d defining my JAVA_HOME as you suggested, tried
starting Tomcat and it showed the normal startup 'messages'
canker:~ brian$ $CATALINA_HOME/bin/startup.sh
Using CATALINA_BASE: /Users/brian/apache-tomcat-5.5.23
Using CATALINA_HOME: /Users/brian/apache-tomcat-5.5.23
Using CATALINA_TMPDI
Oops, I stand corrected, as I see further along in the thread that
JAVA_HOME is pointing to where I suggested.
See I knew I shouldn't have jumped in here! :)
-- brian
On 9/13/07, Brian Munroe <[EMAIL PROTECTED]> wrote:
> On 9/11/07, Hassan Schroeder <[EMAIL PROTECTED]> wr
clicks to "wake up"
after being idle for 1-2 hours
>
From:
Brian
Le
[mailto:[EMAIL PROTECTED]
>
So
how
do
I
make
Tomcat
responsive
to
website
visitors
after
>
1-2
hours
of
no
visitors?
>
Web
server
setup:
>
Suse
Linux
10.3
-
text
based,
mi
for a long
time but could not find a solution.
Web server setup:
Suse Linux 10.3 - text based, minimal install
Apache 2.2.8 - mpm_worker, compiled front end using mod_jk 1.2.26 Tomcat
connector, default configuration
Tomcat 6.0.16 - JSF 1.2
JDK 1.6.0_04 - 1.5gig heap
Thank you for any help
gure mod_proxy_ajp or mod_ajp. Lets solve the first issue first
though.
-- brian
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
configured as Peter suggested?
-- brian
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
ng,
but without much luck. Has anyone ever experienced this issue?
thanks
-- brian
[28 Mar 2008 12:58:39,522] ERROR TP-Processor7
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/csstest].[org.apache.jsp.splash_jsp]
- Servlet.service() for servlet org.apache.jsp.s
ifferently from IE than FF and is somehow
Thanks Frank, Peter
Those answers sound logical to me. Now if I can just get my hands on
the source
-- brian
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe,
[snip very helpful suggestions]
Holy crap guys! This is awesome, I've never had this much response
from the users@ (and be it an off-topic too!)
Once I get the code in hand, that's when the fun will begin!
thanks everyone
t(sqlString);
insertMsgBodyRecord.setString(1,message.getMessageId());
// This is where things fall apart (setStringForClob
// is a Oracle PreparedStatement method) - which
// is wrong, but still
insertMsgBodyRecord.setStringForClob(2,message.toXML());
insertMsgBodyRecord.executeUpdate();
insertMsgBodyRe
.
Eclipse probably has the same sort of deal but I haven't touched it much in a
few years.
Brian
On Fri, May 16, 2008 at 11:10:57AM -0700, Evan Siegel wrote:
> Hi. Just joined your list.
> I would like to have a bibliography of sites and books and whatever other
> resources
Your setup sounds fine. However having apache handle things on a separate
machine
might be a nice option if you ever wanted to use it to load balance more than
1 tomcat server in a clustered environment. Which could be what you want given
you're user base is growing.
Brian
On Tue, M
Shouldn't your JkMount statements have worker1 as their target?
as in:
JkMount /manager worker1
JkMount /manager/* worker1
etc
etc
On Tue, May 20, 2008 at 08:34:10AM -0700, Madan KN wrote:
>
> Hi,
> Am trying to integrate Apache 2.2.3 and Tomcat 6 using mod_jk.
>
> I have in
Use chkconfig, redhats tool for manipulating which scripts/daemons you want
to run at runtime.
The trick with chkconfig is that it relies on certain directives being
present in the header of your script.
So, something like:
#!/bin/bash
#|
# chkconfig: 2345 55 25
# description: Script
Can you attach your web.xml file... I'm new to this too but I think you need to
have appropriate url filters setup -- I might be using the wrong terminology
here.,.,.
On Tue, Jun 03, 2008 at 05:22:06PM +0300, Niki Diulgerov wrote:
> It's not because of missing or insufficient rights.
> The connec
did some poking
around the Tomcat documentation but nothing jumped out.
Thanks, Brian
Phone: (919) 224-1445 Tie-line: 8-687-1445
GILLAN AT RALVM13 / [EMAIL PROTECTED]
Tivoli Distributed Build Services
(http://oob.tivlab.raleigh.ibm.com/index.shtml)
Dept. E45A Bld. 510
RTP, NC
GB of RAM allocated to
Tomcat/Java.
