[jira] [Created] (MTOMCAT-282) Support for version of deployed web application
Andrey Utkin created MTOMCAT-282: Summary: Support for version of deployed web application Key: MTOMCAT-282 URL: https://issues.apache.org/jira/browse/MTOMCAT-282 Project: Apache Tomcat Maven Plugin Issue Type: New Feature Components: tomcat6, tomcat7 Reporter: Andrey Utkin Assignee: Olivier Lamy (*$^¨%`£) Fix For: 2.3 Add support for web application version for deply-* targets. See http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Naming -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Updated] (MTOMCAT-282) Support for version of deployed web application
[ https://issues.apache.org/jira/browse/MTOMCAT-282?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrey Utkin updated MTOMCAT-282: - Attachment: tomcat-maven-plugin-trunk_version_support.patch Please see attached patch tomcat-maven-plugin-trunk_version_support.patch > Support for version of deployed web application > --- > > Key: MTOMCAT-282 > URL: https://issues.apache.org/jira/browse/MTOMCAT-282 > Project: Apache Tomcat Maven Plugin > Issue Type: New Feature > Components: tomcat6, tomcat7 >Reporter: Andrey Utkin >Assignee: Olivier Lamy (*$^¨%`£) > Fix For: 2.3 > > Attachments: tomcat-maven-plugin-trunk_version_support.patch > > > Add support for web application version for deply-* targets. > See http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Naming -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628142 - /tomcat/trunk/java/org/apache/catalina/connector/Request.java
Author: markt
Date: Mon Sep 29 09:18:07 2014
New Revision: 1628142
URL: http://svn.apache.org/r1628142
Log:
Need to ensure cookies are converted before calling addCookie else any added
cookies could get over-written.
Review by kkolinko
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Request.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1628142&r1=1628141&r2=1628142&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Mon Sep 29
09:18:07 2014
@@ -1677,7 +1677,7 @@ public class Request
*/
public void addCookie(Cookie cookie) {
-if (!cookiesParsed) {
+if (!cookiesConverted) {
convertCookies();
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1627619 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/connector/ java/org/apache/catalina/core/ java/org/apache/catalina/startup/ java/org/apache/coyote/ java
On 27/09/2014 14:24, Konstantin Kolinko wrote:
> 2014-09-25 23:38 GMT+04:00 :
>> Author: markt
>> Date: Thu Sep 25 19:38:15 2014
>> New Revision: 1627619
>>
>> URL: http://svn.apache.org/r1627619
>> Log:
>> Refactor cookie parsing to make it more pluggable
>> Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java
>> URL:
>> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1627619&r1=1627618&r2=1627619&view=diff
>> ==
>> --- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original)
>> +++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Thu Sep 25
>> 19:38:15 2014
>> @@ -84,10 +84,11 @@ import org.apache.tomcat.util.ExceptionU
>> import org.apache.tomcat.util.buf.B2CConverter;
>> import org.apache.tomcat.util.buf.ByteChunk;
>> import org.apache.tomcat.util.buf.MessageBytes;
>> -import org.apache.tomcat.util.http.Cookies;
>> +import org.apache.tomcat.util.http.CookieProcessor;
>> import org.apache.tomcat.util.http.FastHttpDateFormat;
>> import org.apache.tomcat.util.http.Parameters;
>> import org.apache.tomcat.util.http.ServerCookie;
>> +import org.apache.tomcat.util.http.ServerCookies;
>> import org.apache.tomcat.util.http.fileupload.FileItem;
>> import org.apache.tomcat.util.http.fileupload.FileUploadBase;
>> import
>> org.apache.tomcat.util.http.fileupload.FileUploadBase.InvalidContentTypeException;
>> @@ -283,12 +284,20 @@ public class Request
>>
>>
>> /**
>> - * Cookies parsed flag.
>> + * Cookie headers parsed flag. Indicates that the cookie headers have
>> been
>> + * parsed into ServerCookies.
>> */
>> protected boolean cookiesParsed = false;
>>
>>
>> /**
>> + * Cookie parsed flag. Indicates that the ServerCookies have been
>> converted
>> + * into user facing Cookie objects.
