You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Stefan Freyr Stefansson <st...@decode.is> on 2000/08/30 14:52:05 UTC
Tomcat 3.2 SSL question
Hello.
I've been monitoring the discussion on the Tomcat lists for about 3 weeks
now and I've seen people ask about SSL and the release date on Tomcat 3.2
final for a while but usually those posts receive little or at least vague
answers.
Therefore I would like (hopefully once and for all) to ask a few questions.
I hope I will receive some answers soon and I sincerely hope that these
answers will help others besides myself.
My first question is the obvious one. When is Tomcat 3.2 final supposed to
come out?
The second question I have is about the SSL support in Tomcat 3.2. I've
tried a little bit to get it up and running with little success. That is
without any doubt my fault and I'm going to try a little harder before I
start bugging you guys about it. But... I would like to know if Tomcat 3.2
SSL (once I get it up and running) supports two way authentication. I need
the client to be able to verify that he/she is talking to the server he/she
believes he/she is talking to... (a lot of he/she's in there... anything to
be politically correct ;o) But I also need to be able to verify that the
client is who he/she says he/she is (this is ridiculous). For that I need
two way authentication.
I saw somebody ask about this issue a while back but never saw any answers
to his (I'm pretty sure it was a he! ;o) post. I would really appreciate it
if I could get an answer on these matters.
One other thing is about the licencing. Our plan is to integrate Tomcat
into one of our own products. The product is not a commercial product and
very unlikely that anybody could benefit from using this thing except for my
company... I would like to know if it is allright to use Tomcat in such a
way? Are there any limitations or fees??? We looked at the licence file
that came with the Tomcat download and the way we understood that was that
we could basically use it any which way we wanted given that we included
some things in our manual and didn't change the headers of the source files
(you know... the thing whith all the copyright thingys and such).
Kindest regards and thanks in advance,
Stefan.
RE: Tomcat 3.2 SSL - Unrecognized SSL handshake...
Posted by Stefán Freyr Stefánsson <st...@decode.is>.
I know it doesn't work yet... but we're working on improvements to the
SSLSocketFactory class which will then support client certificates. The
"clientAuth" parameter doesn't do any harm and we will be using it in the
SSLSocketFactory class once we sort out what is wrong with the server
certificate authentication and just now I tested what you said about the
directory listing and you were absolutely correct. Do you have any idea
about how to correct this? so that it redirects to https:// instead of
http:// ? This must be a configuration issue?
But about the client certificate problem you have... I'll keep you posted
if we make some progress in our efforts to improve the SSLSocketFactory
class so that it supports client authentication. Our plan is to post a
bugfix/improvement??? once we get it ready. I don't think, however, that
you will ever be able to access the client certificates on the webserver (in
your JSP pages). Not that I'm any expert at all but I don't think that's
possible. If you find out that you can do that please let me know.
kind regards, Stefan Freyr
-----Original Message-----
From: Ismael Blesa Part [mailto:iblesa@tissat.es]
Sent: 9. september 2000 13:14
To: tomcat-dev@jakarta.apache.org; stebbi@decode.is
Subject: Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
Stefán Freyr Stefánsson wrote:
> attatching it to this letter.
>
> Don't worry about the additional parameter "clientAuth" that's just
> something we're going to use when the time comes that we can require
client
> certificates. Otherwise it looks exactly like the default server.xml...
> only with the SSL partion uncommented and the regular http connector
> commented out.
>
This parameter does not work, I have tried on Tomcat 3.2 B 2 and when
connecting
to the https server it does not ask for a client certificate. Has this
worked
for you?
I am trying to get access to the digital certificate from my jsp's but I can
not. Do you know how to make it work?
The problem you have is directory listing problem, if you use
https://myhost:8443/index.html it works, but if you do https://myhost:8443/
then
you get the error
>
> regards, Stefan Freyr
>
> -----Original Message-----
> From: Warner Onstine [mailto:warner@warneronstine.com]
> Sent: 8. september 2000 22:44
> To: tomcat-dev@jakarta.apache.org
> Subject: Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
> What does your server.xml file look like?
>
> -warner
>
> ----- Original Message -----
> From: "Stefán Freyr Stefánsson" <st...@decode.is>
> To: <to...@jakarta.apache.org>
> Sent: Friday, September 08, 2000 2:16 AM
> Subject: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
> > Does anybody know this error?
> >
> > I'm receiving it when trying to access https://localhost:8443 (or just
> > https://localhost when Tomcat is configured to listen to port 443). I'm
> > using Tomcat standalone.
> >
> > I've done everything I was told to do by the server.xml file, and I've
> even
> > looked through the SSLSocketFactory class code and found nothing which
may
> > be not working... I've added JSSE to my classpath and I did the
keystore
> > thing with the -keyalg RSA flag so I'm a little bit baffled!
> >
> > Here is the output I get from the Tomcat console window when I try to
> access
> > the server:
> > 2000-09-08 08:36:01 - ContextManager: IOException reading request,
> ignored -
> > javax.net.ssl.SSLException: Unrecognized SSL handshake.
> > at
> > com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
> > at
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> > at
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> > at
> > com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
> > at
java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> > at
java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> > at
> >
>
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestAdapter.
