문서의 선택한 두 판 사이의 차이를 보여줍니다.
양쪽 이전 판 이전 판 다음 판 | 이전 판 | ||
java:tomcat [2013/03/20 10:00] kwon37xi [Tomcat] |
java:tomcat [2019/06/19 13:26] kwon37xi [주요 Valve] |
||
---|---|---|---|
줄 7: | 줄 7: | ||
* [[http:// | * [[http:// | ||
* [[http:// | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
===== 다중 도메인 Session ===== | ===== 다중 도메인 Session ===== | ||
줄 36: | 줄 43: | ||
===== Session Clustering ===== | ===== Session Clustering ===== | ||
* [[http:// | * [[http:// | ||
+ | |||
+ | ===== Tomcat 6.0.10 이상부터 / \ 이상 동작 ===== | ||
+ | * http:// | ||
+ | Important: Directory traversal CVE-2007-0450 | ||
+ | |||
+ | Tomcat permits ' | ||
+ | | ||
+ | and access the non-proxied contexts. | ||
+ | |||
+ | The following Java system properties have been added to Tomcat to provide additional control of the handling of path delimiters in URLs (both options default to false): | ||
+ | |||
+ | org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH: | ||
+ | org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH: | ||
+ | |||
+ | Due to the impossibility to guarantee that all URLs are handled by Tomcat as they are in proxy servers, | ||
+ | Tomcat should always be secured as if no proxy restricting context access was used. | ||
+ | </ | ||
+ | |||
+ | |||
+ | ===== UTF-8 Charset/ | ||
+ | * [[http:// | ||
+ | |||
+ | * '' | ||
+ | * Spring 사용시 '' | ||
+ | ===== Tomcat 7.0.54 ClassLoader memory leak ===== | ||
+ | * [[https:// | ||
+ | * Tomcat 7.0.54 버전의 클래스로더가 일부 jar 를 로딩하는동안 Annotation 분석하다가 '' | ||
+ | SEVERE: Unable to process Jar entry [com/ | ||
+ | java.io.EOFException | ||
+ | </ | ||
+ | * 특히 MyBatis 3.4.0 버전에서 발생하였으며, | ||
+ | |||
+ | ===== RemoteIPValve ===== | ||
+ | * [[https:// | ||
+ | * '' | ||
+ | <Valve className=" | ||
+ | | ||
+ | | ||
+ | | ||
+ | </ | ||
+ | * nginx < | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | </ | ||
+ | * [[springframework: | ||
+ | server.tomcat.remote_ip_header=x-forwarded-for | ||
+ | </ | ||
+ | * [[springframework: | ||
+ | server.tomcat.protocol_header=x-forwarded-proto | ||
+ | </ | ||
+ | ===== Realm ===== | ||
+ | * [[https:// | ||
+ | |||
+ | ===== Slf4j & Logback ===== | ||
+ | * [[https:// | ||
+ |