-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 10/4/2011 5:48 PM, André Warnier wrote:
> Yes, because if one defines e.g. a Pattern "^abcdef" and uses it
> via yesno = Pattern.matches("^abcdef",input); it will actually
> match the pattern at the beginning of the string only, which is
> w
On Tue, Oct 4, 2011 at 23:48, André Warnier wrote:
>>
>>> And, it seems that the Pattern class, and its own .matches()
>>> method, does work in the way that a non-exclusively-java programmer
>>> would expect, anchors and all.
>>
>> Does it?
>>
>
> Yes, because if one defines e.g. a Pattern "^abcde
Christopher Schultz wrote:
...
And, it seems that the Pattern class, and its own .matches()
method, does work in the way that a non-exclusively-java programmer
would expect, anchors and all.
Does it?
Yes, because if one defines e.g. a Pattern "^abcdef" and uses it via
yesno = Pattern.matc
https://issues.apache.org/bugzilla/show_bug.cgi?id=51940
I left all the flags at their default settings.
Thanks!
On Saturday, October 01, 2011 07:20:21 Mark Thomas wrote:
> On 30/09/2011 17:09, Nicholas Sushkin wrote:
> > Mark, Chris, thanks for the review.
> >
> >
> > Should filing a bug be m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 10/4/2011 4:50 PM, André Warnier wrote:
> I agree with Francis that the way the documentation is written, is
> confusing for anyone not dedicating his life to Java programming
> (like the sysadmins and other perl programmers who have to use
On Tue, Oct 4, 2011 at 22:50, André Warnier wrote:
[...]
>
> So my question is : which of Matcher or Pattern is really used in the
> Valve's code ?
>
You use a Matcher to match. A Pattern is only the compiled form of a regex:
final String re = "^";
final Pattern p = Pattern.compile(re);
final Ma
Francis GALIEGUE wrote:
On Tue, Oct 4, 2011 at 21:40, André Warnier wrote:
[...]
I am not sure that I follow the depths of the Java implementation of all of
this, but please note that "\.googlebot\.com$" is a regexp /anchored/ at the
end of the string.
In other words, I would be surprised (and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sanford,
On 10/4/2011 3:40 PM, Sanford Stein wrote:
> I am not intentionally sending HTML e-mails--perhaps my
> Thunderbird client is doing something of which I am unaware.
You can configure tb to send plain-text to certain recipients.
Consider addin
Sanford Stein wrote:
...
I am not intentionally sending HTML e-mails--perhaps my Thunderbird
client is doing something of which I am unaware.
You can set this either in your global preferences for sending emails
(Options..Composition..General..Send Options), and/or specifically in your address
On Tue, Oct 4, 2011 at 21:40, André Warnier wrote:
[...]
>>
> I am not sure that I follow the depths of the Java implementation of all of
> this, but please note that "\.googlebot\.com$" is a regexp /anchored/ at the
> end of the string.
> In other words, I would be surprised (and disappointed) if
Francis GALIEGUE wrote:
On Tue, Oct 4, 2011 at 21:08, Christopher Schultz
wrote:
[...]
- From the docs:
"If this attribute [allow] is specified, the remote address MUST match
for this request to be accepted".
"If this attribute [deny] is specified, the remote address MUST NOT
match for this r
Andre, Christopher, and Konstantin,
Thank you for your prompt responses and your suggestions.
I apologize for not indicating my Tomcat version -- it is 5.5.23. My OS
is RHEL 5.6.
I am not intentionally sending HTML e-mails--perhaps my Thunderbird
client is doing something of which I am unawar
On Tue, Oct 4, 2011 at 21:08, Christopher Schultz
wrote:
[...]
>
> - From the docs:
>
> "If this attribute [allow] is specified, the remote address MUST match
> for this request to be accepted".
>
> "If this attribute [deny] is specified, the remote address MUST NOT
> match for this request to be
On Tue, Oct 4, 2011 at 21:02, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Francis,
>
> On 10/4/2011 2:50 PM, Francis GALIEGUE wrote:
>> Patch attached. I didn't know Bugzilla would treat patches this
>> way...
>
> Can you give us a link to the bug?
>
https://i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Francis,
On 10/4/2011 2:53 PM, Francis GALIEGUE wrote:
> On Tue, Oct 4, 2011 at 20:46, Christopher Schultz
> wrote:
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>
>> Francis,
>>
>> On 10/4/2011 2:37 PM, Francis GALIEGUE wrote:
>>> On Tue, Oct
"André Warnier" wrote:
>Christopher Schultz wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> André,
>>
>> On 10/4/2011 1:31 PM, André Warnier wrote:
>>> Or, wasn't there a possibility to place a symlink within the
>>> webapps dir, and have Tomcat /not/ following it when undeploy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 10/4/2011 1:56 PM, André Warnier wrote:
> quote
>
> allowLinking
>
> If the value of this flag is true, symlinks will be allowed inside
> the web application, pointing to resources outside the web
> application base path. If not specified,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Francis,
On 10/4/2011 2:50 PM, Francis GALIEGUE wrote:
> Patch attached. I didn't know Bugzilla would treat patches this
> way...
