Separate Tomcat http and https access
Hi
I got tomcat running both http and https.
However, http://localhost:8080 and https://localhost:8433 are accessing the same page.
I need to separate them, to prevent from entering data using http://localhost:8080 by mistake.
Please help.
Cheer
T
there are 2 ways to only allow https access to your webapp
1:
stop tomcat listening on all ports except https port
2:
configure your webapp to only allow https access
http://marc.theaimsgroup.com/?l=tomcat-user&m=104951559722619&w=2
Similar Messages
-
Help with Tomcat 5 and MS Access
Hi
I have a Tomcat 5 running and I want to query to a MS Access. Must I configure the server.xml to allow the connection?
I'm doing the connection in a class, not in JSP:
import java.sql.*;
public class BaseDatos {
String url="jdbc:odbc:sms";
String driver="sun.jdbc.odbc.JdbcOdbcDriver";
Connection con=null;
private Statement statement;
public BaseDatos()
try{
Class.forName(driver).newInstance();
catch (Exception e) {}
public void Conectar()
try {
con = java.sql.DriverManager.getConnection(url);
statement = con.createStatement();
catch (java.sql.SQLException e){e.printStackTrace();}
public void Guardar_sms(String prefijoL, String numeroL, String mensajeL, String recibo, String tabla)
try
Conectar();
if (recibo.equals("1")) //si hay recibo eliminamos del texto los car�cteres de recibo
mensajeL=mensajeL.substring(3,mensajeL.length());
statement.executeUpdate("INSERT INTO "+tabla+"(PREFIJO,NUM_MOVIL,TEXTO,RECIBO) VALUES ('"+prefijoL+"','" +numeroL+"','"+mensajeL+"','"+recibo+"')");
} catch (SQLException e)
e.printStackTrace();
Desconectar();
public void Guardar_contacto(String nombre, String prefijo,String numero)
Conectar();
ResultSet rs=null;
try
rs=statement.executeQuery("Select * from smsagenda where NOMBRE ='"+nombre+"' and NUM_MOVIL = '"+numero+"'");
if (!rs.next()){System.out.println("no he encontrado el numero de telefono y guardo el nuevo");
statement.executeUpdate("INSERT INTO smsagenda (NOMBRE,PREFIJO,NUM_MOVIL) VALUES ('"+ nombre+"','"+prefijo+"','"+numero+"')");
catch(SQLException e)
e.printStackTrace() ;
Desconectar();
public void Borrar(int id,String tabla)
Conectar();
try
statement.executeUpdate("DELETE FROM "+tabla+" WHERE ID="+id+"");
}catch(SQLException e)
e.printStackTrace() ;
Desconectar();
public ResultSet leerTabla(String tabla)
ResultSet rs=null;
try
rs=statement.executeQuery("Select * from "+tabla);
}catch(SQLException e)
e.printStackTrace() ;
return rs;
public void Desconectar()
if (con!=null)
try
con.close();
}catch (SQLException e){}
}Thanks in advance
HelenNow I have modified the server.xml file in the
TOMCAT_HOME/conf/server.xml................like
this,just a line
/******************************* server.xml
<Context path="/sampleapp" docBase="e:\sampleapp"
debug="0" reloadable="true">
</Context>
/*****************************server.xml***************
********************/You say that your application is under
TOMCAT_HOME/webapps/sampleapp and then you tell
server.xml to look under e:\sampleapp ?? Don't you
find that strange?
you could probably use docBase="/sampleapp"
Also, you NEED to put your classes in packages.Thanks for the information about
AS -
Ftp and http access over XDB repository is not allowed...
When I try to execute the following command on a reasonably fresh Oracle 11 installation:
insert into "XMLTEST" ( "name", "xmlfof" ) values ( 'small', DBMS_XDB.GETCONTENTXMLTYPE('/public/small.xml') );
-- The schema is correctly registered, the file "small.xml" is in the /public repository folder, the user has every conceivable role and priviledge
-- http access works fine from a remote location, tried to execute the command on the server and from remote system...
I get the following error message:
ORA-31020: Der Vorgang ist nicht zulässig, Ursache: For security reasons, ftp and http access over XDB repository is not allowed on server side ORA-06512: in "XDB.DBMS_XDB", Zeile 1915
Searching for an answer on the forum didn't produce any concreate explanation... Does anyone have any idea how to solve this problem?As it turns out, the XML file contained a reference to a DTD at an external web-site, which caused the problem - it was identical to that described here:
Re: ORA-31020 when using XML with external DTD or entities
After removing the reference, everything works perfectly... -
HTTP errors and/or access denied messages preventing me from downloading CS5.5
How can I download my copy of CS5.5 Design Standard? I keep getting HTTP errors and/or access denied messages.