>> + */
>> +protected boolean cookiesConverted = false;
>> +
>> +
>> +/**
>> * Secure flag.
>> */
>> protected boolean secure = false;
>> @@ -462,6 +471,7 @@ public class Request
>> }
>> partsParseException = null;
>> cookiesParsed = false;
>> +cookiesConverted = false;
>> locales.clear();
>> localesParsed = false;
>> secure = false;
>> @@ -1668,7 +1678,7 @@ public class Request
>> public void addCookie(Cookie cookie) {
>>
>> if (!cookiesParsed) {
>
> I think that the above condition shall also be changed to if
> (!cookiesConverted).
>
> If we skip conversion here and convertCookies() method is called
> later, it will overwrite cookies array with "cookies = new
> Cookie[count];" so any cookies added here will be lost.
Thanks. Fixed.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628143 - /tomcat/trunk/webapps/docs/config/realm.xml
Author: markt Date: Mon Sep 29 09:23:49 2014 New Revision: 1628143 URL: http://svn.apache.org/r1628143 Log: Fix typo that broke link Clarify that multiple nested Realms are sometimes allowed but that multiple CredentialHandlers are not. Review by kkolinko Modified: tomcat/trunk/webapps/docs/config/realm.xml Modified: tomcat/trunk/webapps/docs/config/realm.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/realm.xml?rev=1628143&r1=1628142&r2=1628143&view=diff == --- tomcat/trunk/webapps/docs/config/realm.xml (original) +++ tomcat/trunk/webapps/docs/config/realm.xml Mon Sep 29 09:23:49 2014 @@ -1041,15 +1041,16 @@ - You can nest at most one instance of the following components by nesting a - corresponding element inside your Realm element: + You can nest the following components by nesting the corresponding element + inside your Realm element: CombinedRealm Implementation - If you are using the CombinedRealm Implementation or a Realm that extends the CombinedRealm, e.g. the LockOutRealm, one or moreelements may be nested inside it. - CredentialHandler - - Configure the credential handler that will be used to validate provided + CredentialHandler - + You may next at most one instance of this element inside a Realm. This + configures the credential handler that will be used to validate provided credentials with those stored by the Realm. If not specified a default MessageDigestCredentialHandler will configured. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1627615 - in /tomcat/trunk: java/org/apache/catalina/realm/MessageDigestCredentialHandler.java webapps/docs/config/project.xml webapps/docs/config/realm.xml
On 27/09/2014 14:43, Konstantin Kolinko wrote: > 2014-09-25 23:33 GMT+04:00 : >> Author: markt >> Date: Thu Sep 25 19:33:49 2014 >> New Revision: 1627615 >> >> URL: http://svn.apache.org/r1627615 >> Log: >> Update docs >> >> Modified: >> >> tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java >> tomcat/trunk/webapps/docs/config/project.xml >> tomcat/trunk/webapps/docs/config/realm.xml > > > (...) >> Modified: tomcat/trunk/webapps/docs/config/realm.xml >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/realm.xml?rev=1627615&r1=1627614&r2=1627615&view=diff >> == >> --- tomcat/trunk/webapps/docs/config/realm.xml (original) >> +++ tomcat/trunk/webapps/docs/config/realm.xml Thu Sep 25 19:33:49 2014 > > (...) >> @@ -1031,15 +1041,18 @@ >> >> >> >> - CombinedRealm Implementation >> - >> - If you are using the CombinedRealm Implementation or a Realm >> - that extends the CombinedRealm, e.g. the LockOutRealm, >> -elements may be nested inside it. >> - >> - Other Realm Implementations >> - >> - No other Realm implementation supports nested components. >> + You can nest at most one instance of the following components by >> nesting a >> + corresponding element inside your Realm element: > > 1. The above "at most one" words are correct for CredentialHandler, > but they are wrong for realms nested in CombinedRealm. You can have > many nested Realms in a combined one. > >> + >> + CombinedRealm Implementation - If you are using the >> +CombinedRealm Implementation or a Realm >> +that extends the CombinedRealm, e.g. the LockOutRealm, one or more >> + elements may be nested inside it. >> + > > 2. The link is broken because of document name typo above. > > CredentialHandler - >> + Configure the credential handler that will be used to validate >> provided >> + credentials with those stored by the Realm. If not specified a default >> + MessageDigestCredentialHandler will configured. >> + >> >> Fixed. Thanks. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1627614 - /tomcat/trunk/webapps/docs/config/credentialhandler.xml