Can you give us a link to the bug?
> I implemented those two interfaces again, since the existing
> abstract class woul
app...@dsl.pipex.com wrote:
Not sure about which version of security I will use but I would like to accommodate MD5
verification into things. There's no sensitive or confidential info in the system either so
protected page access may not be required.
I don't know what you have in mind, but th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Martin,
On 10/4/2011 2:06 PM, app...@dsl.pipex.com wrote:
> Not sure about which version of security I will use but I would
> like to accommodate MD5 verification into things.
Note that MD5 doesn't verify anything. It's just a hashing function that
c
On Tue, Oct 4, 2011 at 20:46, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Francis,
>
> On 10/4/2011 2:37 PM, Francis GALIEGUE wrote:
>> On Tue, Oct 4, 2011 at 19:49, André Warnier wrote:
>> [...]
>>
>>> In this particular case, "\.googlebot\.com$" would be bet
On Tue, Oct 4, 2011 at 20:43, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Francis,
>
> On 10/2/2011 3:57 PM, Francis GALIEGUE wrote:
>> On Sun, Oct 2, 2011 at 19:46, Konstantin Kolinko
>> wrote:
>>> 2011/10/2 Francis GALIEGUE :
>>
>>>
>>> 1. If you want to sub
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 10/4/2011 2:01 PM, André Warnier wrote:
> Christopher Schultz wrote: ...
>
> (I agree with what precedes this)
>>
>> So, you can sniff the original request URI and serve-up whatever
>> flavor of login page you want.
>
> But with declarat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Francis,
On 10/4/2011 2:37 PM, Francis GALIEGUE wrote:
> On Tue, Oct 4, 2011 at 19:49, André Warnier wrote:
> [...]
>
>> In this particular case, "\.googlebot\.com$" would be better
>> (with the RemoteHostValve).
>>
>
> No, that would not even wo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Francis,
On 10/2/2011 3:57 PM, Francis GALIEGUE wrote:
> On Sun, Oct 2, 2011 at 19:46, Konstantin Kolinko
> wrote:
>> 2011/10/2 Francis GALIEGUE :
>
>>
>> 1. If you want to submit it as a patch for Tomcat, you should
>> attach it to a Bugzilla is
On Tue, Oct 4, 2011 at 19:49, André Warnier wrote:
[...]
> In this particular case, "\.googlebot\.com$" would be better (with the
> RemoteHostValve).
>
No, that would not even work, for there is a fatal flaw in all
existing Valves and Filters using regexes: they use the .matches()
method of Matc
Not sure about which version of security I will use but I would like to
accommodate MD5
verification into things. There's no sensitive or confidential info in the
system either so
protected page access may not be required.
Thanks Andre and Chris.
Quoting André Warnier :
> Christopher Schul
Christopher Schultz wrote:
...
(I agree with what precedes this)
So, you can sniff the original request URI and serve-up whatever
flavor of login page you want.
But with declarative security, that's kind of hard to do, no ?
Can't do that with a Servlet Filter.
-
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 10/4/2011 1:31 PM, André Warnier wrote:
Or, wasn't there a possibility to place a symlink within the
webapps dir, and have Tomcat /not/ following it when undeploying ?
Or was that precisely the catch, that it al
Thanks Chris. I'll be reading the spec soon enough.
Quoting Christopher Schultz :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Martin,
>
> On 10/4/2011 1:12 PM, app...@dsl.pipex.com wrote:
> > Before I look at the specification
>
> :(
>
> You should read the spec all the way through
Here are the Valves which exist under Tomcat 7.0, the latest version.
http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html
Which one are you talking about, and which Tomcat version ?
Note that org.apache.catalina.valves.RemoteAddrValve can filter on the base of the client
/IP address/, not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Martin,
On 10/4/2011 1:12 PM, app...@dsl.pipex.com wrote:
> Before I look at the specification
:(
You should read the spec all the way through IMO. It's not that long,
it's well-written and readable by real humans (and not
techno-lawyers), and very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sanford,
On 10/4/2011 1:21 PM, Sanford Stein wrote:
> 1. I am using wildcards in my IP addresses, such as: className="org.apache.catalina.valves.RemoteAddrValve"
> deny="*.googlebot.com"/>
That doesn't look like a valid regular expression.
> From
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 10/4/2011 1:31 PM, André Warnier wrote:
> Or, wasn't there a possibility to place a symlink within the
> webapps dir, and have Tomcat /not/ following it when undeploying ?
> Or was that precisely the catch, that it always does ?
