Re: mod_jk / Tomcat 6 and ErrorDocument

[Henri Gomez]

+1 for 1.2.27

2008/9/22 Mladen Turk <[EMAIL PROTECTED]>:
> Rainer Jung wrote:
>>
>>
>> I have some spare time later this week and next weekend and plan to
>> finally do the IIS chunked encoding stuff. If we don't find anything
>> else important we should be able to have a testing tar ball at the end
>> of the month and soon after start the releasing process. We are a couple
>> of months over a regular schedule, but 1.2.26 was not too bad, and some
>> of the new features will be worth the longer waiting time (Mladen's
>> probing thread, per mount reply timeouts, IIS chunked encoding).
>>
>> I don't know if Mladen shares this opinion?
>>
>
> ++1
> Let's roll as soon as those things are done.
> I'll double check the status edits for the new params,
> and as soon you finish chunked encoding we are
> ready to go.
>
> Regards
> --
> ^(TM)
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r697779 - in /tomcat/connectors/trunk/jk: native/common/jk_lb_worker.c native/common/jk_lb_worker.h native/common/jk_shm.h native/common/jk_util.c native/common/jk_util.h xdocs/miscel

[Tim Whittington]

The bizarre thing is it seems to have built without issue on Linux, HP-UX
(two archs) and AIX/Power.
The resulting libs seem to have undefined symbols, but I didn’t test them.

cheers
tim



From: Rainer Jung <[EMAIL PROTECTED]>
Reply-To: Tomcat Developers List 
Date: Tue, 23 Sep 2008 07:20:06 +0200
To: Tomcat Developers List 
Subject: Re: svn commit: r697779 - in /tomcat/connectors/trunk/jk:
native/common/jk_lb_worker.c native/common/jk_lb_worker.h
native/common/jk_shm.h native/common/jk_util.c native/common/jk_util.h
xdocs/miscellaneous/changelog.xml

Also fixed. Thanks again.