Alex5555 where are you downloading the installation files from? Have you tried utilizing a different web browser? Is your web browser configured to accept cookies?
-
Hi,
Is it possible to access the file without any login?
I.e For example, from my application, I need to open the stored file using http access.
runscript "http://coll-ind:7777/webstarterapp/docservlet/public/abc.Bat"
runscript is our internal command in our application. when we run this command it needs to open the file that we are giving in the URL.
Is it possible if we use CMSDK based application?Do I need a context to be created? I'm able to run on my local system without creating any context in conf/server.xml.Tomcat is installed with a default context, perhaps you're using the default context.
yes, its the server on the net.Then as I said before the webhosting site should have set it up for you. And no, you don't put the socket number when you're connecting to the net. How did you upload the files to the net, perhaps that will give you a clue as to what the URL should look like.
;o)
V.V. -
Sharepoint foundation 2010 externel https access problems
I have a very strange problem with my sharepoint foundation 2010 site.
I have a site which is accessible from outside on https (we have a valid certificate). I configured IIS for http and https.
Also I configured internal and externel access for this site on sharepoint.
But sometimes, the site is not accessible from outside on https with (externe.site.fr), BUT it will be accessible with public ip !!!
And also accessible from inside. (with interne.intranet.site.fr)
Any Idea ?
thanksHi,
According to your post, my understanding is that your site is not accessible from outside using external host name with https sometimes.
As your site can be accessible with public IP, however it can’t be accessible from outside using external host name with https sometimes, the issue could be caused by the gateway server in your environment.
I suggest that you need to check the gateway server configuration.
For more information, you can refer to:
http://community.bamboosolutions.com/blogs/sharepoint-2013/archive/2012/12/05/how-to-set-up-microsoft-forefront-unified-access-gateway-environment-for-sharepoint-2013.aspx
http://nhutcmos.wordpress.com/2013/07/26/configure-ssl-certificate-for-sharepoint-external-https-access/
http://sharepointdotnetwiki.iblogger.org/2009/12/dns-setup-in-sharepoint/
http://underthehood.ironworks.com/2010/06/making-a-sharepoint-2010-site-externally-available-alternate-access-mappings-host-header-bindings.html
Best Regards,
Yumi Fu -
How to configure WLS to send HTTP access log to syslog under Solaris?
I understand there is a way configuring WLS to use syslog via log4j. Is it possible only to direct HTTP access logs to syslog and keep the rest of logs in normal log files? Thanks!
I've been following the "How to do UD Document" https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/58f4db47-0501-0010-a2bf-ff01b150fdff and more specifically the document for Sybase https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/c0d70315-958f-2a10-bc88-eb91e36f4037
I am using the latest .jar file from Sybase http://www.sybase.com/detail?id=1002257
When I navigate to http://<hostname>:50000//TestJDBC_Web/TestJDBCPage.jsp and Select connection name SDK_JDBC I get the following error message:
Could not connect to database. Connection is inactive or does not support JDBC
com.sap.ip.bi.sdk.exception.BIConnectionFailedException: Cannot open the connection
Caused by: com.sap.ip.bi.sdk.exception.BIResourceException: Class DriverName is not found
Caused by: java.lang.ClassNotFoundException: com.sybase.jdbc2.jdbc.SybDataSource
Found in negative cache
Loader Info -
ClassLoader name: [connector:default]
Parent loader name: [Frame ClassLoader]
library:SYBASE
Resources:
/usr/sap/BWD/JC02/j2ee/cluster/server0/apps/sap.com/com.sap.ip.bi.sdk.dac.connector.sapq/connector/connectors/bi_sdk_sapq.rar/bi_sdk_sapq.jar
/usr/sap/BWD/JC02/j2ee/cluster/server0/apps/sap.com/com.sap.ip.bi.sdk.dac.connector.jdbc/connector/connectors/bi_sdk_jdbc.rar/bi_sdk_jdbc.jar
/usr/sap/BWD/JC02/j2ee/cluster/server0/apps/sap.com/cafbwadapterassembly/connector/connectors/cafbwadapterassembly.rar/sap.comcafbwadaptercaf.bw.adapter.jar
/usr/sap/BWD/JC02/j2ee/cluster/server0/apps/sap.com/com.sap.ip.bi.sdk.dac.connector.xmla/connector/connectors/bi_sdk_xmla.rar/bi_sdk_xmla.jar
Loading model: {parent,references,local}
Any thoughts/insites?