Look for "a
2011/10/4 Sanford Stein
>
> 1. I am using wildcards in my IP addresses, such as:
> deny="*.googlebot.com"/>
>
> From my reading of the documentation, this should be OK, but when this line
> is present I cannot access any of my
> servlets from any IP address. Do wildcards work here and, if so,
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Léa,
On 9/30/2011 2:37 PM, Léa Massiot wrote:
o I have two WebApps "w1" and "w2" (under the Tomcat "webapps"
directory). o Both "w1" and "w2" contain (at least) a JSP which
allows to upload files to the server. o Presentl
Caldarale, Charles R wrote:
From: André Warnier [mailto:a...@ice-sa.com]
Subject: RHEL + Tomcat6, error in logfile
Oct 4, 2011 4:46:25 PM org.apache.catalina.mbeans.ServerLifecycleListener
lifecycleEvent
SEVERE: destroyMBeans: Throwable
javax.management.MalformedObjectNameException: Cannot cr
Hi all,
I'm running tomcat 5.5.23 on two RHEL 5.6.
I'm having big trouble making the session replication working across these
two nodes.
I configured a cluster and it looks like working: each node discovers the
other one, I can see in the logs every received and transmitted ping.
Well, when I creat
Before I look at the specification, maybe I should clarify my question: can I
have the login form
embedded in different pages? This way, there would be only one
element where re-
direction could resolve the welcome page issue once login is achieved.
Each page would then be able to direct each
> From: app...@dsl.pipex.com [mailto:app...@dsl.pipex.com]
> Subject: Using multiple login pages
> is it possible with Tomcat 6.0.26 for multiple login pages
> to be specified?
Read the servlet spec, especially section 13.2. A webapp may have only one
element, so there cannot be multiple lo
Hello
I have a realm defined as follows in my application's web.xml file:
FORM
Form-Based Authentication Area
/jsp/security/protected/login.jsp
/jsp/security/protected/error.jsp
Which means that all users must log in from the page
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aparna,
On 10/3/2011 5:41 PM, aparna bejugam wrote:
> Can some one tell me where to put the jsp precompilation build
> file(build.xml) in the Tomcat 7 structure.
You should not have to put your build.xml anywhere in the Tomcat 7
structure. Instead,
- Original Message -
> From: "Caldarale, Charles R"
> To: Tomcat Users List
> Cc:
> Sent: Tuesday, October 4, 2011 8:41 AM
> Subject: RE: RHEL + Tomcat6, error in logfile
>
>> From: André Warnier [mailto:a...@ice-sa.com]
>> Subject: RHEL + Tomcat6, error in logfile
>
>> Oct 4, 201
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 10/3/2011 4:16 PM, Konstantin Kolinko wrote:
> 2011/10/3 Christopher Schultz :
>> On 9/30/2011 2:18 PM, Konstantin Kolinko wrote:
>>> 2011/9/30 Christopher Schultz :
The OP should be able to put the Filter into the
in such a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Léa,
On 9/30/2011 2:37 PM, Léa Massiot wrote:
> o I have two WebApps "w1" and "w2" (under the Tomcat "webapps"
> directory). o Both "w1" and "w2" contain (at least) a JSP which
> allows to upload files to the server. o Presently, the uploaded
> files
> From: André Warnier [mailto:a...@ice-sa.com]
> Subject: RHEL + Tomcat6, error in logfile
> Oct 4, 2011 4:46:25 PM org.apache.catalina.mbeans.ServerLifecycleListener
> lifecycleEvent
> SEVERE: destroyMBeans: Throwable
> javax.management.MalformedObjectNameException: Cannot create object name fo
Hi.
I am installing something on a customer's RedHat server.
Tomcat was obviously installed (not by me) from a RHEL package.
As far as I can tell (because I cannot find the bin/version.sh script), the Tomcat version
is 6.0.24 (that's what various jar's seem to be named, like
"/usr/share/tomcat6
Thank you very much!
-Nestor
On Oct 4, 2011, at 12:17 AM, Konstantin Kolinko wrote:
> 2011/10/4 Nestor Urquiza :
>>
>> Downloading latest jasper-el
>> http://repo1.maven.org/maven2/org/apache/tomcat/jasper-el/6.0.33/jasper-el-6.0.33.jar
>> (from August 2011 which I consider latest - please cor
Léa Massiot wrote:
...
What's interesting is that, in the same servlets container, one WebApp "has
access" to another WebApp through "/w1/uf1/f.txt" "/w2/uf2/f.txt" type of
addressing.
That's only because you look at it the wrong way.
It is not that "one webapp has access to another webapp", i
Hello André,
> Do you mean that you are going to create a new JSP for every new file
> someone may ever upload?
No...
> Or do they always upload the same file "f.txt"?
No...
I understand your being puzzled... my bad:
the example I posted is oversimple but it works if tested!
In reality, the "
Hello André,
> Do you mean that you are going to create a new JSP for every new file
> someone may ever upload?
No...
> Or do they always upload the same file "f.txt"?
No...
I understand your being puzzled... my bad:
the example I posted is oversimple but it works if tested!
In reality, the "
51 matches
Mail list logo