> > java:120)
> > at
> >
>
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServletInpu
> > tStream.java:106)
> > at
> >
>
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServletInputS
> > tream.java:128)
> > at
> > javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
> > at
> >
>
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpReques
> > tAdapter.java:134)
> > at
> >
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
> > onnectionHandler.java:192)
> > at
> >
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
> > at
> >
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
> > at java.lang.Thread.run(Thread.java:484)
> >
> > What I get up on the browser depends on a few things. If I call
> > http://localhost:8443 or http://localhost:443 (depending only upon what
> port
> > Tomcat is configured to listen to) I do not get the certificate window
up
> on
> > the screen. If, however, I call https://localhost:8443 or
> https://127.0.0.1
> > I get the certificate screen and the certificate is correct... My name,
> > signed by me and so on. NOTE: I do not get the certificate window when
> > trying to access https://localhost. That appears to redirect to
> > http://localhost:443/index.html). This is for MS IExplorer. The only
> thing
> > that appears on the browser window are five little boxes ("�����") (It
> > doesnt matter if I get the certificate window or not... it always ends
up
> > like this... five little boxes).
> >
> > In Netscape I get the certificate window and I can view everything when
I
> > try to access https://localhost but once I have accepted the certificate
a
> > window appears telling me:
> > "Warning! You have requested an insecure document that was originally
> > designated a secure document (the location has been redirected from a
> secure
> > to an insecure document). The document and any information you send back
> > could be observed by a third party while in transit."
> > When I press Continue another window appears telling me that "the
document
> > contained no data".
> > In Netscape I get the certificate window if I access https://localhost,
> > https://localhost:pnum or https://127.0.0.1. I do not get that window
if
> I
> > try to access http://localhost:443, http://localhost:pnum or
> > http://127.0.0.1:pnum. If I try to access http://127.0.0.1:pnum I get
an
> > 146 HTTP error (Connection refused), however I only get the "document
> > contained no data" window if I try to access http://localhost:pnum.
> >
> > One bizarre thing to me is that when I have tried to access the server
the
> > URL in the browser always seems to be rewritten... like if I access
> > https://localhost then it is rewritten to http://localhost:443 (this is
> only
> > visible in IExplorer but I have a funny feeling that Netscape is doing
the
> > same thing just without showing it). Any ideas?
> >
> > I really hope someone can help me with this thing... I know there have
> been
> > others who have had this problem and I've been monitoring all SSL
related
> > posts on the mailing lists but haven't seen any solution to their
problem.
> >
> > I'm using Windows 2000 for development and JDK1.3 from Sun.
> >
> > Please help...
> >
> > Kind regards and thanks in advance,
> > Stefan
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
> ------------------------------------------------------------------------
> Name: server.xml
> server.xml Type: BizTalk Schema (text/xml)
> Encoding: quoted-printable
>
> ------------------------------------------------------------------------
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
Posted by Ismael Blesa Part <ib...@tissat.es>.
Stefán Freyr Stefánsson wrote:
> attatching it to this letter.
>
> Don't worry about the additional parameter "clientAuth" that's just
> something we're going to use when the time comes that we can require client
> certificates. Otherwise it looks exactly like the default server.xml...
> only with the SSL partion uncommented and the regular http connector
> commented out.
>
This parameter does not work, I have tried on Tomcat 3.2 B 2 and when connecting
to the https server it does not ask for a client certificate. Has this worked
for you?
I am trying to get access to the digital certificate from my jsp's but I can
not. Do you know how to make it work?
The problem you have is directory listing problem, if you use
https://myhost:8443/index.html it works, but if you do https://myhost:8443/ then
you get the error
>
> regards, Stefan Freyr
>
> -----Original Message-----
> From: Warner Onstine [mailto:warner@warneronstine.com]
> Sent: 8. september 2000 22:44
> To: tomcat-dev@jakarta.apache.org
> Subject: Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
> What does your server.xml file look like?
>
> -warner
>
> ----- Original Message -----
> From: "Stefán Freyr Stefánsson" <st...@decode.is>
> To: <to...@jakarta.apache.org>
> Sent: Friday, September 08, 2000 2:16 AM
> Subject: Tomcat 3.2 SSL - Unrecognized SSL handshake...
>
> > Does anybody know this error?
> >
> > I'm receiving it when trying to access https://localhost:8443 (or just
> > https://localhost when Tomcat is configured to listen to port 443). I'm
> > using Tomcat standalone.
> >
> > I've done everything I was told to do by the server.xml file, and I've
> even
> > looked through the SSLSocketFactory class code and found nothing which may
> > be not working... I've added JSSE to my classpath and I did the keystore
> > thing with the -keyalg RSA flag so I'm a little bit baffled!
> >
> > Here is the output I get from the Tomcat console window when I try to
> access
> > the server:
> > 2000-09-08 08:36:01 - ContextManager: IOException reading request,
> ignored -
> > javax.net.ssl.SSLException: Unrecognized SSL handshake.
> > at
> > com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
> > at
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> > at
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> > at
> > com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
> > at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> > at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> > at
> >
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestAdapter.
