tomcat « Security « Spring Q&A





1. Problem migrating Spring Web App from tomcat 5.5 to tomcat 6.0    stackoverflow.com

I have a spring web application which has been working fine on tomcat 5.5. I've attempted to deploy the same web app to a tomcat 6 container and come up against ...

2. Java: Need efficient notifications between site users    stackoverflow.com

I have a simple ajax game between 2 users with java backend (tomcat, spring). I need some good way of notifying one user that his opponent made a turn. Now all ...

3. spring security, tomcat, getRemoteUser method    stackoverflow.com

i've got two applications in same tomcat. one of those applications uses spring security for authentication. i would like method getRemoteUser to return valid user name in second application when logged ...

4. User initiated background process in a web application    stackoverflow.com

I have a java web application wired using Spring on Tomcat. I need a way for a user to initiate a background process in the server and return a response to the ...

5. Spring not restoring tomcat persistent sessions to session registry after restart?    stackoverflow.com

I'm using Tomcat 6.2 and Spring MVC 2.5. I've noticed that, whilst a user is logged in I can restart Tomcat and the user is able to continue browsing without re-authenticating. ...

6. SSL Handshake issue using Spring RESTTemplate    stackoverflow.com

Im using the Spring RESTTemplate on the client side to make calls to a REST endpoint. The client in this case is a spring app and using Tomcat as the servlet ...

7. "Access is denied" message while deploying spring app in tomcat 6    stackoverflow.com

While trying to deploy my spring app on tomcat 6 I get an error saying

java.util.logging.errormanager:4
java.io.filenotfoundexception: c:\program files\apache software foundation\tomcat 6.0\logs\catalina.2010.02.16.log <Access is denied>
  at java.io.fileoutputstream.openappend <native method>
  at ...

8. How should I secure my webapp written using Wicket, Spring, and JPA?    stackoverflow.com

So, I have an web-based application that is using the Wicket 1.4 framework, and it uses Spring beans, the Java Persistence API (JPA), and the OpenSessionInView pattern. I'm hoping to find ...

9. benchmark/profiling maximum users can support on web application    stackoverflow.com

any easy to use utility/tool/profiler/benchmark that able to test what is the maximum users a web application able to support by analyzing session size , cpu speed, memory size..etc and 'PREDICT' ...





10. IntelliJ says 'cannot run program '/path/to/tomcat/bin/catalina.sh' error=13 permission denied    stackoverflow.com

In intelliJ ulimate, running a bare bone spring mvc application I get the error:

'cannot run program '/path/to/tomcat/bin/catalina.sh' error=13 permission denied
How to I fix this? (i'm on a mac)

11. Recommended way to access Spring beans in Apache Tomcat webapp?    stackoverflow.com

I'm developing a web application on Apache Tomcat 6 with Hibernate and Spring, I'm using different XML configuration files to define my Spring beans (like the Hibernate DAO, Quartz scheduler and ...

12. How does Remember Me work in Spring Security?    stackoverflow.com

I'm curious how does Remember Me work and how does it work in Spring Security? I understand that server sends long-lived cookies to the client. And then client sends cookie back and ...

13. Tomcat/Spring no longer sending emails to SMTP server using authentication    stackoverflow.com

I've got a strange problem with either tomcat or spring. I put up a major revision to my site and emails are no longer being delivered. I use authsmtp, ...

14. Why are user input dates losing a day? (But not when run locally?)    stackoverflow.com

First, I hope this is the right place for this question. Because I believe this to be a server configuration problem, I wasn't sure if this should go on serverfault. So we ...

15. Spring security 3.0.3 configuration error    stackoverflow.com

I'm trying to implement spring-security to handle authentication and authorization of my web application. I can't get the configuration right. Tomcat trows an error when I deploy the war file.

org.springframework.beans.factory.BeanCreationException: ...

16. Show SQL errors of Spring-security in tomcat    stackoverflow.com

I got a web application using the spring-security framework. I setted up a database to store users and their roles, but tomcat gives the following error.

17-sep-2010 11:56:14 org.springframework.beans.factory.xml.XmlBeanDefinitionReader loadBeanDefinitions
INFO: Loading XML ...





17. Webapp bootstrap code in Tomcat    stackoverflow.com

I'm developing a Java webapp using Spring, Spring Security, Tomcat and MySQL. Right now I'm still in a phase where I'm making fairly frequent changes to the database as well ...