Tim Whittington schrieb:
> This is failing to build in VC++ 2005
> 
> In jk_lb_worker.c:
> 
> +strcppy(p->s->session_cookie, p->session_cookie);
> +strcppy(p->s->session_path, p->session_path);
> 
> I can¹t find a strcppy implementation in VC++ 2005, nor can I find
> references to it on Google ­ where is this function defined?
> 
> cheers
> tim
> 
> 
> 
> From: <[EMAIL PROTECTED]>
> Reply-To: Tomcat Developers List 
> Date: Mon, 22 Sep 2008 10:52:16 -
> To: 
> Subject: svn commit: r697779 - in /tomcat/connectors/trunk/jk:
> native/common/jk_lb_worker.c native/common/jk_lb_worker.h
> native/common/jk_shm.h native/common/jk_util.c native/common/jk_util.h
> xdocs/miscellaneous/changelog.xml
> 
> Author: mturk
> Date: Mon Sep 22 03:52:16 2008
> New Revision: 697779
> 
> URL: http://svn.apache.org/viewvc?rev=697779&view=rev
> Log:
> Add session_cookie and session_path directives for load balancer
> 
> Modified:
> tomcat/connectors/trunk/jk/native/common/jk_lb_worker.c
> tomcat/connectors/trunk/jk/native/common/jk_lb_worker.h
> tomcat/connectors/trunk/jk/native/common/jk_shm.h
> tomcat/connectors/trunk/jk/native/common/jk_util.c
> tomcat/connectors/trunk/jk/native/common/jk_util.h
> tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
> 
> Modified: tomcat/connectors/trunk/jk/native/common/jk_lb_worker.c
> URL: 
> http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_lb_
> worker.c?rev=697779&r1=697778&r2=697779&view=diff
> 
> ==
> --- tomcat/connectors/trunk/jk/native/common/jk_lb_worker.c (original)
> +++ tomcat/connectors/trunk/jk/native/common/jk_lb_worker.c Mon Sep 22
> 03:52:16 2008
> @@ -301,6 +301,8 @@
>  p->lblock = p->s->lblock;
>  p->max_packet_size = p->s->max_packet_size;
>  p->sequence = p->s->h.sequence;
> +strncpy(p->session_cookie, p->s->session_cookie, JK_SHM_STR_SIZ);
> +strncpy(p->session_path, p->s->session_path, JK_SHM_STR_SIZ);
>  
>  for (i = 0; i < p->num_of_workers; i++) {
>  lb_sub_worker_t *w = &p->lb_workers[i];
> @@ -348,6 +350,8 @@
>  p->s->lblock = p->lblock;
>  p->s->max_packet_size = p->max_packet_size;
>  p->s->h.sequence = p->sequence;
> +strncpy(p->s->session_cookie, p->session_cookie, JK_SHM_STR_SIZ);
> +strncpy(p->s->session_path, p->session_path, JK_SHM_STR_SIZ);
>  
>  for (i = 0; i < p->num_of_workers; i++) {
>  lb_sub_worker_t *w = &p->lb_workers[i];
> @@ -468,12 +472,12 @@
>  /* Retrieve session id from the cookie or the parameter
>   * (parameter first)
>   */
> -static char *get_sessionid(jk_ws_service_t *s, jk_logger_t *l)
> +static char *get_sessionid(jk_ws_service_t *s, lb_worker_t *p, jk_logger_t
> *l)
>  {
>  char *val;
> -val = get_path_param(s, JK_PATH_SESSION_IDENTIFIER);
> +val = get_path_param(s, p->session_path);
>  if (!val) {
> -val = get_cookie(s, JK_SESSION_IDENTIFIER);
> +val = get_cookie(s, p->session_cookie);
>  }
>  if (val && !*val) {
>  /* TODO: For now only log the empty sessions.
> @@ -1070,7 +1074,7 @@
>  /* Use sessionid only if sticky_session is
>   * defined for this load balancer
>   */
> -sessionid = get_sessionid(s, l);
> +sessionid = get_sessionid(s, p->worker, l);
>  }
>  if (JK_IS_DEBUG_LEVEL(l))
>  jk_log(l, JK_LOG_DEBUG,
> @@ -1605,6 +1609,14 @@
>  
>  p->lbmethod = jk_get_lb_method(props, p->name);
>  p->lblock   = jk_get_lb_lock(props, p->name);
> +strncpy(p->session_cookie,
> +jk_get_lb_session_cookie(props, p->name,
> JK_SESSION_IDENTIFIER),
> +JK_SHM_STR_SIZ);
> +strncpy(p->session_path,
> +jk_get_lb_session_path(props, p->name,
> JK_PATH_SESSION_IDENTIFIER),
> +JK_SHM_STR_SIZ);
> +strcppy(p->s->session_cookie, p->session_cookie);
> +strcppy(p->s->session_path, p->session_path);
>  
>  JK_INIT_CS(&(p->cs), i);
>  if (i == JK_FALSE) {
> 
> Modified: tomcat/connectors/trunk/jk/native/common/jk_lb_worker.h
> URL: 
> http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_lb_
> worker.h?rev=697779&r1=697778&r2=697779&view=diff
> 
> ==
> --- tomcat/connectors/trunk/jk/native/common/jk_l

Re: EL and TCK

[Remy Maucherat]

On Mon, 2008-09-22 at 22:54 +0100, Mark Thomas wrote:
> This is currently being raised with the EG for clarification. I'll let
> people know when I receive a response. It should be ~3 weeks max.

Ok, cool :)

Rémy



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED]: Project jakarta-tomcat (in module jakarta-tomcat) failed

[Stefan Bodewig]

To whom it may engage...

