but you people could try making Tomcat Container
managed security easier to use.
On Thu, Sep 10, 2015 at 9:16 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 9/10/15 8:10 AM, Sreyan
BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sryan,
>
> On 9/9/15 12:50 PM, Sreyan Chakravarty wrote:
> > Well I guess now its confirmed that it is a bug. Do you still need
> > the code ?
>
> No, I don't think I will.
>
> However, since you wrote yo
Well I guess now its confirmed that it is a bug. Do you still need the code
?
On Wed, Sep 9, 2015 at 8:55 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 9/8/15 6:31 AM, Sreyan Chakravar
2015 at 7:25 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 9/9/15 9:45 AM, Christopher Schultz wrote:
> > On 9/7/15 2:17 PM, Sreyan Chakravarty wrote:
> >> I have found t
forwarded to the protected resource.
It should use the algorithm in the CredentialHandler to mutate the
password. Now don't tell me that two different algorithms offer the same
hash.
What is going on here ?
Regards
Sreyan Chakravarty
appreciated.
Regards,
Sreyan Chakravarty
On Mon, Sep 7, 2015 at 10:51 PM, Sreyan Chakravarty <
sreyan.mail...@gmail.com> wrote:
> Yes but what happens when the user passes a user-id that is not present in
> the DB. Or a password that is incorrect. How would the server handle that ?
&
forwarded to the protected resource.
It should use the algorithm in the CredentialHandler to mutate the
password. Now don't tell me that two different algorithms offer the same
hash.
What is going on here ?
Regards
Sreyan Chakravarty
appreciated.
Regards,
Sreyan Chakravarty
On Mon, Sep 7, 2015 at 10:51 PM, Sreyan Chakravarty <
sreyan.mail...@gmail.com> wrote:
> Yes but what happens when the user passes a user-id that is not present in
> the DB. Or a password that is incorrect. How would the server handle that ?
&
-error
page.
That was my question. How do I do that ?
On Mon, Sep 7, 2015 at 9:52 PM, André Warnier (tomcat)
wrote:
> Hi.
>
> I have notv really followed this thread from the beginning, but maybe I
> can contribute something here..
>
> On 07.09.2015 15:56, Sreyan Chakravarty wrote:
login(req.getParameter("username"),
req.getParameter("password"));
Which realm would it use if there were multiple realms available ?
Thanks for your patience in helping me Christopher.
Regards
Sreyan Chakravarty
On Tue, Sep 1, 2015 at 9:44 PM, Christopher Schultz <
Ok I found FormAuthenticator and landingPage attribute in it in the source.
But how do I use that in my application ? What do I do ?
Any documentation for this ?
On Tue, Sep 1, 2015 at 12:46 AM, Sreyan Chakravarty <
sreyan.mail...@gmail.com> wrote:
> Well Christopher thanks for that e
n I have two elements in my web.xml ?
On Mon, Aug 31, 2015 at 11:19 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 8/31/15 1:39 PM, Sreyan Chakravarty wrote:
> > First of all
Yup the API is very easy to but that keeps a compile time dependency. What
I mean is that you also need to put the sCrypt jar into you /lib folder. If
thats okay then things get really easy.
Regards
Sreyan Chakravarty
On Mon, Aug 31, 2015 at 10:52 PM, Christopher Schultz <
t; -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 8/31/15 12:34 PM, Sreyan Chakravarty wrote:
> > Wait I am sure I am going wrong in a fundamental area.
> >
> > My security constraint is as follow-:
> >
> >
> > TECHERS
>
designate the login page ?
Forgive my noobishness. Just starting out with servlet security.
Regards
Sreyan Chakravarty
On Mon, Aug 31, 2015 at 3:59 PM, Mark Thomas wrote:
> On 31/08/2015 07:00, Sreyan Chakravarty wrote:
> > I don't understand where did I request the login page
Sreyan Chakravarty
On Mon, Aug 31, 2015 at 8:12 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 8/29/15 4:54 PM, Sreyan Chakravarty wrote:
> > Now can you tell me how do I write my own
Can you provide a link to the Servlet Spec the to which section you are
referring to.
