Re: List of replaceable parameters in server.xml, context.xml, etc.

On 24/02/17 22:11, Christopher Schultz wrote: > All, > > Is there a list of standard properties that are available for > replacement in these files? I'm aware of catalina.home and > catalina.base, and I believe that *any* system property can be used if > explicitly set (e.g. in bin/setenv.sh). >

Re: Getting application root path before servlet is initialized?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Martin, On 2/24/17 12:37 PM, Martin Knoblauch wrote: > On Fri, Feb 24, 2017 at 6:00 PM, Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> Martin, >> >> On 2/21/17 8:31 AM,

List of replaceable parameters in server.xml, context.xml, etc.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Is there a list of standard properties that are available for replacement in these files? I'm aware of catalina.home and catalina.base, and I believe that *any* system property can be used if explicitly set (e.g. in bin/setenv.sh). But is

Re: Getting application root path before servlet is initialized?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Martin, On 2/24/17 12:32 PM, Martin Knoblauch wrote: > On Fri, Feb 24, 2017 at 6:06 PM, Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> Martin, >> >> On 2/22/17 5:19 AM,

Propagation of Subject with JAAS and SecurityManager enabled

Hi, I am playing around with the following things: - X.509 authentication - Security Manager enabled - Custom JAAS login module via JAASRealm My custom JAAS login module properly propagates a javax.security.auth.Subject instance at commit() back. My aim is to use this

Resolved, Re: Connection reset while trying to access a web service running under Tomcat

On 2/24/17, 8:56 AM, Christopher Schultz wrote: You need to enable logging at a lower level than this if a TLS connection is failing. Tomcat doesn't get any indication that anyone even tried to make a connection if the TLS handshake fails. . . . Dear Mr. Schultz (and all others who

Re: Getting application root path before servlet is initialized?

On Fri, Feb 24, 2017 at 6:00 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Martin, > > On 2/21/17 8:31 AM, Martin Knoblauch wrote: > > Hi, > > > > is there a way to find the absolute path of the application root > > before

Re: Getting application root path before servlet is initialized?

On Fri, Feb 24, 2017 at 6:06 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Martin, > > On 2/22/17 5:19 AM, Martin Knoblauch wrote: > > On Tue, Feb 21, 2017 at 8:55 PM, Mark Thomas > > wrote: > > > >> On

Re: "mime-mapping" and Content-Type

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ryan, On 2/20/17 10:38 AM, Ryan Yohnk wrote: > I’ve come across a problem for which the “mime-mapping” element > would be a good solution. Specifically I have a web application > who’s source I can’t change, it’s not returning a specific >

Re: Getting application root path before servlet is initialized?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Martin, On 2/22/17 5:19 AM, Martin Knoblauch wrote: > On Tue, Feb 21, 2017 at 8:55 PM, Mark Thomas > wrote: > >> On 21/02/2017 13:31, Martin Knoblauch wrote: >>> Hi, >>> >>> is there a way to find the absolute path of the

Re: Strange URL rewrite when reverse proxy with Apache HTTP Server

I found the old notes from years ago when we were on tomcat 6 (included with the BMC software app) and did the same thing, renaming their "tomcat" folder with the extracted 7.0.75 and did *.war (more .war's in this new release and the instructions below state) and tweaks to server.xml etc It

Re: Getting application root path before servlet is initialized?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Martin, On 2/21/17 8:31 AM, Martin Knoblauch wrote: > Hi, > > is there a way to find the absolute path of the application root > before the servlet is initialized? > > Alternatively: is there a way to defer the initialization of a > datasource

Re: Connection reset while trying to access a web service running under Tomcat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 André, On 2/23/17 7:08 PM, André Warnier (tomcat) wrote: > On 24.02.2017 00:57, James H. H. Lampert wrote: >> On 2/23/17, 3:13 PM, André Warnier (tomcat) wrote: >>> It seems to say right up here what the problem is : the >>> customer system cannot

Re: Strange URL rewrite when reverse proxy with Apache HTTP Server

Andre, that is all very educational and I feel even when this is resolved, that I have learned a good amount here; so I thank you for everything. I have an update. I decided to shutdown the vendor included/supplied 7.0.50 release of Tomcat. I extracted vanilla 7.0.75 tomcat, updated server.xml

RE: CVE-2017-6056.

> From: Paralos Trainings [mailto:paralostranin...@gmail.com] > Subject: CVE-2017-6056. > I'd like to know if the latest version of Tomcat 7 and Tomcat 8 are > affected by CVE-2017-6056. Real Tomcat releases (downloaded from tomcat.apache.org) are not affected. Some 3rd-party repackaged

CVE-2017-6056.

I’d like to know if the latest version of Tomcat 7 and Tomcat 8 are affected by CVE-2017-6056. If so, when is the update to fix the vulnerability going to be released. I couldn’t find the reference on any of the vulnerabilities pages: https://tomcat.apache.org/security.html Thanks. PT