It would be a bugzilla request marked as an ENHANCEMENT
-Tim
Carlo Politi wrote:
Thanks Tim but i have not to submit a bug, just only a new kind of
authenticator. I don't know if it's possible to submit to ASF, I have tried to
read the steps for incubation but it seems too hard...
In data ma
The dir structure changed from 5.5 to 6 so you need to place your files
in different directories depending on the version. See the version
specific docs details.
-Tim
Pedro wrote:
Hi all,
I basically need to implement case insensitive user names, can this be
done with a servlet filter or d
server' directory is
supposed to be the correct place! the question is if the implementation
is valid.
Tim Funk wrote:
The dir structure changed from 5.5 to 6 so you need to place your
files in different directories depending on the version. See the
version specific docs details.
-Tim
When run as a service - the PATH used by SYSTEM is not the same as when
you are logged in. (So you need to add the dll's somewhere in your path
as SYSTEM user - I can't recall how this is done but this is a very
common problem google can help you with)
The type 4 jdbc driver from oracle has be
development team isn't convinced of the same. We are using oracle 10g and based on their documentation there isn't much difference between OCI and THIN, the 10g THIN driver now supports what OCI used to have advantage over.
Thanks again,
Rumpa
Tim Funk <[EMAIL PROTECTED]> wrote:
http://wiki.apache.org/tomcat/FAQ/Miscellaneous
Look for "Why do I get java.lang.IllegalStateException ?"
The filter is not the problem - its something farther down the stack
trace.
-Tim
Christian Aschoff wrote:
i have written a filter for my webapplication that checks the called url
for s
In form based authentication - you have no access to the processor other
than your suggestion of overriding authenticate() in FormAuthenticator.
Depending on the purpose of the field you could always perform a kludge
of setting the 3rd value in a cookie and have a filter check for hte
cookie t
The default servlet knows how to handle ranges.
JSP's and servlets on their own do not understand ranges. (Because
typically custom code is written and out.println() is called).
The reason the default servlet can handle ranges is because the content
is static. The size of the resource is know
in that case ... wouldn't the User-Agent header do the trick?
-Tim
dirk ooms wrote:
interesting suggestion, but in my case the extra field is not related to the
username. i would like to have a field where the user indicates on what type
of device he/she works, so we can offer the appropriate
Try using:
URLClassLoader pluginClassLoader =
new URLClassLoader(pluginURLs,
Thread.currentThread().getContextClassLoader());
-Tim
Faisal wrote:
Hello,
I can execute the following java code in a standalone application very well
but when i put the same code in a web service and deploy it on
I'm guessing you mean switch OFF.
Apart from chucking the connector config from the XML, not really.
One kludge: you could try and make the connector port a property,
And on startup with JAVA_OPTS='-Dfoo=-1' and ignore the exception which
gets thrown by tomcat. (I can't recall if tomcat abort
You don't have permission to write (or open?) files on the remote
machine - check the permission tomcat is running as vs who can open
files on the remote machine
(Access is denied)
-Tim
Rohit wrote:
Dear All,
I have a typical problem. When I am trying to copy files from
through tomcat o
am not able to do it through tomcat.
Please let me know if there is some configuration required in tomcat.
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 02, 2008 6:12 PM
To: Tomcat Users List
Subject: Re: file transfer error
You don't have permi
Doh ... sorry for being late to the game ...
Here's a small article that discusses this too ...
http://www.jroller.com/funkman/entry/let_properties_do_the_talking
-Tim
Anna Nhan wrote:
Thanks Rainer and Chuck for your responses.
How does Tomcat know to associate org.myorg.myapp.node1.http.po
Have you tried .. http://sourceforge.net/projects/j2ep
I do not know of a jk implemention done in java.
-Tim
Brantley Hobbs wrote:
All,
I have rather an odd situation that I'm hoping someone can give me some
advice on.