On Sun, Aug 30, 2015 at 9:55 PM, Mark Thomas wrote:
> On 29/08/2015 22:26, Sreyan Chakravarty wrote:
> > Okay I have just started to use Realms and container managed
> authentication
> >
In your opinion would a security framework help in doing this ? Like Apache
Shiro ?
On Sun, Aug 30, 2015 at 9:51 PM, Mark Thomas wrote:
> On 29/08/2015 21:51, Sreyan Chakravarty wrote:
> > Is there any way I can tell the user that what number of login attempt he
> > is on ?
I don't understand where did I request the login page directly ? I just put
as index.jsp and and the error page as
index.jsp?error=true.
So where is my error ?
On Sun, Aug 30, 2015 at 9:54 PM, Mark Thomas wrote:
> On 29/08/2015 22:16, Sreyan Chakravarty wrote:
> > Okay this is m
/upload.jsp ?
I mean all forms will have "j_security_check" as action, so which page do I
go to after login if multiple pages are protected ?
How do I say that success.jsp is the home page and all other pages are
protected but not home pages ?
Regards
Sreyan Chakravarty
y help would be greatly appreciated.
What does the error mean ? Please check my web.xml and tell me if I am
wrong.
Regards
Sreyan Chakravarty
self
> without any problem.
>
> Alex.
>
> El dc., 19 ag. 2015 a les 22:26, Howard W. Smith, Jr. (<
> smithh032...@gmail.com>) va escriure:
>
> > On Aug 19, 2015 3:56 PM, "Sreyan Chakravarty"
> > wrote:
> > >
> > > TomEE su
Mon, Aug 24, 2015 at 11:30 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 8/24/15 1:19 PM, Sreyan Chakravarty wrote:
> > No you don't understand what my question wa
D MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 8/23/15 2:54 PM, Sreyan Chakravarty wrote:
> > I am confused with the functioning of LockOutRealms in Tomcat.
> >
> > My questions are as follows-:
> >
> >
> > 1. Say user at IP 10.10.10.1 has rea
Chakravarty
On Sat, Aug 29, 2015 at 1:02 AM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Sreyan,
>
> On 8/28/15 3:11 PM, Sreyan Chakravarty wrote:
> > Okay I am trying to use connection pooling for my pro
Where do you keep the declaration ?
After the servlet mappings ?
Any help would be greatly appreciated.
Regards
Sreyan Chakravarty
sufficient number of examples of
this process.
No one seems to know anything about it. I am totally in the dark here.
Regards
Sreyan Chakravarty
On Mon, Aug 24, 2015 at 7:41 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash:
Okay I know how to authenticate an existing user in a Realm. But how the
hell do you add a new user to the Realm ?
For example if a new member registers on the site, how would I add that to
the Realm ?
I am confused with the functioning of LockOutRealms in Tomcat.
My questions are as follows-:
1. Say user at IP 10.10.10.1 has reached the maximum number of invalid
login attempts and is locked out. Now say a user from 10.10.10.2 attempts
to login, will Tomcat stop him too since he is tr
advantages or reasons why you would want to use a JAAS
Realm ?
Regards
Sreyan Chakravarty
gards
Sreyan Chakravarty
l dc., 19 ag. 2015 a les 18:18, Daniel Mikusa () va
> escriure:
>
> > On Wed, Aug 19, 2015 at 12:03 PM, Sreyan Chakravarty <
> > sreyan.mail...@gmail.com> wrote:
> >
> > > I planning to use JPA (Hibernate) in a small project that I am
> > developing.
> >
. Send me a link to the documentation for this if there is any.
Please note that I am going to use a datasource to connect to my database
and I am using persistence.xml(JPA style) to use Hibernate.
Regards
Sreyan Chakravarty
ion,
> > the server will still create one ?
> >
> >
> > A real life popular website has millions of users at a time. So how
> > come the server is not overloaded by sessions ?
> >
> >
> >
> >
> >
> >
> > Regards
So what happens when I add something to the build path of a web-app ? The
dependency is not registered ? Also does that mean that whatever dependency
I need I will have to put it in the /lib folder ? I just don't understand
why it doesn't work if I add it to the Build Path from Eclipse like I do
fo
35 matches
Mail list logo
