On 02/18/2013 10:47 PM, Andy Wang wrote:
If I execute startserv as the non-privileged user rather than root or do this
on Solaris 10, no problems.
Any ideas why systhread_start (this is an iPlanet NSAPI function) would fail
here as root?
Did you tried to check the ulimit.
Seems like webserv
Thanks Mark n Nick.
As far as I see from w3af documentation, they are looking into options to
show the allowedMethods. (As Nick guessed)
Mark,
Can you suggest me an alternate way to prove that TRACE is not allowed on my
webserver, if that's a possibly false positive.
Thanks & Regards
Sachin
-
Jose,
Thanks for you help. It is working now that I have a new Tomcat 7
friendly version from the author of the SpringMVC servlet author. I'm
not sure what he changed.
Siegfried
Original Message
Subject: Re: [FWD: Help Debugging 404 errors]
From: Jose_María_Zaragoza
Date: W
On 18.02.2013 22:59, Giuseppe Sacco wrote:
> A side note: is it possibile to put tomcat behind a web server and make
> the latter encrypt in SSL? This would imply that communication between
> the web server and tomcat would be in clear, but how do I create the
> connector proxy* information? I may
On 18/02/2013 21:14, Pid wrote:
On 18/02/2013 17:05, Radha Krishnan D wrote:
Hi
Am sorry, clicked submit by mistake
The below is the actual problem
We are running into too many open files exception on our production tomcat
server for the last 2-3 days.
We have max threads as 150 and acce
Hi Martin,
Il giorno ven, 15/02/2013 alle 18.29 -0500, Martin Gainty ha scritto:
> someone put cipherSuites patch on TC 7 Connector..
>
> *IF you are implementing TC7 Connector with cipherSuites attribute support
> and have not specified cipherSuites supported by your ppk keys*
> then yes its t
Hi Cris,
Il giorno ven, 15/02/2013 alle 12.36 -0500, Christopher Schultz ha
scritto:
[...]
> > Allow legacy hello messages: true [snip] http-192.168.1.55-8443-1,
> > READ: SSLv3 Handshake, length = 75 *** ClientHello, SSLv3
> > RandomCookie: GMT: 1360933724 bytes = { 203, 86, 168, 88, 75, 77,
>
I'm having some problems getting the nsapi_redirect.dll working with
iPlanet 7.0.15 on solaris 11. The problem seems specifically related to
Solaris 11 and only if I try to install/run the server as root (using
webservd as the non-privileged user).
When I do so (and after enabling debug jk lo
On 18/02/2013 17:05, Radha Krishnan D wrote:
> Hi
>
> Am sorry, clicked submit by mistake
>
> The below is the actual problem
>
>
> We are running into too many open files exception on our production tomcat
> server for the last 2-3 days.
>
> We have max threads as 150 and acceptCount as 10
Hi,
This is rather a question about Servlet specification.
Is there a reason why there is no javax.servlet.error.query_string ?
At http://tomcat.apache.org/tomcat-7.0-doc/servletapi/constant-values.html we
see there is *.query_string for forward and include, but not for error.
Is it because of so
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 7.0.37.
Apache Tomcat is an open source software implementation of the Java
Servlet and JavaServer Pages technologies.
This release contains a small number of bug fixes and improvements
compared to version 7.0.35. The not
On Feb 18, 2013, at 1:11 PM, Mark Thomas wrote:
> On 18/02/2013 19:03, Nick Williams wrote:
>> On Feb 18, 2013, at 12:55 PM, Mark Thomas wrote:
>>
>>> On 18/02/2013 18:19, Sachin wrote:
I'm testing it with w3af(http://w3af.sourceforge.net) since that's what our
security certifying vend
On 18/02/2013 19:03, Nick Williams wrote:
On Feb 18, 2013, at 12:55 PM, Mark Thomas wrote:
On 18/02/2013 18:19, Sachin wrote:
I'm testing it with w3af(http://w3af.sourceforge.net) since that's what our
security certifying vendor tests application against.
And it logs - The URL "http://localh
On Feb 18, 2013, at 12:55 PM, Mark Thomas wrote:
> On 18/02/2013 18:19, Sachin wrote:
>> I'm testing it with w3af(http://w3af.sourceforge.net) since that's what our
>> security certifying vendor tests application against.
>>
>> And it logs - The URL "http://localhost:8080/app/"; has the followin
On 18/02/2013 18:19, Sachin wrote:
I'm testing it with w3af(http://w3af.sourceforge.net) since that's what our
security certifying vendor tests application against.
And it logs - The URL "http://localhost:8080/app/"; has the following
allowed methods: GET, HEAD, OPTIONS, POST, TRACE. This infor
I'm testing it with w3af(http://w3af.sourceforge.net) since that's what our
security certifying vendor tests application against.
And it logs - The URL "http://localhost:8080/app/"; has the following
allowed methods: GET, HEAD, OPTIONS, POST, TRACE. This information was found
in the request with
On 18/02/2013 15:00, Sachin wrote:
Hi,
I want to disable http TRACE method in my application which is running on
tomcat 7.0.22 web-server.
Though apache tomcat configuration for http says that it is set to false by
default, it allows TRACE. I tried setting it to false specifically, but
still it
André Warnier wrote:
Radha Krishnan D wrote:
Hi
Am sorry, clicked submit by mistake
The below is the actual problem
We are running into too many open files exception on our production
tomcat server for the last 2-3 days.
We have max threads as 150 and acceptCount as 100 and at one point
Radha Krishnan D wrote:
Hi
Am sorry, clicked submit by mistake
The below is the actual problem
We are running into too many open files exception on our production tomcat
server for the last 2-3 days.
We have max threads as 150 and acceptCount as 100 and at one point of time all
the 250 t
Hi
Am sorry, clicked submit by mistake
The below is the actual problem
We are running into too many open files exception on our production tomcat
server for the last 2-3 days.
We have max threads as 150 and acceptCount as 100 and at one point of time all
the 250 threads are busy processing
Radha Krishnan D wrote:
Hi,
We are running into too many open issues exception on our production systems
for the last
With a lot of guesswork ..
Google for "ulimit" ?
Get a bigger server ?
-
To unsubscribe, e-mail: user
[multiple inline responses]
Rainer Jung wrote:
> I doubt that such URLs are invalid - not based on any code inspection,
> but simply on the fact that mod_jk decoded percent encoding before
> forwarding for a long time (5.5 years, from Oct. 2001 to May 2007,
> version 1.2.0 to 1.2.22). Since versio
Hi,
I want to disable http TRACE method in my application which is running on
tomcat 7.0.22 web-server.
Though apache tomcat configuration for http says that it is set to false by
default, it allows TRACE. I tried setting it to false specifically, but
still it allows.
I searched through your mail
On 18/02/2013 11:44, André Warnier wrote:
> Mark Thomas wrote:
>> On 18/02/2013 09:54, Rainer Jung wrote:
>>> On 17.02.2013 23:57, André Warnier wrote:
>>
Otherwise, my feeling is that it will cost you quite a number of beers
to stop Mark from fixing what could potentially be a security i
Mark Thomas wrote:
On 18/02/2013 09:54, Rainer Jung wrote:
On 17.02.2013 23:57, André Warnier wrote:
Otherwise, my feeling is that it will cost you quite a number of beers
to stop Mark from fixing what could potentially be a security issue, now
that he's sniffed it.
:)
Not sure whether Mark
On 18/02/2013 09:54, Rainer Jung wrote:
> On 17.02.2013 23:57, André Warnier wrote:
>> Otherwise, my feeling is that it will cost you quite a number of beers
>> to stop Mark from fixing what could potentially be a security issue, now
>> that he's sniffed it.
>
> :)
>
> Not sure whether Mark's sn
On 17.02.2013 23:57, André Warnier wrote:
> Mike Wilson wrote:
>> Mark Thomas wrote:
>>> On 17/02/2013 16:54, André Warnier wrote:
Mike Wilson wrote:
>>>
>>>
> Example 2: path /ä in "binary" Unicode
> GET /.. [0xC3,0xA4]
> request.getRequestURI() -> "/.." [0xC3,0xA4]
> r
On 17.02.2013 23:00, Mike Wilson wrote:
> Mark Thomas wrote:
>> On 17/02/2013 16:54, André Warnier wrote:
>>> Mike Wilson wrote:
>>
>>
>>
Example 2: path /ä in "binary" Unicode
GET /.. [0xC3,0xA4]
request.getRequestURI() -> "/.." [0xC3,0xA4]
request.getPathInfo() -> "/ä
28 matches
Mail list logo
