I see... It's really weird... We'll double check that.
On Fri, Jun 21, 2019 at 7:00 PM Mark Thomas wrote:
> On 21/06/2019 13:48, Leonid Rozenblyum wrote:
> > Thank you!
>
> I've looked and the behaviour in 8.0.30 appears to be the same. The
> changes I was thin
Thank you!
On Fri, Jun 21, 2019 at 3:29 PM Mark Thomas wrote:
> On 21/06/2019 12:39, Leonid Rozenblyum wrote:
> > Hi Mark!
> > Thanks for the explanation.
> >
> > So now it's mandatory for us to mark every web application
>
> > (and also ensure no
working).
On Fri, Jun 21, 2019 at 12:29 PM Mark Thomas wrote:
> On 21/06/2019 09:54, Leonid Rozenblyum wrote:
> > Hello. After recent Tomcat upgrade from 8.0 to 9.0 DeltaManager stopped
> > initializing.
> > StandardManager is used instead in cluster environment.
>
Hello. After recent Tomcat upgrade from 8.0 to 9.0 DeltaManager stopped
initializing.
StandardManager is used instead in cluster environment.
our global conf/web.xml contains as before.
I found a possible workaround: to copy the tag to the
web.xml in the web applications itself.
However should
Thank you, Christopher!
On Thu, Jun 11, 2015 at 4:34 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Leonid,
>
> On 6/11/15 4:18 AM, Leonid Rozenblyum wrote:
>> Hello. Just to double-check. By writing own login-handler, do
2015 at 6:49 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mark,
>
> On 5/28/15 5:29 AM, Mark Thomas wrote:
>> On 28/05/2015 10:22, Leonid Rozenblyum wrote:
>>> Hello experts.
>>>
>>> We are using FormAuth
On Fri, May 29, 2015 at 9:47 AM, André Warnier wrote:
> 20-odd
Well the development team uses Tomcat via Eclipse and after changing
some code they do Tomcat restart because more often than not, hot
redeploy doesn't give good results.
That's why Tomcat restart is a RATHER often event during the
de
m login handler.
Thanks!
On Thu, May 28, 2015 at 6:49 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mark,
>
> On 5/28/15 5:29 AM, Mark Thomas wrote:
>> On 28/05/2015 10:22, Leonid Rozenblyum wrote:
>>> Hello experts.
>>>
The reason is :
After Tomcat restart, and logging-in browser provides an old session
id to server.
FormAuthenticator treats it as an issue, and either sends error or landing page.
On Thu, May 28, 2015 at 12:30 PM, Leonid Rozenblyum
wrote:
> Well the issue is that if user enters CORR
Well the issue is that if user enters CORRECT credentials AFTER Tomcat restart
he sees Error 400/408
On Thu, May 28, 2015 at 12:29 PM, Mark Thomas wrote:
> On 28/05/2015 10:22, Leonid Rozenblyum wrote:
>> Hello experts.
>>
>> We are using FormAuthenticator and face a fol
Hello experts.
We are using FormAuthenticator and face a following issue:
1) Session persistence is disabled
2) User is on login page
3) Restart Tomcat
4) User tries authentication
He receives error 400 or 408.
While digging deeper we discovered that in this case Tomcat validates
session id and
Thanks for the idea with the view!
On Thu, Feb 19, 2015 at 9:03 PM, Felix Schumacher
wrote:
> Am 19.02.2015 um 13:58 schrieb Leonid Rozenblyum:
>>
>> I'm sorry for the late response.
>>
>> 1. After deeper check I see our structure is NOT much more complex
&
.0.19! We'll wait for it with impatience.
On Fri, Feb 6, 2015 at 8:09 AM, Felix Schumacher
wrote:
>
>
> Am 5. Februar 2015 22:21:38 MEZ, schrieb Leonid Rozenblyum
> :
>>Hello Felix!
>>Thanks for the detail answer! Good suggestion about DataSourceRealm!
>>(I t
to suggest reducing logging level inside the
JDBCRealm if this is not an issue to worry about? E.g. not SEVERE but
DEBUG or TRACE?