> > java:120)
> > at
> >
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServletInpu
> > tStream.java:106)
> > at
> >
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServletInputS
> > tream.java:128)
> > at
> > javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
> > at
> >
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpReques
> > tAdapter.java:134)
> > at
> >
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
> > onnectionHandler.java:192)
> > at
> > org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
> > at
> > org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
> > at java.lang.Thread.run(Thread.java:484)
> >
> > What I get up on the browser depends on a few things. If I call
> > http://localhost:8443 or http://localhost:443 (depending only upon what
> port
> > Tomcat is configured to listen to) I do not get the certificate window up
> on
> > the screen. If, however, I call https://localhost:8443 or
> https://127.0.0.1
> > I get the certificate screen and the certificate is correct... My name,
> > signed by me and so on. NOTE: I do not get the certificate window when
> > trying to access https://localhost. That appears to redirect to
> > http://localhost:443/index.html). This is for MS IExplorer. The only
> thing
> > that appears on the browser window are five little boxes ("�����") (It
> > doesnt matter if I get the certificate window or not... it always ends up
> > like this... five little boxes).
> >
> > In Netscape I get the certificate window and I can view everything when I
> > try to access https://localhost but once I have accepted the certificate a
> > window appears telling me:
> > "Warning! You have requested an insecure document that was originally
> > designated a secure document (the location has been redirected from a
> secure
> > to an insecure document). The document and any information you send back
> > could be observed by a third party while in transit."
> > When I press Continue another window appears telling me that "the document
> > contained no data".
> > In Netscape I get the certificate window if I access https://localhost,
> > https://localhost:pnum or https://127.0.0.1. I do not get that window if
> I
> > try to access http://localhost:443, http://localhost:pnum or
> > http://127.0.0.1:pnum. If I try to access http://127.0.0.1:pnum I get an
> > 146 HTTP error (Connection refused), however I only get the "document
> > contained no data" window if I try to access http://localhost:pnum.
> >
> > One bizarre thing to me is that when I have tried to access the server the
> > URL in the browser always seems to be rewritten... like if I access
> > https://localhost then it is rewritten to http://localhost:443 (this is
> only
> > visible in IExplorer but I have a funny feeling that Netscape is doing the
> > same thing just without showing it). Any ideas?
> >
> > I really hope someone can help me with this thing... I know there have
> been
> > others who have had this problem and I've been monitoring all SSL related
> > posts on the mailing lists but haven't seen any solution to their problem.
> >
> > I'm using Windows 2000 for development and JDK1.3 from Sun.
> >
> > Please help...
> >
> > Kind regards and thanks in advance,
> > Stefan
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
> ------------------------------------------------------------------------
> Name: server.xml
> server.xml Type: BizTalk Schema (text/xml)
> Encoding: quoted-printable
>
> ------------------------------------------------------------------------
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
RE: Tomcat 3.2 SSL - Unrecognized SSL handshake...
Posted by Stefán Freyr Stefánsson <st...@decode.is>.
attatching it to this letter.
Don't worry about the additional parameter "clientAuth" that's just
something we're going to use when the time comes that we can require client
certificates. Otherwise it looks exactly like the default server.xml...
only with the SSL partion uncommented and the regular http connector
commented out.
regards, Stefan Freyr
-----Original Message-----
From: Warner Onstine [mailto:warner@warneronstine.com]
Sent: 8. september 2000 22:44
To: tomcat-dev@jakarta.apache.org
Subject: Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
What does your server.xml file look like?
-warner
----- Original Message -----
From: "Stefán Freyr Stefánsson" <st...@decode.is>
To: <to...@jakarta.apache.org>
Sent: Friday, September 08, 2000 2:16 AM
Subject: Tomcat 3.2 SSL - Unrecognized SSL handshake...
> Does anybody know this error?
>
> I'm receiving it when trying to access https://localhost:8443 (or just
> https://localhost when Tomcat is configured to listen to port 443). I'm
> using Tomcat standalone.
>
> I've done everything I was told to do by the server.xml file, and I've
even
> looked through the SSLSocketFactory class code and found nothing which may
> be not working... I've added JSSE to my classpath and I did the keystore
> thing with the -keyalg RSA flag so I'm a little bit baffled!
>
> Here is the output I get from the Tomcat console window when I try to
access
> the server:
> 2000-09-08 08:36:01 - ContextManager: IOException reading request,
ignored -
> javax.net.ssl.SSLException: Unrecognized SSL handshake.
> at
> com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
>
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestAdapter.
> java:120)
> at
>
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServletInpu
> tStream.java:106)
> at
>
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServletInputS
> tream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
> at
>
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpReques
> tAdapter.java:134)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
> onnectionHandler.java:192)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
> at java.lang.Thread.run(Thread.java:484)
>
> What I get up on the browser depends on a few things. If I call
> http://localhost:8443 or http://localhost:443 (depending only upon what
port
> Tomcat is configured to listen to) I do not get the certificate window up
on
> the screen. If, however, I call https://localhost:8443 or
https://127.0.0.1
> I get the certificate screen and the certificate is correct... My name,
> signed by me and so on. NOTE: I do not get the certificate window when
> trying to access https://localhost. That appears to redirect to
> http://localhost:443/index.html). This is for MS IExplorer. The only
thing
> that appears on the browser window are five little boxes ("�����") (It
> doesnt matter if I get the certificate window or not... it always ends up
> like this... five little boxes).
