svn commit: r464840 - /tomcat/connectors/tags/other/TOMCAT_NATIVE_1_1_6/

2006-10-17 Thread mturk 
Author: mturk
Date: Tue Oct 17 00:01:38 2006
New Revision: 464840

URL: http://svn.apache.org/viewvc?view=rev&rev=464840
Log:
Tag the tomcat native 1.1.6

Added:
tomcat/connectors/tags/other/TOMCAT_NATIVE_1_1_6/
  - copied from r464839, tomcat/connectors/trunk/


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r464761 - in /tomcat/tc6.0.x/trunk: java/org/apache/catalina/core/AprLifecycleListener.java res/tomcat.nsi

2006-10-17 Thread Mladen Turk 

[EMAIL PROTECTED] wrote:

Log:
- At the moment, I prefer version 1.1.3.



Remy,

I have uploaded the 1.1.6 tag that fixes the problems with 1.1.4.
1.1.5 was not made as public, because of few small compile problems.

Also I have changed the source distribution naming, so it follows the
APR name scheme. The source tarball is now:
tomcat-native.loc=${base-tomcat.loc}/tomcat-connectors/native/tomcat-native-1.1.6-src.tar.gz

(Added a -src suffix for .tgz and -win32-src for .zip with DOS line ends)


Regards,
Mladen.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40668] - MailSessionFactory is missing in Tomcat 5.5.20

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40668





--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 01:58 ---
Can it be that a total of 5 files are missing in Tomcat 5.5.20 
naming-factory.jar?
 SendMailFactory
 SendMailFactory$1
 MailSessionFactory
 MailSessionFactory$1
 MailSessionFactory$2


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40774] New: - tomcat-connector 1.2.19 Error in resolving configuration references

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40774

   Summary: tomcat-connector 1.2.19 Error in resolving configuration
references
   Product: Tomcat 5
   Version: Unknown
  Platform: Other
OS/Version: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: Native:JK
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


hi,

apache does not start when configuring more than JK_MAP_RECURSION (20) workers
referencing another worker.
The debug output stops at recursion level 20.
I am using apache 1.3.x and tomcat 4.1.x but this may happen in every
apache/tomcat combination.

I tried the following fix which worked for me: 
Change the following line (recursion) in native/common/jk_map.c:
rc = jk_map_resolve_references(m, m->values[i], 0, ++depth, l);
to 
rc = jk_map_resolve_references(m, m->values[i], 0, depth+1, l);
/* after leaving the recursion the depth level has the same value as when
entering the recursion. */

hopefully in time for 1.2.20

thanks

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r464892 - in /tomcat/tc6.0.x/trunk: build.properties.default res/tomcat.nsi

2006-10-17 Thread remm 
Author: remm
Date: Tue Oct 17 03:22:35 2006
New Revision: 464892

URL: http://svn.apache.org/viewvc?view=rev&rev=464892
Log:
- Update to the new packages.

Modified:
tomcat/tc6.0.x/trunk/build.properties.default
tomcat/tc6.0.x/trunk/res/tomcat.nsi

Modified: tomcat/tc6.0.x/trunk/build.properties.default
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/build.properties.default?view=diff&rev=464892&r1=464891&r2=464892
==
--- tomcat/tc6.0.x/trunk/build.properties.default (original)
+++ tomcat/tc6.0.x/trunk/build.properties.default Tue Oct 17 03:22:35 2006
@@ -34,9 +34,9 @@
 
jdt.loc=http://sunsite.informatik.rwth-aachen.de/eclipse/downloads/drops/R-3.2-200606291905/eclipse-JDT-3.2.zip
 
 # - Tomcat native library -
-tomcat-native.home=${base.path}/tomcat-native-1.1.3
+tomcat-native.home=${base.path}/tomcat-native-1.1.6
 tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
-tomcat-native.loc=${base-tomcat.loc}/tomcat-connectors/native/tomcat-native-1.1.3.tar.gz
+tomcat-native.loc=${base-tomcat.loc}/tomcat-connectors/native/tomcat-native-1.1.6-src.tar.gz
 
 # - Commons DBCP, version 1.1 or later -
 commons-dbcp.version=1.2.1

Modified: tomcat/tc6.0.x/trunk/res/tomcat.nsi
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/res/tomcat.nsi?view=diff&rev=464892&r1=464891&r2=464892
==
--- tomcat/tc6.0.x/trunk/res/tomcat.nsi (original)
+++ tomcat/tc6.0.x/trunk/res/tomcat.nsi Tue Oct 17 03:22:35 2006
@@ -191,11 +191,11 @@
 
   SectionIn 3
 
-  NSISdl::download /TIMEOUT=3 
http://tomcat.heanet.ie/native/1.1.3/binaries/win32/tcnative-1.dll 
$INSTDIR\bin\tcnative-1.dll
+  NSISdl::download /TIMEOUT=3 
http://tomcat.heanet.ie/native/1.1.6/binaries/win32/tcnative-1.dll 
$INSTDIR\bin\tcnative-1.dll
   Pop $0
   StrCmp $0 success success
 SetDetailsView show
-DetailPrint "download failed from 
http://tomcat.heanet.ie/native/1.1.3/binaries/win32/tcnative-1.dll: $0"
+DetailPrint "download failed from 
http://tomcat.heanet.ie/native/1.1.6/binaries/win32/tcnative-1.dll: $0"
   success:
 
   ClearErrors



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r464922 - in /tomcat/connectors/trunk/jk: native/common/jk_map.c xdocs/changelog.xml

2006-10-17 Thread rjung 
Author: rjung
Date: Tue Oct 17 06:23:25 2006
New Revision: 464922

URL: http://svn.apache.org/viewvc?view=rev&rev=464922
Log:
Fixing BZ 40774: Wrong termination detection for feature "reference".

