svn commit: r957478 - in /tomcat/trunk: java/org/apache/catalina/filters/ java/org/apache/catalina/manager/ webapps/docs/config/ webapps/manager/ webapps/manager/WEB-INF/ webapps/manager/WEB-INF/jsp/
Author: markt
Date: Thu Jun 24 09:57:02 2010
New Revision: 957478
URL: http://svn.apache.org/viewvc?rev=957478&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49476
CSRF protection was preventing access to session expiration features
Also:
- Switch Manager app to generic CSRF protection
- Add support for multiple nonces to CSRF filter
- Improve 403 page
- Don't open JSP pages in session expiration in a new window - makes CSRF
prevention a real pain
Modified:
tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
tomcat/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
tomcat/trunk/java/org/apache/catalina/manager/LocalStrings.properties
tomcat/trunk/webapps/docs/config/filter.xml
tomcat/trunk/webapps/manager/403.jsp
tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
tomcat/trunk/webapps/manager/WEB-INF/jsp/sessionsList.jsp
tomcat/trunk/webapps/manager/WEB-INF/web.xml
Modified:
tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?rev=957478&r1=957477&r2=957478&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Thu
Jun 24 09:57:02 2010
@@ -19,6 +19,8 @@ package org.apache.catalina.filters;
import java.io.IOException;
import java.util.HashSet;
+import java.util.LinkedHashMap;
+import java.util.Map;
import java.util.Random;
import java.util.Set;
@@ -51,6 +53,8 @@ public class CsrfPreventionFilter extend
private final Random randomSource = new Random();
private final Set entryPoints = new HashSet();
+
+private final int nonceCacheSize = 5;
@Override
protected Log getLogger() {
@@ -98,24 +102,30 @@ public class CsrfPreventionFilter extend
}
}
+@SuppressWarnings("unchecked")
+LruCache nonceCache =
+(LruCache) req.getSession(true).getAttribute(
+Constants.CSRF_NONCE_SESSION_ATTR_NAME);
+
if (!skipNonceCheck) {
String previousNonce =
req.getParameter(Constants.CSRF_NONCE_REQUEST_PARAM);
-String expectedNonce =
-(String) req.getSession(true).getAttribute(
-Constants.CSRF_NONCE_SESSION_ATTR_NAME);
-
-if (expectedNonce != null &&
-!expectedNonce.equals(previousNonce)) {
+
+if (nonceCache != null && !nonceCache.contains(previousNonce))
{
res.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
}
+if (nonceCache == null) {
+nonceCache = new LruCache(nonceCacheSize);
+req.getSession().setAttribute(
+Constants.CSRF_NONCE_SESSION_ATTR_NAME, nonceCache);
+}
+
String newNonce = generateNonce();
-req.getSession(true).setAttribute(
-Constants.CSRF_NONCE_SESSION_ATTR_NAME, newNonce);
+nonceCache.add(newNonce);
wResponse = new CsrfResponseWrapper(res, newNonce);
} else {
@@ -225,4 +235,32 @@ public class CsrfPreventionFilter extend
return (sb.toString());
}
}
+
+private static class LruCache {
+
+// Although the internal implementation uses a Map, this cache
+// implementation is only concerned with the keys.
+private final Map cache;
+
+public LruCache(final int cacheSize) {
+cache = new LinkedHashMap() {
+private static final long serialVersionUID = 1L;
+@Override
+protected boolean removeEldestEntry(Map.Entry eldest) {
+if (size() > cacheSize) {
+return true;
+}
+return false;
+}
+};
+}
+
+public void add(T key) {
+cache.put(key, null);
+}
+
+public boolean contains(T key) {
+return cache.containsKey(key);
+}
+}
}
Modified: tomcat/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java?rev=957478&r1=957477&r2=957478&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java Thu
Jun
DO NOT REPLY [Bug 49476] Cannot expire selected session in Manager webapp
https://issues.apache.org/bugzilla/show_bug.cgi?id=49476 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #1 from Mark Thomas 2010-06-24 05:59:22 EDT --- This has been fixed in trunk and will be included in 7.0.1 onwards. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r957493 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Thu Jun 24 10:25:34 2010 New Revision: 957493 URL: http://svn.apache.org/viewvc?rev=957493&view=rev Log: Must get in the habit of updating the 7.0.x changelog Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=957493&r1=957492&r2=957493&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Thu Jun 24 10:25:34 2010 @@ -102,6 +102,11 @@ 49475: Use new role name for manager application access on the ROOT web application's index page. (markt) + +49476: CSRF protection was preventing access to the session +expiration features. Also switch the manager application to the generic +CSRF protection filter. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 49497] New: Connector.pause() does not pause accepting request over keep-alive connections in Bio connector