Short version:
I need to know if there's a servlet, filter or valve tha
All you did was change the bean which contains the property. Now that
the port property is 8081. You need to stop the Connector and restart
it. I'm not sure if you can do this via the JMXProxy servlet. (Or if you
can - if there are any odd unexpected side effects)
-Tim
Константин Шумай wrote:
any other way.
2008/1/25, Tim Funk <[EMAIL PROTECTED]>:
All you did was change the bean which contains the property. Now that
the port property is 8081. You need to stop the Connector and restart
it. I'm not sure if you can do this via the JMXProxy servlet. (Or if you
can - if there
http://tomcat.apache.org/faq/connectors.html#vs
-Tim
Tomcat wrote:
Hello
is there any advantage using ajp over http connector ?
what are those advantages?
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscri
This is an old version so you might be see'ing gc issues. (but that is a
wild guess).
There isn't enough detail to debug, but when the situation arises - do
the following - get thread dumps a look for "odd stuff"
1) kill -3 tomcat when tomcat is running OK - so you have a base line
2) Then whe
You probably have more apache children running than connections which
can be accepted by tomcat. See the Connector config docs on how o up them.
-Tim
Dirk Koehler wrote:
Hi,
recently I'm facing an issue with the mod_jk connector (1.2.21) together
with apache 1.3.x where requests to apache are
y not
the case.
-Tim
Dirk Koehler wrote:
Well, my server xml defines maxProcessors to be 512, apache is
configured with MaxClients 128...
Also mbean (Catalina:type=ThreadPool,name=jk-127.0.0.1-22001) reports
that there are up to 512 processors...
any more ideas?
thx, dirk
Tim Funk w
yes - you could do this as a filter. (Google for examples)
If using apache 2.x - apache might be able to do the caching for you too
via mod_mem_cache or similar. (Again ... google)
-Tim
Paulo Alvim wrote:
Hi!
We're using TC Cluster with Apache connector as dispatcher.
We'd like to improv
Both will perform good enough. Odds are linux will perform better but
the difference wont be good enough if your admins can't support linux
servers and they are all MS certified.
Personally - I loathe admin'ing windows machines since I need to use a
GUI (and mouse) to typically accomplish anyt
http://tomcat.apache.org/faq/security.html#restrict
-Tim
Herman Schultz wrote:
Hi,
Can you please tell me if I can configure tomcat to let a range of IP
address to access 1 web app hosted by tomcat, while another set of IP
address to access another web app hosted by the same tomcat?
--
md5 is a one way hash - so "encrypting" your log files with md5 will
yield unreadable files
Tomcat out of the box doesn't have anything like this. You would need to
do the following write your own log4j appenders (or whatever they are
called) which encrypt the data. Since log4j can (IIRC) can
See Fiddler
http://www.fiddlertool.com/fiddler/
-Tim
Philippe Boismoreau wrote:
Hi,
I'm requesting a .pdf file through IE6 > Apache 2.0 > mod_jk / ajp13 > Tomcat 5.0 > "my
servlet who checks user's read rights" (declared as a in the web.xml of my webapp)
the problem is :
-> IE6 loads a wh
If you have an evil admin, there is nothing stopping the him from
sniffing the network, or starting tomcat with a debugger which can look
at the memory or {insert evil action here} ;)
-Tim
Peter Crowther wrote:
From: Nelson, Tracy M. [mailto:[EMAIL PROTECTED]
An easier approach might be to wr
if (null == rs.getString("col_foo")) {
out.println(" ");
} else {
// Evil since this doesn't escape the xml - for edutainment only
out.println("" + rs.getString("col_foo") + "");
}
-Tim
Mohammed Zabin wrote:
Hi All
Anyone knows how to deal with null values in JDBC ResultSet??
I am t
The syntax below is correct. There must be something else syntactically
incorrect in your jsp causing your woes.
-Tim
Mohammed Zabin wrote:
I tried it the other way, if( rs.getString("field") == null ) but the
compiler plames that null can't be compared to string....