>
> In Netscape I get the certificate window and I can view everything when I
> try to access https://localhost but once I have accepted the certificate a
> window appears telling me:
> "Warning! You have requested an insecure document that was originally
> designated a secure document (the location has been redirected from a
secure
> to an insecure document). The document and any information you send back
> could be observed by a third party while in transit."
> When I press Continue another window appears telling me that "the document
> contained no data".
> In Netscape I get the certificate window if I access https://localhost,
> https://localhost:pnum or https://127.0.0.1. I do not get that window if
I
> try to access http://localhost:443, http://localhost:pnum or
> http://127.0.0.1:pnum. If I try to access http://127.0.0.1:pnum I get an
> 146 HTTP error (Connection refused), however I only get the "document
> contained no data" window if I try to access http://localhost:pnum.
>
> One bizarre thing to me is that when I have tried to access the server the
> URL in the browser always seems to be rewritten... like if I access
> https://localhost then it is rewritten to http://localhost:443 (this is
only
> visible in IExplorer but I have a funny feeling that Netscape is doing the
> same thing just without showing it). Any ideas?
>
> I really hope someone can help me with this thing... I know there have
been
> others who have had this problem and I've been monitoring all SSL related
> posts on the mailing lists but haven't seen any solution to their problem.
>
> I'm using Windows 2000 for development and JDK1.3 from Sun.
>
> Please help...
>
> Kind regards and thanks in advance,
> Stefan
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: Tomcat 3.2 SSL - Unrecognized SSL handshake...
Posted by Warner Onstine <wa...@warneronstine.com>.
What does your server.xml file look like?
-warner
----- Original Message -----
From: "Stefán Freyr Stefánsson" <st...@decode.is>
To: <to...@jakarta.apache.org>
Sent: Friday, September 08, 2000 2:16 AM
Subject: Tomcat 3.2 SSL - Unrecognized SSL handshake...
> Does anybody know this error?
>
> I'm receiving it when trying to access https://localhost:8443 (or just
> https://localhost when Tomcat is configured to listen to port 443). I'm
> using Tomcat standalone.
>
> I've done everything I was told to do by the server.xml file, and I've
even
> looked through the SSLSocketFactory class code and found nothing which may
> be not working... I've added JSSE to my classpath and I did the keystore
> thing with the -keyalg RSA flag so I'm a little bit baffled!
>
> Here is the output I get from the Tomcat console window when I try to
access
> the server:
> 2000-09-08 08:36:01 - ContextManager: IOException reading request,
ignored -
> javax.net.ssl.SSLException: Unrecognized SSL handshake.
> at
> com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
> at
> com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
>
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestAdapter.
> java:120)
> at
>
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServletInpu
> tStream.java:106)
> at
>
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServletInputS
> tream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
> at
>
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpReques
> tAdapter.java:134)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
> onnectionHandler.java:192)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
> at java.lang.Thread.run(Thread.java:484)
>
> What I get up on the browser depends on a few things. If I call
> http://localhost:8443 or http://localhost:443 (depending only upon what
port
> Tomcat is configured to listen to) I do not get the certificate window up
on
> the screen. If, however, I call https://localhost:8443 or
https://127.0.0.1
> I get the certificate screen and the certificate is correct... My name,
> signed by me and so on. NOTE: I do not get the certificate window when
> trying to access https://localhost. That appears to redirect to
> http://localhost:443/index.html). This is for MS IExplorer. The only
thing
> that appears on the browser window are five little boxes ("�����") (It
> doesnt matter if I get the certificate window or not... it always ends up
> like this... five little boxes).
>
> In Netscape I get the certificate window and I can view everything when I
> try to access https://localhost but once I have accepted the certificate a
> window appears telling me:
> "Warning! You have requested an insecure document that was originally
> designated a secure document (the location has been redirected from a
secure
> to an insecure document). The document and any information you send back
> could be observed by a third party while in transit."
> When I press Continue another window appears telling me that "the document
> contained no data".
> In Netscape I get the certificate window if I access https://localhost,
> https://localhost:pnum or https://127.0.0.1. I do not get that window if
I
> try to access http://localhost:443, http://localhost:pnum or
> http://127.0.0.1:pnum. If I try to access http://127.0.0.1:pnum I get an
> 146 HTTP error (Connection refused), however I only get the "document
> contained no data" window if I try to access http://localhost:pnum.
>
> One bizarre thing to me is that when I have tried to access the server the
> URL in the browser always seems to be rewritten... like if I access
> https://localhost then it is rewritten to http://localhost:443 (this is
only
> visible in IExplorer but I have a funny feeling that Netscape is doing the
> same thing just without showing it). Any ideas?
>
> I really hope someone can help me with this thing... I know there have
been
> others who have had this problem and I've been monitoring all SSL related
> posts on the mailing lists but haven't seen any solution to their problem.
>
> I'm using Windows 2000 for development and JDK1.3 from Sun.
>
> Please help...
