Thanks again Mark,
I think it will be difficult to move to Tomcat 6 soon. If I change mod_proxy
to mod_jk, does mod_jk passes the client cert to Tomcat 5.5?
Thank you,
Andre
Mark Thomas wrote:
>
> On 22/04/2010 20:00, acastanheira2001 wrote:
>>
>> Thanks Mark,
>
was not an HTTPS request, " + "so no client certificate
is available");
}
}
}
Thanks in advance for your attention.
markt-2 wrote:
>
> On 19/04/2010 13:05, acastanheira2001 wrote:
>>
>> Hi,
>>
>> I have an apache server in front of
Hi,
I have an apache server in front of Tomcat/Jboss, the former receives the
client cert and does revocation list and trust validation.
I need to pass the client cert to Tomcat only to check the SubjectAltNames.
As far as trust accreditation is done by apache, does Tomcat need to have a
keysto
Hi,
Can you tell me what response headers do I need to suppress in order to
improve security?
Response headers example:
Server: Apache-Coyote
x-powered-by:
I think the above headers inform too much, so I will remove them.
Am I paranoid, or is it a good practice?
Thanks,
André
--
V
to consult the
> JBOSS docs since they configure it in a different manner.
>
> -Tim
>
> acastanheira2001 wrote:
>> Mark,
>>
>> Could you tell me what Tomcat doc is?
>>
>> Thanks for your atention,
>> Andre
>>
>>
>> Mark T
Mark,
Could you tell me what Tomcat doc is?
Thanks for your atention,
Andre
Mark Thomas-18 wrote:
>
> acastanheira2001 wrote:
>> Hi,
>>
>> Although I´ve set false to xpoweredBy tag, it continues to appear in
>> response headers.
>>
>>
>
Hi,
Although I´ve set false to xpoweredBy tag, it continues to appear in
response headers.
xpoweredBy
false
How to hide the following information?
"X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP02 (build:
SVNTag=JBPAPP_4_2_0_GA_CP02 date=200801291544)/Tomcat-5.5"
Thank
Thanks for your reply.
It appears on "http://tomcat.apache.org/tomcat-6.0-doc/config/context.html";
but not in "http://tomcat.apache.org/tomcat-5.5-doc/config/context.html";.
Andre
Konstantin Kolinko wrote:
>
>> X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP02 (build:
>> SVNTag=JBPAPP_4_2_0_GA_
Hi,
I´ve set useHttpOnly="true" in
/opt/jboss/server//deploy/jboss-web.deployer/context.xml.
But the cookie continues to respond to javascript commands.
Any ideas appreciated.
Thanks,
Andre
X-Powered-By: Servlet 2.4; JBoss-4.2.0.GA_CP02 (build:
SVNTag=JBPAPP_4_2_0_GA_CP02 date=2008012
Hi,
Apache has an internationalized error page system configured on errors.conf.
I use apache and tomcat on the same machine, so I would like that tomcat use
the same error page config.
Any ideas?
Thanks,
Andre
--
View this message in context:
http://www.nabble.com/How-to-use-the-error-page-c
10 matches
Mail list logo
