e is CVE-2013-2067.
> Mark does a good job describing the whole situation here:
> http://www.tomcatexpert.com/blog/2011/04/25/session-fixation-protection
>
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: use
2014-03-14 18:35 GMT+04:00 Mark Thomas :
> On 14/03/2014 11:57, Konstantin Kolinko wrote:
>> 2014-03-14 15:37 GMT+04:00 Zboron Lukas :
>>> Hi,
>>> I have several custom jspx tags with dynamic attributes that worked well up
>>> to Tomcat 7.0.47, but they do not
before if static attribute is used (onclick) or there is
> no EL in dynamic attribute (data-test2).
>
I prepared a reproducer and filed the following issue:
https://issues.apache.org/bugzilla/show_bug.cgi?id=56265
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
any version of Tomcat 7 and later.
E.g., by setting
org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true
http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html#Specification
When validation is enabled, Tomcat will refuse to deploy an
application with broken web.xml
)
Best regards,
Konstantin Kolinko
ve one.
(Actually it seems that this attribute is optional and is ignored.
There are no calls to ManagedBean.getGroup() except in
ManagedBean.toString()).
5. I hope that you do not have the second copy of your jar inside of
your webapp. So that it shadows the one in the lib/ directory.
6. Appare
mps to see what exactly it is doing.
If you do not know how to take thread dumps, see "Howto" page in Tomcat FAQ.
> If I comment out the filter, Tomcat starts properly.
> ...
4. As mentioned on the page below, what is your version of Tomcat?
http://tomcat.apache.org/lis
your version = ?
-> 6. don't top-post.
The source code is available (both downloadable and online from svn).
All necessary syncs are there.
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?annotate=1148471&diff_format=l#l313
Best reg
un/oracle sites.
[1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=351040
> Setting xmlBlockExternal="false" in the context makes things start
> up as they should again and I can continue with testing the new
> version.
>
> It would be nicer
f_Ant_and_Tomcat_for_Development
>> Overall the appdev tutorial is pretty problematic because it
>> doesn't really include a complete example and seems to have kind of
>> random organization.
>
> Patches are always welcome.
+1.
The tutorial needs good review and r
want to submit a patch, please attach it to an issue
in Bugzilla, so that it is not forgotten.
http://tomcat.apache.org/bugreport.html
2. You were lucky that you attachment has reached the list. Usually
attachments are just removed by mailing list server.
3. I cannot comment on the essence,
t is up to Debian devs how
they pack them.
2. It makes perfect sense to move those jars into separate package:
1) They require Java 7
2) They make startup slower, because of annotation scanning that is
needed to detect WebSocket endpoints
https://wiki.apache.org/tomcat/FAQ/Linux_Unix#Q5
https://wiki
ms, Mittelwert = 0ms
>>
>>
> That /is/ bizarre. As far as I know, to resolve hostnames in its
> configuration, mod_jk/isapi is using the OS's resolver library, the same as
> the one "ping" should be using.
> On the other hand, you say that if you have
>
>>
ryString() ?
Is it what you expect?
I think you may also configure AccessLogValve to print it and maybe
also to print the parameters.
3. Put a breakpoint into o.a.c.connector.Request#getParameterMap().
Does it work as expected?
If I understand it correctly, from a quick look the method is not
:
>
> C:\tmp\apache-tomcat-7.0.52\bin>tomcat7.exe //IS//
>
> C:\tmp\apache-tomcat-7.0.52\bin>sc start tomcat7
>
> (...)
>
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-04-08 15:05 GMT+04:00 Randhir Singh :
> We have an application which has JBoss as the application server with
> Tomcat as the web server, our application has Oracle 11g as the database. I
> would give some further background to the issue we are facing, since the
> last 1 1/2 months, the applic
2014-04-09 23:18 GMT+04:00 Jeffrey Janner :
>
> Much as I loathe downgrading, would it be possible/advisable to downgrade the
> native libraries to 1.1.23 with Tomcat 7.0.50?
1. There is a minimum required version of TCNative for every Tomcat.
See constants in AprLifecycleListener source.
2. Old
butes like
> SSLCertificateKeyFile then you are using OpenSSL (and still should
> track-down the version). If you see attributes like "keystoreFile",
> then you are using JSSE and you are not vulnerable to this particular
> issu
2014-04-10 22:28 GMT+04:00 Shanti Suresh :
> Greetings,
>
> There appears to be a hold up in 7.0.52 at startup as compared to 7.0.23 -
> a matter of several seconds initializing each context. In 7.0.52, the
> delay appears to happen at "findResources" when the
> "javax.servlet.ServletContainerInit
2014-04-11 16:58 GMT+04:00 Sylvain Goulmy :
> Hi,
>
> I'm facing performance issue with my application which loads a very large
> number of different JSPs (ie 16 000). As the application loads the
> different JSP, the response time becomes longer and the CPU increases.