>
> Kind regards and thanks in advance,
> Stefan
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
Tomcat 3.2 SSL - Unrecognized SSL handshake...
Posted by Stefán Freyr Stefánsson <st...@decode.is>.
Does anybody know this error?
I'm receiving it when trying to access https://localhost:8443 (or just
https://localhost when Tomcat is configured to listen to port 443). I'm
using Tomcat standalone.
I've done everything I was told to do by the server.xml file, and I've even
looked through the SSLSocketFactory class code and found nothing which may
be not working... I've added JSSE to my classpath and I did the keystore
thing with the -keyalg RSA flag so I'm a little bit baffled!
Here is the output I get from the Tomcat console window when I try to access
the server:
2000-09-08 08:36:01 - ContextManager: IOException reading request, ignored -
javax.net.ssl.SSLException: Unrecognized SSL handshake.
at
com.sun.net.ssl.internal.ssl.InputRecord.read([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppInputStream.read([DashoPro-V1.2-120198])
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestAdapter.
java:120)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServletInpu
tStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServletInputS
tream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(HttpReques
tAdapter.java:134)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
onnectionHandler.java:192)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:403)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
at java.lang.Thread.run(Thread.java:484)
What I get up on the browser depends on a few things. If I call
http://localhost:8443 or http://localhost:443 (depending only upon what port
Tomcat is configured to listen to) I do not get the certificate window up on
the screen. If, however, I call https://localhost:8443 or https://127.0.0.1
I get the certificate screen and the certificate is correct... My name,
signed by me and so on. NOTE: I do not get the certificate window when
trying to access https://localhost. That appears to redirect to
http://localhost:443/index.html). This is for MS IExplorer. The only thing
that appears on the browser window are five little boxes ("�����") (It
doesnt matter if I get the certificate window or not... it always ends up
like this... five little boxes).
In Netscape I get the certificate window and I can view everything when I
try to access https://localhost but once I have accepted the certificate a
window appears telling me:
"Warning! You have requested an insecure document that was originally
designated a secure document (the location has been redirected from a secure
to an insecure document). The document and any information you send back
could be observed by a third party while in transit."
When I press Continue another window appears telling me that "the document
contained no data".
In Netscape I get the certificate window if I access https://localhost,
https://localhost:pnum or https://127.0.0.1. I do not get that window if I
try to access http://localhost:443, http://localhost:pnum or
http://127.0.0.1:pnum. If I try to access http://127.0.0.1:pnum I get an
146 HTTP error (Connection refused), however I only get the "document
contained no data" window if I try to access http://localhost:pnum.
One bizarre thing to me is that when I have tried to access the server the
URL in the browser always seems to be rewritten... like if I access
https://localhost then it is rewritten to http://localhost:443 (this is only
visible in IExplorer but I have a funny feeling that Netscape is doing the
same thing just without showing it). Any ideas?
I really hope someone can help me with this thing... I know there have been
others who have had this problem and I've been monitoring all SSL related
posts on the mailing lists but haven't seen any solution to their problem.
I'm using Windows 2000 for development and JDK1.3 from Sun.
Please help...
Kind regards and thanks in advance,
Stefan
RE: Tomcat 3.2 SSL question
Posted by Gomez Henri <hg...@slib.fr>.
SSL process (crypto) is an cpu tak and many of us have
setup allready apache + ssl (apache-ssl, apache-mod_ssl ...)
There is at least two situations :
1) The server must be authentified by the browser but not the client
2) The server and the client must be authentified (strong) via a client
certificate imported in the browser.
Apache with, at least mod_ssl, do perfectly the job and you could
build a totally OpenSource solution with tools like :
OpenSSL, OpenCA, mod_ssl.
But what we didn't have for now is servlet example code which
show us how to get SSL vars like client Common Name (CN),
organization (O) and so on.
These examples are when using AJP13 connector (thanks to mod_jk)
If someone could provide this kind of example code (and why not
put it in examples, it will be a good starting point to do webapps
which relies on front webserver to the not so basic authentification,
resiliation tasks.
With this, we can also have a slighty faster tomcat system (we
could be sure that Apache will stay faster to handle http/https
for some years).
Also tomcat start up much more quickly (You could make the experiment
with a tomcat using AJP12/AJP13 and http/https connectors
and then removing http/https connectors).
In fine did we want tomcat to be the fastest servlet engine or to
be the UNIVERSAL MULTI-PURPOSE WEB/SERVLET/XXXX ENGINE ?
There is allready the good old Apache for HTTP/HTTPS tasks and
there is hundred of years of developpement behind him. And how many
sites well tuned with it (I think of magic stuff like php3/4, the
evil/angel mod_rewrite (thk Ralf), mod_ssl (Rethk Ralf).
See you.
PS: Who handle mod_jk now, I've got problems with AJP13/mod_jk and
RequestDispatcher .forward and no response for some time now ?
-
Unix is like a 'hogan' -- no Gates, no Windows, and an Apache inside.
Re: Tomcat 3.2 SSL question
Posted by cm...@yahoo.com.
Stefan Freyr Stefansson wrote:
> Thank you for this reply Costin and I'm sorry for the delay of replying to
> it...