18. Spring + Tomcat URL white list to prevent command injection    stackoverflow.com


I currently have a webapp that consists of ~100 unique URLs + ~75 pages. The application uses Spring for security and Tomcat to host. My question is ...

19. Conflict between spring security and basic authorization of Tomcat    stackoverflow.com

Did someone face the problem with spring security login when basic authorization is activated under Tomcat? It is simply impossible to login when the login page loaded after logout. If you ...

20. Spring MVC: components for user registration?    stackoverflow.com

I'm creating my first Spring MVC app on Tomcat 6. Certain pages will be browseable by all and other pages will be restricted to registered users. I'm looking for ...

21. How to share a library for data access in tomcat 7?    stackoverflow.com

I'm fairly new to the whole web programming stuff and have the following problem: I have 2 webapps, one a axis web service and another one is a spring application. Both should ...

22. Too many sessions are created when accessing the login page?    stackoverflow.com

i am using spring framework,apache,tomcat and the login page is handled with spring security and i have an issue that every first time request to the login page is generating a new session ...

23. Configuring Spring Security without the plugin web.xml problems    stackoverflow.com

I'm currently building a Grails 1.3.5 app. It uses an existing model layer (shared code - no GORM) and I've successfully configured the tomcat jndi connections for it in conf/spring/resources.xml ...

24. Java Web Application on Tomcat - Displaying a File Uploaded by User    stackoverflow.com

I need to display uploaded files on a web application, the flow is as follows

  1. User uploads file through web UI
  2. Validation on image
  3. Makes call to imageRepository.store( uploadedImage, user.getSite() )
  4. The user wants the ...

25. Spring warning output in tomcat    stackoverflow.com

I'm getting following messages and I don't know what they mean. Everything seems to be functioning properly but I just want to be on safe side. Is there something that can ...

26. Is it possible to access a Spring Web App on Tomcat at /?    stackoverflow.com

I've managed to set up a web app that uses the Spring MVC framework, and I can access it at http://localhost:8080/SpringMVCTutorial/. Is it possible though to configure Tomcat so ...

27. Getting Access to Spring with Embedded Tomcat 6    stackoverflow.com

I want to test the REST services that I deploy on a tomcat. To do this with JUnit I embedded Tomcat 6 which works quite fine. Now, I need access to the ...

28. Tomcat unable to access JARs in Spring3 WAR file    stackoverflow.com

I am developing a SOAP web service using Spring 3.0, Spring-WS, SpringSource toolsuite running tc server v6. When I run the application on the server, I get the following ...

29. Spring3, Security3: System works on windows but not Linux java.lang.IllegalArgumentException    stackoverflow.com

System works on windows but not Linux. I can login ok and list data but once I goto any of the following pages I get the error below:

<http auto-config="true" use-expressions='true'>
  ...

30. Tomcat/Spring SSL configuration    stackoverflow.com

I'm trying to configure my Spring application to use an SSL certificate I purchased from a CA. I followed the directions for the Tomcat 6.0 configuration and have imported ...

31. Spring Security and AJP proxy    stackoverflow.com

I use Spring Security and Apache proxy for a web app. When using standard mod_proxy everything is OK, but after switching to AJP proxy there appears a problem with Spring security ...

32. HTTP Digest with hashed stored password    stackoverflow.com

i m using HTTP Digest to connect to my Spring application, using the Spring DigestAuthenticationFilter. The application is using Tomcat 7. It works fine with plaintext password (in the database) My problem is : ...

33. find user OS using Spring-mvc / tomcat    stackoverflow.com

How can I find my user's OS in my web app, using Spring-mvc framework ? I assume I can scan the user-agent value, but is there any existing solution/lib ? (there is ...

34. Spring Security principal isn't fully populated after Tomcat restart    stackoverflow.com

My question is in short that following a server restart (my own local Tomcat), the Spring Security principal object is repopulated with every field (username, password, email, userType, etc) except the ...

35. HAProxy and Spring Security (Acegi)    stackoverflow.com

We are running Apache (with SSL) in front of Tomcat, using AJP at the moment. We'd like to insert HAProxy (if appropriate) into our model, so that it looks like:

Apache ->  ...

36. "Shutdown tomcat server" etcpp. message to all currently logged in users    stackoverflow.com

I would like to inform all logged in users that the server will shutdown. This special interest would be nice in an ajaxfy application (RIA). What are the possible solutions? What ...

