svn commit: r488992 - /tomcat/connectors/trunk/jk/xdocs/reference/workers.xml

2006-12-20 Thread rjung 
Author: rjung
Date: Wed Dec 20 01:21:23 2006
New Revision: 488992

URL: http://svn.apache.org/viewvc?view=rev&rev=488992
Log:
Fix default values of "retries" in doc.

Modified:
tomcat/connectors/trunk/jk/xdocs/reference/workers.xml

Modified: tomcat/connectors/trunk/jk/xdocs/reference/workers.xml
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/reference/workers.xml?view=diff&rev=488992&r1=488991&r2=488992
==
--- tomcat/connectors/trunk/jk/xdocs/reference/workers.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/reference/workers.xml Wed Dec 20 01:21:23 
2006
@@ -148,7 +148,7 @@
 
 
 
-
+
 The number of retries that the worker will try in case of error returned from 
remote
 Tomcat. If the number of retries set is greater then three (the default 
value), on
 each retry after default an extra wait of 100ms will be inserted.



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: mod_jk, default value of retries is still 3?

2006-12-20 Thread Rainer Jung 
You are right. I fixed it in svn HEAD.
Thanks for spotting that!

Regards,

Rainer

Takayuki Kaneko schrieb:
> Hi,
> 
> I found a mismatch between the document and source code about the
> default value of retries.
> 
> It's my understanding that the default value was changed from 3 to 2 at
> r420266.
> http://svn.apache.org/viewvc?view=rev&revision=420266
> 
> But the latest doument says it is still 3.
> http://tomcat.apache.org/dev/dist/tomcat-connectors/jk/source/jk-1.2.20/docs/reference/workers.html
> 
> 
> Thanks.
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 37956] - Make 'set static fields to null' ClassLoader leak workaround behaviour configurable

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37956





--- Additional Comments From [EMAIL PROTECTED]  2006-12-20 02:09 ---
Created an attachment (id=19291)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=19291&action=view)
Flag for toggling memory leak workaround

This patch for the container subproject adds a new flag to the context
configuration named "nullifyReferences" that toggles the workaround for memory
leaks on redeployment of webapplications, see changelog of the 5.5.13-beta
release. The default is true.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 37956] - Make 'set static fields to null' ClassLoader leak workaround behaviour configurable

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37956


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEEDINFO|RESOLVED
 Resolution||WORKSFORME




--- Additional Comments From [EMAIL PROTECTED]  2006-12-20 02:11 ---
Hi,

thanks for the help. I finally had the time to look into this. I attached a 
patch that adds the flag we needed in the current trunk version. Per default 
the workaround stays enabled. Additionally there was a minor version mismatch 
in the .classpath file.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 37956] - Make 'set static fields to null' ClassLoader leak workaround behaviour configurable

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37956


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|WORKSFORME  |




--- Additional Comments From [EMAIL PROTECTED]  2006-12-20 04:42 ---
Re-opening since the patch has not been committed to SVN.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41217] New: - SingleSignOn Cookie does not honor https access: Login Information Disclosure

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41217

   Summary: SingleSignOn Cookie does not honor https access: Login
Information Disclosure
   Product: Tomcat 5
   Version: 5.5.20
  Platform: All
OS/Version: All
Status: NEW
  Severity: major
  Priority: P2
 Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


When using the SingleSignOn Valve
(org.apache.catalina.authenticator.SingleSignOn) via https the Cookie
JSESSIONIDSSO is transmitted without the "secure" attribute, resulting in it
being transmitted to any content that is - by purpose or error - requested via
http from the same server. 

As the content of the SSO-Cookie is confidential (it will lead to automatically
logged in sessions in other contexts - https or non-https) this should never 
happen.

Sorry to have no patch. I've not installed the complete source distribution in
my development environment, but it seems the points to change are 
org.apache.catalina.authenticator.AuthenticatorBase.register(...), the code of
interest being (from 5.5.30 source distribution)

Cookie cookie = new Cookie(Constants.SINGLE_SIGN_ON_COOKIE, ssoId);
cookie.setMaxAge(-1);
cookie.setPath("/");
hres.addCookie(cookie);

As hres is an org.apache.catalina.HttpRequest, and I've looked through the code
to find org.apache.catalina.Request.setSecure() but no ...isSecure() (though
this is mentioned in the Javadoc for ...setSecure()) I suppose there needs to be
another change to provide isSecure on Request or HttpRequest, but this is
difficult to tell only from the editor.
If isSecure() was there, there'd be a 
cookie.setSecure(hres.isSecure()) 
missing in the statements above...

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41213] - URLs with session ID in them no longer work

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41213





--- Additional Comments From [EMAIL PROTECTED]  2006-12-20 06:40 ---
This works for me. Tested with Tomcat 6.0.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Smooth applications migration in a J2EE cluster [mod_jk]

2006-12-20 Thread Anthony Vromant 

Hi Rainer,

In my test case, i start only with 3 actives workers.
So i think you want me to make a graceful restart of apache in order to 
add the 3 stopped workers ?