Good luck,
Brian
From: nodje
To: users@tomcat.apache.org
Sent: Monday, December 29, 2008 2:57:14 AM
Subject: Optimizing Tomcat with Http11NioProtocol?
Hi,
we are still using 5.5.12 in production and our users are facing
aped when used within
the value
While I haven't found a way to automatically fix them, you can at least find
all of your JSPs ( *.jsp*) in need of an update with the following regular
expression (take a deep breath):
<\w+:[^>]+="[^<"]*<
t 6, and I have found it to be very valuable.
There is a free and a commercial version. WE use the free version and it works
great. Check it out at http://www.hyperic.com We use this tool to monitor heap
usage and thread usage over time, so that we can tell if we are hitting our
upper limits on e
free. But it only works with
JDK 1.6.x. It seems to have most of the features of LambdaProbe, Jmeter and
Jconsole, as well as a bunch of others.
https://visualvm.dev.java.net/
Brian
From: Mark Thomas
To: Tomcat Users List
Sent: Tuesday, December 30, 2008
figured value?
Am I missing something? Do I need to define the proxyName and proxyPort config
directives? I tried that, and it didnt' seem to have an effect.
I have the exact scenario (SSL accelerator in front of Tomcat) described above
and am having problems forcing my apps to generate https URLs instead of http.
(BTW: I'm running Tomcat 6.0.16 on Windows 2003)
Thanks,
Brian
Do you monitor your tomcat server(s) for memory and CPU use? I'd get some
baseline measurements and then incrementally increase your maxKeepAliveRequests
value until your problem goes away, all the while making sure you don't have
memory or CPU issues.
Brian Clark
VP, IS
Omeda
I use Sun's Visual VM.
https://visualvm.dev.java.net/
Brian
From: Zaki Akhmad
To: Tomcat Users List
Sent: Tuesday, January 20, 2009 10:02:51 PM
Subject: Monitor Tomcat
Hello,
I am deploying my web application on Tomcat. How do I monitor the
t
What version of Tomcat are you using?
What version of the JVM?
What version of Windows?
Are you up to date on your Windows patches?
From: Toby Kurien
To: users@tomcat.apache.org
Sent: Thursday, January 22, 2009 9:16:46 AM
Subject: SECURITY breach in Tomcat
:
https://www.mcafeesecure.com
http://www.alertsite.com/security.shtml
http://www.qualys.com/index.php
Qualys and Alertsite have free trials. I suggest you use them. They may also be
able to find a hole in your own web apps as your problem may not be in Tomcat,
the JVM or the OS.
Brian
privileges to the home directories and
> maintain a working jail.
>
> Can anyone suggest another alternative? I am not linux user expert so maybe
> there is an obvious solution i am missing?
> thanks
>
>
http://commons.apache.org/daemon/jsvc.html
works great, less fil
#
PID=`cat /var/run/jsvc.pid`
kill $PID
;;
*)
echo "Usage tomcat.sh start/stop"
exit 1
;;
esac
--
Brian Millett - [ Londo and Sinclair, "A Voice in the Wilderness I"]
"If the Narns all stood together in one place and hated all at the same
time,
Searched and googled for a answer for couple of hours.
I've installed and un-installed Tomcat 5.x and 6.x several times using
the windows installer on the Tomcat Apache site on Windows XP.
I've started it as service, and not, manually, on port 80 and 8080.
Stopped all other server relate
wrote:
> 2009/10/30 Brian Wolf :
> > I've installed and un-installed Tomcat 5.x and 6.x several times using
> > the windows installer on the Tomcat Apache site on Windows XP.
> >
> > I've started it as service, and not, manually, on port 80 and 8
need to download and install
the special MS uninstall tool , which I recommend (I als used it to get rid
of that persistant and nasty "Answers" toolbar in Firefox, I believe
"Answers" is a malware company)
tOn Fri, Oct 30, 2009 at 11:35 AM, Caldarale, Charles R <
chuck.caldar.
Hi,
*I don't know if this is the correct list to ask this, but this is an error
from a servlet "loaded" under tomcat (if thats the right phrase)*
*
*
*Thanks!*
*
*
*
*
*
*
*
*
*description* *The server encountered an internal error () that prevented it
from fulfilling this request.*
*excep
, Konstantin Kolinko
wrote:
> 2009/11/1 Brian Wolf :
> >
> > *description* *The server encountered an internal error () that prevented
> it
> > from fulfilling this request.*
> >
> > *exception*
> >
> > org.apache.jasper.JasperException: /search.jsp(1
On Fri, 2009-06-19 at 02:05 -0700, lmk wrote:
> --prefix=/usr/tomcat/apache-tomcat-6.0.18
I'd look where you told it to go.