>
> The problem is that we don't use Apache + Tomcat. The reason for this is
> that we do not need a high performance http server and Apache would be much
> too big to integrate into our project. Therefore we are using Tomcat.
>
> So I would like to get some info on HOW two way authentication in Tomcat is
> done... can anybody point me in the right direction?
>
I would take a look at SSLSocketFactory, and also service/http/*
( SSLSocketFactory used to be in org.apache.tomcat.net, in the
current code base it's in tomcat.util.net ).
SSLSocketFactory is used with the http adapter to support https.
You may need few changes in the internal APIs to do what you
want ( right now I'm not sure there is any easy way to access the
tcp layer from interceptors ).
One way to start is to change the current code ( for example
the http connector ) to get something working. Then we can
figure out how we can turn your code into an interceptor.
Interceptors are similar with Apache modules, the
extension mechanism ( and building blocks ) of tomcat.
See org.apache.tomcat.request.
Costin
RE: Tomcat 3.2 SSL question
Posted by Stefan Freyr Stefansson <st...@decode.is>.
Ok... now we're getting somewhere... This is something which may be the
thing we need to do.
I am, however, not familiar with what you're talking about when you talk
about the "Interceptor or Valve interfaces / base classes" but I'm guessing
that this may be some class that Tomcat uses for the connections. Any
additional information on this would be very much appreciated. I've gone
through the source files of Tomcat and found no "Interceptor.java" nor
"Valve.java" files... (I also looked at the generated javadoc files). Does
this have anything to do with the socketFactory or Connector/Handler
parameters in the server.xml file in the tomcat "conf" directory? If I
"implement these classes on my own" where would I use them? Will they be
dynamic (like with a conf file where you can select which implementation to
use) or will they replace the previous ones?
If you could either explain to me a little bit more about this or point me
to a place where I could find out more that would be greatly appreciated.
Thanks in advance,
Stefan Freyr
-----Original Message-----
From: Nick Bauman [mailto:nick@cortexity.com]
Sent: 6. september 2000 15:24
To: tomcat-dev@jakarta.apache.org
Subject: RE: Tomcat 3.2 SSL question
Stefan,
It sounds more like what you are describing is a "strong extranet" type of
authentication with client-side as well as server-side certificates are
utilized (aka SSL v.3)
So the question recast might be: "does Tomcat have support for SSL
v.3"? Surely the SSL libraries used with Tomcat does, which means if
tomcat doesn't have "out-of-box" support for it, you could implement it
via the Interceptor or Valve interfaces / base classes yourself. No?
On Wed, 6 Sep 2000, Stefan Freyr Stefansson wrote:
> Thank you for this reply Costin and I'm sorry for the delay of replying to
> it...
>
> The problem is that we don't use Apache + Tomcat. The reason for this is
> that we do not need a high performance http server and Apache would be
much
> too big to integrate into our project. Therefore we are using Tomcat.
>
> So I would like to get some info on HOW two way authentication in Tomcat
is
> done... can anybody point me in the right direction?
>
> Thanks again in advance.
> Stefan
>
> -----Original Message-----
> From: Costin Manolache [mailto:cmanolache@yahoo.com]
> Sent: 30. agust 2000 16:30
> To: tomcat-dev@jakarta.apache.org
> Subject: Re: Tomcat 3.2 SSL question
>
>
> > My first question is the obvious one. When is Tomcat 3.2 final supposed
> to
> > come out?
>
> To quote Jon:
> When it's ready.
>
> Few weeks ago I would have hoped for a faster release, but seeing the
> amount of testing and detailing that's going on I would wait a bit more.
> ( documentations, script improvements, all kind of fixes, etc.). My
feeling
> is that's very close.
>
> > start bugging you guys about it. But... I would like to know if Tomcat
> 3.2
> > SSL (once I get it up and running) supports two way authentication. I
> need
> > the client to be able to verify that he/she is talking to the server
> he/she
> > believes he/she is talking to... (a lot of he/she's in there... anything
> to
> > be politically correct ;o) But I also need to be able to verify that the
> > client is who he/she says he/she is (this is ridiculous). For that I
need
> > two way authentication.
>
> Probably it's he/she/it ( the browser is the client most of the time ).
> I never tested this feature, but I saw few reports that it works.
>
> If you use Tomcat + Apache then you can just use the Apache's
> SSL for mutual authentication ( it should work faster too )
>
> > One other thing is about the licencing. Our plan is to integrate Tomcat
> > into one of our own products. The product is not a commercial product
and
> > very unlikely that anybody could benefit from using this thing except
for
> my
> > company... I would like to know if it is allright to use Tomcat in such
a
> > way? Are there any limitations or fees??? We looked at the licence
file
> > that came with the Tomcat download and the way we understood that was
that
> > we could basically use it any which way we wanted given that we included
> > some things in our manual and didn't change the headers of the source
> files
> > (you know... the thing whith all the copyright thingys and such).
>
> AFAIK you can do anything you want except claim it's yours :-)
> This is a frequent question - maybe we should add something on the
> web page.
>
> Costin
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
RE: Tomcat 3.2 SSL question
Posted by Nick Bauman <ni...@cortexity.com>.