On 27/09/2014 14:59, Konstantin Kolinko wrote: > 2014-09-25 23:33 GMT+04:00 : >> Author: markt >> Date: Thu Sep 25 19:33:44 2014 >> New Revision: 1627614 >> >> URL: http://svn.apache.org/r1627614 >> Log: >> Update docs I've fixed the various typos. >> + >> +Digesting the password requires that it is converted to bytes. >> This >> +attribute determines the character encoding to use for conversions >> +between characters and bytes. If not specified, UTF-8 will be >> used. >> + > > Was the legacy implementation using UTF-8 or ISO-8859-1 ? ISO-8859-1. As an aside, Tomcat 7 uses the platform default. > I guess that one cannot nest NestedCredentialHandler into > NestedCredentialHandler ? > (The same as with nesting Realms - you have to set a system property > to configure digester rules to process more than 3 nested levels of > Realms). You could. Since I copied and pasted the relevant code, the same 3 nested level limit with a system property to change it exists in CredentialHandler as well. I've added it to the docs. Thanks again for the review. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628151 - /tomcat/trunk/webapps/docs/config/credentialhandler.xml
Author: markt
Date: Mon Sep 29 10:12:36 2014
New Revision: 1628151
URL: http://svn.apache.org/r1628151
Log:
Document the new system property that controls nested credential handlers
Modified:
tomcat/trunk/webapps/docs/config/credentialhandler.xml
Modified: tomcat/trunk/webapps/docs/config/credentialhandler.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/credentialhandler.xml?rev=1628151&r1=1628150&r2=1628151&view=diff
==
--- tomcat/trunk/webapps/docs/config/credentialhandler.xml (original)
+++ tomcat/trunk/webapps/docs/config/credentialhandler.xml Mon Sep 29 10:12:36
2014
@@ -82,6 +82,8 @@
passwords are protected by a message digest. This credential handler
supports the following forms of stored passwords:
+ plainText - the plain text credentials if no
+ algorithm is specified
encodedCredential - a hex encoded digest of the
password digested using the configured digest
{MD5}encodedCredential - a Base64 encoded MD5
@@ -95,7 +97,7 @@
$
-If the stored password form does not included an iteration count then an
+If the stored password form does not include an iteration count then an
iteration count of 1 is used.
If the stored password form does not include salt then no salt is
@@ -104,8 +106,8 @@
-The name of the MessageDigest algorithm used
-to encode user passwords stored in the database. If not specified,
+The name of the java.security.MessageDigest algorithm
+used to encode user passwords stored in the database. If not
specified,
user passwords are assumed to be stored in clear-text.
@@ -116,13 +118,13 @@
-The number of iterations to use when creating a new stored crendtial
+The number of iterations to use when creating a new stored
credential
from a clear text credential.
-The length of the randomly generated salt ot use use when creating a
-new stored crendtial from a clear text credential.
+The length of the randomly generated salt to use use when creating a
+new stored credential from a clear text credential.
@@ -159,7 +161,7 @@
$
-If the stored password form does not included an iteration count then an
+If the stored password form does not include an iteration count then an
iteration count of 1 is used.
If the stored password form does not include salt then no salt is
@@ -179,13 +181,13 @@
-The number of iterations to use when creating a new stored crendtial
+The number of iterations to use when creating a new stored
credential
from a clear text credential.
-The length of the randomly generated salt ot use use when creating a
-new stored crendtial from a clear text credential.