On 6/
Its odd that you would get a 404 for such an error but in any case:
http://tomcat.apache.org/faq/misc.html#error
-Tim
Ingo Siebert wrote:
Hi,
i'm using Tomcat 5.5 and run a JAX-WebService application.
In general, if an error occurs at my application i will send back an
SOAP-fault. So far so
Look at projects such as tiles.
An alternative is to use jsp preludes. Which allow you to add stuff to
the beginning or end of all jsp pages.
For example: put this in web.xml:
*.jsp
/WEB-INF/prelude1.jspf
-Tim
coder5436uk wrote:
I have an install of tomcat and I wish to add
What you'll really want is to ditch the transport guarantee clause in
web.xml and create a filter which will be smart enough to force/unforce
you from SSL.
For example:
doFilter(...) {
boolean isSSLRequired = magicYesNo(request);
if (isSSLRequired && !request.isSecure()) {
doSomeRedir
1) You kill tomcat. kill -9
2) Then figure out why tomcat is still running (kill -3 to create a
stack trace)
In reality - you want to get the stacktrace before you run the kill -9
-Tim
Bruno Vilardo wrote:
Hello All,
Linux 2.6.9-55.ELsmp
tomcat.version=5.5.9
java version = 1.5
We have an a
the opinion - please first rehash the good
times in the archives. ;)
-Tim
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim,
Tim Funk wrote:
What you'll really want is to ditch the transport guarantee clause in
web.xml and create a filter which will be
It doesn't hurt
-Tim
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim,
Tim Funk wrote:
only works to say I want pages to be encrypted.
Not the latter.
Oh, of course. I hadn't really thought of that ;)
The typical complaint is a developer wishes
2 problems
1) If you have *.jsp - don't make the include file a file that ends with
jsp. Use jspf as your include extension.
2) Try access the include file all by itself. Sounds like a simple
compile issue.
-Tim
coder5436uk wrote:
my web xml:
:
Hi, thank you for your answer.
Sorry, it's quite possible that the 404 code was wrong, i think it was
the 500 code.
But I'm still wondering why Tomcat (5.5) doesn't log the error
message(i.e. out of heap space) into a log file.
My logging.properties file of Tomcat isn't m
Extend or copy (and change) the appropriate AccessLogValve. Then place
the (changed or new) files into the server/lib or server/classes
directory as needed. (tomcat 5 speak)
Then add to server.xml (or appropriate) the new access log class.
-Tim
John Hui wrote:
Does this mean I need to get th
Look at the RequestDumperValve
-Tim
ben short wrote:
Hi,
I using Tomcat 6.0.13 and Spring 2.0.6. I have been involved in
developing a website that products pages in various formats , such as
www, xml, wap and pda. We are having some issues with wap and pda, but
cant ciew the html source thats
is called.
-Tim
ben short wrote:
Hi Tim,
Thanks for that, but it only seems to log out the request/response
headers. Is It possible to log everything sent to the client?
Ben
On 7/24/07, Tim Funk <[EMAIL PROTECTED]> wrote:
Look at the RequestDumperValve
-Tim
ben short wrote:
> Hi,
http://tomcat.apache.org/faq/misc.html#utf8
And you should first start with in server.xml:
-Tim
Joe Russo wrote:
I am getting the following error in the display of the JSP. To give a
little history, this application I am supporting, at the time the
developers thought they needed to encod
#6 - Shared classloaders are evil, but not as evil as the invoker
servlet. With a shared loader you can easily get Singleton assumptions
being wrong, class cast exceptions, versioning woes, and other issues.
Saving a little perm memory just doesn't justify it.
#7 - You should have a staging
Then you need to extend org.apache.catalina.valves.RemoteAddrValve to
check the port (and other customizations as needed)
-Tim
Sebastien Moretti wrote:
[EMAIL PROTECTED] a écrit :
I would like to deny access for my webapps through port 8080 and to
allow access for other webapps via 8080 po
context-param requires access to the servlet context.
env-entry requires access to jndi
Do you really want code that has nothing to do with the servlet api
dependent on ServletContext? Plugging in a new jndi lookup for testing
is much easier.