--
Brian Millett - [ Sinclair (re: The Line), "The Gathering"]
"The sky was full of stars and every star an exploding ship...one of ours."
ewrite engine if this rule is matched
RewriteRule "^.*/WEB-INF/?(.*)" - [L,F,NC]
# Any jsp, jspx, do, servlet get proxied
RewriteRule \.(jsp|jspx|do) "http://localhost:8080%{REQUEST_URI}"; [P,L]
RewriteRule "^/(.*)/servlet/(.*)" "http://loc
processed and the request is re-closed.
Of course this secondary problem is harder to reproduce in
a small test case, but I do see it consistently in my
application.
I'm wondering if this is a legitimate bug, there's a work
around, or I'm doing something wrong.
s on occasion, but not
consistently? If it had something to do with the Apache or mod_jk
config, I'd have expected that the request wouldn't have been hanging on
the getParameter call, it would have been hung up before my servlet was
ever invoked.
Any help would b
Hi,
I'm using Tomcat 7.0.11 and I'm experiencing a leak problem.
This is what I find in the log:
Jul 29, 2011 7:36:51 PM org.apache.catalina.loader.WebappClassLoader
clearReferencesJdbc
SEVERE: The web application [/admin] registered the JDBC driver
[com.mysql.jdbc.Driver] but failed to unregiste
Hi,
Where do I find that? is there an archive of the threads?
Thanks!
On Sat, Jul 30, 2011 at 9:14 AM, Konstantin Kolinko
wrote:
> 2011/7/30 Brian Braun :
> > How do I solve it? Do I need to kill the thread somehow, or should it die
> as
> > soon as I cancel the timer wit
(I have just found the archive, sorry for asking something so silly)
On Sat, Jul 30, 2011 at 9:21 AM, Brian Braun wrote:
> Hi,
> Where do I find that? is there an archive of the threads?
> Thanks!
>
>
>
> On Sat, Jul 30, 2011 at 9:14 AM, Konstantin Kolinko <
st the timer thread that will dissappear eventually
and that no leaking is really happening?
On Sat, Jul 30, 2011 at 9:14 AM, Konstantin Kolinko
wrote:
> 2011/7/30 Brian Braun :
> > How do I solve it? Do I need to kill the thread somehow, or should it die
> as
> > soon as I c
ncesStopTimerThread()
> can be improved to check whether the value of newTasksMayBeScheduled
> flag is already false. It does not solve the issue of a task that is
> being run at this very moment, though.
>
> Best regards,
> Konstantin Kolinko
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
> 2011/7/30 Brian Braun :
Hi Terence, I will try that. Thanks!
On Sat, Jul 30, 2011 at 3:13 PM, Terence M. Bandoian wrote:
> On 1:59 PM, Brian Braun wrote:
>
>> Hi Konstantine,
>>>>
>>>> I read all the thread, but I didn't find any conclusive response. Here
>>>>
&g
times, and not only
the Tomcat manager says its clean of leaks, but also the Yourkit profiler
shows noe just one object of the class loader!
:-)
On Sat, Jul 30, 2011 at 3:28 PM, Brian Braun wrote:
> Hi Terence, I will try that. Thanks!
>
>
>
>
> On Sat, Jul 30, 2011 at 3
Hi,
I'm using Tomcat 7.0.11. I have noticed that after a reload of an app, the
"Find Leaks" button sometimes declares that there is a leak. But after a few
minutes (without restarting/stopping/reloading the app) it says that there
are no leaks.
I guess the reason is that some objects are refering
NCE property, but it doesn't
really make a lot of sense to me and I'm not sure whether it is relevant
to my problem.
Does my description make sense? I'm not sure whether I am looking at a
bug, or simply a case of how it is intended to work. Does anyone have
any helpful suggesti
-
Hash: SHA1
Brian,
On 10/11/2011 10:09 AM, Brian Burch wrote:
6. The user tries to refresh the second webapp's page after about
25 minutes, but the GET fails with 403 status and the explanation
"access to resource has been denied". Apparently, the user's
session has been
ruth", then
I'll slurp a copy of the jsp's java source into my debugger and
breakpoint that (nasty) complex "if" statement to see exactly how it
handles both the timed-out Session and the associated SSO-session.
Watch this space for further enlightenment...
-BEG
ession being validated, but didn't follow that
particular bit of logic. I will run the scenario again to see what
happens when the second webapp is first called.