Stefan,
It sounds more like what you are describing is a "strong extranet" type of
authentication with client-side as well as server-side certificates are
utilized (aka SSL v.3)
So the question recast might be: "does Tomcat have support for SSL
v.3"? Surely the SSL libraries used with Tomcat does, which means if
tomcat doesn't have "out-of-box" support for it, you could implement it
via the Interceptor or Valve interfaces / base classes yourself. No?
On Wed, 6 Sep 2000, Stefan Freyr Stefansson wrote:
> Thank you for this reply Costin and I'm sorry for the delay of replying to
> it...
>
> The problem is that we don't use Apache + Tomcat. The reason for this is
> that we do not need a high performance http server and Apache would be much
> too big to integrate into our project. Therefore we are using Tomcat.
>
> So I would like to get some info on HOW two way authentication in Tomcat is
> done... can anybody point me in the right direction?
>
> Thanks again in advance.
> Stefan
>
> -----Original Message-----
> From: Costin Manolache [mailto:cmanolache@yahoo.com]
> Sent: 30. agust 2000 16:30
> To: tomcat-dev@jakarta.apache.org
> Subject: Re: Tomcat 3.2 SSL question
>
>
> > My first question is the obvious one. When is Tomcat 3.2 final supposed
> to
> > come out?
>
> To quote Jon:
> When it's ready.
>
> Few weeks ago I would have hoped for a faster release, but seeing the
> amount of testing and detailing that's going on I would wait a bit more.
> ( documentations, script improvements, all kind of fixes, etc.). My feeling
> is that's very close.
>
> > start bugging you guys about it. But... I would like to know if Tomcat
> 3.2
> > SSL (once I get it up and running) supports two way authentication. I
> need
> > the client to be able to verify that he/she is talking to the server
> he/she
> > believes he/she is talking to... (a lot of he/she's in there... anything
> to
> > be politically correct ;o) But I also need to be able to verify that the
> > client is who he/she says he/she is (this is ridiculous). For that I need
> > two way authentication.
>
> Probably it's he/she/it ( the browser is the client most of the time ).
> I never tested this feature, but I saw few reports that it works.
>
> If you use Tomcat + Apache then you can just use the Apache's
> SSL for mutual authentication ( it should work faster too )
>
> > One other thing is about the licencing. Our plan is to integrate Tomcat
> > into one of our own products. The product is not a commercial product and
> > very unlikely that anybody could benefit from using this thing except for
> my
> > company... I would like to know if it is allright to use Tomcat in such a
> > way? Are there any limitations or fees??? We looked at the licence file
> > that came with the Tomcat download and the way we understood that was that
> > we could basically use it any which way we wanted given that we included
> > some things in our manual and didn't change the headers of the source
> files
> > (you know... the thing whith all the copyright thingys and such).
>
> AFAIK you can do anything you want except claim it's yours :-)
> This is a frequent question - maybe we should add something on the
> web page.
>
> Costin
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
RE: Tomcat 3.2 SSL question
Posted by Stefan Freyr Stefansson <st...@decode.is>.
Thank you for this reply Costin and I'm sorry for the delay of replying to
it...
The problem is that we don't use Apache + Tomcat. The reason for this is
that we do not need a high performance http server and Apache would be much
too big to integrate into our project. Therefore we are using Tomcat.
So I would like to get some info on HOW two way authentication in Tomcat is
done... can anybody point me in the right direction?
Thanks again in advance.
Stefan
-----Original Message-----
From: Costin Manolache [mailto:cmanolache@yahoo.com]
Sent: 30. agust 2000 16:30
To: tomcat-dev@jakarta.apache.org
Subject: Re: Tomcat 3.2 SSL question
> My first question is the obvious one. When is Tomcat 3.2 final supposed
to
> come out?
To quote Jon:
When it's ready.
Few weeks ago I would have hoped for a faster release, but seeing the
amount of testing and detailing that's going on I would wait a bit more.
( documentations, script improvements, all kind of fixes, etc.). My feeling
is that's very close.
> start bugging you guys about it. But... I would like to know if Tomcat
3.2
> SSL (once I get it up and running) supports two way authentication. I
need
> the client to be able to verify that he/she is talking to the server
he/she
> believes he/she is talking to... (a lot of he/she's in there... anything
to
> be politically correct ;o) But I also need to be able to verify that the
> client is who he/she says he/she is (this is ridiculous). For that I need
> two way authentication.
Probably it's he/she/it ( the browser is the client most of the time ).
I never tested this feature, but I saw few reports that it works.
If you use Tomcat + Apache then you can just use the Apache's
SSL for mutual authentication ( it should work faster too )
> One other thing is about the licencing. Our plan is to integrate Tomcat
> into one of our own products. The product is not a commercial product and
> very unlikely that anybody could benefit from using this thing except for
my
> company... I would like to know if it is allright to use Tomcat in such a
> way? Are there any limitations or fees??? We looked at the licence file
> that came with the Tomcat download and the way we understood that was that
> we could basically use it any which way we wanted given that we included
> some things in our manual and didn't change the headers of the source
files
> (you know... the thing whith all the copyright thingys and such).
AFAIK you can do anything you want except claim it's yours :-)
This is a frequent question - maybe we should add something on the
web page.