-Tim
Brian Munroe wrote:
I just started to help
eans is OK.
-Tim
Brian Munroe wrote:
On 8/31/07, Tim Funk <[EMAIL PROTECTED]> wrote:
Do you really want code that has nothing to do with the servlet api
dependent on ServletContext? Plugging in a new jndi lookup for testing
is much easier.
Forgive my ignorance here, but do you mean
Filters are not invoked on j_security_check
If you need to do something "special" on login - you will need to store
some state in the session. (Like session variable called
didInitializeSession)
Then the filter can check for the existence of a
request.getUserPrincipal() &&
session.getAttrib
Yes - tag file compilations are slow. IIRC - there was Google summer of
code attempt in 2005 to fix this but it went nowhere.
Patches to Jasper would be appreciated for the speedup.
-Tim
Berglas, Anthony wrote:
PROBLEM
JSPs that make use of custom .tag files can be very slow to compile --
se
Via the spec - you can't query all the roles a user has. But you can say
request.isUserInRole(rolename)
If you *need* access to the realm, things start to get ugly. You need to
start coding against Tomcat internal specific classes.
-Tim
maux wrote:
Hi,
I am doing a Java code. This code hav
There usually isn't much happiness in the spec violations. Most of the
time, the violations are due
- optimizations
- contradictions
- better use case where not following the spec is a good idea (but in
those cases, the ability to follow the spec is still there)
-Tim
Gregory Gerard wrote:
th
Add this to cron: (use google to decode)
0 0 * * * find /TCLOG_DIR/localhost_access_log* ! -mtime -30|xargs rm
-Tim
Vamsavardhana Reddy wrote:
Is there a way to specify how many days access logs should be retained by
tomcat so that old access logs (for e.g. more than a month old) are
automatic
Try (temporarily of course)
1) disabling DNS lookups
2) disabling outbound port 80 connections
-Tim
Mohamed Mohamedin wrote:
The log is like this in the lines that cause the problem:
Feb 18, 2008 10:26:57 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache
If you are brave ... you can apply this patch:
http://svn.apache.org/viewvc?view=rev&revision=575332
-Tim
emerson cargnin wrote:
This is not really an issue for me, as the access to the servers are
totally strict
and... any idea on how to map to the jsp's outside?
Nobody ever need it? how do
It got rolled back due to some vetos. (Hence the if your brave comment).
See the dev list for details.
The patch itself works fine.
-Tim
emerson cargnin wrote:
Thanks Tim.
Do you know if this will be included on next release of tomcat6?
regards
emerson
On 19/02/2008, Tim Funk <[EM
Most likely - the new jvm was installed into a different directory. And
the tomcat service knows nothing about the new directory.
The easiest thing to do would be to go into the registry and find the
Tomcat service - and then change the JVM path in the registry as needed.
(I can't recall the k
You need to look at org.apache.tomcat.util.http.mapper.Mapper
Welcome files belong to the container since jsp's can be used as welcome
files and jsps are satisfied by a different servlet.
-Tim
Fred Toth wrote:
Hi all,
I'm lost in the woods.
Some time ago we built an application that requir
https://issues.apache.org/bugzilla/buglist.cgi?product=Tomcat+6&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=NEEDINFO
-Tim
Zemian Deng wrote:
Hi,
The bug report interface here:
https://issues.apache.org/bugzilla/query.cgi?product=Tomcat%206
will onl
This can be done in a Filter. Horribly pseudo coded as:
doFilter(...) {
if (null==servletContext.getResource(request.getServletPath())) {
throw new ServletException("No file");
}
chain.doFilter(...);
}
Then map the filter as needed (with any additional checks too)
-Tim
Antonio wrote
nsion like *.do -
servletContext.getResource(stuff) would return null since the controller
would decode the URL into some action.
