[GitHub] [tomcat] dagnelies commented on pull request #412: Adding default manager roles in tomcat users config.
dagnelies commented on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817606698 Hi, since the Travis CI possibly failed due to some unrelated instability, can we perhaps simply try to re-run it? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] martin-g commented on pull request #412: Adding default manager roles in tomcat users config.
martin-g commented on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817610088 > can we perhaps simply try to re-run it? Re-scheduled it! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kkolinko commented on pull request #412: Adding default manager roles in tomcat users config.
kkolinko commented on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817630063 > -1 for the above line. The "manager-jmx" role is not intended to be used by human users: it does not have CSRF protection. See https://tomcat.apache.org/tomcat-9.0-doc/manager-howto.html#Configuring_Manager_Application_Access > etc. There rarely is a need to explicitly create roles like the above. When parsing the tomcat-users.xml file, all roles mentioned in users are created automatically. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] kkolinko edited a comment on pull request #412: Adding default manager roles in tomcat users config.
kkolinko edited a comment on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817630063 ` ` -1 for the above line. The "manager-jmx" role is not intended to be used by human users: it does not have CSRF protection. See https://tomcat.apache.org/tomcat-9.0-doc/manager-howto.html#Configuring_Manager_Application_Access ` etc. ` There rarely is a need to explicitly create roles like the above. When parsing the tomcat-users.xml file, all roles mentioned in users are created automatically. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] dagnelies commented on pull request #412: Adding default manager roles in tomcat users config.
dagnelies commented on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817654873 @kkolinko Regarding: > There rarely is a need to explicitly create roles like the above. When parsing the tomcat-users.xml file, all roles mentioned in users are created automatically. I wasn't aware of that. If roles are automatically generated, what's the use of the annotation at all? I just assumed it was required since it's present in all examples. I'll remove the JMX part. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] dagnelies edited a comment on pull request #412: Adding default manager roles in tomcat users config.
dagnelies edited a comment on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817654873 @kkolinko Regarding: > There rarely is a need to explicitly create roles like the above. When parsing the tomcat-users.xml file, all roles mentioned in users are created automatically. I wasn't aware of that. If roles are automatically generated, what's the use of the `role` tag at all? I just assumed it was required since it's present in all examples. I'll remove the JMX part. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Update version number
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 1db93d3 Update version number
1db93d3 is described below
commit 1db93d3a0db2fb4d52b102c6a65bb0a870411ab9
Author: remm
AuthorDate: Mon Apr 12 12:49:25 2021 +0200
Update version number
---
modules/stuffed/Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/stuffed/Dockerfile b/modules/stuffed/Dockerfile
index 3cb4176..5055dc4 100644
--- a/modules/stuffed/Dockerfile
+++ b/modules/stuffed/Dockerfile
@@ -48,7 +48,7 @@ RUN mkdir -p /opt
# EXPOSE $jolokiaport
# Optional: Add Prometheus agent for JMX monitoring
-# RUN mkdir /opt/prometheus && wget
https://repo.maven.apache.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.14.0/jmx_prometheus_javaagent-0.14.0.jar
-O /opt/prometheus/prometheus.jar && wget
https://raw.githubusercontent.com/prometheus/jmx_exporter/master/example_configs/tomcat.yml
-O conf/prometheus.yaml
+# RUN mkdir /opt/prometheus && wget
https://repo.maven.apache.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.15.0/jmx_prometheus_javaagent-0.15.0.jar
-O /opt/prometheus/prometheus.jar && wget
https://raw.githubusercontent.com/prometheus/jmx_exporter/master/example_configs/tomcat.yml
-O conf/prometheus.yaml
# ARG prometheusport=9404
# ENV
JAVA_OPTS="-javaagent:/opt/prometheus/prometheus.jar=$prometheusport:conf/prometheus.yaml
${JAVA_OPTS}"
# EXPOSE $prometheusport
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Annotations aren't working with tomcat 9