37. Spring Security on Grails and Tomcat Security with Realms    stackoverflow.com

I am on the current Grails version 1.3.7, programming against a legacy DB schema on a pretty recent version of mySQL. There are tables for the user and the roles and ...

38. File access in cluster/Tomcat/Springs    stackoverflow.com

I have a application which stores documents on the file system (PDF, WORD etc).. The size of the folder can be in GB's It indexes those as well and had the capability ...

39. Cross domain authentication with grails and spring security    stackoverflow.com

I am working on grails app that will run under two domain names, two separate web servers using the same database server so all the data is shared and is the ...

40. Why did Spring Security messages go missing in Grails production app on Tomcat 7?    stackoverflow.com

I've deployed my grails app to Tomcat, and the only thing that broke is the spring-security-core messages in the login form. For example, the code

<g:message code="springSecurity.login.username.label" />
now produces the output
springSecurity.login.username.label
What could ...

41. spring security - sessionid url rewriting with tomcat 7    stackoverflow.com

we've fought with follwing problem using spring security 1.2.1, grails 1.3.7 and tomcat 7.0.22. on our dev machines we had no problems during login in our app. i think the grails ...

42. Grails spring security plugin plugins missing?    stackoverflow.com

I get an error when I try to deploy a war-file created by Grails. I'm using the Spring security plugin and deploying om Tomcat 7. After reading about similar problems I think it ...

43. Grails SSL TOMCAT    stackoverflow.com

I'm implementing grails with SSL and deployed to tomcat 7.0. I have used spring security plugin for SSL. In tomcat, I added

<Connector port="80" protocol="HTTP/1.1" 
       ...

44. assigning roles for security-constraint in web.xml    stackoverflow.com

I have a grails/groovy application and I am using tomcat server to host this application. Now I have another requirement where I need to restrict access to the static content folders ...

45. Sharing open source (Spring/Spring Security/Hibernate/etc) jars across web applications    stackoverflow.com

We have a bunch of Java EE applications based on open source frameworks such as mentioned above. The WEB-INF/lib for each application has the following common jars:

antlr-2.7.6.jar*
aopalliance-1.0.jar*
asm-3.3.1.jar*
aspectjrt-1.6.8.jar*
aspectjweaver-1.6.8.jar*
cglib-2.2.jar*
commons-beanutils-1.8.3.jar*
commons-collections-3.1.jar*
commons-dbcp-1.4.jar*
commons-digester-2.1.jar*
commons-fileupload-1.1.1.jar*
commons-io-2.0.1.jar*
commons-logging-1.1.1.jar*
commons-pool-1.5.6.jar*
dom4j-1.6.1.jar*
hibernate-jpa-2.0-api-1.0.0.Final.jar*
hibernate-tools.jar*
hibernate-validator-4.1.0.Final.jar*
hibernate3.jar*
jackson-all-1.7.5.jar*
javassist-3.12.0.GA.jar*
javax.inject.jar*
log4j-1.2.16.jar*
org.springframework.aop-3.0.5.RELEASE.jar*
org.springframework.asm-3.0.5.RELEASE.jar*
org.springframework.beans-3.0.5.RELEASE.jar*
org.springframework.context-3.0.5.RELEASE.jar*
org.springframework.context.support-3.0.5.RELEASE.jar*
org.springframework.core-3.0.5.RELEASE.jar*
or 

46. Acegi does not work with Tomcat 5.5 and JDK 5.0    forum.springsource.org

Sep 2nd, 2004, 07:03 AM #1 j2ux View Profile View Forum Posts Private Message Visit Homepage Member Join Date Aug 2004 Location Southern Germany Posts 30 Acegi does not work with ...

47. Spring Security Behind Tomcat Security    forum.springsource.org

Spring Security Behind Tomcat Security Hi All, I'm trying to setup a website for a "beta" test and want to have an initial authentication to get to the site, at which ...

48. tomcat role-based authorization vs spring security    forum.springsource.org

tomcat role-based authorization vs spring security For a new project, I am considering to use Spring, I am already convinced to use Spring mvc, but I am not sure what i'lll ...

49. Security in web container (Tomcat): Possible memory leak?    forum.springsource.org

Security in web container (Tomcat): Possible memory leak? Hi, i've been testing some few things with spring security and it seems there is a strange behavior on redeployment/undeployment of a web ...

50. Tomcat & Spring Security    forum.springsource.org

Tomcat & Spring Security Hi all. Tomcat: 6, 7 Grails: 1.3.7 spring-core: 1.1 I'm developed two applications with names: "Main" and "Second" Also build war file for each and deployed to ...