-Tim
Antonio wrote:
2008/10/22 Tim Funk <[EMAIL PROTECTED]>:
if (null==servletContext.getResource(request.getServletPath())) {
Are you sure th
tonio wrote:
2008/10/22 Tim Funk <[EMAIL PROTECTED]>:
if (null==servletContext.getResource(request.getServletPath())) {
Are you sure that it works? the "getServletPath" returns the path or
the name of the servlet.
Notice that anything could be included, from a JSP page to
If someone can get your .class file - someone can reverse engineer it.
Obfuscating will slow someone down, not prevent.
If people only have access via web browser, then only server side code
is being executed and people can never see your binaries on your server
so the only way to reverse engi
You need to configure a Realm per Virtual Host (or if different webapps
in the same vhost need different authentication schemes - the Realm
element can be per context too)
http://tomcat.apache.org/tomcat-6.0-doc/config/realm.html
-Tim
Hisham Farahat wrote:
Dear All,
Can i configure tomcat to
An extreme kludge is to create a Filter which creates a
HttpServletRequestWrapper which overrides getCookies() with a custom
implementation.
That custom implementation would read the headers, find the cookies and
perform its own parsing mechanism to read the cookies.
-Tim
Mark Thomas wrote:
http://tomcat.markmail.org/message/4acbkimgilfkcdru?q=+list:org%2Eapache%2Etomcat%2Edev+
-Tim
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Filip,
Filip Hanik - Dev Lists wrote:
The Apache Tomcat team announces the immediate availability of
Apache Tomcat JDBC Con
Most of these are set via catalina.sh (which you don't want to touch).
But if you wish to add your own -X params. See
/opt/hpws/tomcat/bin/setenv.sh
In there - you'll see that HP already has added
CATALINA_OPTS="-XdoCloseWithReadPending"
-Tim
André Warnier wrote:
Hi.
On a customer HPUX B.1
Use Firefox + LiveHttpHeaders and discover that the page is probably
being invoked many times (probaly due to a bad image tag or other media
asset)
-Tim
Jonathan Mast wrote:
Here's my setup:
Java 1.4.2
Tomcat 5.5.17
Windows XP
I'm developing in NetBeans 6.5 (which is invoking Tomcat)
The page
Personally -
I would expect
request.getRemoteUser() == request.getUserPrincipal().getName()
But there no literature which says that must be so. So in that absence
of that - you'll probably need a RemoteUserHackFilter to unify the
various behaviors and then you standardize on one model and
Rem
Can support - yes
Out of the box - no.
Why not out of the box? Because gzip is there and most people use apache
in front of tomcat.
-Tim
Gabor 'Morc' KORMOS wrote:
Hi Guys/Gals,
I tried to search for an answer whether Tomcat can support deflate as
compression but I found nothing really
speedy response. Can you point me in the direction of
some documentation which describes how to do it? I'm willing to read
just did not find what to read :)
Thanks,
Morc.
On 17/02/2009 13:23, Tim Funk wrote:
Can support - yes
Out of the box - no.
Why not out of the box? Because gz
front to handle lots of the goofy issues that apache httpd is good at.
(But now I venture into off topic my own opinion land .. and place where
bad things usually happen)
-Tim
Peter Crowther wrote:
From: Tim Funk [mailto:funk...@joedog.org]
most people use apache in front of tomcat.
Tim, I&#x
yup - and if your inclined - you can submit an bug enhancement with the
patch
-Tim
Gabor 'Morc' KORMOS wrote:
So basically you say code it for yourself by modifying the HTTP connector?
Morc.
On 17/02/2009 13:46, Tim Funk wrote:
There aren't really any docs to point
Tomcat out of the box doesn't provide a way to suppress the stack traces
for those errors. Like your post said, you need to use web.xml to
configure your error pages.