Modified:
tomcat/connectors/trunk/jk/native/common/jk_map.c
tomcat/connectors/trunk/jk/xdocs/changelog.xml

Modified: tomcat/connectors/trunk/jk/native/common/jk_map.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_map.c?view=diff&rev=464922&r1=464921&r2=464922
==
--- tomcat/connectors/trunk/jk/native/common/jk_map.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_map.c Tue Oct 17 06:23:25 2006
@@ -661,7 +661,7 @@
 *(to+remain)   = '.';
 *(to+remain+1) = '\0';
 
-rc = jk_map_resolve_references(m, m->values[i], 0, 
++depth, l);
+rc = jk_map_resolve_references(m, m->values[i], 0, 
depth+1, l);
 if (rc == JK_FALSE) {
 break;
 }

Modified: tomcat/connectors/trunk/jk/xdocs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/changelog.xml?view=diff&rev=464922&r1=464921&r2=464922
==
--- tomcat/connectors/trunk/jk/xdocs/changelog.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/changelog.xml Tue Oct 17 06:23:25 2006
@@ -27,7 +27,11 @@
   
 
   
-  40716: Adding "reference" feature to IIS and Netscape.
+  40774: Fixing wrong recursion termination. This one 
restricted the
+  "reference" feature unintentionally to 20 workers. (rjung)
+  
+  
+  40716: Adding "reference" feature to IIS and Netscape. (rjung)
   
   
   Documentation: Corrected SetEnvIf syntax in JK_WORKER_NAME example. 
(rjung)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40774] - tomcat-connector 1.2.19 Error in resolving configuration references

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40774


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 06:22 ---
Thanks for spotting that and sorry for the silly error.

I hope you like the feature :)

Fixed for 1.2.20.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r464928 - /tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java

2006-10-17 Thread fhanik 
Author: fhanik
Date: Tue Oct 17 07:05:50 2006
New Revision: 464928

URL: http://svn.apache.org/viewvc?view=rev&rev=464928
Log:
Fixed startup exception

Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java?view=diff&rev=464928&r1=464927&r2=464928
==
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java 
(original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java 
Tue Oct 17 07:05:50 2006
@@ -142,12 +142,18 @@
 watcher = new WarWatcher(this, new File(getWatchDir()));
 if (log.isInfoEnabled())
 log.info("Cluster deployment is watching " + getWatchDir()
-+ " for changes.");
+ + " for changes.");
 }
-
+
 // Check to correct engine and host setup
-host = (Host) getCluster().getContainer();
-Engine engine = (Engine) host.getParent();
+Object parent = getCluster().getContainer();
+Engine engine = null;
+if ( parent instanceof Host ) {
+host = (Host) parent;
+engine = (Engine) host.getParent();
+}else {
+engine = (Engine)parent;
+}
 try {
 oname = new ObjectName(engine.getName() + ":type=Deployer,host="
 + host.getName());
@@ -157,8 +163,7 @@
 configBase = new File(System.getProperty("catalina.base"), "conf");
 if (engine != null) {
 configBase = new File(configBase, engine.getName());
-}
-if (host != null) {
+} else if (host != null) {
 configBase = new File(configBase, host.getName());
 }
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40775] New: - Single-sign on session invalidation not working as expected

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40775

   Summary: Single-sign on session invalidation not working as
expected
   Product: Tomcat 5
   Version: 5.5.17
  Platform: All
OS/Version: All
Status: NEW
  Severity: normal
  Priority: P2
 Component: Unknown
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


After enabling the single sign-on valve, I noticed unexpected logout behavior.  
Here are steps to reproduce: 

1. Using form auth, log into webapp1 (by attempting to access a protected 
resource that does not exist)
2. Attempt to access a protected resource in webapp2 is granted (meaning you 
are logged into 2 by logging into 1 as we expect).
3. Invalidating the session from webapp2 does not log you out.


It appears that you are able to sign-on and be authorized by other webapps 
without accessing an existing protected resource but you will not be able to 
logout from those webapps.  I can provide simple sample webapps to demonstrate 
this behavior.  This was discovered in an embedded Tomcat in JBoss and they 
explained the issue as following:

"What you're seeing is due to a subtlety in your test combining with a subtlety 
in how Tomcat SSO invalidation works.

The reason you can invalidate an SSO and not just a single session by calling 
session.invalidate() is because Tomcat provides a reference to the session to 
the SSO valve.  The valve registers as a listener on the session and thus gets 
a callback when you call session.invalidate().  It then uses that callback to 
invalidate the SSO.

The problem is the way Tomcat provides the reference to the session to the SSO 
valve.  This only happens if you access a protected resource.  If you look at 
the steps in your test, you'll notice you never access a protected resource in 
testapp2.  Thus the SSO valve doesn't know about your testapp2 session.  When 
you invalidate the session, the SSO doesn't get invalidated. "

I expect that if you are considered logged into a webapp you should also be 
able to log out from that same web app.  Please let me know your thoughts.

Thanks

Mark

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

SSL Connectors - config proposal

2006-10-17 Thread Filip Hanik - Dev Lists 

gents and ladies,

currently we are doing SSL a little bit differently between APR and the 
Java connectors.

The APR connector requires an attribute sslEngine="On" to kick in.

I believe this attribute to be useful for two reasons:

1.
Config should be as consistent as possible.

2.
If I use a SSL network card, or apache doing SSL etc, I would like to 
trick Tomcat into thinking it is running in SSL

for example:

Apache Port 80 -> mod_proxy(http) -> Tomcat 8080

Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
sslEngine="off"/>


This example here is with Apache, but if you use any kind of SSL 
accelerator, be it a network card or an appliance,
there is a risk of getting stuck in a redirect loop when using 
CONFIDENTIAL

in web.xml

Currently, you have to work around it using Valves or filters, but it 
can get a little messy.