Thanks, Steve -
HTTP ACCESS enabled but not to all
Hi guys,
Security question regarding HTTP access without managing it via firewall / VPN.
I would like to have the access only for one ip (of my workstation) + the server itself.
Can i modify some flows function / proc to achieve this?
Maybe Dietmar can help me.....
thanx a lotI must admit that I'm reluctant to change ISP but this action on Verizon’s part is leaving a bitter taste in my mouth. It might be somewhat of an inconvenience for me because I've had my Verizon account for such a long time but maybe another ISP might satisfy my needs and for much less.
-
Hello.
I'm just wondering if it's possible to tell tomcat that a user has already been authenticated for http auth. Ie you may set tomcat usernames and passwords in the conf/tomcat-users.xml file, and using the web.xml file you can setup security constraints to certain parts of your web application. I want to provide my own user/password login page so that I dont have to have a box popping up and saying "Please enter user/password" (that the browser provides). So how can I set a user as 'logged in' on the server using my own login page and avoid getting the browser popping up an http auth login window?
I'm sure there is a way, I just can't quite see how. I'd assume I'd have to set something on their session, but what :-)
Thanks
John Bakerwhy don't you use forms authentication instead of basic for the web app? Configure it in the web.xml
-
Sharepoint HTTPS access stopped working suddenly
Hi,
we have a single server sharepoint 2013 server.
HTTP and HTTPS access are enabled for sharepoint site collection. The bindings and aam are set correctly.
The HTTPS access suddenly stopped working. Might be related to updates installation.
HTTP access is working properly.
When I create a new non sharepoint site in IIS the HTTPS access works.
When I create a new sharepoint site in IIS the HTTPS access does not work only HTTP access is possible. There is no response from the server.
Following event log error message might be related to this problem:
Schanel 36888 Error: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel
error state is 1203.
I checked the ULS, Event logs, changed bindings, tried creating new sharepoint web applications to find the source,
Any ideas?
Thanks,
AndrejHi Andrej,
I think unless the issue for Schanel 36888 error is fixed,the HTTPS issue may not get resolve.
Please refer the below link which was resolved in different OS.
http://social.technet.microsoft.com/Forums/en-US/9dfb4d09-8096-40c9-ac75-1e23f75417c9/frequent-event-id-36888-windows-schannel-errors-in-the-event-viewer?forum=W8ITProPreRel
TLS and HTTPS:
TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications and servers in scenarios where that data is being sent across an insecure network, such as checking your email
(How does the Secure Socket Layer work?).
http://luxsci.com/blog/ssl-versus-tls-whats-the-difference.html
http://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLS
Please remember to mark your question as answered & Vote helpful,if this solves/helps your problem.
s p kumar -
RV042 - limiting HTTP access by IP address?
I am trying to limit HTTP access to my server on the local network to a specific IP address. I create an Access Rule in the firewall section, however that doesn't work. The only way it works is if I add the internal IP address of the server to the Forwarding section where I create a new HTTP forwarding rule.
However, that is not good because that allows ALL HTTP traffic to that server instead of just by the single IP address.
Anyone know how to do this? Any help would be greatly appreciated. Thanks in advance.Thanks for the reply. You are correct - I want to allow 1 specific external IP address to access an http server on my LAN. Looking through those threads, it seems like the other use enabled one-to-one NAT. I tried turning it on but it gave me an error message (I forgot what the error was, but it was something along the lines of the external IP address already being used in the Basic Settings or something).
I will double-check the error message and will post it here. The current access rules are:
Deny: All services, WAN, All external, All internal
Allow: All servifces, LAN, All internal
Thanks for any additional help. -
Is there a way to enable http access through the guest server console port command line. I have installed a new certificate and lost GUI access. The SSL settings were set to https only before I rebooted the server..
Edwin,
Are the various necessary services running on that server? Post the output of following commands:
ps auwwwx
chkconfig --list
service httpd status
service postgresql status
Faisal -
Restrict HTTP access or only allow HTTPS access
Hi experts,
We have an EP6 cluster implementation in our landscape with a web dispatcher acting as a balancer on top. We achieved to implement HTTPS (end-to-end SSL) and now need to restrict any http access to our SAP Portal (that means internet users should always use https when accesing our portal).
Which is, in your opinion, the easiest way to do it? Web Dispatcher configuration, Central Instance (Java Dispatcher), other? The result should be an error message (no matter whether it's the error HTTP 501).