>
> I have tried many configu
s about bypassing a
SecurityManager)
3) use an up-to-date Tomcat
http://wiki.apache.org/tomcat/FAQ/Linux_Unix#Q5
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
rently going on
on dev mailing list.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
nds on
Thread.currentThread().getContextClassLoader() (aka TCCL). Any reason
why TCCL may be wrong? (You aren't providing the full stacktrace)
Maybe you can try debugging, with a breakpoint in org.apache.naming.* classes?
http://wiki.apache.org/tomcat/FAQ/Developing#Debugging
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
.isClassLoaderBound() - both return false.
> In tomcat 8.0.0-RC10 ContextBindings.isThreadBound() returns true and the
> name resolution succeeds.
>
> Maybe this directs to the cause of the problem.
>
I do not know, what version of hibernate you are using, but if I look
at 4.3.x sources [1], the following method mentioned in your
stacktrace changes TCCL and thus breaks JNDI:
org.hibernate.boot.registry.
classloading.internal.ClassLoaderServiceImpl.withTccl(ClassLoaderServiceImpl.java:397)
[1]
https://github.com/hibernate/hibernate-orm/blob/4.3/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java#l384
I suggest you to ask at hibernate forums.
By the way, there exists an Apache project implementing the JPA specification,
http://openjpa.apache.org/
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-04-14 21:18 GMT+04:00 David kerber :
> Running TC 7.0.42 on Windows Server 2008 R2 as a windows service, JRE
> 1.6.0_45 32-bit.
>
> What I'm seeing is that my context path is not being initialized with the
> name I expect:
>
> My .war file is named eddSrv.war (lower-case first letter), but the
into doing one...
>
Monitoring can be done via JMX, and maybe in other different ways.
There is no need to run "Tomcat7w.exe //MS//" for that.
What are you using it for? What parameters are you monitoring?
Best regards,
Konstantin Kolinko
2014-04-14 21:41 GMT+04:00 David kerber :
> On 4/14/2014 1:33 PM, Konstantin Kolinko wrote:
>>
>> 2014-04-14 21:18 GMT+04:00 David kerber :
>>>
>>> Running TC 7.0.42 on Windows Server 2008 R2 as a windows service, JRE
>>> 1.6.0_45 32-bit.
>>>
2014-04-14 23:21 GMT+04:00 David kerber :
> On 4/14/2014 3:10 PM, Konstantin Kolinko wrote:
>>
>> 2014-04-14 22:59 GMT+04:00 David kerber :
>>>
>>> Is there a version (or equivalent) of Tomcat7w.exe, which can handle
>>> multiple services in one ins
2014-04-15 14:49 GMT+04:00 Randhir Singh :
> There is 1 finding. We normally monitor the tomcat port using jconsole as-
>
> jconsole 10.101.17.79:8891
>
> As per my initial query, our application hangs and we need to restart
> JBoss & Tomcat. I have observed that during this time the port 8891 does
ntioned in Access log at Tomcat side?
If an error happens at some early state of processing (in Connector,
in CoyoteAdapter), then there may be nothing in the
catalina/localhost/web application logs, unless you turn on debug
logging at Tomcat side.
Best reg
ew days would resolve this issue as
> well.
A work is going, but that will take some time. There are still bugs
that need fixing before cutting a release. The release vote itself
will take 3 days (72h).
A guide is on the wiki,
http:
SSLCertificateFile="xxx/server.crt"
> SSLCertificateKeyFile="xxx/privkey.pem"
> SSLCACertificateFile="xxx/server.crt"
> SSLCertificateChainFile="xxx/ser
ies?
What is stacktrace when class loading fails?
> I have been through the examples web.xml and cannot find any configuration
> for websockets
> at all except the listener definition for the old school version of web
> sockets. (I'm
> assuming this predated JSR-356.)
All websockets in Tomcat 8 are JSR-356. ("Old-school" were in Tomcat
7, where both them and JSR-356 are available now).