Useful?

Filip




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r464958 - /tomcat/tc6.0.x/trunk/conf/server.xml

2006-10-17 Thread fhanik 
Author: fhanik
Date: Tue Oct 17 09:49:59 2006
New Revision: 464958

URL: http://svn.apache.org/viewvc?view=rev&rev=464958
Log:
Cleaned up server.xml, added in documentation references so that a user can 
navigate from an element in server.xml to the correct location in the online 
documentation.

Modified:
tomcat/tc6.0.x/trunk/conf/server.xml

Modified: tomcat/tc6.0.x/trunk/conf/server.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/server.xml?view=diff&rev=464958&r1=464957&r2=464958
==
--- tomcat/tc6.0.x/trunk/conf/server.xml (original)
+++ tomcat/tc6.0.x/trunk/conf/server.xml Tue Oct 17 09:49:59 2006
@@ -1,95 +1,54 @@
 
-
-
-
-
 
 
-  
+  
   
+  
   
+  
   
   
   
 
-  
+  
   
-
 
 
-
 
+ UserDatabaseRealm to authenticate users
+-->
 
-
+  description="User database that can be updated and saved"
+  factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+  pathname="conf/tomcat-users.xml" />
   
 
   
-
-  
   
 
 
-
-
 
-
-   
-   
 
-
-
 
 
 
-
-
-
 
 
+ on to the appropriate Host (virtual host).
+ Documentation at /docs/config/engine.html -->
 
  
- 
-
 
 
-  
   
 
-
   
+   the request and response data received and sent by Tomcat.
+   Documentation at: /docs/config/valve.html -->
   
 
-  
-
   
-  
-
-  
-
-  
-
-  
-
-  
-
   
-  
+  
 
-
-
-
+
 
 
-
+
 
-
-
-
 
   
-
 
-
   
-
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r464958 - /tomcat/tc6.0.x/trunk/conf/server.xml

2006-10-17 Thread Remy Maucherat 

[EMAIL PROTECTED] wrote:

Author: fhanik
Date: Tue Oct 17 09:49:59 2006
New Revision: 464958

URL: http://svn.apache.org/viewvc?view=rev&rev=464958
Log:
Cleaned up server.xml, added in documentation references so that a user can 
navigate from an element in server.xml to the correct location in the online 
documentation.


Can I take this stuff out too:


It's not quite an example, it's the default config, and it seems usable 
to me right now.


  

Not ported yet.



That does not seem very useful.

directory="logs"
Can I use the FastCommonAccessLogValve as the className there (it's more 
efficient should one test it without thinking) ?


?

I'll also use this config for the Windows installer, of course.

Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r464958 - /tomcat/tc6.0.x/trunk/conf/server.xml

2006-10-17 Thread Filip Hanik - Dev Lists 

knock yourself out :)

Remy Maucherat wrote:

[EMAIL PROTECTED] wrote:

Author: fhanik
Date: Tue Oct 17 09:49:59 2006
New Revision: 464958

URL: http://svn.apache.org/viewvc?view=rev&rev=464958
Log:
Cleaned up server.xml, added in documentation references so that a 
user can navigate from an element in server.xml to the correct 
location in the online documentation.


Can I take this stuff out too:


It's not quite an example, it's the default config, and it seems 
usable to me right now.


   


Not ported yet.



That does not seem very useful.

directory="logs"
Can I use the FastCommonAccessLogValve as the className there (it's 
more efficient should one test it without thinking) ?


?

I'll also use this config for the Windows installer, of course.

Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL Connectors - config proposal

2006-10-17 Thread Remy Maucherat 

Filip Hanik - Dev Lists wrote:

gents and ladies,

currently we are doing SSL a little bit differently between APR and the 
Java connectors.

The APR connector requires an attribute sslEngine="On" to kick in.


Actually, it's anything but "off" to enable SSL. Values other than "on" 
enable hardware acceleration modules.



I believe this attribute to be useful for two reasons:

1.
Config should be as consistent as possible.

2.
If I use a SSL network card, or apache doing SSL etc, I would like to 
trick Tomcat into thinking it is running in SSL

for example:

Apache Port 80 -> mod_proxy(http) -> Tomcat 8080

Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
sslEngine="off"/>


This example here is with Apache, but if you use any kind of SSL 
accelerator, be it a network card or an appliance,
there is a risk of getting stuck in a redirect loop when using 
CONFIDENTIAL

in web.xml

Currently, you have to work around it using Valves or filters, but it 
can get a little messy.


Useful?


Ok. I think it only applies to the protocol implementation, so it 
shouldn't cause any regressions.


Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL Connectors - config proposal

2006-10-17 Thread Jean-frederic Clere 


Filip Hanik - Dev Lists wrote:


gents and ladies,

currently we are doing SSL a little bit differently between APR and 
the Java connectors.

The APR connector requires an attribute sslEngine="On" to kick in.

I believe this attribute to be useful for two reasons:

1.
Config should be as consistent as possible.

2.
If I use a SSL network card, or apache doing SSL etc, I would like to 
trick Tomcat into thinking it is running in SSL

for example:

Apache Port 80 -> mod_proxy(http) -> Tomcat 8080

Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
scheme="https" sslEngine="off"/>


This example here is with Apache, but if you use any kind of SSL 
accelerator, be it a network card or an appliance,
there is a risk of getting stuck in a redirect loop when using 
CONFIDENTIAL

in web.xml

Currently, you have to work around it using Valves or filters, but it 
can get a little messy.


Useful?


What would you propose if we use HTTP/AJP + SSL between Apache httpd and TC?
BTW: In TC 5.x the secure="true" or secure="false" does not behave as in 
the documentation (See PR 40766).


