Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 396287A88 for ; Fri, 23 Dec 2011 21:22:17 +0000 (UTC) Received: (qmail 7707 invoked by uid 500); 23 Dec 2011 21:22:13 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 7654 invoked by uid 500); 23 Dec 2011 21:22:13 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 7645 invoked by uid 99); 23 Dec 2011 21:22:13 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Dec 2011 21:22:13 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of ganesh.dhaksh@gmail.com designates 209.85.212.45 as permitted sender) Received: from [209.85.212.45] (HELO mail-vw0-f45.google.com) (209.85.212.45) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Dec 2011 21:22:06 +0000 Received: by vbip1 with SMTP id p1so3071149vbi.18 for ; Fri, 23 Dec 2011 13:21:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=2ZzyGl0oG3B7NILrUR/AiIvmqP5xP51ymwIMjNMck9E=; b=vqnZabPdhUEYxhF0SY63dy6d8FwT6D73VCvvA3MAn/X3wxqJfqpaxXMYlL975q7MgH gkcOc6y4iU6ij6StkwcRyuwCXYKmrCuNwfSpvo1OoD/e5WPqe8whfu+6znIEspHFpt0b hLp8eSDOQXjzh6NW7fOIs6UZ9il6jKMjRtqeI= Received: by 10.52.65.129 with SMTP id x1mr9167320vds.11.1324675305209; Fri, 23 Dec 2011 13:21:45 -0800 (PST) MIME-Version: 1.0 Received: by 10.220.232.9 with HTTP; Fri, 23 Dec 2011 13:21:24 -0800 (PST) In-Reply-To: <4EF4E4F4.8010301@apache.org> References: <4EF4E4F4.8010301@apache.org> From: Ganesh Dhakshinamurthy Date: Fri, 23 Dec 2011 16:21:24 -0500 Message-ID: Subject: Re: Tomcat CsrfPreventionFilter - LRU Cache To: Tomcat Users List Content-Type: multipart/alternative; boundary=bcaec5016555027ea104b4c901e1 X-Virus-Checked: Checked by ClamAV on apache.org --bcaec5016555027ea104b4c901e1 Content-Type: text/plain; charset=ISO-8859-1 Hello Mark Thanks for the info. - Ganesh On Fri, Dec 23, 2011 at 3:30 PM, Mark Thomas wrote: > On 23/12/2011 19:45, Ganesh Dhakshinamurthy wrote: > >> > >> Hi > >> I recently came across an issue reported regarding the LRU > >> cache implementation in CsrfPreventionFilter. It was reported that FIFO > was > >> implemented instead of LRU. We are facing an issue in our application > due > >> this, [Nonce tokens getting rejected]. I searched in the bugs database > to > >> check if this was reported, but couldn't find any. Can somebody please > let > >> me know if this is a known issue and something is on the works to fix > it? > > The last time it came up, no conclusion was reached as to which is the > best approach: LRU or FIFO. There are arguments for both which probably > means it really needs to be configurable. > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > > --bcaec5016555027ea104b4c901e1--