This is an automated request, but not an unsolicited one. For 
more information please visit http://gump.apache.org/nagged.html, 
and/or contact the folk at [EMAIL PROTECTED]

Project jakarta-tomcat has an issue affecting its community integration.
This issue affects 4 projects.
The current state of this project is 'Failed', with reason 'Build Failed'.
For reference only, the following projects are affected by this:
- db-torque :  Persistence Layer
- jakarta-tomcat :  Servlet 2.2 and JSP 1.1 Reference Implementation
- jakarta-tomcat-coyote-tomcat3 :  Connectors to various web servers
- jakarta-turbine-jcs :  Cache


Full details are available at:

http://vmgump.apache.org/gump/public/jakarta-tomcat/jakarta-tomcat/index.html

That said, some information snippets are provided here.

The following annotations (debug/informational/warning/error messages) were 
provided:
 -DEBUG- Output [tomcat-util.jar] identifier set to output basename: 
[tomcat-util]
 -DEBUG- Output [tomcat_core.jar] identifier set to output basename: 
[tomcat_core]
 -DEBUG- Output [tomcat_modules.jar] identifier set to output basename: 
[tomcat_modules]
 -DEBUG- Output [facade22.jar] identifier set to output basename: [facade22]
 -DEBUG- Output [core_util.jar] identifier set to output basename: [core_util]
 -DEBUG- Output [jasper.jar] identifier set to output basename: [jasper]
 -DEBUG- Output [container_util.jar] identifier set to output basename: 
[container_util]
 -DEBUG- Output [tomcat.jar] identifier set to output basename: [tomcat]
 -DEBUG- Dependency on jakarta-servletapi exists, no need to add for property 
servlet22.jar.
 -DEBUG- Dependency on jmx exists, no need to add for property jmxtools.jar.
 -DEBUG- Dependency on ant exists, no need to add for property ant.home.
 -DEBUG- Dependency on jsse exists, no need to add for property jsse.home.
 -INFO- Failed with reason build failed
 -DEBUG- Extracted fallback artifacts from Gump Repository



The following work was performed:
http://vmgump.apache.org/gump/public/jakarta-tomcat/jakarta-tomcat/gump_work/build_jakarta-tomcat_jakarta-tomcat.html
Work Name: build_jakarta-tomcat_jakarta-tomcat (Type: Build)
Work ended in a state of : Failed
Elapsed: 15 secs
Command Line: /usr/lib/jvm/java-1.5.0-sun/bin/java -Djava.awt.headless=true 
-Xbootclasspath/p:/srv/gump/public/workspace/xml-xerces2/build/xercesImpl.jar:/srv/gump/public/workspace/xml-commons/java/external/build/xml-apis.jar:/srv/gump/public/workspace/xml-xalan/build/serializer.jar:/srv/gump/public/workspace/xml-xalan/build/xalan-unbundled.jar
 org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml 
-Dbuild.sysclasspath=only 
-Djakarta-tomcat-connectors=/srv/gump/public/workspace/jakarta-tomcat-connectors
 -Djtc.coyote.home=/srv/gump/public/workspace/jakarta-tomcat-connectors/coyote 
-Djaxp.home=/srv/gump/packages/jaxp-1_3 
-Dcommons-modeler.jar=/srv/gump/public/workspace/apache-commons/modeler/dist/commons-modeler-21092008.jar
 -Djmxtools.jar=/srv/gump/packages/jmx-1_2_1-bin/lib/jmxtools.jar 
-Djmx.jar=/srv/gump/packages/jmx-1_2_1-bin/lib/jmxri.jar 
-Dtomcat-util.jar=/srv/gump/public/workspace/jakarta-tomcat-connectors/util/build/lib/tomcat-util.jar
 -Dant.home=/
 srv/gump/public/workspace/ant/dist 
-Dservlet22.jar=/srv/gump/public/workspace/jakarta-servletapi/dist/lib/servlet.jar
 
-Dcommons-logging.jar=/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-21092008.jar
 