+The length of the randomly generated salt to use use when creating a
+new stored credential from a clear text credential.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628152 - in /tomcat/trunk: java/org/apache/catalina/realm/MessageDigestCredentialHandler.java webapps/docs/config/systemprops.xml
Author: markt Date: Mon Sep 29 10:13:57 2014 New Revision: 1628152 URL: http://svn.apache.org/r1628152 Log: Fix tyops. Review by kkolinko Modified: tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java tomcat/trunk/webapps/docs/config/systemprops.xml Modified: tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java?rev=1628152&r1=1628151&r2=1628152&view=diff == --- tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java (original) +++ tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java Mon Sep 29 10:13:57 2014 @@ -46,7 +46,7 @@ import org.apache.tomcat.util.security.C * * * - * If the stored password form does not included an iteration count then an + * If the stored password form does not include an iteration count then an * iteration count of 1 is used. * * If the stored password form does not include salt then no salt is used. Modified: tomcat/trunk/webapps/docs/config/systemprops.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/systemprops.xml?rev=1628152&r1=1628151&r2=1628152&view=diff == --- tomcat/trunk/webapps/docs/config/systemprops.xml (original) +++ tomcat/trunk/webapps/docs/config/systemprops.xml Mon Sep 29 10:13:57 2014 @@ -682,6 +682,12 @@ If not specified, the default value of 3 will be used. + + The NestedCredentialHandler allows nested CredentialHandlers. This + property controls the maximum permitted number of levels of nesting. + If not specified, the default value of 3 will be used. + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.14
2014-09-25 1:07 GMT+04:00 Mark Thomas : > The proposed Apache Tomcat 8.0.14 release is now available for voting. > > The main changes since 8.0.12 are: > - Windows service runner, Windows service manager and Windows installer > are digitally signed with the new ASF code signing service > - Implement Java WebSocket 1.1 > - Improvements to start times by reducing overhead of annotation > scanning > - Optional RFC6265 compliant cookie parser (Note that this is > experimental and that the configuration options for this will change > in the next release) > > There is also the usual collection of bug fixes, new features and > performance improvements. For full details, see the changelog: > http://svn.us.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.14/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1022/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_14/ > > The proposed 8.0.14 release is: > [ ] Broken - do not release [x] Stable - go ahead and release as 8.0.14 Testsuite - all OK (Nio, Bio, Nio2, Apr). Smoke testing - OK. All - on Windows 7 with JDK 7u67. One small issue: I installed exe installer with all options except Host Manager being enabled and rebooted. Then I logged in as the user who performed the install. The Tomcat service was up and running, as expected. I expected the Monitor application (tray icon) to be running as well, but it was not running and not present in list of started applications in Task Manager. The registry key that should have caused this application to start (HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run) is present and OK. I have not noticed anything relevant in Windows Event Log or in Tomcat logs. If I start this application manually, I get UAC prompt to allow it to run as Administrator. So it might be that Windows 7 does not allow this application to auto-start. It is not a regression. It may be time to remove this auto-starting feature for Monitor application from the installer, unless someone knows a better solution. Signatures displayed by installer and by Monitor application are OK (CodeSigning for The Apache Software Foundation) Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628156 - /tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
Author: markt
Date: Mon Sep 29 10:41:28 2014
New Revision: 1628156
URL: http://svn.apache.org/r1628156
Log:
Ensure that an attempt to call digest.[sh|bat] with no args triggers the usage
message
Modified:
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1628156&r1=1628155&r2=1628156&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Mon Sep 29
10:41:28 2014
@@ -1466,6 +1466,11 @@ public abstract class RealmBase extends
int keyLength = -1;
String handlerClassName = null;
+if (args.length == 0) {
+usage();
+return;
+}
+
int argIndex = 0;
while (args.length > argIndex + 2 && args[argIndex].length() == 2 &&
@@ -1496,9 +1501,7 @@ public abstract class RealmBase extends
break;
}
default: {
-System.out.println("Usage: RealmBase [-a ] [-e
] " +
-"[-i ] [-s ] [-k
] " +
-"[-h ] ");
+usage();
return;
}
}
@@ -1553,6 +1556,13 @@ public abstract class RealmBase extends
}
+private static void usage() {
+System.out.println("Usage: RealmBase [-a ] [-e ]
" +
+"[-i ] [-s ] [-k ] " +
+"[-h ] ");
+}
+
+
// JMX and Registration
@Override
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628157 - /tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java
Author: markt
Date: Mon Sep 29 10:42:48 2014
New Revision: 1628157
URL: http://svn.apache.org/r1628157
Log:
Ensure that ConcurrentMessageDigest has been configured to use the requested
algorithm.
