Re: HOWTO: the right way to configure security constraints to protect CGI scripts in web.xml

On Wed, Apr 9, 2025 at 2:49 AM Justin Chen wrote: > > Hi Mark and Chris, > > As suggested, updated configurations as follows: > > security-tomcat-2025 > > cgi > org.apache.catalina.servlets.CGIServlet > > cgiPathPrefix > /WEB-INF/cgi > > > executable > C:\Perl\strawberry\perl\bin\perl.exe >

Re: HOWTO: the right way to configure security constraints to protect CGI scripts in web.xml

Hi Mark and Chris, As suggested, updated configurations as follows:   security-tomcat-2025    cgi org.apache.catalina.servlets.CGIServlet   cgiPathPrefix   /WEB-INF/cgi   execut

Re: HOWTO: the right way to configure security constraints to protect CGI scripts in web.xml

8 Apr 2025 21:45:50 Christopher Schultz : Justin, On 4/8/25 3:16 AM, Justin Chen wrote: Dear users and supporters, Currently I have two CGI scripts: 1. "/cgi-bin/update" //an administrative command, required role="admin" 2. "/cgi-bin/updateOrder" //update order, required role="biz" In order

Re: HOWTO: the right way to configure security constraints to protect CGI scripts in web.xml

Justin, On 4/8/25 3:16 AM, Justin Chen wrote: Dear users and supporters, Currently I have two CGI scripts: 1. "/cgi-bin/update" //an administrative command, required role="admin" 2. "/cgi-bin/updateOrder" //update order, required role="biz" In order to protect above endpoints via web.xml secur

Re: Question About Tomcat 11.0.5

Juan, On 4/6/25 9:36 AM, juan wrote: I read it But couldn't make it work After hours i got it : This configuration looks acceptable at first glance. When you use this configuration, you said you "couldn't make it work". Can you be more spec

Re: Headless Mode

William, On 4/7/25 2:28 PM, William Crowell wrote: I am running Apache Tomcat 9.0.97 on Windows Server 2022 using Oracle’s JDK 1.8.0_441-b07. Anytime I generate a thread dump I see an AWT-Windows thread. Should this thread not be there when I am specifying the JVM to run in headless mode? -

Re: EOL timeline for tomcat 9 and 10.1

No Plans. Please See: https://lists.apache.org/thread/qlzpscgoqct9wspkj5qjkm34s66jswj0 On Tue, 8 Apr 2025 at 2:05 PM, Vishwas Bm wrote: > Hi, > > I was looking at the EOL page for tomcat https://endoflife.date/tomcat > but > couldn't get information related to EOL dates for tomcat 9 and 10.1. >

EOL timeline for tomcat 9 and 10.1

Hi, I was looking at the EOL page for tomcat https://endoflife.date/tomcat but couldn't get information related to EOL dates for tomcat 9 and 10.1. With tomcat11 available now, may I know till what date tomcat 9.0 and Tomcat 10.1 will be supported ? Is there any specific dates already planned fo

HOWTO: the right way to configure security constraints to protect CGI scripts in web.xml

Dear users and supporters, Currently I have two CGI scripts: 1. "/cgi-bin/update" //an administrative command, required role="admin" 2. "/cgi-bin/updateOrder" //update order, required role="biz" In order to protect above endpoints via web.xml security-constraints mechanism, how shall I do? Rega