-Djtc.http11.home=/srv/gump/public/workspace/jakarta-tomcat-connectors/http11/build
 -Djsse.home=/srv/gump/packages/jsse1.0.3 main.lite 
[Working Directory: /srv/gump/public/workspace/jakarta-tomcat]
CLASSPATH: 
/usr/lib/jvm/java-1.5.0-sun/lib/tools.jar:/srv/gump/public/workspace/jakarta-tomcat/build/tomcat/classes:/srv/gump/public/workspace/xml-commons/java/external/build/xml-apis-ext.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-trax.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-nodeps.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/packages/junit3.8.1/junit.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/jakarta-servletapi/dist/lib/servlet.jar:/srv/gump/packages/jsse1.0.3/lib/jcert.jar:/srv/gump/packages/jsse1.0.3/lib/jnet.jar:/srv/gump/packages/jsse1.0.3/lib/jsse.jar:/srv/gump/public/workspace/logging-log4j-12/dist/lib/log4j-21092
 
008.jar:/srv/gump/public/workspace/apache-commons/modeler/dist/commons-modeler-21092008.jar:/srv/gump/public/workspace/jakarta-tomcat-connectors/util/build/lib/tomcat-util.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-21092008.jar:/srv/gump/packages/jmx-1_2_1-bin/

svn commit: r698114 - /tomcat/connectors/trunk/jk/xdocs/reference/workers.xml

[markt]

Author: markt
Date: Tue Sep 23 02:49:12 2008
New Revision: 698114

URL: http://svn.apache.org/viewvc?rev=698114&view=rev
Log:
Fix typo.

Modified:
tomcat/connectors/trunk/jk/xdocs/reference/workers.xml

Modified: tomcat/connectors/trunk/jk/xdocs/reference/workers.xml
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/reference/workers.xml?rev=698114&r1=698113&r2=698114&view=diff
==
--- tomcat/connectors/trunk/jk/xdocs/reference/workers.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/reference/workers.xml Tue Sep 23 02:49:12 
2008
@@ -276,7 +276,7 @@
 
 Connections idle for longer than this interval in miliseconds are probed by
 CPING packets whether they still work. The usage depend on the
-ping_mode flags used.
+ping_mode flags used.
 
 This feature has been added in jk 1.2.27.
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r698227 - in /tomcat/trunk/java/org/apache/catalina/realm: CombinedRealm.java RealmBase.java

[markt]

Author: markt
Date: Tue Sep 23 09:35:42 2008
New Revision: 698227

URL: http://svn.apache.org/viewvc?rev=698227&view=rev
Log:
Now containers can have multiple realms, need to make sure we don't get 
duplicate names for the realms in jmx.

Modified:
tomcat/trunk/java/org/apache/catalina/realm/CombinedRealm.java
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java

Modified: tomcat/trunk/java/org/apache/catalina/realm/CombinedRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/CombinedRealm.java?rev=698227&r1=698226&r2=698227&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/CombinedRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/CombinedRealm.java Tue Sep 23 
09:35:42 2008
@@ -23,6 +23,8 @@
 import java.util.LinkedList;
 import java.util.List;
 
+import javax.management.ObjectName;
+
 import org.apache.catalina.Container;
 import org.apache.catalina.Lifecycle;
 import org.apache.catalina.LifecycleException;
@@ -67,6 +69,21 @@
}
 
 
+   /**
+* Return the set of Realms that this Realm is wrapping
+*/
+   public ObjectName[] getRealms() {
+   ObjectName[] result = new ObjectName[realms.size()];
+   for (Realm realm : realms) {
+   if (realm instanceof RealmBase) {
+   result[realms.indexOf(realm)] =
+   ((RealmBase) realm).getObjectName();
+   }
+   }
+   return result;
+   }
+
+
 /**
  * Return the Principal associated with the specified username and
  * credentials, if there is one; otherwise return null.
@@ -180,8 +197,14 @@
  * @param container The associated Container
  */
 public void setContainer(Container container) {
-// Set the container for sub-realms. Mainly so logging works.
 for(Realm realm : realms) {
+// Set the realmPath for JMX naming
+if (realm instanceof RealmBase) {
+((RealmBase) realm).setRealmPath(
+getRealmPath() + "/realm" + realms.indexOf(realm));
+}
+
+// Set the container for sub-realms. Mainly so logging works.
 realm.setContainer(container);
 }
 super.setContainer(container);

Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=698227&r1=698226&r2=698227&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Tue Sep 23 
09:35:42 2008
@@ -1285,6 +1285,7 @@
 protected String domain;
 protected String host;
 protected String path;
+protected String realmPath = "/realm0";
 protected ObjectName oname;
 protected ObjectName controller;
 protected MBeanServer mserver;
@@ -1309,6 +1310,14 @@
 return type;
 }
 
+public String getRealmPath() {
+return realmPath;
+}
+
+public void setRealmPath(String theRealmPath) {
+realmPath = theRealmPath;
+}
+
 public ObjectName preRegister(MBeanServer server,
   ObjectName name) throws Exception {
 oname=name;
@@ -1370,7 +1379,8 @@
 // register
 try {
 ContainerBase cb=(ContainerBase)container;
-oname=new ObjectName(cb.getDomain()+":type=Realm" + 
cb.getContainerSuffix());
+oname=new ObjectName(cb.getDomain()+":type=Realm" +
+getRealmSuffix() + cb.getContainerSuffix());
 Registry.getRegistry(null, null).registerComponent(this, 
oname, null );
 if(log.isDebugEnabled())
 log.debug("Register Realm "+oname);
@@ -1382,6 +1392,11 @@
 }
 
 
+protected String getRealmSuffix() {
+return ",realmPath=" + getRealmPath();
+}
+
+
 protected static class AllRolesMode {
 
 private String name;



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r698229 - in /tomcat/connectors/trunk/jk: native/apache-2.0/mod_jk.c native/common/jk_ajp_common.c native/common/jk_service.h native/common/jk_util.c xdocs/miscellaneous/changelog.xml

[mturk]

Author: mturk
Date: Tue Sep 23 09:37:44 2008
New Revision: 698229

URL: http://svn.apache.org/viewvc?rev=698229&view=rev
Log:
Add use_server_errors extension so server error pages can be displayed instead 
the one generated by Tomcat. Only Apache 2 for the moment

Modified:
tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c
tomcat/connectors/trunk/jk/native/common/jk_service.h
tomcat/connectors/trunk/jk/native/common/jk_util.c
tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml

Modified: tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c?rev=698229&r1=698228&r2=698229&view=diff
==
--- tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c (original)
+++ tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c Tue Sep 23 09:37:44 
2008
@@ -688,6 +688,7 @@
 e = (rule_extension_t *)ap_get_module_config(r->request_config, 
&jk_module);
 if (e) {
 s->extension.reply_timeout = e->reply_timeout;
+s->extension.use_server_error_pages = e->use_server_error_pages;
 if (e->activation) {
 s->extension.activation = apr_palloc(r->pool, e->activation_size * 
sizeof(int));
 memcpy(s->extension.activation, e->activation, e->activation_size 
* sizeof(int));
@@ -2364,7 +2365,10 @@
 end->done(&end, xconf->log);
 if (s.content_read < s.content_length ||
 (s.is_chunked && !s.no_more_chunks)) {
-
+if (JK_IS_DEBUG_LEVEL(xconf->log))
+   jk_log(xconf->log, JK_LOG_DEBUG,
+  "Consuming remaining request data for 
worker=%s",
+  STRNULL_FOR_NULL(worker_name));
 /*
  * If the servlet engine didn't consume all of the
  * request data, consume and discard all further
@@ -2411,6 +2415,15 @@
 jk_close_pool(&private_data.p);
 
 if (rc > 0) {
+if (s.extension.use_server_error_pages &&
+s.http_response_status >= 
s.extension.use_server_error_pages) {
+if (JK_IS_DEBUG_LEVEL(xconf->log))
+jk_log(xconf->log, JK_LOG_DEBUG, "Forwarding status=%d"
+   " for worker=%s",
+   s.http_response_status, worker_name);
+JK_TRACE_EXIT(xconf->log);
+return s.http_response_status;
+}
 /* If tomcat returned no body and the status is not OK,
let apache handle the error code */
 