https://issues.apache.org/bugzilla/show_bug.cgi?id=49497 Summary: Connector.pause() does not pause accepting request over keep-alive connections in Bio connector Product: Tomcat 6 Version: 6.0.26 Platform: PC OS/Version: Windows XP Status: NEW Severity: normal Priority: P2 Component: Connectors AssignedTo: dev@tomcat.apache.org ReportedBy: knst.koli...@gmail.com When Tomcat performs shutdown, it pauses its connectors, then all web applications, and then stops the connectors. In my understanding, pause() should stop Tomcat from accepting new requests from clients, to give it time to complete requests that are currently being processed. The stop() call will close the sockets, and thus will abort request processing. The problem is that the default (aka Bio) HTTP/1.1 connector of TC 6.0 behaves differently: when endpoint is paused, connector stops to accept new connections, but it still continues to accept new requests over existing keep-alive connections. I think it is not a feature, but a bug. To reproduce: 1. Start Tomcat 2. Open http://localhost:8080/ in Firefox 3. Start jconsole, connect to Tomcat, select MBean for the Connector on port 8080 and invoke its pause() method. 4. Actual behaviour: In Firefox you can still open other pages of the web site, in spite of Connector being paused. This issue does not affect Apr and Nio HTTP/1.1 connectors. In their case an attempt to navigate to another page of the site results in browser waiting for response from Tomcat. To fix it, one has to modify the loop in Http11Processor#process() to check for the current value of endpoint.isPaused(). Caveat/separate issue: when the current Apr/Nio implementations are paused, they stop accepting the requests, but the keep-alive connection is still kept open. Maybe they should close the connection? On second thought, though, it makes a difference only if there is some load balancer in front of several Tomcats. Otherwise closing the connection will be just annoying, because a user will be tempted to immediately repeat the request, but Tomcat instance is still paused and will not be able to process it. Tested with 6.0.27, WinXP, Firefox 3.6.4. This bug report was inspired by the following comment in StandardService.stop(): // FIXME pero -- Why container stop first? KeepAlive connetions can send request! -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r957524 - /tomcat/trunk/java/org/apache/catalina/core/StandardService.java
Author: kkolinko
Date: Thu Jun 24 12:27:35 2010
New Revision: 957524
URL: http://svn.apache.org/viewvc?rev=957524&view=rev
Log:
Remove unneeded classcasts
Modified:
tomcat/trunk/java/org/apache/catalina/core/StandardService.java
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardService.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardService.java?rev=957524&r1=957523&r2=957524&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/StandardService.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardService.java Thu Jun 24
12:27:35 2010
@@ -24,7 +24,6 @@ import java.beans.PropertyChangeSupport;
import javax.management.ObjectName;
import org.apache.catalina.Container;
import org.apache.catalina.Engine;
-import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleState;
import org.apache.catalina.Server;
@@ -229,7 +228,7 @@ public class StandardService extends Lif
if (getState().isAvailable()) {
try {
-((Lifecycle) connector).start();
+connector.start();
} catch (LifecycleException e) {
log.error("Connector.start", e);
}
@@ -293,7 +292,7 @@ public class StandardService extends Lif
return;
if (getState().isAvailable()) {
try {
-((Lifecycle) connectors[j]).stop();
+connectors[j].stop();
} catch (LifecycleException e) {
log.error("Connector.stop", e);
}
@@ -434,7 +433,7 @@ public class StandardService extends Lif
// Start our defined Connectors second
synchronized (connectors) {
for (int i = 0; i < connectors.length; i++) {
-((Lifecycle) connectors[i]).start();
+connectors[i].start();
}
}
}
@@ -481,9 +480,9 @@ public class StandardService extends Lif
for (int i = 0; i < connectors.length; i++) {
// If Service fails to start, connectors may not have been
// started
-if (!LifecycleState.INITIALIZED.equals(
-((Lifecycle) connectors[i]).getState())) {
-((Lifecycle) connectors[i]).stop();
+if (!LifecycleState.INITIALIZED
+.equals(connectors[i].getState())) {
+connectors[i].stop();
}
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r957539 - in /tomcat/trunk: java/org/apache/catalina/manager/host/HostManagerServlet.java java/org/apache/catalina/manager/host/LocalStrings.properties webapps/docs/changelog.xml
Author: markt
Date: Thu Jun 24 13:10:41 2010
New Revision: 957539
URL: http://svn.apache.org/viewvc?rev=957539&view=rev
Log:
Fix the Eclipse warnings and as a result better handle directory creation
failures
Modified:
tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
tomcat/trunk/java/org/apache/catalina/manager/host/LocalStrings.properties
tomcat/trunk/webapps/docs/changelog.xml
Modified:
tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java?rev=957539&r1=957538&r2=957539&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
Thu Jun 24 13:10:41 2010
@@ -102,7 +102,7 @@ public class HostManagerServlet
/**
* The Context container associated with our web application.
*/
-protected Context context = null;
+protected transient Context context = null;
/**
@@ -114,19 +114,19 @@ public class HostManagerServlet
/**
* The associated host.
*/
-protected Host installedHost = null;
+protected transient Host installedHost = null;
/**
* The associated engine.
*/
-protected Engine engine = null;
+protected transient Engine engine = null;
/**
* MBean server.
*/
-protected MBeanServer mBeanServer = null;
+protected transient MBeanServer mBeanServer = null;
/**
@@ -139,7 +139,7 @@ public class HostManagerServlet
/**
* The Wrapper container associated with this servlet.