Brian
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.
quite relevant to my symptoms. I haven't been able to reconcile the
source code and can't find the bug report yet.
Brian
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mai
ted from tomcat5 as a vanilla install to
tomcat6 as a deb.
Even if you are not on debian, perhaps looking at the installation
script and file structure will help you set up something similar.
Regards,
Brian
-
To unsubscribe
On 12/10/11 12:35, Brian Burch wrote:
I've successfully run a remote debugger session against the SingleSignOn
Valve while it is handling my timeout scenario.
Interestingly, the logic to handle the timeout of a single webapp is
exactly as I wanted it to be... only the specific Sessi
orrect) timeout behaviour will undoubtedly
follow.
Before I make this change, I want to satisfy myself that the
NonLoginAuthenticator.authenticate method is working properly according
to the specification.
Brian
-
To u
On 13/10/11 11:39, Brian Burch wrote:
To summarise: the webapp's explicit timeout is not being honoured
because its web.xml does not define a section. Therefore,
the webapp has defaulted to use the NonLoginAuthenticator - which
honours the existing SSO state (via the client cookie), but
On 13/10/11 15:14, Brian Burch wrote:
I beleve the division of responsibilities between the AuthenticatorBase
abstract class and its extension classes is wrong. At the moment, it is
the responsibility of the concrete class authenticate methods to add the
Session to the existing SingleSignOnEntry
On 13/10/11 15:14, Brian Burch wrote:
On 13/10/11 11:39, Brian Burch wrote:
To summarise: the webapp's explicit timeout is not being honoured
because its web.xml does not define a section. Therefore,
the webapp has defaulted to use the NonLoginAuthenticator - which
honours the existin
k out
exactly how to do it.
Brian
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
lanation for a jspwiki plugin that I wrote. You can read it here:
http://www.jspwiki.org/wiki/PhotoCollectionPlugin
Good luck!
Brian
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
On 15/10/11 23:27, Caldarale, Charles R wrote:
From: Brian Burch [mailto:br...@pingtoo.com]
Subject: Re: WebApp access to a LAN share
Well, for a start a webapp is not normally allowed to access
files outside its own container...
Unless you've configured Tomcat to use a security ma
t flushed out easily.
Thanks in advance,
Brian J.
EEPING the log4j.jar file in the common/lib folder produces some more
confusion
- All output is shown in the console, there are no log4j exceptions
thrown, but the log files are empty again.
Any more ideas? It seems like the modification to the logging.properties
file was very close to
The verbose file I was referring to was the original content of the
logging.properties file that I pasted in the previous message.
Brian J.
-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com]
Sent: Friday, October 21, 2011 2:24 PM
To: Tomcat Users List
Subject
Please find below the context of logging.properties (updated, the 'verbose'
copy, rather than the minimalized copy you had suggested previously):
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work
I removed the log4j jar file
- Tomcat now produces the output in the log files, but now complains
several times about ClassDefNotFound for log4j
Cheers,
Brian J.
-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com]
Sent: Friday, October 21, 2011 2:24 PM
My mistake. The distro doesn't include the .jar by default. The project I
deploy to Tomcat automatically sticks the log4j.jar file there.
Sorry for the confusion; I overlooked this step.
Brian J
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: Friday, Octob
a well known open source
enterprise LMS system. It is a very large system, comprised of 100+ sub
projects within the project itself. Building and dependencies are handled by
Maven. Not sure if that info helps with anything.
Thanks again,
Brian J.
-Original Message-
From: Mark Thomas [mailt
brain.
Brian J
-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com]
Sent: Friday, October 21, 2011 3:40 PM
To: Tomcat Users List
Subject: Re: Tomcat produces empty/missing log files
2011/10/21 Brian Jones :
> Yes, it appears that the project I'm deploying is
usly isolate my
development from the community's.
Regards,
Brian J
-Original Message-
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Friday, October 21, 2011 3:47 PM
To: Tomcat Users List
Subject: RE: Tomcat produces empty/missing log files
> From: Br
Yes, but the dependencies are not managed locally, it's done using a remote
maven repository.
Thus, it would affect the entire community. No?
Brian J.
-Original Message-
From: David kerber [mailto:dcker...@verizon.net]
Sent: Friday, October 21, 2011 4:26 PM
To: Tomcat Users
On 09/11/11 15:46, Daniel Baktiar wrote:
Probably you should instead do this:
$ cat /var/log/tomcat6
(I suspect it's the log file, not a tomcat6 folder).