-Tim
Edao, Aliye wrote:
Dear all,
I am trying to find out if there is an alternative way of telling Tomcat
not to send info
While I am late to this ... Is this an accurate summary?
- Slow re-load on a server
- Server is a production server
- Other servers are OK so it can only be reproduced on production server
- Initial looks at network seem to be no network activity
- There seems to be a hint at File.exists() causin
Sort of (if I read the code correctly)
isNew is set to false after the response is finished. So if you have 2
concurrent requests running, isNew is true until the first request
finishes sending its response back to the client. Of course isNew could
be set to false if the second request finishe
* is mapped to the default servlet. And this is done system wide in
conf/web.xml. You can turn that behavior off and require each webpp to
map *. But then youi also need to make sure you have a way to serve
static content like images. (Which is what the default servlet does)
A better way is t
Doable : Yes
Out of the Box: No
You can write a Servlet filter to examine the incoming hostname and
forward the request with the username prefix. In fact - you might need
to write it : UrlRewriteFilter - http://tuckey.org/urlrewrite/ might
do it for you.
-Tim
Anand HS wrote:
Hi,
I have a
I have not used it before.
I can't imagine why it would not preserve POST requests.
-Tim
Anand HS wrote:
Thanks Andre and Tim for the quick response.
I do not have an apache server right now. So URL Rewrite tool seems like a
good solution.
However, I understand that the URL rewrite mechanism e
Confirmed. The docs are not in sync with what the installer does. We'll
get this fixed in a future release.
In future, please report possible security issues privately rather than
publicly.
-Tim
David Norheim wrote:
Hi,
I would like someone's opinion on the following issue that we have
di
I'll one up it to make it trivial ...
// put this in a filter mapped to everything
doFilter(...) {
if (servletContext.getAttribute("initFailed")) {
response.sendError(503);
return;
}
chain.doFilter(request,response);
}
// and put this in any servlet or listerer
} catch(Throwable e)
Sorry - (AFAICT) there isn't a way to do that. You have to configure
each one.
-Tim
Ursula Walenciak wrote:
Hi,
I'm trying to configure access-logging per context
by using the AccessLogValve.
Actually I would like to produce one log-file per context
but avoid configuring it for each context
Equally well
AllowOverride none
deny from all
The docs say AllowOverride is not allowed on regex's so I believe in
reality - this could be overridden with effort.
-Tim
Pid wrote:
On 25/11/2009 16:47, Nikolay Diulgerov wrote:
Try
AllowOverride None
deny from all
The way things work now by default ... The session cookie is set at the
path level and is different per context. So you may have multiple
sessino id cookies set for a given server (but given the path constraint
on the cookie - you only get one of those cookies (typically))
But (IIRC) you can a
Enable listings is "sort of"** a global setting.
Since the default servlet is declared in conf/web.xml - its inherited in
*every* webapp. So its config is also inherited. (Bummer)
BUT - if you add a WEB-INF/web.xml to EVERY webapp with the default
servlet settings - then you can remove the de
Change your loop to be:
int i;
while ((i=in.read())>) {
out.write(i);
}
available() - "Returns the number of bytes that can be read (or skipped
over) from this input stream without blocking by the next caller of a
method for this input stream." So its not an accurate gauge of how much
If the images are physical images in the classes directory - you have a
few options.
1) At build time - move (or copy) the files from the classes directory
to somewhere more sane that the default servlet can access
2) Write a filter the detects these images that live in the classes dir,
and th
they create.
I edit the html template files they have to add my images and javascript.
I use their environment to create/edit/build the web application. Underneath
I have tied in netBeans the best I can so I can debug their stuff. But that
has issues too.
Thanks,
Susan
-Original Message
Do you really want to have allow different passwords for the same user
id? Sounds dangerous.
For different access control restrictions you needs to set up various
roles, which are names chosen by you. Which can be something like
- reader, writer
- admin, superuser, user
- it, sales, marketing,
If you want a black list - it would probably be easier to write a filter
[programmatic security] instead of declarative security. [At a minimum,
everyone would still need to be authenticated - its the authorization
which is done via the filter (actually the filter will defer to the
realm so the
LiveHttHeaders is your friend ...