Hi, @webservlet & @webListner annotations aren't working. Classes in which we are using these annotations are present in jar which is getting scanned but registration of servlet with tomcat is not happening. What we have tried to fix: 1. To confirm the issue we downgraded Tomcat version in Mercury 10.5 from Tomcat 9 to Tomcat 7. With Tomcat 7, servlets get registered with Tomcat and hence annotation scanning is happening as desired. 2. Tried setting properties values mentioned in the $INFA_HOME/tomcat/conf/catalina.properties file related to "jarSkip", but no luck. 3. Tried adding "metadata-complete" tag to false/true in web.xml as per Servlet 4.0 specification, but no luck. Things that worked- 1 - We put these classes at web-inf\classes folder, 2 - Added entry for the servlet in we.xml file. Since in our case these servlets are dynamically added via installer. We can't use any of the above method. Can anyone please help us with this? We are using below configuration: Tomcat version details: Server built: Dec 3 2020 11:43:00 UTC Server number: 9.0.41.0 OS Name:Linux OS Version: 3.10.0-693.el7.x86_64 Architecture: amd64 JVM Version:1.8.0_191-b12 JVM Vendor: Oracle Corporation annotation-api.jar - version - 1.3 Servlet-api.jar - version -4.0 Thanks & Regards, Vijay Shrivastava
Re: Annotations aren't working with tomcat 9
On Mon, Apr 12, 2021 at 12:51 PM Shrivastava, Vijay wrote: > Hi, > > @webservlet & @webListner annotations aren't working. > > Classes in which we are using these annotations are present in jar which > is getting scanned but registration of servlet with tomcat is not happening. > > What we have tried to fix: > > 1. To confirm the issue we downgraded Tomcat version in Mercury 10.5 > from Tomcat 9 to Tomcat 7. With Tomcat 7, servlets get registered with > Tomcat and hence annotation scanning is happening as desired. > 2. Tried setting properties values mentioned in the > $INFA_HOME/tomcat/conf/catalina.properties file related to "jarSkip", but > no luck. > 3. Tried adding "metadata-complete" tag to false/true in web.xml as per > Servlet 4.0 specification, but no luck. > > > Things that worked- > 1 - We put these classes at web-inf\classes folder, > 2 - Added entry for the servlet in we.xml file. > > Since in our case these servlets are dynamically added via installer. We > can't use any of the above method. > > Can anyone please help us with this? > We probably could help if you had posted in the Tomcat user mailing list instead. http://tomcat.apache.org/lists.html#tomcat-users Rémy > > We are using below configuration: > Tomcat version details: > Server built: Dec 3 2020 11:43:00 UTC > Server number: 9.0.41.0 > OS Name:Linux > OS Version: 3.10.0-693.el7.x86_64 > Architecture: amd64 > JVM Version:1.8.0_191-b12 > JVM Vendor: Oracle Corporation > > annotation-api.jar - version - 1.3 > Servlet-api.jar - version -4.0 > > Thanks & Regards, > Vijay Shrivastava >
[GitHub] [tomcat] kkolinko commented on pull request #412: Adding default manager roles in tomcat users config.
kkolinko commented on pull request #412: URL: https://github.com/apache/tomcat/pull/412#issuecomment-817721078 > > > @kkolinko Regarding: > > > There rarely is a need to explicitly create roles like the above. When parsing the tomcat-users.xml file, all roles mentioned in users are created automatically. > > I wasn't aware of that. If roles are automatically generated, what's the use of the `role` tag at all? I just assumed it was required since it's present in all examples. - If you need to declare a role that has no users assigned to it, the role can be declared with a "role" element. Such use case is rare (e.g. if users are managed via some GUI and you want to be able to list all available roles). - When a user database is saved (written out), "role" elements are written as well, for completeness. This operation can be triggered via JMX. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65235] New: Mismatch between RemoteIpValve documentation and source code
https://bz.apache.org/bugzilla/show_bug.cgi?id=65235 Bug ID: 65235 Summary: Mismatch between RemoteIpValve documentation and source code Product: Tomcat 9 Version: 9.0.45 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: knst.koli...@gmail.com Target Milestone: - Reviewing the commit that implemented bug 57665, https://github.com/apache/tomcat/commit/67c3af97230135af8f6f7566c77a79a69722a713 1. The documentation (webapps/docs/config/valve.xml) talks about attribute "changeLocalHost", but the actual name of the attribute is "changeLocalName" 2. JMX bean descriptor (java/org/apache/catalina/valves/mbeans-descriptors.xml) has not been updated. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] efge commented on pull request #406: Improve the SSLValve so it is able to handle the ssl_client_escaped_cert header from Nginx
efge commented on pull request #406: URL: https://github.com/apache/tomcat/pull/406#issuecomment-818021878 Could someone have a look at merging this, if it's ok? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