51. Spring Security and Tomcat 6 Advanced IO    forum.springsource.org

Spring Security and Tomcat 6 Advanced IO Hi, We have a web app based on spring mvc and spring security. I am working on a part of this web app for ...

52. Apache Server / Tomcat and SSL    forum.springsource.org

Apache Server / Tomcat and SSL Hi all, I use Spring Security 3.0.5 with Spring Framework 3.0.5. I have an application which is secured with authentication, to authenticate users and ...

53. SSL Spring Rest Template and Custom Mutual Authentication - Tomcat 7    forum.springsource.org

SSL Spring Rest Template and Custom Mutual Authentication - Tomcat 7 Hi, I am trying to test a scenario for a project whereby we have many client machines that have a ...

54. Spring WS access Denied error on Linux (tomcat tc server)    forum.springsource.org

I am running a Spring WS in tomcat tc server, when I test it using soap UI or other tools, I am able to test it while this server is running ...

55. Spring Security + X.509 + Tomcat 6 + metro 2.1.1    forum.springsource.org

Spring Security + X.509 + Tomcat 6 + metro 2.1.1 Hi, I had a chance to revisit the issues with X.509 authentication on Tomcat on Metro2.1.1 and got it all working. ...

56. Problem with Tomcat "-security" switch    forum.springsource.org

Problem with Tomcat "-security" switch Ok, I'm stumped. I've tried more or less everything I can think of, but nothing works: I ran into a strange problem while running spring (1.1.2) ...

57. MVC + Tomcat JDBCRealm Authentication?    forum.springsource.org

Hi, I have just started to learn about MVC. Since my organization has been using Tomcat JDBCRealm Authenticaton, I was wondering if there is a way to incorporate this into MVC. ...

58. many Tomcat sessions when using Axis and Acegi    forum.springsource.org

many Tomcat sessions when using Axis and Acegi I'm building a Swing rich client application that uses web services for communication. (Spring 1.2 / Axis 1.2 / Acegi 0.8.2 / Tomcat ...

59. Problem using Tomcat REALM to authenticate with Spring Framework    forum.springsource.org

Problem using Tomcat REALM to authenticate with Spring Framework Good morning you all! My name is Felipe, Im a software developer from Brazil, and Im beggining on Java WEB development. Right ...

60. j_acegi_security_check error on Tomcat instance    forum.springsource.org

When deploying our webapp on Tomcat in standalone mode, it runs fine. When we deploy the webapp on Tomcat in instance mode(each instance has its own conf but share the same ...

61. Tomcat Realm Authentication and Spring    forum.springsource.org

Tomcat Realm Authentication and Spring Before using the spring framework I used tomcat realm jdbc authentication to ensure users couldn't get to protected pages. User details were stored in a superclass ...

62. How do I get a jndi connection pool in Tomcat 5.0.28 to work with acegi-security?    forum.springsource.org

How do I get a jndi connection pool in Tomcat 5.0.28 to work with acegi-security? How do I get a jndi connection pool in Tomcat 5.0.28 to work with acegi-security? My ...

63. Tomcat security manager and Spring    forum.springsource.org

Tomcat security manager and Spring My development machine runs Tomcat 5.5.17 and my webapp runs fine if I deploy the war when I'm running tomcat. My project uses Spring and Hibernate ...

64. Realm/Tomcat/Acegi Configuration Problem    forum.springsource.org

Realm/Tomcat/Acegi Configuration Problem hello guys i have already resolved how work with acegi (studying) the examples in the forum and the 2 war files in the acegi distribution , well i ...

65. acegi + tomcat 5.5 + apache 2.0 and proxypass    forum.springsource.org

Hi, I need some help to configure my application and acegi. I use apache in front and tomcat 5.5 I try to use a proxypass to have my application working at ...

66. Reloading acegi configuration changes with tomcat    forum.springsource.org

Apr 20th, 2007, 10:23 AM #1 ludwiggj View Profile View Forum Posts Private Message Junior Member Join Date Feb 2006 Posts 6 Reloading acegi configuration changes with tomcat I am running ...

67. Channel Security Problem in Tomcat    forum.springsource.org

Channel Security Problem in Tomcat Hi, I am trying to implement channel security on selected resources using the Acegi ChannelProcessingFilter. I followed all the steps as mentioned in the documentation. - ...