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-04-22 16:43 GMT+04:00 Thom Hehl :
>
> On 04/22/2014 07:50 AM, Konstantin Kolinko wrote:
>>
>> 2014-04-22 15:31 GMT+04:00 Thom Hehl :
>>>
>>> On 04/21/2014 04:30 PM, Daniel Mikusa wrote:
>>>>
>>>> On Apr 21, 2014, at 9:58 AM, Thom
2014-04-22 19:42 GMT+04:00 Viktor Gamov :
> Hello tomcat users,
> Before I can submit formal bug to the issue tracker, I want to ask here.
> I have web.xml and I include some text file in it using !ENTITY tag:
>
As I already answered about a week a go, you have to enable this
feature in Context c
Forwarding from announce@a.o mailing list.
-- Forwarded message --
From: Rene Gielen
Date: 2014-04-24 19:28 GMT+04:00
Subject: [ANN] Struts 2 up to 2.3.16.1: Zero-Day Exploit Mitigation
(security | critical)
To: annou...@apache.org
In Struts 2.3.16.1, an issue with ClassLoader m
2014-04-23 15:42 GMT+04:00 Nitin Kumar :
> Hi Mark,
>
> Thanks for the quick reply. I will give you the example which we use
>
> Application1 is deployment in tomcat and up and running. We want to install
> application2. Following are the steps:
>
> Stop Tomcat
> Install application2 vial RPM insta
n configure to catch those writes and
redirect them to logging system.
The context will use ServletContext.log(..) for those messages.
Then you can configure "level" for that log category so that the
messages are not logged anywhere.
Best regards,
Konstantin Kolinko
---
rigin, with notion that that
is a bug in certain Android versions
> Maybe this is a good case to submit a bug report or a patch.
Agreed.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-04-28 15:15 GMT+04:00 Randhir Singh :
> Thanks a lot Chris for your answer. I would stick to this subject line among
> the others. I have some important questions based on this:
>
> 1) Does Tomcat start giving problems if catalina.out becomes more than 2 GB?
Tomcat - no.
There were reports o
2014-04-28 23:44 GMT+04:00 Terence M. Bandoian :
> On 4/27/2014 11:36 AM, Konstantin Kolinko wrote:
>>
>> 2014-04-27 0:50 GMT+04:00 Terence M. Bandoian :
>>>
>>> On 4/26/2014 1:13 AM, Ankit Singhal wrote:
>>>>
>>>> On Sat, Apr 26
vrt05 apache-tomcat-7.0.53]# pstree
> init─┬─atd
> ├─java─┬─sh───wget
> │ └─263*[{java}]
sh launched by tomcat's java?
Take a thread dump:
https://wiki.apache.org/tomcat/HowTo#How_do_I_obtain_a_thread_dump_of_my_running_webapp_.3F
It shall show what is stacktrace in th
p classloader.
You should remove that jar from WEB-INF/lib directory of that webapp.
IIRC, in 7.0.50 and earlier Tomcat preferred the class from the system
classloader (effectively ignoring the webapp's jar).
In 7.0.52 it does load the class provided b
2014-04-30 23:41 GMT+04:00 srinivas rapolu :
> We are using Tomcat 7.0.39 ((java version "1.7.0_25"), and Sometimes CPU
> goes high when we restart the TOMCAT.
>
> We have to stop the Tomcat in-order to release the release resources and
> again restarting the Tomcat fixes the problem.
>
> On profil
2014-05-01 1:10 GMT+04:00 Sebastien Tardif
:
> What is the difference between Tomcat Window Service mode ?
>
>
>
> Which one is better?
>
>
>
> I believe one of them is more “friendly” with JConsole so that the Tomcat
> instance is listed as a list of JVM running locally?
No. Not at all.
>
> Ext
downloading her file, and another requests
comes in, the "finished.wav" file will be overwritten with new data.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For a
2014-04-30 18:00 GMT+04:00 Christopher Schultz :
>
> Konstantin,
>
> On 4/29/14, 7:17 PM, Konstantin Kolinko wrote:
>> 2014-04-29 12:28 GMT+04:00 Fredrik
>> :
>>> Hello. We're using jamm (https://github.com/jbellis/jamm) a java
>>> agent for measu
e?
1) An example of what happens and what is expected = ?
2) See 'Jasper' section of the changelog, starting with 7.0.43
http://tomcat.apache.org/bugreport.html#Changelog
Best regards,
Konstantin Kolinko
-
To unsub
2014-05-02 17:41 GMT+04:00 Roman, John D. :
> Greetings,
> Im currently trying to debug an application in Tomcat 6.0.33. mod_jk is
> being used as well.
