Posts Tagged 'Java'

GEOZET: Building a dual-mode GIS webapp

Within the GEOZET viewer project a dual mode GIS webapp is being developed by Geonovum as one of the launching products of the PDOK program. Dual mode in this case being on the one hand a rich”, map enabled client/GUI and on the other hand a lean non-javascript, non-css client/GUI for cases like screenreaders.
Bart has written about the OpenLayers based “rich” client in his posts, I’m working on the “core” version, that this post is about. Continue reading ‘GEOZET: Building a dual-mode GIS webapp’

Advertisements

Creating a Java ArcGIS Server Object Extension to access metadata through a mapservice

So with this cool Server Extension technology being possible with ArcGIS server java ed. 9.3.1 and me finally having time to have a play with it I decided on doing something useful; getting at the metadata of the data within a mapservice. Continue reading ‘Creating a Java ArcGIS Server Object Extension to access metadata through a mapservice’

ArcGIS Server java ed. exposes tomcat manager webapp with well know user credentials

This article concerns the ESRI ArcGIS Server java ed. versions 9.3 and 9.3.1 and possibly others.

ArcGIS Server 9.3sp1 and 9.3.1 expose the Tomcat html manager application; this in itself is not a bad thing if the user would be aware of the consequences and if the credentials which would be necessary to obtain access were not public knowledge [KB 37134 , KB 37147].
Neither of these conditions are met, causing a situation where the management of the built-in tomcat servers is open for anyone interested; you cannot get an easier way to launch a DoS attack. Essentially this makes the product unfit for deployment in the enterprise. Continue reading ‘ArcGIS Server java ed. exposes tomcat manager webapp with well know user credentials’


Join 58 other followers

GISpunt logo

GISpunt logo (small)

tweets


%d bloggers like this: