If you have a singleton class and you run two webapps that use this class in Tomcat both webapps will get 2 different instances of this singleton in JVM running the Tomcat. But if your webapp will use a singleton from JRE or Tomcat shared libs, eg Runtime.getRuntime webapps will get the same instance of … Read more
You can set the system properties programmatically using System#setProperty(). System.setProperty(“org.apache.el.parser.COERCE_TO_ZERO”, “false”); However, you need to ensure that this is been set before JSF/EL ever get initialized. Best place would be a ServletContextListener. public class Config implements ServletContextListener { @Override public void contextInitialized(ServletContextEvent event) { System.setProperty(“org.apache.el.parser.COERCE_TO_ZERO”, “false”); } @Override public void contextDestroyed(ServletContextEvent event) { // NOOP … Read more
No, it’s not necessary. It means that your web application only available through HTTPS (and not available through HTTP). If you omit the <transport-guarantee>CONFIDENTIAL</transport-guarantee> tag (or the whole <security-constraint>) your application will be available through both HTTP and HTTPS. If your web.xml contains <transport-guarantee>CONFIDENTIAL</transport-guarantee> Tomcat automatically redirects the requests to the SSL port if you … Read more
I found a workaround in this article, basically the idea is that you create a process early on in the startup of your application that you communicate with (via input streams) and then that subprocess executes your commands for you. //you would probably want to make this a singleton public class ProcessHelper { private OutputStreamWriter … Read more
I put together this test app to reproduce the issue using the HTTP testing framework from the Apache HttpClient package: ClassLoader cl = HCTest.class.getClassLoader(); URL url = cl.getResource(“test.keystore”); KeyStore keystore = KeyStore.getInstance(“jks”); char[] pwd = “nopassword”.toCharArray(); keystore.load(url.openStream(), pwd); TrustManagerFactory tmf = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keystore); TrustManager[] tm = tmf.getTrustManagers(); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, pwd); … Read more
As said before encrypting passwords is just moving the problem somewhere else. Anyway, it’s quite simple. Just write a class with static fields for your secret key and so on, and static methods to encrypt, decrypt your passwords. Encrypt your password in Tomcat’s configuration file (server.xml or yourapp.xml…) using this class. And to decrypt the … Read more
It can be changed in the $CATALINA_BASE/conf/server.xml in the <Host />. See the Tomcat documentation, specifically the section in regards to the Host container: Tomcat 6 Configuration Tomcat 7 Configuration The default is webapps relative to the $CATALINA_BASE. An absolute pathname can be used.
Since Tomcat 7 there is a container provided expires filter that may help. See: Tomcat 10: https://tomcat.apache.org/tomcat-10.0-doc/config/filter.html#Expires_Filter Tomcat 9: https://tomcat.apache.org/tomcat-9.0-doc/config/filter.html#Expires_Filter Tomcat 8: https://tomcat.apache.org/tomcat-8.0-doc/config/filter.html#Expires_Filter Tomcat 7: https://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#Expires_Filter Tomcat 6 (unofficial backport): https://github.com/bnegrao/ExpiresFilter ExpiresFilter is a Java Servlet API port of Apache mod_expires. This filter controls the setting of the Expires HTTP header and the max-age directive … Read more
If you are running multiple instances of Tomcat on a single host you should set CATALINA_BASE to be equal to the …/tomcat_instance1 or …/tomcat_instance2 directory as appropriate for each instance and the CATALINA_HOME environment variable to the common Tomcat installation whose files will be shared between the two instances. The CATALINA_BASE environment is optional if … Read more
Open the Servers view -> double click tomcat -> drop down the Timeouts section There you can increase the startup time for each particular server.