Is this that ?
Anyhow, i understand that without changing route, this can be a good 
solution.


But about the invalidated session Valve :

If this Valve invalidates a cookie and redirects users to a login page, 
it is not transparent for the users.


Can we imagine that during an update, if this Valve is activated and 
used, mod_jk detects it (through the response sent by the valve) and 
sends the request to an active worker ?

It would be a kind of transparent fail-over implemented by mod_jk.

Regards,
Anthony

Rainer Jung wrote:

Hi Anthony,

Anthony Vromant schrieb:
  

Here is the explanation about the session validity checking :

This test aims to have users with expired sessions and URL encoded
bookmarks
(or long running browsers with cookies cached) redirected to a node
hosting the new version of the application.
If this test is not done during the update, these users will start a new
session on a
node hosting the old version of application (and so, perhaps just before
the stop of these node).
Do you agree with this ?



Ah OK, yes I agree. You could use a filter (or Valve) to redirect
requests with an invalid session to the login page without URL encoding
and invalidating the cookie. That way you would destroy the invalid
binding to this node.

If we would try to do that with mod_jk directly, mod_jk would need to
have a shadow copy of the session list, something which doesn't sound
right. OK, mod_jk could ask tomcat about the session, but we can also
simply forward and let the node delete the binding.

  

As a first simple workaround one could use two sets of workers and of
target (tomcat) nodes. One set would be stopped, on active at a time.
The two sets use different jvmRoutes. Replication is not done across set
boundaries.

  

When you say "2 sets of workers", you mean using the notion of domains ?



With sets I simply mean sets :) Somehow you configure each worker twice,
but with different names. Domains come into play, to define failover
rules between the workers. Failover should not hapen between the sets.
So each set will belong to one domain. A mod_jk domain is nothing else,
than failover information (try another worker in the same domain first,
before trying any other worker).

  

You upgrade the stopped set, test it via an internal connector/vhost and
then change its activation to active. Also you change the activation of
the formerly active set to disabled. New sessions will go to the updated
set, old sessions will still go to the unchanged set. Invalid sessions
will need to redirect to a start page without session information. After
some (depending on session use time) you stop the disabled set, to
prevent people with URL encoded bookmarks (or long running browsers with
cookies cached) to still reach the old version.

  
  

One of our objective is to use as much as possible mod_jk's capabilities.
So our prototype is based on using of these features :
- disabling a worker
- session rewriting (with a Valve)
- route modification

I've tried to pass the scenario you explain here, and i had a problem :

Here's my mod_jk (1.2.20) configuration :
worker1 : route = domain1.worker1, domain=domain1
worker2 : route = domain1.worker2, domain=domain1
worker3 : route = domain1.worker3, domain=domain1
Sticky session = true

And here's the test :
1/ Session initialization on worker1 : JSESSIONID.domain1.worker1
2/ Stop worker1
3/ Upgrade worker1
4/ Change route/domain of worker1 : route = domain2.worker1, domain=domain2
5/ At the same time : Active worker1 and disable worker 2 and 3
6/ Refresh on JSESSIONID.domain1.worker1
 -> The request still access on worker1

Whereas we want her to be routed to the
old version of application (so workers 2 or 3).
For the requests initialization on worker 2 or 3, it's ok.

Perhaps I missed something.



Active:
worker1a : route = worker1a, domain=domain1
worker2a : route = worker2a, domain=domain1
worker3a : route = worker3a, domain=domain1
Stopped:
worker1b : route = worker1b, domain=domain2
worker2b : route = worker2b, domain=domain2
worker3b : route = worker3b, domain=domain2
Sticky session = true

Then you would follow the above steps.

Regards,

Rainer

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


  



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41213] - URLs with session ID in them no longer work

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41213





--- Additional Comments From [EMAIL PROTECTED]  2006-12-20 08:25 ---
I've created test accounts on the development and live systems:

Username: bug41213
Password: tomcat

Dev: https://bowmore.cs.st-andrews.ac.uk/finesse/
Live: https://finesse.ac.uk/

The development version is running on Tomcat 5.5.20, the live version on 5.5.15
(but we were doing testing on 5.5.17 on the development server, until recently,
and that worked fine). As of now, they're both running exactly the same code.

To test, go to both sites, ensure cookies are disabled, and log in with the
username and password given. The development site should give an error, while
the live version should give you a fairly empty resources page.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41222] New: - request.getParameter() ignoring the characterEncoding of the Request

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41222

   Summary: request.getParameter() ignoring the characterEncoding of
the Request
   Product: Tomcat 5
   Version: 5.0.28
  Platform: PC
OS/Version: Windows Server 2003
Status: NEW
  Severity: critical
  Priority: P1
 Component: Unknown
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: [EMAIL PROTECTED]


1. I have a form which has one input field:





2. I enter some accented character in the input field, José.

3. Submit the form (with method="post")

4. I have a fileter which sets the request characterEndoing to UTF-8, before 
any request parameter is read
   request.setCharacterEncoding("UTF-8");

5. I then call request.getParameter("name"), the value I got is José, instead 
of José.

Seems to me the request.getParameter() call is ignoring the characterEncoding I 
set earlier in the servlet filter.  It's using the default ISO-8859-1 encoding 
instead of UTF-8

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tomcat Connectors Status?