> statements like LOGGER.finest("Logging an INFO-level message"); should log
> to catalina.out, however they are not.
>
> Am I missing somethi
2014-05-02 21:56 GMT+04:00 Vimil Saju :
> Sorry about not providing an example.
>
> Below is the contents of a jspx file
>
> http://java.sun.com/JSP/Page"; version="2.0">
>
>
> Hello
>
>
>
>
>
>
> In tomcat 7.0.32 the above jspx would generate the following html
>
>
> H
s
> change, I mean was anything broken because single quotes were not escaped?
Single quotes inside of double quotes are not really broken, but we
are using a function that escapes all special chars (' " & <>)
regardless of context.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-05-04 3:31 GMT+04:00 Dhayanidhi sundaramoorthi
:
> Hi,
>
> In Tomcat7, we are trying to do client certificate authentication using
> datasource realm. But it fails.
>
> Please fnd the configuration below:
>
> server.xml:
>
>
> className="org.apache.catalina.core.AprLifecycle
2014-05-04 17:24 GMT+04:00 Dhayanidhi sundaramoorthi
:
> Hi,
>
> Thanks for your response.
>
> Can you pls let me know the exact location where I am supposed to configure
> the realm in server.xml?
It belongs to a "container" (Context, Host or Engine).
In server.xml that will be or .
http://tomca
ld e-mails are in a delivery queue which is being processed now.
Thus far I have received ~10 commit e-mails out of ~50 for the outage
days. They come in some random order. As there were hard drive
failures and as the outage was long, I think some e-mails might be
lost.
Best regards,
K
2014-05-21 15:05 GMT+04:00 philippe rouxel :
> Hello,
>
> I have a war app-0.0.1 with a context.xml in META-INF :
>
>
>
>
>
>
> When I deploy it, in CATALINA_BASE\conf\Catalina\localhost a file
> app-0.0.1.xml is created.
>
> When I call
> localhost:8080/app I got 404
> localhost:8080/app-0.0
Is a single web application affected, or it spans several applications
(via Single Sign On)?
You may consider debugging.
http://wiki.apache.org/tomcat/FAQ/Developing#Debugging
You may consider simplifying you configuration to build a simple
reproduce scenario for a bug report.
> Anyone else s
e of doGet() doPost(), doPut() methods can be called.
You can put a breakpoint in javax.servlet.http.HttpServer.service()
or in org.apache.catalina.connector.CoyoteAdapter class.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-06-03 19:56 GMT+04:00 Арсений Зинченко :
> Hi. Faced with little bit odd behavior of Tomcat 7 && Java 1.6.
Do you read others' questions on this mailing list?
There are ~50 different versions of Tomcat 7.0.x.
> Old file is:
>
> $ curl http://localhost:8084First file
>
> I mean - *war-file*
r WEB-INF/web.xml file?
My guess is that you are adhering to an old version of specification
there, that does not support EL.
I can also suggest you to configure your Tomcat in "strict servlet
compliance" mode and see whether it complaints.
http://tomcat.apache.org/tomcat-7.0-doc/co
ler (Eclipse JCP or by external javac
depending on how your Tomcat is configured). Tomcat WebappClassLoader
has API for that.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For
is OutOfMemoryError.
> I tried invoking "backgroundProcess" on my Manager bean via JMX but it
> didn't seem to actually clean anything up. Is there any hope of
> recovery without bouncing the web application?
The background thread is started via threadStart() which is called
2014-06-05 23:06 GMT+04:00 Christopher Schultz :
> On 6/5/14, 11:58 AM, Konstantin Kolinko wrote:
>> 2014-06-05 19:19 GMT+04:00 Christopher Schultz
>> :
>>> I tried invoking "backgroundProcess" on my Manager bean via JMX
>>> but it didn't seem to a
B-INF/lib of your webapp.
3. You can always copy-paste the content of catalina-tasks.xml into
your own build file and adjust it as you wish.
4.
http://tomcat.apache.org/lists.html#tomcat-users
-> Please format your messages as plain text, not HTML.
Best
to add a flag to an AuthenticatorBase
to allow to configure whether it participates in SSO. If it does not,
then skip sso lookup in startInternal() and return early from
reauthenticateFromSSO() method.
4. Maybe you can move the web applications that require SPNEGO to a
different container, so that they do n
2014-06-06 14:06 GMT+04:00 Jeff Cai :
> Since my source directory is not under the webapp, I have to copy the jar
> file to the WEB-INF/lib in the source directory.
> Is there any other ways to include the jar file besides copy/paste?