Cheers

Jean-Frederic



Filip




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL Connectors - config proposal

2006-10-17 Thread Filip Hanik - Dev Lists 

Jean-frederic Clere wrote:


Filip Hanik - Dev Lists wrote:


gents and ladies,

currently we are doing SSL a little bit differently between APR and 
the Java connectors.

The APR connector requires an attribute sslEngine="On" to kick in.

I believe this attribute to be useful for two reasons:

1.
Config should be as consistent as possible.

2.
If I use a SSL network card, or apache doing SSL etc, I would like to 
trick Tomcat into thinking it is running in SSL

for example:

Apache Port 80 -> mod_proxy(http) -> Tomcat 8080

Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
scheme="https" sslEngine="off"/>


This example here is with Apache, but if you use any kind of SSL 
accelerator, be it a network card or an appliance,
there is a risk of getting stuck in a redirect loop when using 
CONFIDENTIAL

in web.xml

Currently, you have to work around it using Valves or filters, but it 
can get a little messy.


Useful?


What would you propose if we use HTTP/AJP + SSL between Apache httpd 
and TC?

AJP doesn't support SSL, so its not affected.
BTW: In TC 5.x the secure="true" or secure="false" does not behave as 
in the documentation (See PR 40766).
yes, this is what we are trying to avoid, secure="value" should just 
result in request.getSecure to return value, and so on.

sslEngine="on" actually kicks in the SSL enc/dec

Filip

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465031 - /tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java

2006-10-17 Thread fhanik 
Author: fhanik
Date: Tue Oct 17 13:36:13 2006
New Revision: 465031

URL: http://svn.apache.org/viewvc?view=rev&rev=465031
Log:
Fix NPE on session state transfer

Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java?view=diff&rev=465031&r1=465030&r2=465031
==
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/session/DeltaSession.java 
Tue Oct 17 13:36:13 2006
@@ -698,7 +698,8 @@
 }
 
 protected void setAccessCount(int count) {
-super.accessCount.set(count);
+if ( accessCount == null && ACTIVITY_CHECK ) accessCount = new 
AtomicInteger();
+if ( accessCount != null ) super.accessCount.set(count);
 }
 }
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL Connectors - config proposal

2006-10-17 Thread Jean-frederic Clere 

Filip Hanik - Dev Lists wrote:


Jean-frederic Clere wrote:



Filip Hanik - Dev Lists wrote:


gents and ladies,

currently we are doing SSL a little bit differently between APR and 
the Java connectors.

The APR connector requires an attribute sslEngine="On" to kick in.

I believe this attribute to be useful for two reasons:

1.
Config should be as consistent as possible.

2.
If I use a SSL network card, or apache doing SSL etc, I would like 
to trick Tomcat into thinking it is running in SSL

for example:

Apache Port 80 -> mod_proxy(http) -> Tomcat 8080

Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
scheme="https" sslEngine="off"/>


This example here is with Apache, but if you use any kind of SSL 
accelerator, be it a network card or an appliance,
there is a risk of getting stuck in a redirect loop when using 
CONFIDENTIAL

in web.xml

Currently, you have to work around it using Valves or filters, but 
it can get a little messy.


Useful?



What would you propose if we use HTTP/AJP + SSL between Apache httpd 
and TC?


AJP doesn't support SSL, so its not affected.


Well. That would be protocol="AJP" sslEngine="on"  secure="value" 
scheme="value".


BTW: Apache httpd does not yet support SSL proxy.
ProxyPass /servlets-examplex https://anotherhost:8443/servlets-examples 
is not yet supported.

Or do I miss something?

BTW: In TC 5.x the secure="true" or secure="false" does not behave as 
in the documentation (See PR 40766).


yes, this is what we are trying to avoid, secure="value" should just 
result in request.getSecure to return value, and so on.

sslEngine="on" actually kicks in the SSL enc/dec


+1

Cheers

Jean-Frederic




Filip

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465044 - in /tomcat/tc6.0.x/trunk: build.xml conf/catalina.policy conf/server-minimal.xml conf/server.xml webapps/docs/security-manager-howto.xml

2006-10-17 Thread remm 
Author: remm
Date: Tue Oct 17 13:50:56 2006
New Revision: 465044

URL: http://svn.apache.org/viewvc?view=rev&rev=465044
Log:
- Also copy the policy file.
- server.xml tweaks.
- Remove the minimal server.xml, which isn't that helpful anymore.

Removed:
tomcat/tc6.0.x/trunk/conf/server-minimal.xml
Modified:
tomcat/tc6.0.x/trunk/build.xml
tomcat/tc6.0.x/trunk/conf/catalina.policy
tomcat/tc6.0.x/trunk/conf/server.xml
tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml

Modified: tomcat/tc6.0.x/trunk/build.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/build.xml?view=diff&rev=465044&r1=465043&r2=465044
==
--- tomcat/tc6.0.x/trunk/build.xml (original)
+++ tomcat/tc6.0.x/trunk/build.xml Tue Oct 17 13:50:56 2006
@@ -450,6 +450,7 @@

 
   
+
 
 
   

Modified: tomcat/tc6.0.x/trunk/conf/catalina.policy
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/catalina.policy?view=diff&rev=465044&r1=465043&r2=465044
==
--- tomcat/tc6.0.x/trunk/conf/catalina.policy (original)
+++ tomcat/tc6.0.x/trunk/conf/catalina.policy Tue Oct 17 13:50:56 2006
@@ -40,18 +40,13 @@
 // == CATALINA CODE PERMISSIONS ===
 
 
-// These permissions apply to the launcher code
-grant codeBase "file:${catalina.home}/bin/commons-launcher.jar" {
-permission java.security.AllPermission;
-};
-
-// These permissions apply to the daemon code
+/ These permissions apply to the daemon code
 grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
 permission java.security.AllPermission;
 };
 