Note that this still results in a call to MessageDigest.getInstance() which
will trigger the NoSuchAlgorithmException if necessary
Modified:
tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java
Modified:
tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java?rev=1628157&r1=1628156&r2=1628157&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java
Mon Sep 29 10:42:48 2014
@@ -19,7 +19,6 @@ package org.apache.catalina.realm;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
-import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
@@ -88,7 +87,7 @@ public class MessageDigestCredentialHand
@Override
public void setAlgorithm(String algorithm) throws NoSuchAlgorithmException
{
-MessageDigest.getInstance(algorithm);
+ConcurrentMessageDigest.init(algorithm);
this.algorithm = algorithm;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: digest.bat (RealmBase.main()) is broken in current Tomcat 8 trunk. Tomcat 8.0.14 is OK.
On 27/09/2014 15:52, Konstantin Kolinko wrote: > Hi! > > 1). If I run any of the following: > digest.bat -a foo > digest.bat -a md5 foo > > I get > foo:Sep 27, 2014 6:38:43 PM org.apache.catalina.startup.Tool main > SEVERE: Exception calling main() method > java.lang.IllegalStateException: Must call init() first Fixed. > 2) If I run > digest.bat > without arguments, I get no output in return. Fixed. > 4) The current javadoc for RealmBase.main() says that algorithm (-a) > is not required and "If not specified a default of SHA-512 will be > used." > > I wonder whether that is justified. That is what is currently implemented. Happy to discuss changes but SHA-512 doesn't seem unreasonable to me. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
VOTE][RESULT] Release Apache Tomcat 8.0.14
Binding: +1: jfarcand, yoavs, markt, remm, schultz, violetagg, kkolinko Non-binding: +1: Ognjen Blagojevic, Martin Grigorov, fschumacher The vote therefore passes. Thanks to everyone who tested this release. I'll copy the bits across now and announce in around 24 hours time after the mirrors have caught up. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r6680 - /release/tomcat/tomcat-8/v8.0.11/
Author: markt Date: Mon Sep 29 11:22:23 2014 New Revision: 6680 Log: Remove oldversion Removed: release/tomcat/tomcat-8/v8.0.11/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r6681 - /release/tomcat/tomcat-6/v6.0.39/
Author: markt Date: Mon Sep 29 11:22:56 2014 New Revision: 6681 Log: Remove old version Removed: release/tomcat/tomcat-6/v6.0.39/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r6682 - /dev/tomcat/tomcat-8/v8.0.14/ /release/tomcat/tomcat-8/v8.0.14/
Author: markt Date: Mon Sep 29 11:24:17 2014 New Revision: 6682 Log: Release 8.0.14 Added: release/tomcat/tomcat-8/v8.0.14/ - copied from r6681, dev/tomcat/tomcat-8/v8.0.14/ Removed: dev/tomcat/tomcat-8/v8.0.14/ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628160 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Mon Sep 29 11:27:23 2014 New Revision: 1628160 URL: http://svn.apache.org/r1628160 Log: Updates - 8.0.14 release date - More detail on cookie changes Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1628160&r1=1628159&r2=1628160&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Sep 29 11:27:23 2014 @@ -64,6 +64,17 @@ (useRfc6265 and cookieEncoding) are replaced by this new configuration element. (markt) + +Deprecate the use of system proprties to control cookie parsing and +replace them with attributes on the new CookieProcessor +that may be configured on a per context basis. (markt) + + +Correct an edge case and allow a cookie if the value starts with an +equals character and the CookieProcessor is not configured +to allow equals characters in cookie values but is configured to allow +name only cookies. (markt) + @@ -78,7 +89,7 @@ - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57038] New: codebase of a class in a jar (while loading it) is now associated with its own URL (jar:file://....../.jar/.../.class), instead of its JAR’s URL
https://issues.apache.org/bugzilla/show_bug.cgi?id=57038 Bug ID: 57038 Summary: codebase of a class in a jar (while loading it) is now associated with its own URL (jar:file://../.jar/.../.clas s), instead of its JAR’s URL Product: Tomcat 8 Version: trunk Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: senthil.cit.er...