>
> Jeff
>
> -Original Message---
gplugin"
> outputDir="/tmp/tagplugin/WEB-INF/src" />
>
Try setting "classPath" attribute on element.
http://svn.apache.org/viewvc/tomcat/tc7.0.x/tags/TOMCAT_7_0_54/java/org/apache/jasper/JspC.java?view=markup#l766
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
efix;
56 }
]]]
Servlet API javadocs:
http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html
It does not mention explicitly whether getRequestURL() returns a
non-decoded or decoded URL,
but as our implementation in o.a.c.connector.Request does
"url.append(getReques
2014-06-11 19:16 GMT+04:00 Patrick Kolodziejczyk
:
> Hi,
>
> I am looking to add internationalization on my webservice that work on tomcat.
> In one old documentation of Tomcat, it's speak about the Header parameter
> "Accept-Language" that is read by StaticInterceptor and set the Locale.
> Source
native/common/jk_status.c), implemented
by splitting the query string.
The url-decoding of parameters is not performed. There is a comment
that it had been planned, but has not been implemented yet.
/* XXX Depending on the params values, we might need to trim and decode */
Best regards,
n of Tomcat),
RewriteValve (in Tomcat 8),
mod_rewrite in Apache HTTPD server (if your Tomcat runs behind that server).
[1] http://wiki.apache.org/tomcat/AddOns#UrlRewrite
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
nce(type);
} else {
ks = KeyStore.getInstance(type, provider);
}
so you just have to set the provider = "BC".
That is AbstractEndpoint.setKeystoreProvider(String).
That is "keystoreProvider" attribute on a .
Best regards,
Konstantin Kol
2014-06-09 17:38 GMT+04:00 Konstantin Kolinko :
>
> (...)
>
> Servlet API javadocs:
> http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html
>
> It does not mention explicitly whether getRequestURL() returns a
> non-decoded or decoded URL,
>
>
of Tomcat 7.0.x are you using? x=?
2. What exact version of Java 8 are you using?
3. 51.0 = Java 7. There shall be no problem loading that class.
(Unless Tomcat 7 is run with Java 6).
4. Full stacktrace for that classloader error, with line numbers = ?
Best regards,
Konstantin Kolinko
2014-06-16 22:38 GMT+04:00 Jimmy Royer :
> On Sun, Jun 15, 2014 at 8:01 AM, Konstantin Kolinko
> wrote:
>> 2014-06-09 17:38 GMT+04:00 Konstantin Kolinko :
>>>
>>> (...)
>>>
>>> Servlet API javadocs:
>>> http://docs.oracle.com/javaee/7/api/j
; }
> }
>
> So, before trying to tell me that I am missing workers.properties and
> complete logs, I want to check first whether the "-1" socket ids are to be
> expected here or whether there is some kind of bug involved.
>
The ajp_handle_cping_cpo
lue of "Expires" the cookie is actually being cleared, not set.
The code for clearing the cookie is in
o.a.catalina.authenticator.SingleSignOn.invoke(...)
[[[
cookie.setMaxAge(0);
response.addCookie(cookie);
]]]
The code for setting the cookie is in
o.a.catalina.authenticator.Authenticat
1. VirtualWebappLoader is deprecated and removed from Tomcat 8. In
Tomcat 8 you'll configure your resources by mapping those directories
into WEB-INF/classes.
As it is all the same directory (WEB-INF/classes), I see no sense in
filtering by directory name.
JarScanner operates on URL
an
do that on any version of Tomcat).
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-06-18 11:57 GMT+04:00 Konstantin Kolinko :
>>
>> HTTP/1.1 302 Found
>> Set-Cookie: JSESSIONIDSSO=CF7B7727443A3AAD1AC3AA033E4D98BE; Expires=Thu,
>> 01-Jan-1970 00:00:10 GMT
>> Pragma: No-cache
>> Cache-Control: no-cache
>> Expires: Thu, 01 Jan 1
ll cause death of a thread.
A subtype of the latter is java.lang.OutOfMemoryError.
As of now, such errors are passed through and are not logged by
Tomcat, but are logged by java.lang.ThreadGroup.uncaughtException().
ThreadGroup prints them to System.err (catalina.out).
Be
2014-06-22 13:38 GMT+04:00 arnaud le roy :
> Hello,
>
> i try to disable stack trace on my tomcat 7.52 server, i found on the doc
> that i can do it by configure an errorReportValve class and put showError
> attribute to false.