-// These permissions apply to the commons-logging API
-grant codeBase "file:${catalina.home}/bin/commons-logging-api.jar" {
+// These permissions apply to the logging API
+grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
 permission java.security.AllPermission;
 };
 
@@ -62,16 +57,12 @@
 
 // These permissions apply to the servlet API classes
 // and those that are shared across all class loaders
-// located in the "common" directory
+// located in the "lib" directory
 grant codeBase "file:${catalina.home}/lib/-" {
 permission java.security.AllPermission;
 };
 
-// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib 
directory
-grant codeBase "file:${catalina.home}/webapps/balancer/-" {
-permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester";
-permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester.*";
-};
+
 // == WEB APPLICATION PERMISSIONS =
 
 

Modified: tomcat/tc6.0.x/trunk/conf/server.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/server.xml?view=diff&rev=465044&r1=465043&r2=465044
==
--- tomcat/tc6.0.x/trunk/conf/server.xml (original)
+++ tomcat/tc6.0.x/trunk/conf/server.xml Tue Oct 17 13:50:56 2006
@@ -1,4 +1,3 @@
-
 
   
   
-  
 
   
   
-
-
 
@@ -44,7 +40,8 @@
  APR (HTTP/AJP) Connector: /docs/apr.html
  Define a non-SSL HTTP/1.1 Connector on port 8080
 -->
-
 
 
 
 
@@ -108,7 +106,7 @@
 
 
 

Modified: tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml?view=diff&rev=465044&r1=465043&r2=465044
==
--- tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/security-manager-howto.xml Tue Oct 17 
13:50:56 2006
@@ -217,12 +217,6 @@
 permission java.security.AllPermission;
 };
 
-// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib 
directory
-grant codeBase "file:${catalina.home}/webapps/balancer/-" {
-permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester";
-permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat.util.digester.*";
-};
-
 
 // == WEB APPLICATION PERMISSIONS =
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SSL Connectors - config proposal

2006-10-17 Thread Filip Hanik - Dev Lists 

Jean-frederic Clere wrote:

Filip Hanik - Dev Lists wrote:


Jean-frederic Clere wrote:



Filip Hanik - Dev Lists wrote:


gents and ladies,

currently we are doing SSL a little bit differently between APR and 
the Java connectors.

The APR connector requires an attribute sslEngine="On" to kick in.

I believe this attribute to be useful for two reasons:

1.
Config should be as consistent as possible.

2.
If I use a SSL network card, or apache doing SSL etc, I would like 
to trick Tomcat into thinking it is running in SSL

for example:

Apache Port 80 -> mod_proxy(http) -> Tomcat 8080

Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
scheme="https" sslEngine="off"/>


This example here is with Apache, but if you use any kind of SSL 
accelerator, be it a network card or an appliance,
there is a risk of getting stuck in a redirect loop when using 
CONFIDENTIAL

in web.xml

Currently, you have to work around it using Valves or filters, but 
it can get a little messy.


Useful?



What would you propose if we use HTTP/AJP + SSL between Apache httpd 
and TC?


AJP doesn't support SSL, so its not affected.


Well. That would be protocol="AJP" sslEngine="on"  secure="value" 
scheme="value".


AJP doesn't support SSL, so I am not sure what the sslEngine attribute 
would do.
and SSL info was passed in AJP package, not sure if that affects 
getSecure or getScheme, but I would assume it does


BTW: Apache httpd does not yet support SSL proxy.
ProxyPass /servlets-examplex 
https://anotherhost:8443/servlets-examples is not yet supported.

Or do I miss something?
this is supported, but this is also what we don't want, we dont want to 
do SSL twice, thats the point of my whole proposal.


BTW: In TC 5.x the secure="true" or secure="false" does not behave 
as in the documentation (See PR 40766).


yes, this is what we are trying to avoid, secure="value" should just 
result in request.getSecure to return value, and so on.

sslEngine="on" actually kicks in the SSL enc/dec


+1

Cheers

Jean-Frederic




Filip

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: SSL Connectors - config proposal

2006-10-17 Thread Bill Barker 
 

> -Original Message-
> From: Jean-frederic Clere [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, October 17, 2006 1:12 PM
> To: Tomcat Developers List
> Subject: Re: SSL Connectors - config proposal
> 
> 
> Filip Hanik - Dev Lists wrote:
> 
> > gents and ladies,
> >
> > currently we are doing SSL a little bit differently between APR and 
> > the Java connectors.
> > The APR connector requires an attribute sslEngine="On" to kick in.
> >
> > I believe this attribute to be useful for two reasons:
> >
> > 1.
> > Config should be as consistent as possible.
> >
> > 2.
> > If I use a SSL network card, or apache doing SSL etc, I 
> would like to 
> > trick Tomcat into thinking it is running in SSL
> > for example:
> >
> > Apache Port 80 -> mod_proxy(http) -> Tomcat 8080
> > 
> > Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
> >  > scheme="https" sslEngine="off"/>
> >
> > This example here is with Apache, but if you use any kind of SSL 
> > accelerator, be it a network card or an appliance,
> > there is a risk of getting stuck in a redirect loop when using 
> > CONFIDENTIAL
> > in web.xml
> >
> > Currently, you have to work around it using Valves or 
> filters, but it 
> > can get a little messy.
> >
> > Useful?
> 
> What would you propose if we use HTTP/AJP + SSL between 
> Apache httpd and TC?
> BTW: In TC 5.x the secure="true" or secure="false" does not 
> behave as in 
> the documentation (See PR 40766).
> 

There are a lot of people that are relying on the current behavior (e.g.
using the same worker for both the HTTP and HTTPS vhost, and using the value
that is passed to TC).  IMHO, it is the documentation that should be fixed,
since the AJP connector has never allowed you to configure secure outside
the AJP protocol (going all the way back to TC 3.x :).