2006-12-20 Thread Fenlason, Josh 
Would anyone be able to tell me what the status is of mod_jk and the
native apr connector?  I know it looked like the vote to approve mod_jk
1.2.20 looked like it was going to pass but I haven't seen an
announcement that it did.  Also, Is the native apr connector 1.1.8
final?  Thanks.
,
Josh.

Re: [VOTE] Releasing Tomcat Connectors 1.2.20

2006-12-20 Thread Rainer Jung 
> Apache Tomcat Connectors 1.2.20 is:
> [X] Stable - no major issues, no regressions
> [ ] Beta - at least one significant issue -- tell us what it is
> [ ] Alpha - multiple significant issues -- tell us what they are

... and now proceeding to the announcement ...

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41222] - request.getParameter() ignoring the characterEncoding of the Request

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41222


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||INVALID




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 41213] - URLs with session ID in them no longer work

2006-12-20 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41213


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||WORKSFORME




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r489233 - in /tomcat/site/trunk: docs/download-connectors.html docs/faq/misc.html docs/faq/printer/misc.html xdocs/download-connectors.xml

2006-12-20 Thread rjung 
Author: rjung
Date: Wed Dec 20 16:27:48 2006
New Revision: 489233

URL: http://svn.apache.org/viewvc?view=rev&rev=489233
Log:
Update tomcat site for JK download 1.2.19 -> 1.2.20.

Modified:
tomcat/site/trunk/docs/download-connectors.html
tomcat/site/trunk/docs/faq/misc.html
tomcat/site/trunk/docs/faq/printer/misc.html
tomcat/site/trunk/xdocs/download-connectors.xml

Modified: tomcat/site/trunk/docs/download-connectors.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-connectors.html?view=diff&rev=489233&r1=489232&r2=489233
==
--- tomcat/site/trunk/docs/download-connectors.html (original)
+++ tomcat/site/trunk/docs/download-connectors.html Wed Dec 20 16:27:48 2006
@@ -3,16 +3,16 @@
 
 
 Apache Tomcat - Tomcat Connectors (mod_jk, mod_jk2) Downloads
-
+
 
-
-
+
+
 
 
 
 
 http://tomcat.apache.org/";>
-
+
 
 
 
@@ -23,28 +23,28 @@
 
 
 http://www.apache.org/";>
-http://www.apache.org/images/asf-logo.gif"; align="right" alt="Apache 
Logo" border="0"/>
+http://www.apache.org/images/asf-logo.gif"; />
 
 
 
 
 
-http://www.google.com/search"; method="get">
-
-
-
+http://www.google.com/search";>
+
+
+
 
 
-
+
 
 
 
-
+
 
 
 
 
-
+
 
 Apache Tomcat
 
@@ -161,11 +161,11 @@
 
 
 
-
-
+
+
 
 
-
+
 
 Tomcat Connectors (mod_jk, mod_jk2) Downloads
 
@@ -184,8 +184,8 @@
 encounter a problem with this mirror, please select another
 mirror.  If all mirrors are failing, there are backup
 mirrors (at the end of the mirrors list) that should be
-available.[if-any logo]
-
+available.[if-any logo]
+
 [end]
 
 
@@ -200,7 +200,7 @@
 [for backup][backup] 
(backup)[end]
   [end]
   
-
+
 
 
 
@@ -224,18 +224,18 @@
 
 
 
-JK
 1.2.19 Source Release tar.gz
+JK
 1.2.20 Source Release tar.gz
 
 
-[http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.19/tomcat-connectors-1.2.19-src.tar.gz.asc";>pgp]
+[http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.20/tomcat-connectors-1.2.20-src.tar.gz.asc";>pgp]
 
 
 
 
-JK
 1.2.19 Source Release zip
+JK
 1.2.20 Source Release zip
 
 
-[http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.19/tomcat-connectors-1.2.19-src.zip.asc";>pgp]
+[http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.20/tomcat-connectors-1.2.20-src.zip.asc";>pgp]
 
 
 
@@ -292,7 +292,7 @@
 
 
 
-
+
 
 
 
@@ -301,14 +301,14 @@
 
 
 
-
+
 
 
 
 
 
 
-
+
 
 Copyright © 1999-2006, The Apache Software Foundation
 

Modified: tomcat/site/trunk/docs/faq/misc.html
URL: 
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/faq/misc.html?view=diff&rev=489233&r1=489232&r2=489233
==
--- tomcat/site/trunk/docs/faq/misc.html (original)
+++ tomcat/site/trunk/docs/faq/misc.html Wed Dec 20 16:27:48 2006
@@ -1,11 +1,11 @@
-Tomcat FAQ - Miscellaneous Questions
+Tomcat FAQ - Miscellaneous Questions