On Thu, Feb 5, 2015 at 10:14 PM, Felix Schumacher
wrote:
> Hi Leonid,
>
> Am 05.02.2015 um 16:28 schrieb Leonid Rozenblyum:
>>
>> Hello!
>&
Hello!
After upgrading from Tomcat7 to Tomcat8 we started facing exceptions:
rg.apache.catalina.realm.JDBCRealm getPassword
SEVERE: Exception performing authentication
org.postgresql.util.PSQLException: This statement has been closed.
They look like not giving any harm (?).
Could we do anything
dangerous reflection ways or there are some
'recommended' ways to access the internals?
Thanks.
On Thu, Jan 29, 2015 at 1:25 PM, Leonid Rozenblyum
wrote:
> Thanks for the great advice!
>
> On Thu, Jan 29, 2015 at 12:57 PM, Mark Thomas wrote:
>> On 29/01/2015 10:54, Leonid Rozenbl
Thanks for the great advice!
On Thu, Jan 29, 2015 at 12:57 PM, Mark Thomas wrote:
> On 29/01/2015 10:54, Leonid Rozenblyum wrote:
>> Hello! I'm trying to extend the SingleSignOn valve and if possible
>> could you point me how can I create a global session listener
the 'custom SSO valve' as parent - add them
to SSO irregardless the fact the have no authentication themselves.
Thanks for any help!
On Thu, Jan 22, 2015 at 9:44 PM, Leonid Rozenblyum
wrote:
> Hello Mark!
>
> I'll investigate deeper the SingleSignOn class to understand how to
an 22, 2015 at 7:12 PM, Mark Thomas wrote:
> On 22/01/2015 16:25, Leonid Rozenblyum wrote:
>> So doesn't "As soon as the user logs out of one web application (for
>> example, by invalidating the corresponding session if form based login
>> is used), the user&
are invalidated and thus attributes are cleared?
(and as I mentioned above : there is some workaround that looks like
forces Tomcat to work exactly like this).
On Thu, Jan 22, 2015 at 6:21 PM, Mark Thomas wrote:
> On 22/01/2015 16:12, Leonid Rozenblyum wrote:
>> Probably the attachment w
uest.getSession().setAttribute("markerAttribute", "markerAttributeValue");
}
else {
%>
User is a guest. No setting of any session attributes.
<%
}
%>
Marker Attribute from session: <%=
request.getSession().getAttribute("markerAttribute") %>
On Thu, Jan 22,
2015 at 7:06 PM, Leonid Rozenblyum
wrote:
> Hello!
> I tried 8.0.17 (previously I had 8.0.15) and we still have the same
> problem with same possible workaround.
>
> I'll go through your examples, try them and compare what's the difference.
>
> On Tue, Jan 20, 2015 at
Hello!
I tried 8.0.17 (previously I had 8.0.15) and we still have the same
problem with same possible workaround.
I'll go through your examples, try them and compare what's the difference.
On Tue, Jan 20, 2015 at 11:52 AM, Mark Thomas wrote:
> On 20/01/2015 08:10, Leonid Roz
Thank you, Mark!
On Tue, Jan 20, 2015 at 12:18 AM, Mark Thomas wrote:
> On 16/01/2015 14:05, Leonid Rozenblyum wrote:
>> Hello Mark.
>>
>> We do explicit forced expiration of http session in one of SSO enabled
>> apps (Application1 : session.invalidate() )
>
on is 8.0.15. OS tested was both linux & windows
Probably I need to prepare minimal test case since it looks like a bug, right?
On Fri, Jan 16, 2015 at 2:53 PM, Mark Thomas wrote:
> On 15/01/2015 15:46, Leonid Rozenblyum wrote:
>> Hello.
>>
>> I have > 2 web-applicati
Hello.
I have > 2 web-applications which are running on the same host.
The Valve SingleSignOn is enabled.
Application1 has security-constraint and login-config elements in web.xml
Application2, 3 etc has no such definitions
Technically Application1 is acting as a security gate. All other
applica
26 matches
Mail list logo