Modified: tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c?rev=698229&r1=698228&r2=698229&view=diff
==
--- tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c Tue Sep 23 
09:37:44 2008
@@ -1656,17 +1656,24 @@
 JK_TRACE_EXIT(l);
 return JK_STATUS_ERROR;
 }
-r->start_response(r, res.status, res.msg,
-  (const char *const *)res.header_names,
-  (const char *const *)res.header_values,
-  res.num_headers);
-if (r->flush && r->flush_header)
-r->flush(r);
+
+if (r->extension.use_server_error_pages &&
+r->http_response_status >= r->extension.use_server_error_pages)
+r->response_blocked = JK_TRUE;
+
+if (!r->response_blocked) {
+r->start_response(r, res.status, res.msg,
+  (const char *const *)res.header_names,
+  (const char *const *)res.header_values,
+  res.num_headers);
+if (r->flush && r->flush_header)
+r->flush(r);
+}
 }
 return JK_AJP13_SEND_HEADERS;
 
 case JK_AJP13_SEND_BODY_CHUNK:
-{
+if (!r->response_blocked) {
 unsigned int len = (unsigned int)jk_b_get_int(msg);
 /*
  * Do a sanity check on len to prevent write reading beyond buffer
@@ -1762,15 +1769,16 @@
 }
 ae->reuse = JK_TRUE;
 }
-if (r->done) {
-/* Done with response */
-r->done(r);
-}
-else if (r->flush && !r->flush_packets) {
-/* Flush after the last write */
-r->flush(r);
+if (!r->response_blocked) {
+if (r->done) 

svn commit: r698230 - /tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.h

[mturk]

Author: mturk
Date: Tue Sep 23 09:39:27 2008
New Revision: 698230

URL: http://svn.apache.org/viewvc?rev=698230&view=rev
Log:
Missing file for r698229

Modified:
tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.h

Modified: tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.h
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.h?rev=698230&r1=698229&r2=698230&view=diff
==
--- tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.h (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_uri_worker_map.h Tue Sep 23 
09:39:27 2008
@@ -89,6 +89,8 @@
 int *fail_on_status;
 /* Temporary storage for the original extension strings. */
 char *fail_on_status_str;
+/* Use server error pages for responses >= 400. */
+int use_server_error_pages;
 };
 typedef struct rule_extension rule_extension_t;
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r698236 - in /tomcat/trunk: java/org/apache/catalina/realm/ webapps/docs/ webapps/docs/config/

[markt]

Author: markt
Date: Tue Sep 23 09:49:25 2008
New Revision: 698236

URL: http://svn.apache.org/viewvc?rev=698236&view=rev
Log:
Add new LockOut Realm plus docs

Added:
tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java   (with props)
Modified:
tomcat/trunk/java/org/apache/catalina/realm/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/realm/mbeans-descriptors.xml
tomcat/trunk/webapps/docs/config/realm.xml
tomcat/trunk/webapps/docs/realm-howto.xml

Modified: tomcat/trunk/java/org/apache/catalina/realm/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/LocalStrings.properties?rev=698236&r1=698235&r2=698236&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/LocalStrings.properties 
(original)
+++ tomcat/trunk/java/org/apache/catalina/realm/LocalStrings.properties Tue Sep 
23 09:49:25 2008
@@ -92,4 +92,6 @@
 combinedRealm.authStart=Attempting to authenticate user "{0}" with realm "{1}"
 combinedRealm.authFailed=Failed to authenticate user "{0}" with realm "{1}"
 combinedRealm.authSucess=Authenticated user "{0}" with realm "{1}"
-combinedRealm.addRealm=Add "{0}" realm, making a total of "{1}" realms
\ No newline at end of file
+combinedRealm.addRealm=Add "{0}" realm, making a total of "{1}" realms
+lockOutRealm.authLockedUser=An attempt was made to authenticate the locked 
user "{0}"
+lockOutRealm.removeWarning=User "{0}" was removed from the failed users cache 
after {1} seconds to keep the cache size within the limit set
\ No newline at end of file

