> 24-Jan-2013 13:06:48.505 SEVERE [http-apr-11831-Poller-0]
> org.apache.tomca
Hi,
I am sure that this server.xml is the one used, since there is no other present.
Also as mentioned my plan is to cut network access after a threshold. I used
such small values e.g. 0,1,2 to see what happens.
Also note that I am not using SUN JVM but IBM. Not sure if this makes a
difference
hi Chris, some more details, I'd left out a line in my code snippet this
morning,
On 01/24/2013 05:33 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256
Peter,
On 1/24/13 4:27 AM, Peter Lavin wrote:
After calling:
ClassLoader contextClassLoader =
Thread.cur
We have a COBOL back end that handles the core functions of our product.
The only way we have for the servlet based front end to get at that data is
via a type 1 odbc driver. It is a real pain because it is not thread safe
so we have to funnel all the traffic through a single thread.
Anyway, I go
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter,
On 1/24/13 4:27 AM, Peter Lavin wrote:
> java.lang.ClassNotFoundException:
> common.core.providers.HelloWorldSP at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1676)
>
>
at
> org.apache.catalina.loader.Web
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Andrew,
On 1/23/13 9:54 PM, Andrew Winter wrote:
> Sorry I forgot the versions of things I am using.
>
> Tomcat 6.0.36 Red Hat Enterprise Linux Server release 6.2
> (Santiago) Java 7u11 (32 bit)
>
> I think I found the problem, though. I have to r
Em 24/01/2013 17:08, Justin Rosenberg escreveu:
You might try putting the log4j properties file (or xml) in a shared
loader location.
In catalina.properties add something like this:
shared.loader=${catalina.base}/conf/properties
and then put the properties file there.
~Justin
-O
Hermes Flying wrote:
Hi,
I don't see how this answers my issue.
1) You say 0 threads means 0 requests being processed. This does not happen.
Requests are being processed. No error noticed
It is not only me saying it. The on-line documentation at
https://tomcat.apache.org/tomcat-7.0-doc/config
You might try putting the log4j properties file (or xml) in a shared
loader location.
In catalina.properties add something like this:
shared.loader=${catalina.base}/conf/properties
and then put the properties file there.
~Justin
-Original Message-
From: Tiago Sousa [mailto:tia
Hello to all.
I have tomcat 6 using JULI for logging (logging.properties in conf dir)
plus several webapps using its own log4j.properties.
I need to centralized all the logs so i thought to put a global/shared
log4j.properties in $CATALINA_BASE\lib so that tomcat and each webapp
can be contr
Hi,
I don't see how this answers my issue.
1) You say 0 threads means 0 requests being processed. This does not happen.
Requests are being processed. No error noticed
2)You say: "you are setting your parameters in the wrong place". This is not
the case here.I already send an example server.xml. W
Hi ,
I get the following error in catalina.log when i connect the tomcat server over
http. However https works fine.
24-Jan-2013 13:06:48.505 SEVERE [http-apr-11831-Poller-0]
org.apache.tomcat.util.net.AprEndpoint$Poller.run Unexpected poller error
java.lang.NoSuchMethodError: org.apache.tomca
Hi Felix,
Somebody set JKLoglevel to Debug. I set it to info which writes only
necessary standard logs and it seems that its not occupying that much
space. Will moniter for 2-3 days more.
Regards,
Lokesh
On Sat, Nov 24, 2012 at 4:03 PM, Felix Schumacher <
felix.schumac...@internetallee.de> wrote
Hermes Flying wrote:
Hi,
So is there an explanation for this? All I am interested is make sure that
after a limit, clients attempted to connect are stopped based on my
configuration on maxThreads and accept count.
But I can not figure out how this works.
(This all being explained in vernacul
Hi again Christopher,
thanks for your note and interest, some more details
inline...
On 01/23/2013 07:39 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
ObjectInputStream should be using the "context class loader" of the
thread which should be the WebappClassLoader.
Can you
27 matches
Mail list logo