68. Session Hijacking Issue with Acegi & Tomcat    forum.springsource.org

Session Hijacking Issue with Acegi & Tomcat When a user is authenticated/authorized & the default page in the application comes up, the URL would display the sessionid associated with the user. ...

69. Question on Authentication with Tomcat    forum.springsource.org

Question on Authentication with Tomcat I noticed the following. I am really not sure of this is a tomcat issue or acegi issue. So any help to understand this is appreciated ...

70. acegi + tomcat + apache    forum.springsource.org

I have acegi + spring + tomcat working great. I'm now trying to workout how this will fit with my Apache config. I'd like to serve up all my html files ...

71. Using custom User Principal classes with JAAS and Tomcat?    forum.springsource.org

Using custom User Principal classes with JAAS and Tomcat? How can I get my custom user Principal class to be returned by request.getPrincipal() calls, when using acegi with a JAAS module? ...

72. Spring Security Tomcat server does not start    forum.springsource.org

Spring Security Tomcat server does not start I am using Spring Security 2.0.1 and trying to authenticate using LDAP (IBM Active Directory v5.2.) I am not getting any error messages however ...

73. Anybody tried container adapter authentication with Tomcat 6?    forum.springsource.org

The Ref Guide says the adapter has only been tested with Tomcat 4.1.30 and 5.0.19. Has anybody done this with 6.x in production? If so, any information on your experience would ...

74. Tomcat Realm with Spring Security    forum.springsource.org

Feb 8th, 2009, 08:12 AM #1 Queeny View Profile View Forum Posts Private Message Junior Member Join Date Dec 2008 Posts 10 Tomcat Realm with Spring Security Hi I am trying ...

75. Get IP, URL & Session ID when using Tomcat Realm based authentication    forum.springsource.org

Get IP, URL & Session ID when using Tomcat Realm based authentication Hi I would really appreciate your help on this as I have invested a lot of time so far ...

76. spring security + tomcat CometProcessor    forum.springsource.org

Hi. Sorry for my english . We are using dwr 3rc1 on tomcat 6. We have replaced in our web.xml DwrSpringServlet with DwrCometProcessor. The question is: how we should use spring ...

77. Access to Tomcat 6 Thread Pool via Spring?    forum.springsource.org

Hello, I would like to use the tomcat managed thread pool within my web application, for things like quartz and asyncy processing based on an http request, etc... Can I get ...

78. Help needed on Tomcat clustering, ACEGI login issue    forum.springsource.org

Hi, Oflate, our application hosted on Linux. We have recently made live a clustering setup involving a hardware Load Balancer and with two Tomcat (6.0) nodes. Our application uses Struts 1.2 ...

79. Tomcat permissions    forum.springsource.org

Jun 24th, 2009, 05:46 AM #1 markhc View Profile View Forum Posts Private Message Junior Member Join Date Jun 2009 Location Sydney, Australia Posts 1 Tomcat permissions Newbie following the Spring ...

80. Acegi security time out of tomcat    forum.springsource.org

hello, I have integrate Acegi in my web application, but i have a problem, when the timeout of tomcat had expired i can't reconnect to my application, because when I insert ...

81. Tomcat and access log without remote user    forum.springsource.org

Tomcat and access log without remote user I've been trying to find a solution for access logs when using Spring Security. I am currently using Tomcat access log valve (AccessLogValve), which ...

82. Tomcat Hangs on Secured Areas Only    forum.springsource.org

Tomcat Hangs on Secured Areas Only I have an issue that seems to be related to my spring security implementation. Issue: Tomcat will randomly hang and timeout Apache mod_proxy but only ...

83. how to keep user authentication across multiple Tomcat instances    forum.springsource.org

Hello Everyone, I'm new to Spring Security and have no idea what features are available for keeping user authentication across multiple Tomcat instances. I've read the documentation and some tutorials and ...

84. Spring Security 3.0 vs Tomcat 6.0.x    forum.springsource.org

Hi! I'm trying to configure Tomcat 6.0.18 to work with Spring Security Realm. I have an app that is using Spring Security 3.0 and need to add login to Tomcat access.logs. ...

85. Tomcat JNDIRealm userRoleName equivalent in Spring Security?    forum.springsource.org

Tomcat JNDIRealm userRoleName equivalent in Spring Security? Hi guys, to all the professional spring security guys (and gals) out there, here's my situation: our current security is tomcat jdni realm, connecting ...