Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!

manikandan jayakumar

Ranch Hand
+ Follow
since Aug 20, 2011
manikandan likes ...
Firefox Browser VI Editor Tomcat Server
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
2
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by manikandan jayakumar


Yeah i don't want users to view the response header and error code with tools.
6 years ago
I want my users not to see different error codes in response header. Is their any other way to do that.
6 years ago
Hi,

Is it possible to redirect the error code to common page and the error code should be same.

Like 404, 500, 403 should redirect to Error.do and the error code should be set as 404 in the header.

as of now i'm using



But the error code is 404, 403 etc
6 years ago
Tim,

Customer also suggested this(http://httpd.apache.org/docs/trunk/mod/mod_reqtimeout.html)

Can I integrate this(if yes, how?) or is their any other thing similar to this?
7 years ago
Hi Guys,

I have managed to set HttpOnly flag to JESESSIONID by specifying

Now i need to set the same(HttpOnly) to JESSIONIDSSO.
7 years ago
Hi Tim,

Thanks for the reply.

1. "Why" - one of our customer reported Dos attack presents on our application. If a request takes too long time the server waits for 10mins before invalidating the request(closing the connection) need to reduce this.

2. "request timeout" - if a client takes too long time (may be due to slow internet connection or a hacker gives (n) slow request to make server unavailable for others) to make request we need not to handle that request and need to close that connection. ie., time taken for the server(tomcat) to completely read the request.
7 years ago
Hi,


I want to reduce the default requestTimeout in Tomcat, is it possible?

i have changed connectionTimeout in connector tag,

connectionTimeout="1" and expecting it should timeout. But its not working as i expected.
7 years ago
Thanks for your replay Dittmer,

i have coded like this

and it worked.
Your solution

also did the trick.

In my case, I need to reduce codes in host1.

Is their any drawback(security issues, etc) in parsing scripts tag?
7 years ago
JSP
Hi guys,

I need to get the requesting URL in a JS file.

ie., host1 has



in Host2 test.js

i need that this("http://host2:port/test.js";)

NOTE: host2 is dynamic
7 years ago
JSP
Ok Dude,

Here is my case.

1. I have a custom form authenticator, in which all the *.do requests should pass through(Here i will authenticate or check for authentication). I also have some *.cc requests and these need not to pass through this authenticator.

2. Need to disable or restrict accessing the Http-Methods(HEAD,OPTIONS,TRACE) to all the users for all app root directory(/*).

Hope this is a bit clear.
7 years ago
If i use /authForm.do then it works fine but my case is i should use *.do for AuthForm and /*(all urls) for http-methods.

/* overrides *.do, is it the behavior or we have any other configuration to achieve this
7 years ago
Greeting shivam singhal, thanks for your response.

Here is the details i have tried,

1. FORM based authenticator - have extended FormAuthenticator and named it as "AuthName"(it works fine if i use this alone).

2. Http-Methods - my requirement is no one should access(should throw 405 method not allowed) the OPTIONS, TRACE, HEAD methods on the root directory of my application.

for this i have added the below code.



and the results are 403 for HEAD and OPTIONS whereas 405 for TRACE method. And the request is not passing through AuthForm.

Expected result 405 for HEAD,OPTIONS,TRACE( for /*, all users) and the request should pass through the "AuthForm"(*.do).
7 years ago
Dear Ranchers,

I am testing the following case, but im not getting the expected result!

Here is the case:

1. Form-authentication(for all *.do)
2. security-constraint to disable Http methods(for all urls)

1. For Form-authenticator



2. To disable Http methods



Result of the above code :


HEAD :

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 05:30:00 IST
Set-Cookie: JSESSIONID=6C0B0EDCA6CCD35B1CC12ADB59B212A2; Path=/; HttpOnly
Content-Type: text/html;charset=UTF-8
Content-Length: 1424
Date: Fri, 08 Feb 2013 15:57:21 GMT
Connection: close

TRACE :

HTTP/1.1 405 Method Not Allowed
Server: Apache-Coyote/1.1
Allow: GET, OPTIONS, HEAD
Content-Length: 0
Date: Fri, 08 Feb 2013 15:58:24 GMT
Connection: close

OPTIONS :

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 05:30:00 IST
Allow: GET, HEAD, POST, TRACE, OPTIONS
Date: Fri, 08 Feb 2013 15:58:50 GMT
Connection: close



and the request is not passing through the AUTHENTICATOR


If i made any mistake in the post please mention it, sorry for my English too.
7 years ago
Hi Friends,
I need to authenticate the url address bar so that user of my web application can not directly access the url bar.
How to configure server.xml file to achieve this thing?


Thanks in Advance
9 years ago