*/
-protected Wrapper wrapper = null;
+protected transient Wrapper wrapper = null;
// --- ContainerServlet Methods
@@ -372,7 +372,12 @@ public class HostManagerServlet
appBaseFile = file;
}
if (!appBaseFile.exists()) {
-appBaseFile.mkdirs();
+if (!appBaseFile.mkdirs()) {
+writer.println(sm.getString(
+"hostManagerServlet.appBaseCreateFail",
+appBaseFile.toString(), name));
+return;
+}
}
// Create base for config files
@@ -380,6 +385,11 @@ public class HostManagerServlet
// Copy manager.xml if requested
if (manager) {
+if (configBaseFile == null) {
+writer.println(sm.getString(
+"hostManagerServlet.configBaseCreateFail", name));
+return;
+}
InputStream is = null;
OutputStream os = null;
try {
@@ -657,7 +667,11 @@ public class HostManagerServlet
if (installedHost != null) {
configBase = new File(configBase, hostName);
}
-configBase.mkdirs();
+if (!configBase.exists()) {
+if (!configBase.mkdirs()) {
+return null;
+}
+}
return configBase;
}
Modified:
tomcat/trunk/java/org/apache/catalina/manager/host/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/host/LocalStrings.properties?rev=957539&r1=957538&r2=957539&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/manager/host/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/manager/host/LocalStrings.properties
Thu Jun 24 13:10:41 2010
@@ -13,6 +13,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+hostManagerServlet.appBaseCreateFail=FAIL - Failed to create appBase [{0}] for
host [{1}]
+hostManagerServlet.configBaseCreateFail=FAIL - Failed to identify configBase
for host [{0}]
hostManagerServlet.noCommand=FAIL - No command was specified
hostManagerServlet.postCommand=FAIL - Tried to use command {0} via a GET
request but POST is required
hostManagerServlet.unknownCommand=FAIL - Unknown command {0}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=957539&r1=957538&r2=957539&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Jun 24 13:10:41 2010
@@ -107,6 +107,10 @@
expiration features. Also switch the manager application to the generic
CSRF protection filter. (markt)
+
+Better handle failure to create directories required for new hosts in
+the Host Manager application. (markt)
+
--
svn commit: r957675 - /tomcat/trunk/webapps/manager/403.jsp
Author: markt Date: Thu Jun 24 18:43:38 2010 New Revision: 957675 URL: http://svn.apache.org/viewvc?rev=957675&view=rev Log: Typos Modified: tomcat/trunk/webapps/manager/403.jsp Modified: tomcat/trunk/webapps/manager/403.jsp URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/403.jsp?rev=957675&r1=957674&r2=957675&view=diff == --- tomcat/trunk/webapps/manager/403.jsp (original) +++ tomcat/trunk/webapps/manager/403.jsp Thu Jun 24 18:43:38 2010 @@ -36,13 +36,13 @@ You are not authorized to view this page. -If you have already configured the manager application to allow access and -you have used your browsers back button, used a saved bookmark or similar +If you have already configured the Manager application to allow access and +you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the -main manager page. Once you -return to this page you will be able to continue using the manager +main Manager page. Once you +return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r957681 - /tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
Author: markt
Date: Thu Jun 24 18:54:24 2010
New Revision: 957681
URL: http://svn.apache.org/viewvc?rev=957681&view=rev
Log:
Clean-up
Modified:
tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
Modified:
tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java?rev=957681&r1=957680&r2=957681&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/manager/host/HostManagerServlet.java
Thu Jun 24 18:54:24 2010
@@ -567,15 +567,17 @@ public class HostManagerServlet
return;
}
+Container host = engine.findChild(name);
+
// Check if host exists
-if (engine.findChild(name) == null) {
+if (host == null) {
writer.println
(sm.getString("hostManagerServlet.noHost", name));
return;
}
// Prevent starting our own host
-if (engine.findChild(name) == installedHost) {
+if (host == installedHost) {
writer.println
(sm.getString("hostManagerServlet.cannotStartOwnHost", name));
return;
@@ -583,7 +585,7 @@ public class HostManagerServlet
// Start host
try {
-engine.findChild(name).start();
+host.start();
writer.println
(sm.getString("hostManagerServlet.started", name));
} catch (Throwable t) {
@@ -617,15 +619,17 @@ public class HostManagerServlet
return;
}
+Container host = engine.findChild(name);
+
// Check if host exists
-if (engine.findChild(name) == null) {
+if (host == null) {
writer.println
(sm.getString("hostManagerServlet.noHost", name));
return;
}
// Prevent starting our own host
-if (engine.findChild(name) == installedHost) {
+if (host == installedHost) {
writer.println
(sm.getString("hostManagerServlet.cannotStopOwnHost", name));
return;
@@ -633,7 +637,7 @@ public class HostManagerServlet
// Start host
try {
-engine.findChild(name).stop();
+host.stop();
writer.println
(sm.getString("hostManagerServlet.stopped", name));
} catch (Throwable t) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