> Cheers
> 
> Jean-Frederic
> 
> >
> > Filip
> >
> >
> >
> >
> > 
> -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 



This message is intended only for the use of the person(s) listed above as the 
intended recipient(s), and may contain information that is PRIVILEGED and 
CONFIDENTIAL.  If you are not an intended recipient, you may not read, copy, or 
distribute this message or any attachment. If you received this communication 
in error, please notify us immediately by e-mail and then delete all copies of 
this message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through 
the Internet is not secure. Do not send confidential or sensitive information, 
such as social security numbers, account numbers, personal identification 
numbers and passwords, to us via ordinary (unencrypted) e-mail.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: SSL Connectors - config proposal

2006-10-17 Thread Bill Barker 
 

> -Original Message-
> From: Jean-frederic Clere [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, October 17, 2006 1:43 PM
> To: Tomcat Developers List
> Subject: Re: SSL Connectors - config proposal
> 
> Filip Hanik - Dev Lists wrote:
> 
> > Jean-frederic Clere wrote:
> >
> >>
> >> Filip Hanik - Dev Lists wrote:
> >>
> >>> gents and ladies,
> >>>
> >>> currently we are doing SSL a little bit differently 
> between APR and 
> >>> the Java connectors.
> >>> The APR connector requires an attribute sslEngine="On" to kick in.
> >>>
> >>> I believe this attribute to be useful for two reasons:
> >>>
> >>> 1.
> >>> Config should be as consistent as possible.
> >>>
> >>> 2.
> >>> If I use a SSL network card, or apache doing SSL etc, I 
> would like 
> >>> to trick Tomcat into thinking it is running in SSL
> >>> for example:
> >>>
> >>> Apache Port 80 -> mod_proxy(http) -> Tomcat 8080
> >>> 
> >>> Apache Port 443 -> mod_proxy(http) -> Tomcat 8081
> >>>  >>> scheme="https" sslEngine="off"/>
> >>>
> >>> This example here is with Apache, but if you use any kind of SSL 
> >>> accelerator, be it a network card or an appliance,
> >>> there is a risk of getting stuck in a redirect loop when using 
> >>> CONFIDENTIAL
> >>> in web.xml
> >>>
> >>> Currently, you have to work around it using Valves or 
> filters, but 
> >>> it can get a little messy.
> >>>
> >>> Useful?
> >>
> >>
> >> What would you propose if we use HTTP/AJP + SSL between 
> Apache httpd 
> >> and TC?
> >
> > AJP doesn't support SSL, so its not affected.
> 
> Well. That would be protocol="AJP" sslEngine="on"  secure="value" 
> scheme="value".
> 
> BTW: Apache httpd does not yet support SSL proxy.
> ProxyPass /servlets-examplex 
> https://anotherhost:8443/servlets-examples 
> is not yet supported.
> Or do I miss something?
> 

I haven't tried in in 2.2.x, but I know it used to work.  Do you have
mod_ssl turned off?

> >> BTW: In TC 5.x the secure="true" or secure="false" does 
> not behave as 
> >> in the documentation (See PR 40766).
> >
> > yes, this is what we are trying to avoid, secure="value" 
> should just 
> > result in request.getSecure to return value, and so on.
> > sslEngine="on" actually kicks in the SSL enc/dec
> 
> +1
> 
> Cheers
> 
> Jean-Frederic
> 
> >
> >
> > Filip
> >
> > 
> -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 



This message is intended only for the use of the person(s) listed above as the 
intended recipient(s), and may contain information that is PRIVILEGED and 
CONFIDENTIAL.  If you are not an intended recipient, you may not read, copy, or 
distribute this message or any attachment. If you received this communication 
in error, please notify us immediately by e-mail and then delete all copies of 
this message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through 
the Internet is not secure. Do not send confidential or sensitive information, 
such as social security numbers, account numbers, personal identification 
numbers and passwords, to us via ordinary (unencrypted) e-mail.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[VOTE] Tomcat 6 release plan

2006-10-17 Thread Remy Maucherat 

Hi,

The release plan is located here:
http://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk/RELEASE-PLAN-6.0.txt


[ ] +1
[ ] +0
[ ] -1


This calls for a first build to be released by friday, and it will use 
the same release process as 5.5.x. At the moment, there's no plan to 
port the admin webapp, but it would certainly be possible to do so 
should volunteers show up.


Any comments ?

Thanks,
Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [VOTE] Tomcat 6 release plan

2006-10-17 Thread Filip Hanik - Dev Lists 





[X] +1
[ ] +0
[ ] -1



Filip

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [VOTE] Tomcat 6 release plan

2006-10-17 Thread Mark Thomas 
> [X] +1

Mark

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40735] - tomcat 5.5.30 build from source failing

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40735


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||WONTFIX




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 18:10 ---
5.0.30 is almost 2 years old so some of the download locations have changed. The
one you want is:
http://switch.dl.sourceforge.net/sourceforge/mx4j/mx4j-1.1.1.tar.gz

I am marking this as WONTFIX given that a new 5.0.x release is very unlikely.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40741] - tomcat-5.5.20 source build fails because the download location for Eclipse JDT has changed

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40741


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|ASSIGNED|RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 18:13 ---
Remy has fixed the JDT issue. The users list is the place for the remaining 
issues.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465118 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/

2006-10-17 Thread markt 
Author: markt
Date: Tue Oct 17 18:29:43 2006
New Revision: 465118

URL: http://svn.apache.org/viewvc?view=rev&rev=465118
Log:
Fix bug 40762. I took the opportunity to remove all redundant code in 
o.a.c.core as identified by Eclipse.

