Hi,
We have a cybersecurity requirement for all software. We would like to know
whether Tomcat version 7.0.25 is developed and comply with Secure Software
Development Life Cycle (SSDLC)?
Regards
Adrian Gan
[This e-mail is confidential and may be privileged. If you are not the
intended recipie
Hi Chris,
Am 05.12.2016 um 22:25 schrieb Christopher Schultz:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
Ping. I'd really like to be able to do this. Is it currently possible?
When locating this message to reply to it, I found essentially the
same message posted by me back in May. :
On Sat, Dec 3, 2016 at 2:28 PM Mark Thomas wrote:
> On 03/12/2016 17:39, John D. Ament wrote:
> > Sorry missed a response..
> >
> > On Sat, Dec 3, 2016 at 12:36 PM John D. Ament
> > wrote:
> >
> >> On Wed, Nov 30, 2016 at 8:50 PM Christopher Schultz <
> >> ch...@christopherschultz.net> wrote:
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 12/4/16 3:24 PM, Mark Thomas wrote:
It looks like the ProtocolHandler is really the place where
the TLS configuration is taking effect, and not the
Connector, so I'm largely ignoring the Connector for now. Is
that the ri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 12/4/16 3:24 PM, Mark Thomas wrote:
> On 04/12/2016 20:09, Christopher Schultz wrote:
>> All,
>>
>> On 12/1/16 6:07 PM, Christopher Schultz wrote:
>>> All,
>>
>>> On 12/1/16 5:59 PM, Christopher Schultz wrote:
All,
>>
I'm tryin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
Ping. I'd really like to be able to do this. Is it currently possible?
When locating this message to reply to it, I found essentially the
same message posted by me back in May. :)
Thanks,
- -chris
On 11/21/16 9:24 AM, Christopher Schultz wro
On 05/12/2016 18:33, Jim Weill wrote:
>
>
> On 12/5/2016 8:43 AM, Mark Thomas wrote:
>> On 05/12/2016 16:13, Mark Thomas wrote:
>>> On 01/12/2016 22:17, Jim Weill wrote:
sslEnabledProtocols is now just protocols for one thing. And you
have to
put your certificate stuff in an sub-s
On 12/5/2016 8:43 AM, Mark Thomas wrote:
On 05/12/2016 16:13, Mark Thomas wrote:
On 01/12/2016 22:17, Jim Weill wrote:
sslEnabledProtocols is now just protocols for one thing. And you have to
put your certificate stuff in an sub-section to the
connector now.
That should not be necessary. To
Hi Felix
If isUserinRole has information to make determination to different component
accesses in the application that would be sufficient - although, what I
really need to know is what department or Organizational unit they belong to
after authentication in order to give them specific page
On 05/12/2016 16:13, Mark Thomas wrote:
> On 01/12/2016 22:17, Jim Weill wrote:
>> sslEnabledProtocols is now just protocols for one thing. And you have to
>> put your certificate stuff in an sub-section to the
>> connector now.
>
> That should not be necessary. Tomcat should handle the conversio
It's working for me with the configuration attributes apart from your
configuration :
sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation".
keystoreFile="certificate path" in the element.
I couldn't succeed with the element
-- Ram.
-Original Message-
From: Mar
On 01/12/2016 22:17, Jim Weill wrote:
> sslEnabledProtocols is now just protocols for one thing. And you have to
> put your certificate stuff in an sub-section to the
> connector now.
That should not be necessary. Tomcat should handle the conversion for
you under the hood.
I've tested this with
On 12/5/2016 7:40 AM, Péter Gergely Horváth wrote:
Hi Chris,
Thanks your four input: this question is somewhere in-between... :)
We have *definitely* seen cases, where a piece of code like the one below
sometimes (a couple of times from tens of thousands of successfully
serviced requests) found
OK Rainer i moved log4j-core-2.6.2.jar, log4j-api-2.6.2.jar,
log4j-jul-2.6.2.jar and log4j2.xml to $CATALINA_HOME/bin
Then changed
set
JAVA_OPTS=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager
set LOGGING_CONFIG=-DnoOpp
set
LOGGING_MANAGER=-Djava.util.logging.manager=org.apac
On 05/12/2016 13:40, Péter Gergely Horváth wrote:
> Hi Chris,
>
> Thanks your four input: this question is somewhere in-between... :)
>
> We have *definitely* seen cases, where a piece of code like the one below
> sometimes (a couple of times from tens of thousands of successfully
> serviced requ
Hi Chris,
Thanks your four input: this question is somewhere in-between... :)
We have *definitely* seen cases, where a piece of code like the one below
sometimes (a couple of times from tens of thousands of successfully
serviced requests) found the stored field to be null - with a
NullPointerExce
Am 05.12.2016 um 08:32 schrieb frank.pien...@materna.de:
It's a little bit frustrating to configure Tomcat 8.5.8 with log4j2.
I put the following jars in $CATALINA_HOME/lib
log4j 2 core (log4j-core-2.6.2.jar)
log4j 2 api (log4j-api-2.6.2.jar)
Delete the file $CATALINA_HOME/conf/lo
Hi all,
Probably the FW can be configured to not terminate the SSL connection. It
should act as a pass-through.
But since few months we noticed that Tomcat is not requesting the client
certificate anymore (Tomcat to Tomcat, the browsers always receive a
certificate request). It complete the han
18 matches
Mail list logo