Costin
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: Tomcat 3.2 SSL question
Posted by Costin Manolache <cm...@yahoo.com>.
> My first question is the obvious one. When is Tomcat 3.2 final supposed to
> come out?
To quote Jon:
When it's ready.
Few weeks ago I would have hoped for a faster release, but seeing the
amount of testing and detailing that's going on I would wait a bit more.
( documentations, script improvements, all kind of fixes, etc.). My feeling
is that's very close.
> start bugging you guys about it. But... I would like to know if Tomcat 3.2
> SSL (once I get it up and running) supports two way authentication. I need
> the client to be able to verify that he/she is talking to the server he/she
> believes he/she is talking to... (a lot of he/she's in there... anything to
> be politically correct ;o) But I also need to be able to verify that the
> client is who he/she says he/she is (this is ridiculous). For that I need
> two way authentication.
Probably it's he/she/it ( the browser is the client most of the time ).
I never tested this feature, but I saw few reports that it works.
If you use Tomcat + Apache then you can just use the Apache's
SSL for mutual authentication ( it should work faster too )
> One other thing is about the licencing. Our plan is to integrate Tomcat
> into one of our own products. The product is not a commercial product and
> very unlikely that anybody could benefit from using this thing except for my
> company... I would like to know if it is allright to use Tomcat in such a
> way? Are there any limitations or fees??? We looked at the licence file
> that came with the Tomcat download and the way we understood that was that
> we could basically use it any which way we wanted given that we included
> some things in our manual and didn't change the headers of the source files
> (you know... the thing whith all the copyright thingys and such).
AFAIK you can do anything you want except claim it's yours :-)
This is a frequent question - maybe we should add something on the
web page.
Costin
Re: Tomcat 3.2 SSL question
Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.
Stefan Freyr Stefansson wrote:
> One other thing is about the licencing. Our plan is to integrate Tomcat
> into one of our own products. The product is not a commercial product and
> very unlikely that anybody could benefit from using this thing except for my
> company... I would like to know if it is allright to use Tomcat in such a
> way? Are there any limitations or fees??? We looked at the licence file
> that came with the Tomcat download and the way we understood that was that
> we could basically use it any which way we wanted given that we included
> some things in our manual and didn't change the headers of the source files
> (you know... the thing whith all the copyright thingys and such).
>
The license describes the sum total of your responsibilities.
No fees. No limitations (other than the ones listed in the license). No
requirement to contribute back changes, although suggested improvements are
*always* welcome.
Please feel free to use Tomcat in your product.
>
> Kindest regards and thanks in advance,
> Stefan.
>
Craig McClanahan
====================
See you at ApacheCon Europe <http://www.apachecon.com>!
Session VS01 (23-Oct 13h00-17h00): Sun Technical Briefing
Session T06 (24-Oct 14h00-15h00): Migrating Apache JServ
Applications to Tomcat
RE: Tomcat 3.2 SSL question
Posted by Todd Bowker <tb...@partnet.com>.
We are also interested in knowing the status of SSL client authentication
using digital certificates(?). We are considering using Tomcat as an xml
server and this is one feature that we are interested in for security
reasons. Any feeback about this issue would be helpful for us also...
thanks
-----Original Message-----
From: Stefan Freyr Stefansson [mailto:stebbi@decode.is]
Sent: Wednesday, August 30, 2000 6:52 AM
To: tomcat-dev@jakarta.apache.org
Subject: Tomcat 3.2 SSL question
Hello.
I've been monitoring the discussion on the Tomcat lists for about 3 weeks
now and I've seen people ask about SSL and the release date on Tomcat 3.2
final for a while but usually those posts receive little or at least vague
answers.
Therefore I would like (hopefully once and for all) to ask a few questions.
I hope I will receive some answers soon and I sincerely hope that these
answers will help others besides myself.
My first question is the obvious one. When is Tomcat 3.2 final supposed to
come out?
The second question I have is about the SSL support in Tomcat 3.2. I've
tried a little bit to get it up and running with little success. That is
without any doubt my fault and I'm going to try a little harder before I
start bugging you guys about it. But... I would like to know if Tomcat 3.2
SSL (once I get it up and running) supports two way authentication. I need
the client to be able to verify that he/she is talking to the server he/she
believes he/she is talking to... (a lot of he/she's in there... anything to
be politically correct ;o) But I also need to be able to verify that the
client is who he/she says he/she is (this is ridiculous). For that I need
two way authentication.
I saw somebody ask about this issue a while back but never saw any answers
to his (I'm pretty sure it was a he! ;o) post. I would really appreciate it
if I could get an answer on these matters.
One other thing is about the licencing. Our plan is to integrate Tomcat
into one of our own products. The product is not a commercial product and
very unlikely that anybody could benefit from using this thing except for my
company... I would like to know if it is allright to use Tomcat in such a
way? Are there any limitations or fees??? We looked at the licence file
that came with the Tomcat download and the way we understood that was that
we could basically use it any which way we wanted given that we included
some things in our manual and didn't change the headers of the source files
(you know... the thing whith all the copyright thingys and such).
Kindest regards and thanks in advance,
Stefan.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org