Modified:

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterConfig.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterFactory.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/NamingContextListener.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/StandardContext.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/StandardContextValve.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/StandardHost.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/StandardServer.java

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/StandardWrapperValve.java

Modified: 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java?view=diff&rev=465118&r1=465117&r2=465118
==
--- 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java
 (original)
+++ 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java
 Tue Oct 17 18:29:43 2006
@@ -365,26 +365,6 @@
 /**
  * Use reflection to invoke the requested method. Cache the method object 
  * to speed up the process
- * @param appContext The AppliationContext object on which the method
- *   will be invoked
- * @param methodName The method to call.
- * @param params The arguments passed to the called method.
- */
-private Object doPrivileged(ApplicationContext appContext,
-final String methodName, 
-final Object[] params) {
-try{
-return invokeMethod(appContext, methodName, params );
-} catch (Throwable t){
-throw new RuntimeException(t.getMessage());
-}
-
-}
-
-
-/**
- * Use reflection to invoke the requested method. Cache the method object 
- * to speed up the process
  *   will be invoked
  * @param methodName The method to call.
  * @param params The arguments passed to the called method.

Modified: 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java?view=diff&rev=465118&r1=465117&r2=465118
==
--- 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java
 (original)
+++ 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java
 Tue Oct 17 18:29:43 2006
@@ -518,7 +518,7 @@
 
 // Create a wrapped response to use for this request
 // ServletResponse wresponse = null;
-ServletResponse wresponse = wrapResponse();
+wrapResponse();
 
 // Handle a non-HTTP include
 if (!(request instanceof HttpServletRequest) ||
@@ -623,7 +623,6 @@
 }
 
 // Initialize local variables we may need
-HttpServletRequest hrequest = (HttpServletRequest) request;
 HttpServletResponse hresponse = (HttpServletResponse) response;
 Servlet servlet = null;
 IOException ioException = null;

Modified: 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java?view=diff&rev=465118&r1=465117&r2=465118
==
--- 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java
 (original)
+++ 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java
 Tue Oct 17 18:29:43 2006
@@ -204,8 +204,6 @@
 if( System.getSecurityManager() != null ) {
 final ServletRequest req = request;
 final ServletResponse res = response;
-

DO NOT REPLY [Bug 40762] - liveDeploy local variable is unused in StandardHost

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40762


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 18:29 ---
Fixed in SVN. Thanks for the report.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465126 - /tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java

2006-10-17 Thread markt 
Author: markt
Date: Tue Oct 17 19:26:48 2006
New Revision: 465126

URL: http://svn.apache.org/viewvc?view=rev&rev=465126
Log:
Port fix bug 40771. Correct doRead method so Filters and Valves can read POST 
data. patch provided by Michael Dufel.

Modified:

tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java?view=diff&rev=465126&r1=465125&r2=465126
==
--- 
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
 (original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
 Tue Oct 17 19:26:48 2006
@@ -55,6 +55,9 @@
writeLength = input.getLength();
 }
 
+if(input.getOffset()>= input.getEnd())
+return -1;
+
 input.substract(chunk.getBuffer(), 0, writeLength);
 chunk.setOffset(0);
 chunk.setEnd(writeLength);



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465127 - in /tomcat: connectors/trunk/http11/src/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java container/tc5.5.x/webapps/docs/changelog.xml

2006-10-17 Thread markt 
Author: markt
Date: Tue Oct 17 19:28:56 2006
New Revision: 465127

URL: http://svn.apache.org/viewvc?view=rev&rev=465127
Log:
Fix bug 40771. Correct doRead method so Filters and Valves can read POST data. 
patch provided by Michael Dufel.

Modified:

tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
tomcat/container/tc5.5.x/webapps/docs/changelog.xml

Modified: 
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java?view=diff&rev=465127&r1=465126&r2=465127
==
--- 
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
 (original)
+++ 
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/filters/SavedRequestInputFilter.java
 Tue Oct 17 19:28:56 2006
@@ -55,6 +55,9 @@
writeLength = input.getLength();
 }
 
+if(input.getOffset()>= input.getEnd())
+return -1;
+
 input.substract(chunk.getBuffer(), 0, writeLength);
 chunk.setOffset(0);
 chunk.setEnd(writeLength);

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?view=diff&rev=465127&r1=465126&r2=465127
==
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Tue Oct 17 19:28:56 2006
@@ -55,6 +55,15 @@
   
 

+  
+
+  
+40771: Fix implementation of
+SavedRequestInputFilter.doRead() so POST data may be read using a
+Valve or Filter. Patch provided by Michael Dufel. (markt)
+  
+
+   
   
 
   
@@ -494,7 +503,7 @@
 HttpSession.getId will no longer throw an ISE when the session is 
invalid (remm)
   
   
- ore detailed errors for naming issues (remm)
+ More detailed errors for naming issues (remm)
   
   
 Add documentation for the Transaction element (remm)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40771] - Can't read POST data from within a filter or valve

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40771


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 19:28 ---
Fixed in SVN. Will be included in 5.5.21 onwards.

Many thanks for the patch.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

mod_proxy_ajp vs mod_jk

2006-10-17 Thread fredk2 

Hi,

I have read many postings about this topic, but one mod_proxy_ajp
configuration detail eludes me.

When using mod_jk you can ensure that the apache and tomcat are restricted
to each other with the use of a unique secret word.  In the
workers.properties documentation the directive secret says:

http://tomcat.apache.org/connectors-doc/config/workers.html

secret - If set to AJP Connector secret keyword, only request with this
keyword are successfull responding. Use request.useSecret="true" and
request.secret="secret key word" at your tomcat ajp Connector configuration.  

The question is - how can you set secret in mod_proxy_ajp ?

If this feature is not (yet) implemented, can this be easily added - aka can
we expect this in a later version :) ?

Please let me know if this post should be made on apache-httpd dev forum.