@gmail.com In Tomcat 8. We found that Code base for a class in a Jar is pointing to its own URI instead of JAR’s path. This change in Tomcat’s behavior is probably on account of changes made to WebappClassloader.findResourceInternal() method of Tomcat’s catalina component. I found this by quickly debugging through its source code. From the source code, it is clear that till Tomcat 7.0.55, the codebase that was being associated with a class while loading it was obtained from its JAR’s URL (i.e. jar://./.jar). But from Tomcat 8.0.0 onwards, codebase of the same class (while loading it) is now associated with its own URL (jar:file://../.jar/.../.class), instead of its JAR’s URL. I also could not find any configuration parameter around this piece of code through which behavior can be reverted to previous releases. Thus, I suspect that this change made to WebappClassloader.findResourceInternal() method is leading to current problem. I searched a lot, but could not find out the exact bug ID for which these changes were checked in. But I suspect that these changes are related to one of the following changes: i.Tomcat 8’s change log contains following entry: Implement a new Resources implementation that merges Aliases, VirtualLoader, VirtualDirContext, JAR resources and external repositories into a single framework rather than a separate one for each feature ‘Internal APIs’ section of Apache Tomcat 8.0 Migration document states the following: Whilst the Tomcat 8 internal API is broadly compatible with Tomcat 7 there have been many changes at the detail level and they are not binary compatible. Developers of custom components that interact with Tomcat's internals should review the JavaDoc for the relevant API. Of particular note are: The Manager, Loader and Resources have moved from Container to Context since Context is the only place they are used. The Mapper has moved from the Connector to the Service since the Mapper is identical for all Connectors of a given Service. A new Resources implementation that merges Aliases, VirtualLoader, VirtualDirContext, JAR resources and external repositories into a single framework rather than a separate one for each feature. A new interface SessionIdGenerator has been added making session id generation extensible. Methods to get and set the id generator class name have been added to the Manager interface. ii.Bug 53081 - WebappClassLoader causes java.lang.OutOfMemoryError in findResourceInternal() -- -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57038] codebase of a class in a jar (while loading it) is now associated with its own URL (jar:file://....../.jar/.../.class), instead of its JAR’s URL
https://issues.apache.org/bugzilla/show_bug.cgi?id=57038 Senthil Kumar changed: What|Removed |Added CC||senthil.cit.er...@gmail.com OS||All -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Commented] (MTOMCAT-282) Support for version of deployed web application
[ https://issues.apache.org/jira/browse/MTOMCAT-282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14151621#comment-14151621 ] Dennis Lundberg commented on MTOMCAT-282: - Andrey, As far as I can tell from the docs http://tomcat.apache.org/tomcat-6.0-doc/config/context.html#Naming the version parameter i not supported in Tomcat 6. So the patch should not touch the Tomcat 6 mojos. > Support for version of deployed web application > --- > > Key: MTOMCAT-282 > URL: https://issues.apache.org/jira/browse/MTOMCAT-282 > Project: Apache Tomcat Maven Plugin > Issue Type: New Feature > Components: tomcat6, tomcat7 >Reporter: Andrey Utkin >Assignee: Olivier Lamy (*$^¨%`£) > Fix For: 2.3 > > Attachments: tomcat-maven-plugin-trunk_version_support.patch > > > Add support for web application version for deply-* targets. > See http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Naming -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Commented] (MTOMCAT-282) Support for version of deployed web application
[ https://issues.apache.org/jira/browse/MTOMCAT-282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14151624#comment-14151624 ] Andrey Utkin commented on MTOMCAT-282: -- Hi Dennis, Oops. I will fix it asap. Thanks. > Support for version of deployed web application > --- > > Key: MTOMCAT-282 > URL: https://issues.apache.org/jira/browse/MTOMCAT-282 > Project: Apache Tomcat Maven Plugin > Issue Type: New Feature > Components: tomcat6, tomcat7 >Reporter: Andrey Utkin >Assignee: Olivier Lamy (*$^¨%`£) > Fix For: 2.3 > > Attachments: tomcat-maven-plugin-trunk_version_support.patch > > > Add support for web application version for deply-* targets. > See http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Naming -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628197 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/loader/ java/org/apache/catalina/webresources/ webapps/docs/
Author: markt
Date: Mon Sep 29 14:42:11 2014
New Revision: 1628197
URL: http://svn.apache.org/r1628197
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57038
Add a WebResource.getCoseBase() method, implement for all WebResource
implementations and then use it in the web application class loader to set the
correct code base for resources loaded from JARs and WARs.