No, it is because of permissions on the /var/log/tomcat6 directory...
you cannot cd to that directory as an ordinary user.
so these will w
On 13/11/11 04:32, Tobias Crefeld wrote:
Am Sat, 12 Nov 2011 07:21:58 -0500 schrieb whoswho:
Tomcat has been installed as a non-root user. I want to use SSL port
443 and not the deafult port 8443. When I modify the SSL connector,
and try connecting as 443, I get permission denied since the to
On 14/10/11 04:04, Brian Burch wrote:
I will go quiet for a few days while I checkout 6.0.28 and get it to
build.
Phew! That took me longer than I expected I got 6.0.28 to build,
then ran all the unit tests, then debugged the SSO logic and started to
understand it.
Then I (coded
called by all appropriate code.
I have just submitted a suggested fix to NonLoginAuthenticator
(https://issues.apache.org/bugzilla/show_bug.cgi?id=52303) which shows
how to inject an existing Principal instance into a SingleSignOn
session. This might give you some idea how t
hould be possible to make the handling of expired SSO
cookies more more graceful, i.e. bounce directly back to the login form
rather than display the error response. However, if only you and me care
about it, then I have more important things to work on!
Regards,
Brian
---
pt to read the Tomcat docs.
3) http://www.catb.org/~esr/faqs/smart-questions.html
Is it a full moon?
- Chuck
Probably just the start of a new academic year in India... sigh, the
patience of you guys never ceases to impress me.
Brian
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL A
cache,
then stop netbeans, it will take a while to start while it repopulates
the cache by compiling all your files again.
I don't know whether this will resolve your problem, but it wouldn't be
the first time confusion was caused by something "supposedly deleted"
under netb
er than changing server.xml ( to run
on port 80 and enable SSL on port 443 ) I haven't done much above and
beyond that.
Thanks in advance
Brian
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
ion due to this being in the log output.
org.apache.catalina.core.ApplicationContext
which isn't a part of the example web app.
I am open to any other ideas.
Thanks
Brian
On 3/17/2012 2:23 AM, Pid * wrote:
On 17 Mar 2012, at 07:21, Brian Hand wrote:
Hello
I am currently running Apache T
the case.
Thanks for the prompt assistance
Brian
On 3/17/2012 2:39 AM, Pid * wrote:
On 17 Mar 2012, at 07:31, Brian Hand wrote:
Thanks for the quick response.
It doesn't appear to be the case. The example servlet doesn't seem to have
any logger calls and is just pipeling o
any way to not show these passwords in the clear and support
the SSL configuration capabilities that are setup?
Thanks in advance
Brian
ps -ef | grep jsvc
root 14973 1 0 23:51 ?00:00:00 jsvc.exec -pidfile
/var/run/jsvc.pid -cp
/usr/local/apache/bin/bootstrap.jar:/usr/loc
Pid
Worked like a champ. Thank you once again.
Brian
On 3/25/2012 2:40 AM, Pid * wrote:
On 25 Mar 2012, at 06:25, Brian Hand wrote:
Hello all
I been working with getting JMX working with SSL with client side authentication working
on tomcat. All is working well in this regard. However
Hi,
First of all, I'm using Ubuntu 11.1 + Tomcat 7.0.22.
I created a RESTfull service. My clients are sending me HTTP requests, and
I return them responses. Usually, a client makes at the most 1-2 requests
per second which is totally fine, but some clients sometimes make about 30
requests per sec
Hi Joseph,
Could you elaborate that further please? It sounds like a solution, but I
didn't understand it.
Thanks in advance!
On Fri, Jun 29, 2012 at 8:28 PM, Joseph wrote:
> Try jdk build in block queue in concurrent pkg
>
> 在 2012-6-30,7:57,Brian Braun 写道:
>
> > H
I'm using mail.jar and activation-1.1.jar.
I am able to successfully send mail from Tomcat.
However the emails come from the user running tomcat and the FQDN of the local
host.
Is there a way to mask this?
For example, instead of:
From: tomc...@servername.domain.com
[mailto:tomc...@servername.
cat 7.0.10 (Even though I disguised it as 7.0.25, actually so
securitymetrics don’t bother me with some very obscure vulnerabilities that
would force me to update it otherwise)
- This is the relevant entry in my server.xml file:
Thanks in advance!
Brian
your
> connector.