Added: tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java?rev=698236&view=auto
==
--- tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java (added)
+++ tomcat/trunk/java/org/apache/catalina/realm/LockOutRealm.java Tue Sep 23 
09:49:25 2008
@@ -0,0 +1,415 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.catalina.realm;
+
+import java.security.Principal;
+import java.security.cert.X509Certificate;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import org.apache.catalina.LifecycleException;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+
+/**
+ * This class extends the CombinedRealm (hence it can wrap other Realms) to
+ * provide a user lock out mechanism if there are too many failed
+ * authentication attempts in a given period of time. To ensure correct
+ * operation, there is a reasonable degree of synchronisation in this Realm.
+ * This Realm does not require modification to the underlying Realms or the
+ * associated user storage mecahisms. It achieves this by recording all failed
+ * logins, including those for users that do not exist. To prevent a DOS by
+ * deliberating making requests with invalid users (and hence causing this 
cache
+ * to grow) the size of the list of users that have failed authentication is
+ * limited.
+ */
+public class LockOutRealm extends CombinedRealm {
+
+private static Log log = LogFactory.getLog(LockOutRealm.class);
+
+/**
+ * The number of times in a row a user has to fail authentication to be
+ * locked out. Defaults to 5.
+ */
+protected int failureCount = 5;
+
+/**
+ * The time (in seconds) a user is locked out for after too many
+ * authentication failures. Defaults to 300 (5 minutes). 
+ */
+protected int lockOutTime = 300;
+
+/**
+ * Number of users that have failed authentication to keep in cache. Over
+ * time the cache will grow to this size and may not shrink. Defaults to
+ * 1000.
+ */
+protected int cacheSize = 1000;
+
+/**
+ * If a failed user is removed from the cache because the cache is too big
+ * before it has been in the cache for at least this period of time (in
+ * seconds) a warning message will be logged. Defaults to 3600 (1 hour).
+ */
+protected int cacheRemovalWarning

Re: svn commit: r697779 - in /tomcat/connectors/trunk/jk: native/common/jk_lb_worker.c native/common/jk_lb_worker.h native/common/jk_shm.h native/common/jk_util.c native/common/jk_util.h xdocs/miscel

[William A. Rowe, Jr.]

Tim Whittington wrote:
> The bizarre thing is it seems to have built without issue on Linux, HP-UX
> (two archs) and AIX/Power.

That undefined symbols thing is windows specific, most unix compilers building
a lib or module won't complain, so your observation is perfectly normal.  But
getting this module to load is another story :)


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r698258 - /tomcat/tc6.0.x/trunk/STATUS.txt

[markt]

Author: markt
Date: Tue Sep 23 10:36:57 2008
New Revision: 698258

URL: http://svn.apache.org/viewvc?rev=698258&view=rev
Log:
Propose lockout realm

Modified:
tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=698258&r1=698257&r2=698258&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Sep 23 10:36:57 2008
@@ -233,3 +233,8 @@
   http://svn.apache.org/viewvc?rev=698012&view=rev
   +1: markt
   -1: 
+
+* Add CombinedRealm and LockOutRealm with docs
+  http://people.apache.org/~markt/patches/2008-09-24-lockout-realm.patch
+  +1: markt
+  -1: 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 45869] New: DefaultAnnotationProcessor does not scan class hierarchy for @PostConstruct and @PreDestroy annotations

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45869

   Summary: DefaultAnnotationProcessor does not scan class hierarchy
for @PostConstruct and @PreDestroy annotations
   Product: Tomcat 6
   Version: 6.0.14
  Platform: PC
OS/Version: Windows XP
Status: NEW
  Severity: normal
  Priority: P2
 Component: Jasper
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


DefaultAnnotationProcessor does not scan class hierarchy for @PostConstruct and
@PreDestroy annotations.

