Re: Typo in my previous post, Re: Protecting files within a context

On Thursday, August 24, 2017 5:48 PM, Bob Hall wrote: Yahoo auto-munged the URL, it should be: https://tomcat.apache.org/tomcat-8.0-doc/realm-howto.html - Bob  

Re: Typo in my previous post, Re: Protecting files within a context

On Thursday, August 24, 2017 5:29 PM, James H. H. Lampert wrote: > Cache and cookies both cleared, all the way back, and the context > that theoretically should be presenting a sign-on dialog for the > forbidden pages still serves an immediate 403 page instead.

Re: Typo in my previous post, Re: Protecting files within a context

On 8/24/17, 5:18 PM, Bob Hall wrote: If you successfully logged in previously, I suggest you check your browser for any cookies that were created at that time. You will probably need to remove them before the login challenge will be presented. - Bob Well, I can try explicitly clearing

Re: Typo in my previous post, Re: Protecting files within a context

James, On Thursday, August 24, 2017 4:58 PM, James H. H. Lampert wrote: >> This is interesting: >> >> I added this (contents of web-resource-collection omitted) to the top of >> the context's web.inf, right below the "web-app" and "display-name" tags: >> >>>     

Typo in my previous post, Re: Protecting files within a context

On 8/24/17, 4:29 PM, I wrote: This is interesting: I added this (contents of web-resource-collection omitted) to the top of the context's web.inf, right below the "web-app" and "display-name" tags: . . . . . . Of course, I meant to say, ". . . the context's

Re: Protecting files within a context

This is interesting: I added this (contents of web-resource-collection omitted) to the top of the context's web.inf, right below the "web-app" and "display-name" tags: . . . and restarted the context, and as advertised, all requests for anything that matched the

Re: Protecting files within a context

On 24/08/17 22:26, James H. H. Lampert wrote: > On 8/24/17, 12:52 PM, Mark Thomas wrote: >> I can't recommend reading chapter 13 of the servlet spec, particularly >> section 13.8, enough. > > Thanks again. > > Could you be a bit more specific on what edition of the servlet spec, > and where I

Re: a question about tomcat thread

On 24/08/17 21:39, Christopher Schultz wrote: > Mark, > On 8/23/17 4:26 PM, Mark Thomas wrote: >> On 23/08/17 21:17, Christopher Schultz wrote: >>> Max threads >= current thread count Current thread count >= >>> current thread busy Current thread count >= Keeped alive sockets >>> count > >>

Re: Protecting files within a context

James, On Thursday, August 24, 2017 2:26 PM, James H. H. Lampert wrote: > Could you be a bit more specific on what edition of the servlet spec, and where I can find it? > The first one I grabbed ("Java Servlet Specification Version 2.4") is over a decade old,

Re: Protecting files within a context

On 8/24/17, 12:52 PM, Mark Thomas wrote: I can't recommend reading chapter 13 of the servlet spec, particularly section 13.8, enough. Thanks again. Could you be a bit more specific on what edition of the servlet spec, and where I can find it? The first one I grabbed ("Java Servlet

Re: letsencrypt integration?

On Thu, Aug 24, 2017 at 4:29 PM, Christopher Schultz wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Chris, > > On 8/24/17 4:03 PM, Chris Cheshire wrote: > > Cheers :) > > > > On Thu, Aug 24, 2017 at 3:35 PM, Mark Thomas > > wrote:

Re: a question about tomcat thread

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 8/23/17 4:26 PM, Mark Thomas wrote: > On 23/08/17 21:17, Christopher Schultz wrote: >> To whom it may concern, >> >> On 8/22/17 10:28 PM, ophusky wrote: >>> Server version: Apache Tomcat/8.0.35 Server built: May 11 >>> 2016 21:57:08 UTC

Re: letsencrypt integration?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Chris, On 8/24/17 4:03 PM, Chris Cheshire wrote: > Cheers :) > > On Thu, Aug 24, 2017 at 3:35 PM, Mark Thomas > wrote: > >> On 24/08/17 19:50, Chris Cheshire wrote: >>> Currently I am using httpd to handle SSL (because my certs

Re: Protecting files within a context

On 24.08.2017 21:43, James H. H. Lampert wrote: On 8/24/17, 11:35 AM, Mark Thomas wrote: Tomcat will prevent access to anything in WEB-INF or META_INF. Everything else is up to the app to control. Note: You can place content in WEB-INF and include it from JSPs and Servlets (and it will work)

Re: [ANN] Webinar: Tomcat and MoSKito

On 25 Aug. 2017 5:57 am, "Igal @ Lucee.org" wrote: On 8/24/2017 12:55 PM, Mark Thomas wrote: > On 03/08/17 15:18, Mark Thomas wrote: > >> The webinar will be recorded and the recording made available on the >> Tomcat YouTube channel shortly afterwards. >> > As promised: > >

Re: letsencrypt integration?

