문서의 선택한 두 판 사이의 차이를 보여줍니다.
양쪽 이전 판 이전 판 다음 판 | 이전 판 | ||
java:tomcat [2013/05/28 17:42] kwon37xi |
java:tomcat [2019/06/19 13:26] (현재) kwon37xi [주요 Valve] |
||
---|---|---|---|
줄 7: | 줄 7: | ||
* [[http:// | * [[http:// | ||
* [[http:// | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
===== 다중 도메인 Session ===== | ===== 다중 도메인 Session ===== | ||
줄 39: | 줄 46: | ||
===== Tomcat 6.0.10 이상부터 / \ 이상 동작 ===== | ===== Tomcat 6.0.10 이상부터 / \ 이상 동작 ===== | ||
* http:// | * http:// | ||
- | Important: Directory traversal CVE-2007-0450 | + | Important: Directory traversal CVE-2007-0450 |
- | Tomcat permits ' | + | Tomcat permits ' |
+ | configured to only proxy some contexts, a HTTP request containing strings like "/ | ||
+ | and access the non-proxied contexts. | ||
The following Java system properties have been added to Tomcat to provide additional control of the handling of path delimiters in URLs (both options default to false): | The following Java system properties have been added to Tomcat to provide additional control of the handling of path delimiters in URLs (both options default to false): | ||
줄 48: | 줄 57: | ||
org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH: | org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH: | ||
- | Due to the impossibility to guarantee that all URLs are handled by Tomcat as they are in proxy servers, Tomcat should always be secured as if no proxy restricting context access was used. | + | Due to the impossibility to guarantee that all URLs are handled by Tomcat as they are in proxy servers, |
+ | Tomcat should always be secured as if no proxy restricting context access was used. | ||
</ | </ | ||
+ | |||
+ | |||
+ | ===== UTF-8 Charset/ | ||
+ | * [[http:// | ||
+ | |||
+ | * '' | ||
+ | * Spring 사용시 '' | ||
+ | ===== Tomcat 7.0.54 ClassLoader memory leak ===== | ||
+ | * [[https:// | ||
+ | * Tomcat 7.0.54 버전의 클래스로더가 일부 jar 를 로딩하는동안 Annotation 분석하다가 '' | ||
+ | SEVERE: Unable to process Jar entry [com/ | ||
+ | java.io.EOFException | ||
+ | </ | ||
+ | * 특히 MyBatis 3.4.0 버전에서 발생하였으며, | ||
+ | |||
+ | ===== RemoteIPValve ===== | ||
+ | * [[https:// | ||
+ | * '' | ||
+ | <Valve className=" | ||
+ | | ||
+ | | ||
+ | | ||
+ | </ | ||
+ | * nginx < | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | </ | ||
+ | * [[springframework: | ||
+ | server.tomcat.remote_ip_header=x-forwarded-for | ||
+ | </ | ||
+ | * [[springframework: | ||
+ | server.tomcat.protocol_header=x-forwarded-proto | ||
+ | </ | ||
+ | ===== Realm ===== | ||
+ | * [[https:// | ||
+ | |||
+ | ===== Slf4j & Logback ===== | ||
+ | * [[https:// | ||