7:35 PM
To: users@tomcat.apache.org
Subject: Re: RHEL 8.6 ==> Tomcat Native 1.2.32 ==> OpenSSLEngine could not
initialize
Hello,
On 6/22/23 07:47, S Abirami wrote:
> Hi All,
>
> Our application using embedded tomcat 9.0.62 on RHEL linux environment.
> Tomcat native version
Hi All,
Our application using embedded tomcat 9.0.62 on RHEL linux environment.
Tomcat native version :1.2.32
openssl version OpenSSL 1.1.1k
After upgrading from RHEL 7.9 to RHEL 8.6 version, embedded tomcat throws an
exception when starting the application for https.
org.apache.catalina.uti
Thanks Mark
-Original Message-
From: Mark Thomas
Sent: Thursday, March 16, 2023 2:34 PM
To: users@tomcat.apache.org
Subject: Re: CVE-2023-24998 : Apache Denial of Service
On 16/03/2023 05:33, S Abirami wrote:
> Hi All,
>
> Currently, In our product we are using 9.0.65 v
Hi All,
Currently, In our product we are using 9.0.65 version of Tomcat.
We are not using FileUpload option in any of our application and in Servlet.
We don't have any config to limit the file uploads also.
Whether our attacker still able to perform a malicious upload to our server via
url.
Plea
Hi All,
Currently, In our product we are using 9.0.65 version of Tomcat.
We are not using FileUpload option in any of our application and in Servlet.
We don't have any config to limit the file uploads also.
Whether our attacker still able to perform a malicious upload to our server via
url.
Plea
Thanks a lot Mark.
-Original Message-
From: Mark Thomas
Sent: Thursday, October 21, 2021 4:23 PM
To: users@tomcat.apache.org
Subject: Re: xsd version used for web.xml etc
On 21/10/2021 10:37, S Abirami wrote:
> Hi Thomas,
>
> How I can identify whether the schema validation e
: xsd version used for web.xml etc
On 21/10/2021 09:45, S Abirami wrote:
> Hi All,
>
> In web.xml, if we didn't define any xsd schema or dtd schema which version of
> xsd will be loaded for Tomcat 9.0.45.
By default none - whether a schema is defined or not. Schemas ar
Thanks Thomas.
-Original Message-
From: Mark Thomas
Sent: Thursday, October 21, 2021 2:40 PM
To: users@tomcat.apache.org
Subject: Re: xsd version used for web.xml etc
On 21/10/2021 09:45, S Abirami wrote:
> Hi All,
>
> In web.xml, if we didn't define any xsd schema or dt
used for web.xml etc
My guess, the one that is specified in TOMCAT_BASE/conf/web.xml
-Original Message-
From: S Abirami
Sent: donderdag 21 oktober 2021 10:46
To: Tomcat Users List
Subject: xsd version used for web.xml etc
Hi All,
In web.xml, if we didn't define any xsd schema o
Hi All,
In web.xml, if we didn't define any xsd schema or dtd schema which version of
xsd will be loaded for Tomcat 9.0.45.
Regards,
Abirami.S
https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites
TLSv1.3 supports 5 cipher suites and none is in your list.
-
Daniel Savard
Le mar. 29 juin 2021 à 01:44, S Abirami a
écrit :
> Hi Christopher,
>
> Below is my Connector element, sslEnabledProtocols =TLSv1.2
juin 2021 à 01:44, S Abirami a
écrit :
> Hi Christopher,
>
> Below is my Connector element, sslEnabledProtocols =TLSv1.2 ,TLS 1.3
> it is working fine with TLSv1.2. When sslEnabledProtocols=TLSv1.3,
> Tomcat is started but, the browser unable to perform handshake with weba
,
Abirami.S
-Original Message-
From: Christopher Schultz
Sent: Monday, June 28, 2021 7:27 PM
To: users@tomcat.apache.org
Subject: Re: TLSv1.3 Support in Tomcat
Abirami,
On 6/28/21 07:16, S Abirami wrote:
> TLSv1.3 support is available in Tomcat.
>
> I tried just updating s
Hi All,
We are using Tomcat 9.0.46 and JDK 8u291
Regards,
Abirami.S
-Original Message-
From: S Abirami
Sent: Monday, June 28, 2021 4:47 PM
To: Tomcat Users List
Subject: TLSv1.3 Support in Tomcat
Hi All,
TLSv1.3 support is available in Tomcat.
I tried just updating server.xml
Hi All,
TLSv1.3 support is available in Tomcat.
I tried just updating server.xml[sslEnabledProtocols=TLSv1.3] and restarted
tomcat. It doesn't work.
Please let me know any other configuration also needs to be changed.
Regards,
Abirami.S
Hi Team,
As part of CISCAT Tomcat 9 benchmark, we have added
JreMemoryLeakPreventionListener in server.xml.
We understood that it prevents memory leak. Do you any tool (or) testcase to
test this functionality is working fine in our product?