Cheers :) On Thu, Aug 24, 2017 at 3:35 PM, Mark Thomas wrote: > On 24/08/17 19:50, Chris Cheshire wrote: > > Currently I am using httpd to handle SSL (because my certs are generated > > via LE) with all content being passed off to Tomcat 7 (investigating 8.5 > > upgrade). > >

Re: [ANN] Webinar: Tomcat and MoSKito

On 8/24/2017 12:55 PM, Mark Thomas wrote: On 03/08/17 15:18, Mark Thomas wrote: The webinar will be recorded and the recording made available on the Tomcat YouTube channel shortly afterwards. As promised: https://www.youtube.com/watch?v=5RCkx-hGK1Q on the Apache Tomcat YouTube channel:

Re: [ANN] Webinar: Tomcat and MoSKito

On 03/08/17 15:18, Mark Thomas wrote: > All, > > The Tomcat community is hosting a webinar by Leon Rosenberg: > > Monitoring your tomcat web-application in production with MoSKito. Get > full control of threads, memory and execution time usage of the JVM and > your code. > > Topic: Tomcat and

Re: Protecting files within a context

On 24/08/17 20:43, James H. H. Lampert wrote: > On 8/24/17, 11:35 AM, Mark Thomas wrote: > >> Tomcat will prevent access to anything in WEB-INF or META_INF. >> Everything else is up to the app to control. >> >> Note: You can place content in WEB-INF and include it from JSPs and >> Servlets (and

Re: Protecting files within a context

On 8/24/17, 11:35 AM, Mark Thomas wrote: Tomcat will prevent access to anything in WEB-INF or META_INF. Everything else is up to the app to control. Note: You can place content in WEB-INF and include it from JSPs and Servlets (and it will work) but direct access will not. You might want to

Re: letsencrypt integration?

On 24/08/17 19:50, Chris Cheshire wrote: > Currently I am using httpd to handle SSL (because my certs are generated > via LE) with all content being passed off to Tomcat 7 (investigating 8.5 > upgrade). > > I had a poke around on the archives and found mention of a talk on it in a > conference in

Re: letsencrypt integration?

Hi, we have made a Docker image that configures Tomcat with LE certs: https://hub.docker.com/r/atomgraph/letsencrypt-tomcat/ It hasn't been tested in production though. Martynas atomgraph.com On Thu, 24 Aug 2017 at 20.50, Chris Cheshire wrote: > Currently I am using

letsencrypt integration?

Currently I am using httpd to handle SSL (because my certs are generated via LE) with all content being passed off to Tomcat 7 (investigating 8.5 upgrade). I had a poke around on the archives and found mention of a talk on it in a conference in Miami.

Re: Protecting files within a context

On 24/08/17 19:29, James H. H. Lampert wrote: > I've just discovered that a number of files within our webapp context > are reachable from outside. Not all of them, but a number that really > shouldn't be. > > By its nature, the webapp itself has its own access control, based on > the outside

Protecting files within a context

I've just discovered that a number of files within our webapp context are reachable from outside. Not all of them, but a number that really shouldn't be. By its nature, the webapp itself has its own access control, based on the outside resource it accesses, rather than on, say,

Re: [ANN] Webinar: Tomcat and MoSKito

Thanks Mark! Leon > On 24. Aug 2017, at 15:36, Mark Thomas wrote: > > Final reminder - this will be starting in just over 20 minutes. > > Do join us if you can. > > Mark > > >> On 03/08/17 15:18, Mark Thomas wrote: >> All, >> >> The Tomcat community is hosting a webinar

Re: [ANN] Webinar: Tomcat and MoSKito

Final reminder - this will be starting in just over 20 minutes. Do join us if you can. Mark On 03/08/17 15:18, Mark Thomas wrote: > All, > > The Tomcat community is hosting a webinar by Leon Rosenberg: > > Monitoring your tomcat web-application in production with MoSKito. Get > full control

Re: Tomcat 8.5.15/502: Bad Gateway

On 24/08/17 11:43, Petr Nemecek wrote: > Hi, > > this error occurs even if I bypass IIS i.e. go directly to Tomcat. > > My request are SOAP requests, I get thet bad gateway error on the client > side, then when the processing of the request finishes I could see following > error in

RE: Tomcat 8.5.15/502: Bad Gateway

Hi, this error occurs even if I bypass IIS i.e. go directly to Tomcat. My request are SOAP requests, I get thet bad gateway error on the client side, then when the processing of the request finishes I could see following error in Tomcat/stderr.

Re: Tomcat 8.5.15/502: Bad Gateway

On 24/08/17 08:39, Petr Nemecek wrote: > Hello, > > I have a Tomcat behind IIS, and I get the 502: Bad Gateway error for long > running requests. > > After some experiments I've found out, that if I use connector 8082 (see > below), I have this problem, but when I switch to 8084 (see below),

Tomcat 8.5.15/502: Bad Gateway

Hello, I have a Tomcat behind IIS, and I get the 502: Bad Gateway error for long running requests. After some experiments I've found out, that if I use connector 8082 (see below), I have this problem, but when I switch to 8084 (see below), the problem disappears. The only difference is that