>
> JSSE
> .../>
>
> APR/OpenSSL
> .../>
>
>
> Dan
>
> -Original Message-
> From: Brian Braun [mailto:brianbr...@gmail.com]
> Sent: Friday, September 14, 2012 1:06 AM
> To: Tomcat Users List
> Subject: SSL Vulnerability in
Hi,
Is there a REAL solution to the "BEAST attack" (CVE-2011-3389) for Tomcat
7.x?
For more info about this attack:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389
My toughts and questions, as far as I have investigated this issue:
- Disabling the TLS1.0 protocol would be too restr
Besides removing the last one, which ones should I add?
On Sat, Sep 15, 2012 at 2:57 AM, Mark Thomas wrote:
> Brian Braun wrote:
>
> >Hi,
> >
> >Is there a REAL solution to the "BEAST attack" (CVE-2011-3389) for
> >Tomcat
> >7.x?
> >For more i
ave humble
requirements :-)
On Sat, Sep 15, 2012 at 2:05 PM, Mark Thomas wrote:
> On 15/09/2012 19:59, Brian Braun wrote:
> > Hi Mark,
> >
> > I was really interested in your advice. I'm glad you answered, thanks!
> > I'm trying not the disable TLS1.0 because I did a sit
ers from
> your supported cipher list. This really only leaves you with RC4 ciphers.
>
> Dan
>
> On Sep 14, 2012, at 5:14 PM, Brian Braun wrote:
>
> > Hi Dan,
> >
> > Thanks a lot for your response!
> > Contacting them will not work. I have had false positives
h, but I thought OpenSSL had a patch for this that worked.
> Read...#2635: 1/n-1 record splitting technique for CVE-2011-3389
>
>
> -Original Message-
> >From: Brian Braun
> >Sent: Sep 14, 2012 11:12 PM
> >To: Tomcat Users List
> >Subject: Is there a R
n-config
section of each webapp's web.xml. Does each Context have its own
instance of the authenticator valve?
I would like to be sure of my understanding before proposing the test
case as an enhancement, so any comments or advice would be
On 23/09/12 11:10, Mark Thomas wrote:
Thanks for looking at my questions, Mark. I hoped you would find time,
because you fixed the original bug quite recently and would still
remember the rather convoluted logic for FORM authentication.
On 23/09/2012 10:46, Brian Burch wrote:
With
On 24/09/12 19:50, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brian,
On 9/23/12 5:46 AM, Brian Burch wrote:
However, in the case where the client is not using cookies (my
test disables them for its Context), there does not appear to be a
way for the server to
On 24/09/12 17:52, Mark Thomas wrote:
On 24/09/2012 11:41, Brian Burch wrote:
I draw the following conclusions:
1. A client that can accept a Set-Cookie for JSESSIONID will be able to
maintain a persistent session (is that incorrectly overloading a
reserved word?), no matter whether the
forgot
about it. However, the attribute "maxActiveSessions" limits the total of
sessions among all the visitors, not specifically the total of sessions FOR
A CERTAIN IP, or does it?
Thanks!
On Sun, Sep 30, 2012 at 3:24 AM, Konstantin Kolinko
wrote:
> 2012/9/30 Brian Braun :
>
at 3:45 AM, André Warnier wrote:
> Brian Braun wrote:
>
>> Hi Constantine,
>>
>> 1- I had almost decided to program a filter. However, I have found this
>> solution:
>> http://stackoverflow.com/**questions/3679465/find-number-**
>> of-active-sessions-cre
42 AM, Konstantin Kolinko
wrote:
> 2012/10/1 Brian Braun :
> > Hi Constantine,
> >
> > 1- I had almost decided to program a filter. However, I have found this
> > solution:
> >
> http://stackoverflow.com/questions/3679465/find-number-of-active-sessions-created-from-a
en't yet done
any work on it. This openjdk does not ship with a keytool program, and
so I presume it will use openssl.
I wonder whether I have hit a sun java 6 (and 7?) bug that is of limited
interest - does anyone have any thoughts?
Thanks..
Brian
---
On 26/10/12 16:12, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brian,
On 10/26/12 5:11 AM, Brian Burch wrote:
I have another system with java-7-openjdk-i386, but I haven't yet
done any work on it. This openjdk does not ship with a keytool
program, and so I pr
On 26/10/12 13:24, Daniel Mikusa wrote:
On Oct 26, 2012, at 5:11 AM, Brian Burch wrote:
My production tomcat 7.0.26 (and its predecessors back as far as tc 5) have
been running with its original SSL server certificate in a JKS keystore for
many years.
I decided to retire my ancient java
301 - 400 of 545 matches
Mail list logo