Please let us know, if any input available.
Regards,
Thanks Christopher for detailed explanation with testing tools.
-Original Message-
From: Christopher Schultz
Sent: Sunday, March 21, 2021 9:02 AM
To: users@tomcat.apache.org
Subject: Re: Embedded Tomcat 9.0.33
Abirami,
On 3/20/21 11:36, S Abirami wrote:
> We have deployed embed
Hi ALL,
We have deployed embedded tomcat in RHEL 7 with jdk 1.8. For sweet32
vulnerability, we have configured jdk.tls.disabled.algorithm to remove the
encryption cipher have 64bit block size.
I need a clarification whether JDK configuration is enough for embedded tomcat
to avoid sweet32 atta
Thanks Mark Thomas.
-Original Message-
From: Mark Thomas
Sent: Friday, August 21, 2020 4:03 PM
To: users@tomcat.apache.org
Subject: Re: Embedded and Standalone Tomcat
On 21/08/2020 11:27, S Abirami wrote:
> Hi All,
>
> In our application, we used to create embedded tomcat in
Hi All,
In our application, we used to create embedded tomcat instance by taking a copy
of lib jars from the Deployable Tomcat.
It's working properly. I have noticed that there is some jars in Embed package
https://mirrors.estointernet.in/apache/tomcat/tomcat-9/v9.0.37/bin/embed/apache-tomcat-9.
11:07 PM
To: Tomcat Users List
Subject: Re: SameSite attribute handling
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Abirami,
On 7/1/20 03:06, S Abirami wrote:
> We can add the samesite attribute in set-cookie header through
> context.xml entry in tomcat. Is there any other way, can
Hi All,
We can add the samesite attribute in set-cookie header through context.xml
entry in tomcat.
Is there any other way, can we add samesite attribute in response of set-cookie
header.
Context changes reflecting issue in tenable vulnerable. Hence looking for any
other way.
I tried with
x27;t have SameSite attribute.
Regards,
Abirami.S
-Original Message-
From: Mark Thomas
Sent: Thursday, June 11, 2020 8:19 PM
To: Tomcat Users List
Subject: RE: context.xml under META-INF was not working
On June 11, 2020 2:32:51 PM UTC, S Abirami
wrote:
>Hi Mark,
>
>We are using A
.
Regards,
Abirami.S
-Original Message-
From: Mark Thomas
Sent: Thursday, June 11, 2020 7:27 PM
To: users@tomcat.apache.org
Subject: Re: context.xml under META-INF was not working
On 11/06/2020 12:46, S Abirami wrote:
> Hi Mark,
>
> The below is the content of the co
Hi Mark,
The below is the content of the context.xml
Regards,
Abirami.S
-Original Message-
From: Mark Thomas
Sent: Thursday, June 11, 2020 5:12 PM
To: users@tomcat.apache.org
Subject: Re: context.xml under META-INF was not working
On 11/06/2020 11:42, S Abirami wrote:
> Hi
Hi All,
I want to configure SameSite attribute to the specific web-application.
For that, I have updated the context.xml of specific web application located in
/META-INF/context.xml
It is not working. Only the changes in global context.xml is working. Please
guide to solve the issue.
Regard
: Mark Thomas
Sent: Tuesday, June 9, 2020 1:50 PM
To: users@tomcat.apache.org
Subject: Re: Regarding context.xml changes impact other web service not deployed
On 09/06/2020 06:59, S Abirami wrote:
> Hi Team,
>
> In our product to address security vulnerability in context.xml,
pache%2Ftomcat%2Futil%2Fhttp%2FLegacyCookieProcessor.java
El mar., 9 jun. 2020 a las 7:59, S Abirami ()
escribió:
> Hi Team,
>
> In our product to address security vulnerability in context.xml,
> we have introduced following entry
>
>
>
>
> After introducing the above line, I noticed f
Hi Team,
In our product to address security vulnerability in context.xml, we have
introduced following entry
After introducing the above line, I noticed few rest service which is not
deployed in that Tomcat also getting impact.
Deployment Details
Deployed :RHEL
Tomcat Installatio
On 29/10/2018 12:36, S Abirami wrote:
> Hi Mark,
>
> Thanks for response .
>
> Please confirm whether
>
> Windows_Update has Window Size Increment (31) is configurable in Tomcat.
> SETTINGS_MAX_FRAME_SIZE : Whether this param is configurable in Tomcat and
&g
Thomas [mailto:ma...@apache.org]
Sent: Monday, October 29, 2018 5:53 PM
To: users@tomcat.apache.org
Subject: Re: HTTP/2 SETTINGS Parameters and WINDOW_UPDATE : Tomcat:9.0.11
On 29/10/18 06:21, S Abirami wrote:
> Hi Mark Thomas,
>
> Thanks for response.
