AW: jCIFS Jboss Tomcat IIS NTLM Authentication

2005-10-26 Thread Bernhard Slominski
A short follow up question here which is not Tomcat related: When you use request.getRemoteUser() to do your authentication it is very unsecure isn't it: You just can send your "bad" HTTP request which containts the administrator name as the remote user HTTP header field and your authenticated as

AW: Why can the JSESSIONID name not be changed?

2005-11-11 Thread Bernhard Slominski
Hi, well as you said it's in the spec, amen! There is currently a new version JSP 2.1 on the way and there is an issue tracker where you can add proposal like yours. Look at: https://jsp-spec-public.dev.java.net/ http://www.jcp.org/en/jsr/detail?id=245 The other solution is change the sources of

AW: Sync session across webapps

2005-11-21 Thread Bernhard Slominski
Hi Mathew, this comes up every so often, so here is just the answer, which I posted some time ago: First of all the session is ALWAYS on application scope, this is not an Tomcat specific behaviour but a requirement of the Specification: "SRV.7.3 Session Scope HttpSession objects must be scoped at

AW: JSTL

2005-11-23 Thread Bernhard Slominski
Hi, JSTL is not a part of J2EE 1.4, you need to "install" it separatly. But it will be a part of JEE5. Cheers Bernhard > -Ursprüngliche Nachricht- > Von: Behrang Saeedzadeh [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 23. November 2005 03:04 > An: Tomcat Users List > Betreff: JSTL >

AW: Noclassdeffound when using jspc ant task

2005-12-16 Thread Bernhard Slominski
Do you have all your tomcat libs in your classpath? You must have these 3 ind your path: - ${tomcat.home}/bin - ${tomcat.home}/server/lib - ${tomcat.home}/common/lib I send you my buildfile this works fine!

AW: Noclassdeffound when using jspc ant task

2005-12-16 Thread Bernhard Slominski
TECTED] > > CONFIDENTIALITY This e-mail and any attachments are > confidential and may also be privileged. If you are not the > named recipient, please notify the sender immediately and do > not disclose the contents to another person, use it for any > purpose, or store or copy th

AW: JSessionID

2006-01-09 Thread Bernhard Slominski
Hi, I just looked it up in the spec and there is a 3rd one as well: SSL Sessions >From the Servlet spec: "SRV.7.1 Session Tracking Mechanisms The following sections describe approaches to tracking a user's sessions SRV.7.1.1 Cookies Session tracking through HTTP cookies is the most used session

AW: Here is site, not getting spidered.

2006-03-27 Thread Bernhard Slominski
Hi Scott, generally I would suggest that you get some books or even an external company/consultant about search engine optimization. As the other posts pointed out there are really a lot of things that you can do (wrong). And it's not an easy subject. For a B2C Shop it is really essential that yo

AW: Plan to support Servlet 2.5 spec

2006-05-03 Thread Bernhard Slominski
> -Ursprüngliche Nachricht- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 3. Mai 2006 13:06 > An: Tomcat Users List > Betreff: Re: Plan to support Servlet 2.5 spec > > > When can I start to download some development builds that I > can use to > try things out.