In advance thank you for you replies,
Fred

-- 
View this message in context: 
http://www.nabble.com/mod_proxy_ajp-vs-mod_jk-tf2463710.html#a6868349
Sent from the Tomcat - Dev mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465128 - in /tomcat/container/tc5.5.x: catalina/src/share/org/apache/catalina/valves/JDBCAccessLogValve.java webapps/docs/changelog.xml

2006-10-17 Thread markt 
Author: markt
Date: Tue Oct 17 19:37:42 2006
New Revision: 465128

URL: http://svn.apache.org/viewvc?view=rev&rev=465128
Log:
Fix 40723. Correct javadoc for JDBCAccessLogValve.

Modified:

tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/valves/JDBCAccessLogValve.java
tomcat/container/tc5.5.x/webapps/docs/changelog.xml

Modified: 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/valves/JDBCAccessLogValve.java
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/valves/JDBCAccessLogValve.java?view=diff&rev=465128&r1=465127&r2=465128
==
--- 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/valves/JDBCAccessLogValve.java
 (original)
+++ 
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/valves/JDBCAccessLogValve.java
 Tue Oct 17 19:37:42 2006
@@ -74,7 +74,6 @@
  * 
  * CREATE TABLE access (
  * id INT UNSIGNED AUTO_INCREMENT NOT NULL,
- * ts TIMESTAMP NOT NULL,
  * remoteHost CHAR(15) NOT NULL,
  * userName CHAR(15),
  * timestamp TIMESTAMP NOT NULL,
@@ -86,7 +85,7 @@
  * referer VARCHAR(128),
  * userAgent VARCHAR(128),
  * PRIMARY KEY (id),
- * INDEX (ts),
+ * INDEX (timestamp),
  * INDEX (remoteHost),
  * INDEX (virtualHost),
  * INDEX (query),

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?view=diff&rev=465128&r1=465127&r2=465128
==
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Tue Oct 17 19:37:42 2006
@@ -53,6 +53,10 @@
 40625: Stop CGIServlet swallowing the root cause of an
 exception. Patch provided by Takayoshi Kimura. (markt)
   
+  
+40723: Correct table creation example in JavaDoc for
+JDBCAccessLogValve. (markt)
+  
 

   



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r465129 - /tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/JDBCAccessLogValve.java

2006-10-17 Thread markt 
Author: markt
Date: Tue Oct 17 19:37:58 2006
New Revision: 465129

URL: http://svn.apache.org/viewvc?view=rev&rev=465129
Log:
Port fix 40723. Correct javadoc for JDBCAccessLogValve.

Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/JDBCAccessLogValve.java

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/JDBCAccessLogValve.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/JDBCAccessLogValve.java?view=diff&rev=465129&r1=465128&r2=465129
==
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/JDBCAccessLogValve.java 
(original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/JDBCAccessLogValve.java 
Tue Oct 17 19:37:58 2006
@@ -74,7 +74,6 @@
  * 
  * CREATE TABLE access (
  * id INT UNSIGNED AUTO_INCREMENT NOT NULL,
- * ts TIMESTAMP NOT NULL,
  * remoteHost CHAR(15) NOT NULL,
  * userName CHAR(15),
  * timestamp TIMESTAMP NOT NULL,
@@ -86,7 +85,7 @@
  * referer VARCHAR(128),
  * userAgent VARCHAR(128),
  * PRIMARY KEY (id),
- * INDEX (ts),
+ * INDEX (timestamp),
  * INDEX (remoteHost),
  * INDEX (virtualHost),
  * INDEX (query),



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40723] - Wrong and misleading documentation in JDBCAccessLogValve

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40723


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 19:38 ---
Javadoc corrected in SVN. The change will be in 5.5.21 onwards. Thanks for the
report.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40637] - java.io.IOException: Stream closed / JspWriterImpl.java:203

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40637


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||INVALID




--- Additional Comments From [EMAIL PROTECTED]  2006-10-17 19:45 ---
>From the exceptino and lookingat the Tomcat source, you appear to be closing 
>the
stream in your JSP which makes this a quesiton for the users list. If you are
100% sure you are not closing the stream feel free to re-open this bug and
provide the source for the simplest possible JSP that exhibit this issue.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

ajp connector ssl support

2006-10-17 Thread fredk2 

Hi:

I have a rhetorical question for the developers of mod_jk and mod_proxy_ajp. 
Assuming the tomcat ajp connector was able to accept ssl connections - if
the apache httpd server and tomcat are on separate machines and you needed
to secure the connection with ssl, would you get better performance by
implementing a mod_proxy_ajp or mod_jk with ssl or implementing stunnel?

in advance thank you for your answers...
Fred 
-- 
View this message in context: 
http://www.nabble.com/ajp-connector-ssl-support-tf2463893.html#a6868737
Sent from the Tomcat - Dev mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [VOTE] Tomcat 6 release plan

2006-10-17 Thread Henri Gomez 

+1

2006/10/18, Mark Thomas <[EMAIL PROTECTED]>:

> [X] +1

Mark

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40782] New: - Getting Readonly connection from ds.getConnection

2006-10-17 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40782

   Summary: Getting Readonly connection from  ds.getConnection
   Product: Tomcat 5
   Version: Unknown
  Platform: PC
OS/Version: Windows XP
Status: NEW
  Keywords: APIBug
  Severity: critical
  Priority: P2
 Component: Unknown
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


I am developing a web application using tomcat server.
Database is MySQL.  I use connection pool for databse access.

The problem here is I am taking read only connection at some occassions but 
after closing (releasing) it and if i take another connection is is also read 
only.


Connection readOnlyCon =  DB.getConnection();
readOnlyCon .setReadonly(true)

readOnlyCon.close();


Connection Con =  DB.getConnection();
Here this connection some times returns readOnly connection. Otherwise we need 
to explicitly set this as readOnly(false);


Is this is a problem of Java  or Tomcat ?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]