>
> Need input on
7, 2018 11:24 PM
To: users@tomcat.apache.org
Subject: Re: HTTP/2 SETTINGS Parameters and WINDOW_UPDATE : Tomcat:9.0.11
On 27/10/18 17:27, S Abirami wrote:
> Hi All,
>
> I want your guidance how to set the below Setting Parameters and
> Wndows_Update using Tomcat.
> S
Hi All,
I want your guidance how to set the below Setting Parameters and
Wndows_Update using Tomcat.
SETTINGS_HEADER_TABLE_SIZE, SETTINGS_ENABLE_PUSH, SETTINGS_INITIAL_WINDOW_SIZE
etc which is mentioned 6.5.2 section in RFC 7540
Similarly How to set the Windows_Update using Tomcat whic
Hi All,
I have checked the port is not in use before allocating to the connector
and started the tomcat.
During start , it's mentioning that Port already in use. It is going and
binding to the Application Server where this app is deployed.
SERVER -- > Ran Embedded tomcat server in that
ssword=
Please share your input.
Regards,
Abirami.S
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: Monday, September 11, 2017 4:03 PM
To: Tomcat Users List
Subject: Re: Encrypt Keystore password in server.xml 8.0.45
On 11/09/17 10:11, S Abirami wrote:
>
> Hi A
Subject: Re: Encrypt Keystore password in server.xml 8.0.45
On 11/09/17 10:11, S Abirami wrote:
>
> Hi All,
>
> I have to encrypt keystore password in server.xml.
https://wiki.apache.org/tomcat/FAQ/Password
Mark
Hi All,
I have to encrypt keystore password in server.xml. For decrypting ,I have
inherited the class Http11Nio2Protocol[Http11Nio2ProtocolDecryptProp extends
Http11Nio2Protocol] and decrypted in setKeyStorePass overridden method then set
that to endpoint keystorePass and super class setKeyS
Hi All,
I have to encrypt keystore password in server.xml. For decrypting ,I have
inherited the class Http11Nio2Protocol[Http11Nio2ProtocolDecryptProp extends
Http11Nio2Protocol] and decrypted in setKeyStorePass overridden method then set
that to endpoint keystorePass and super class setKeySt
Hi All,
I have to encrypt keystore password in server.xml. For decrypting ,I have
inherited the class Http11Nio2Protocol[Http11Nio2ProtocolDecryptProp extends
Http11Nio2Protocol] and decrypted in setKeyStorePass overridden method then set
that to endpoint keystorePass and super class setKeyS
Hi All,
I have to encrypt keystore password in server.xml. For decrypting ,I have
inherited the class Http11Nio2Protocol[Http11Nio2ProtocolDecryptProp extends
Http11Nio2Protocol] and decrypted in setKeyStorePass overridden method then set
that to endpoint keystorePass and super class setKeySt
pgrade from 8.0.x to 8.0.x
On 04/08/17 10:49, S Abirami wrote:
> but the method call of = Tomcat.addwebapp(contextpath,docpath); itself
> triggering this exception.
> So whatever I need to do before addwebapp.
From the Javadoc:
This is equivalent to adding a web application to T
pgrade from 8.0.x to 8.0.x
On 04/08/17 10:49, S Abirami wrote:
> but the method call of = Tomcat.addwebapp(contextpath,docpath); itself
> triggering this exception.
> So whatever I need to do before addwebapp.
From the Javadoc:
This is equivalent to adding a web application to T
method call of = Tomcat.addwebapp(contextpath,docpath); itself
triggering this exception.
So whatever I need to do before addwebapp.
Regards,
Abirami.S
-Original Message-
From: S Abirami
Sent: Friday, August 04, 2017 3:08 PM
To: Tomcat Users List
Subject: RE: Embedded Tomcat throws
following:
JarScanner jsc = new JarScanner() {
public void scan(ServletContext arg0, ClassLoader arg1,
JarScannerCallback arg2, Set arg3) {
// DUMMY NOTHING
}
};
context.setJarScanner(jsc);
On 4 August 2017 at 09:35, S Abirami wrote:
> Hi ,
>
> It is contextPath is
https://tomcat.apache.org/tomcat-8.0-doc/config/jar-scanner.html
Please update.
Regards,
On 4 August 2017 at 08:50, S Abirami wrote:
> Hi,
>
> I am trying to create EmbeddedTomcat so no context.xml created.
> Tomcat t=new Tomcat();
> Everything through object creation.
&g
: Embedded Tomcat throws FileNotFoundException for TldScanner
upgrade from 8.0.x to 8.0.x
Hi,
What is in your context.xml file? You can find it in conf directory.
Regards,
On 4 August 2017 at 08:43, S Abirami wrote:
> Hi ,
>
> I am using Embedded tomcat to create webapp. when I am
Hi ,
I am using Embedded tomcat to create webapp. when I am trying to add web
app it is throwing the following exception but Server started successfully.
However,I need to eradicate this exception from the log.
java.io.FileNotFoundException: /var/lib/jide-grids.jar (No such file or
direct
47 matches
Mail list logo