Lets assume I have this as foo.jsp:
<%
response.sendRedirect(null);
if (out!=null) {return;}
%>
http://localhost/foo.jsp
GET /foo.jsp HTTP/1.1
Host: localhost
HTTP/1.x 302 Moved Temporarily
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Conten
Don't run Symantec ? :)
Symantec is probably doing 1 of 2 things
1) Noticing tomcat is trying to bind to a socket (it is a webserver) and
killing it
2) It has bad heuristics and thinks its a trojan
My bet is #1. You probably need to white list tomcat. Actually - you
might need to whitelist ja
allow is a regex - you probably want this:
allow="176\.24\..+"
with allow="176.24.*.*" - you would also let through
176.240.
176.241.
...
176.249.
-Tim
Leo Donahue - PLANDEVX wrote:
I want to restrict web access to a specific web app to only allow it to be
available on our domain.
If I put
JNDIRealm is based on communicating to an LDAP server. (Which is one way
AD can communicate)
-Tim
Geofrey Rainey wrote:
Does anyone know what type of authentication Tomcat uses by default to
authenticate to an AD server using the JNDIRealm?
(I haven't specified any particular authenticati
but don't know what the "authentication" is defined as?
if (authentication != null)
env.put(Context.SECURITY_AUTHENTICATION, authentication);
-Original Message-
From: Tim Funk [mailto:funk...@apache.org]
Sent: Tuesday, 4 August 2009 11:55 p.m.
To: Tom
See conf/web.xml in your tomcat installation (and look for xpoweredBy in
the comments) - if that doesn't exist - then you'll need to consult the
JBOSS docs since they configure it in a different manner.
-Tim
acastanheira2001 wrote:
Mark,
Could you tell me what Tomcat doc is?
Thanks for your
Try adding this to web.xml (and IIUC - this is portable across all
containers)
users
SG-FooBar-Users
admins
SG-FooBar-Admins
-Tim
Jason Royals wrote:
Hello Tomcatters,
Consider the following scenario. I have a Java web application, and it
is a packaged, commercial appli
I doubt this will be seen in tomcat 6. The closest you'll get are the
function taglibs functionality.
-Tim
Jess Holle wrote:
I note in http://java.dzone.com/articles/unified-el-learns-method that
in JEE 6 EL finally allows method invocations.
Is there any chance this feature can be used in J
need Glassfish -- just a servlet engine. Nor do I need most Servlet 3.0
stuff at this time. A better Tomcat 6 would be nice, though :-)
Tim Funk wrote:
I doubt this will be seen in tomcat 6. The closest you'll get are the
function taglibs functionality.
-Tim
Jess Holle w
If you are doing this:
doFilter() {
chain.doFilter()
response.addHeader(...)
}
Expect failure to occur. (unless you are sending less than 8k in the
response)
-Tim
Anantha Padmanabha wrote:
I'm using tomcat 6.0.18. I added a filter that adds a custom response header
by doing setIntHeader
Its probably also failing for less than 8k since I am guess the view is
a jsp and when the jsp finishes execution - the response will be
committed. (Or somewhere in the request/response cycle - a forward() was
done which also will eventually commit the response per the servlet spec)
If you are
An ssh tunnel is also easy too. (but can also open other security holes
depending on how its deployed and the requirements)
-Tim
Mark Thomas wrote:
Florian Kirchhoff wrote:
Hi,
I know this has been asked before, but after reading the documentation and
searching previous threads:
http://ww
Out of the box - no. But you can write a filter to add the response to
all requests.
doFilter(...) {
response.setHeader("Cache-Control","no-cache"); /* or no-store YMMV*/
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", 0);
chain.doFilter();
}
-Tim
Epithemeus
301 - 400 of 477 matches
Mail list logo