>
> so i add this line in the good part of server.xml
>
> showReport="
http://tomcat.apache.org/migration.html
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>> HTTP/1.1 302 Found
>> Set-Cookie: JSESSIONIDSSO=
CF7B7727443A3AAD1AC3AA033E4D98BE; Expires=Thu, 01-Jan-1970 00:00:10 GMT
>> (...)
I filed this issue into bugzilla:
https://issues.apache.org/bugzilla/show_bug.cgi?id=5
Best reg
sion, but nobody came up with
a specific idea.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
specting the HTTP traffic
E.g. with Wireshark.
2. Debugging
http://wiki.apache.org/tomcat/FAQ/Developing#Debugging
3. Try different versions. Did you use the same versions in both
configurations that you tried?
4. Does it work with other sample web applications
as "cachingAllowed" on Context in Tomcat 8.
The attribute was moved to nested element.
http://tomcat.apache.org/migration-8.html#Web_application_resources
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: use
mptoms of whether the application has been
deployed? Is its directory created in Tomcat's "work" directory? Is it
listed in manager webapp? Does it respond to HTTP requests?
> (...)
Best regards,
Konstantin Kolinko
-
2014-07-03 18:46 GMT+04:00 João Sávio :
> Unfortunately it's not working yet
>
> I increased the log level as you suggested. Log attached
>
> Thanks
>
Please read numbers 6. and 7. here:
http://tomcat.apache.org/lists.html#tomcat-users
The attachment was thrown away by the mail server.
-
cator), or you can remove
security-constraint and implement authentication and authorization in
a filter (such as Security Filter, or using Spring Security framework)
.
http://wiki.apache.org/tomcat/AddOns#Filters
Best regards,
rce
code one cannot verify your words.
You have to provide a step-by-step instruction and enough source code
so that a person who is not familiar with your system were able to
reproduce your problem.
2) Content-Type says "text/html", but that line of text is not a valid
HTML document.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-07-06 13:45 GMT+04:00 Falco Schwarz :
> Konstantin,
>
> On Sat, Jul 5, 2014 at 3:26 PM, Konstantin Kolinko
> wrote:
>> You can either perform IP filtering in a Valve (that will be in the
>> pipeline before an Authenticator), or you can remove
>> sec
t and then deny via ip filters, but I guess
> that is just how the servlet spec is defined.
>
I think that admins usually do not want to bother with web application
internals such as web.xml. The usual solution is to configure a
RemoteAddrValve.
Best regards,
Konstantin Kolinko
-
s mentioned in Tomcat's access log file?
What version of Servlet Specification is declared in your
WEB-INF/web.xml file? Does it have metadata-complete="true" attribute
on its element?
Best regards,
Konstantin Kolinko
start guessing the
encoding.
I usually write it as
<%@ page contentType="text/html; charset=UTF-8" %>
...
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2014-07-08 11:27 GMT+04:00 Xavier Outhier :
> Hi Filip,
>
> thanks for the tip. It was effectively a duplicated jar in the war and in the
> common lib of tomcat: it was jpa.jar. :)
> What I do not understand is how the same jar can cause an issue, especially
> when it was working fine with previo
2014-07-08 8:52 GMT+04:00 Baluta Vasile :
> Thanks. I had to start Tomcat as root to be able to upload the war.
>
Running Tomcat as root is a bad idea.
Use chown and chmod utilities to change ownership and permissions on
your directories.
-
also symptoms of that.
An example:
http://markmail.org/thread/pxh6bk6saowy3rk6
4. I think getHeaders() may return some garbage for Cookie header (as
the value may be corrupted when parsing the value into a cookie), but
it should not contain a
Usually I would prefer to answer faster to to be ready to serve the
next request from a valid user.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
2013/4/18 Jakub 1983 :
> I have tried google, but this links don't explain me, eg 4 states
>
>
> jdbc/primaryDB
> jdbc/PrimaryDBInTheContainer
>
> I have already tried it, and it doesn't work.
>
> In my opinion is useless under tomcat,
>
> or better said, it has only informative value, at lea
2013/4/18 caio lima :
> hi,
> sorry for my english.
> i just publish my web site made with java, jsp, and i'm stuck with a
> problem.
>
> my ".class" files is in the directory "WEB-INF/classes/..."
> and i have the class Diversos in
> "WEB-INF/classes/ferramentas/Diversos.class"
>
> when i use a im
;
> I'm sure I'm missing something obvious. But can someone please help me out
> with the correct syntax?
>
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
1801 - 1900 of 2381 matches
Mail list logo