Thanks.Hi,
The best way would be to restrict at web dispatcher as this is the entry point for requests.
Check this:
http://help.sap.com/saphelp_nw70/helpdata/EN/d8/a922d7f45f11d5996e00508b5d5211/frameset.htm
In the ICM configuration you should remove all parameters that allow http access to Web Dispatcher.
http://help.sap.com/saphelp_nw70/helpdata/EN/25/7e153a1a5b4c2de10000000a114084/frameset.htm
Regards,
Praveen Gudapati -
WLS http access logs not written to when starting WLS instance using nodemanager
When starting managed WLS instances using node manager the HTTP access logs are
not written to (the WLS log in the same directory is written to). All other functionality
of the WLS instances seem to operate just fine when started using node manager.
When we start the same managed WLS instances using a start-up script the HTTP
access logs are written to.
===
How can we get HTTP access logs to be written to when starting a WLS instance
using node manager?I think I know the answer to this one!
I got bitten by the same bug (at least I think it is a bug). Check the location
specified for the HTTP-access log for your server instance. It is probably a relative
location, right?
According to the docs, relative paths should start from the Root Directory (see
your Remote Start config), but it seems like the BEA-programmers forgot to retrieve
the Root Directory and instead blindly writes to the process' current working
directory (CWD).
And when started by the Node Managet, the CWD = WL_HOME/common/nodemanager.
If you are as paronoid as I am (and you should be too), that directory should
not be writeable by anyone. Because my BEA installation was owned by 'bin', and
the processes run by 'beawls', I got an error message in my NM-logs pointing to
the problem. In your case, you are probably running NM as a user that has write-access
to your NM-home, and all your missing HTTP-access logs are deep, down there.
Jan Bruun Andersen -
Re: Disable HTTP access to Weblogic 6.0
Appears to be: http://e-docs.bea.com/wls/docs60///////config_xml/properties.html
On 20 Jul 2001 08:35:38 -0800, "Florian Kirchhoff" <[email protected]> wrote:
>
Is this possible in Weblogic 6.0?
"Don Dwoske" <[email protected]> wrote:
It looks like you've got a couple of different things going on
here.
If you want to disable http, do this in the WL properties file:
weblogic.httpd.enable=false
your getInitialContext should figure out what port your naming
service is on unless you've hardcoded it to be localhost:80, true?
I switch between ports 80 and 7001 all the time without problems.
-Don
"Gagan Bhalla" <[email protected]> wrote:
Hi,
Can someone tell me how do I disable the HTTP access to
Weblogic.
The environment I am running on my dev machine would be
Win2000+
Weblogic 5.1+ SP6. I am redirecting any HTTP request to
the secure
port and that part is working. But I want to be able to
completely
disable any HTTP requests all together. Is there a way
to do this.
In the weblogic.properties file, if I change the weblogic.system.listenPort
property to point to anything other than port 80, it gives
me errors
on the WLInitialContext. What else do I need to change
in this
so that I can listen on a port other than 80?
Thanks for your help,
Gagan
javax.naming.CommunicationException. Root exception is
java.net.ConnectException: No server found at T3://localhost:80
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java,
Compiled Code)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java,
Compiled Code)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java,
Compiled Code)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:148)
at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:123)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:671)I Need to keep HTTP session alive.
But i need to block trace method or say get method.
Any clue how can we do that.
thanks
Maybe you are looking for
-
Items In Use for File Transfers
Whenever I transfer several files at a time (7+ or so), I get the error "The operation cannot be complete because the item "(insert filename here)" is in use." I have tried the lsof command in Terminal with no results. This happens with different fil
-
Firefox "hangs" when opened and will not load first page
I am running Firefox on Mac OS X and when I open it it hangs and does not load the first page. The whole application does not respond so I can't open it in safe mode or anything. I have to keep force quitting it.
-
I changed the settings and now I cannot figure out how to change them to the default setting. How do you change the frequency in which you enter your password in iTunes?
-
Error installing Oracle9i Forms Demos
I have downloaded full demo of Oracle9i Forms (forms9iDemos9_0_0_1.zip) and installed it in 9iDS home. Everytime I click on every link in the sample page, it shows forms error message: FRM-92610: WEB Client Version too old. My jinitiator version is 1
-
Differences in AS2 and AS3 MP3 Playback?
This works in AS2 and plays fine: var my_sound:Sound = new Sound(); my_sound.loadSound(" http://download.podango.com/mediatracker/1/67943/ApplePhoneShow_46.mp3", true); This is chopping in AS3: var snd:Sound = new Sound(new URLRequest(" http://downlo