The @PostConstruct function is not called for a managed bean when the function
is defined in the base class.

Detail:

In the base class BaseClass I have a function

@PostConstruct
public void BaseClass.init();

My bean class OuterBean is derived from BaseClass, so it inherits this init
function and hopefully the @PostConstruct annotation.

In the old version of JSF, namely 1.2-b20-FCS from April/21/2006, the init()
function was called. But in the new version of JSF, which is JSF 1.2.9 from
July/17/2008, init() is not called.

I wrote a bug against JSF, and they said that I should write a bug against
Tomcat 6, and mention the DefaultAnnotationProcessor.  So this is the bug.

The URL of my JSF bug is

https://javaserverfaces.dev.java.net/issues/show_bug.cgi?id=800


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 45870] New: javax.crypto.IllegalBlockSizeException for update from 5.5.17 to 5.5.27

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45870

   Summary: javax.crypto.IllegalBlockSizeException for update from
5.5.17 to 5.5.27
   Product: Tomcat 5
   Version: 5.5.27
  Platform: PC
OS/Version: Windows XP
Status: NEW
  Severity: normal
  Priority: P3
 Component: Unknown
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when
decrypting with padded cipher


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 45871] New: Support for salted and digested patches in DataSourceRealm

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45871

   Summary: Support for salted and digested patches in
DataSourceRealm
   Product: Tomcat 6
   Version: unspecified
  Platform: PC
OS/Version: All
Status: NEW
  Keywords: PatchAvailable
  Severity: enhancement
  Priority: P2
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Created an attachment (id=22627)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=22627)
Patch for DataSourceRealm (trunk)

Simple hashing of passwords stored in databases is no longer sufficient
security for passwords. The root of the issue is that users are bad at
remembering strong passwords, so they choose weak ones. Weak passwords when
hashed can be reversed using available rainbow tables and cracking software. To
combat this, passwords should be uniquely "salted" before being hashed and
stored in the database. 

The attached patch enhances DataSourceRealm to allow it to authenticate against
a salted digested password. If configured to use salt, the user's salt is
queried from the database and then combined with the user's provided
credentials using a configurable MessageFormat before digesting. Authentication
proceeds otherwise unchanged.

A similar patch could, and arguably should, be applied to JDBCRealm, but based
on some discussion on the list about deprecating JDBCRealm (and because I don't
use JDBCRealm personally), I did not work on JDBCRealm. I would be happy to
port this patch to JDBCRealm if that's desired.

Limitation(s):

This patch does not impact the behavior of the RFC 2069 authentication method
in RealmBase.

If/when this patch is accepted, the documentation for DataSourceRealm will need
to be updated. I'll gladly volunteer to do those updates as well.

http://en.wikipedia.org/wiki/Salt_(cryptography)
http://en.wikipedia.org/wiki/Rainbow_table


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 45870] javax.crypto.IllegalBlockSizeException for update from 5.5.17 to 5.5.27

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45870





--- Comment #1 from ZhaoKaijin <[EMAIL PROTECTED]>  2008-09-23 23:21:44 PST ---
2008-09-24 14:20:58,468 [http-80-Processor23 ERROR UserCookie]:
java.lang.IllegalArgumentException: Missing argument
2008-9-24 14:20:58 com.cmc.passport.servlet.UserCookie getCookies
严重: javax.crypto.IllegalBlockSizeException: Input length must be multiple
of 8 when decrypting with padded cipher
2008-9-24 14:21:09 com.cmc.passport.servlet.UserCookie getCookies


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]