Modified:
tomcat/trunk/java/org/apache/catalina/WebResource.java
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java
tomcat/trunk/java/org/apache/catalina/webresources/CachedResource.java
tomcat/trunk/java/org/apache/catalina/webresources/EmptyResource.java
tomcat/trunk/java/org/apache/catalina/webresources/FileResource.java
tomcat/trunk/java/org/apache/catalina/webresources/JarResource.java
tomcat/trunk/java/org/apache/catalina/webresources/JarResourceRoot.java
tomcat/trunk/java/org/apache/catalina/webresources/JarWarResource.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/WebResource.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/WebResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/WebResource.java (original)
+++ tomcat/trunk/java/org/apache/catalina/WebResource.java Mon Sep 29 14:42:11
2014
@@ -137,6 +137,13 @@ public interface WebResource {
URL getURL();
/**
+ * Get code base for this resource that will be used when looking up the
+ * assigned permissions for the code base in the security policy file when
+ * running under a security manager.
+ */
+URL getCodeBase();
+
+/**
* Obtain a reference to the WebResourceRoot of which this WebResource is a
* part.
*/
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Mon
Sep 29 14:42:11 2014
@@ -2534,7 +2534,7 @@ public abstract class WebappClassLoaderB
entry = new ResourceEntry();
entry.source = resource.getURL();
-entry.codeBase = entry.source;
+entry.codeBase = resource.getCodeBase();
entry.lastModified = resource.getLastModified();
if (needConvert && path.endsWith(".properties")) {
Modified:
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java?rev=1628197&r1=1628196&r2=1628197&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/webresources/AbstractArchiveResource.java
Mon Sep 29 14:42:11 2014
@@ -33,18 +33,20 @@ public abstract class AbstractArchiveRes
private final String baseUrl;
private final JarEntry resource;
private final Manifest manifest;
+private final String codeBaseUrl;
private final String name;
private boolean readCerts = false;
private Certificate[] certificates;
protected AbstractArchiveResource(WebResourceRoot root, String webAppPath,
String base, String baseUrl, JarEntry jarEntry,
-String internalPath, Manifest manifest) {
+String internalPath, Manifest manifest, String codeBaseUrl) {
super(root, webAppPath);
this.base = base;
this.baseUrl = baseUrl;
this.resource = jarEntry;
this.manifest = manifest;
+this.codeBaseUrl = codeBaseUrl;
String resourceName = resource.getName();
if (resourceName.charAt(resourceName.length() - 1) == '/') {
@@ -132,12 +134,24 @@ public abstract class AbstractArchiveRes
@Override
public URL getURL() {
+String url = baseUrl + "!/" + resource.getName();
try {
-return new URL(baseUrl + "!/" + resource.getName());
+return new URL(url);
} catch (MalformedURLException e) {
if (getLog().isDebugEnabled()) {
-getLog().debug(sm.getString("fileResource.getUrlFail",
-resource.getName(), baseUrl), e);
+getLog().debug(sm.getString("fileResource.getUrlFail", url),
e);
+}
+return null;
+}
+}
+
+@Override
+public URL getCodeBase() {
+try {
+
[Bug 57038] codebase of a class in a jar (while loading it) is now associated with its own URL (jar:file://....../.jar/.../.class), instead of its JAR’s URL
https://issues.apache.org/bugzilla/show_bug.cgi?id=57038 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Mark Thomas --- Thanks for the report. This has been fixed in 8.0.x for 8.0.15 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57041] New: Tomcat Websocket upgrade request handling
https://issues.apache.org/bugzilla/show_bug.cgi?id=57041 Bug ID: 57041 Summary: Tomcat Websocket upgrade request handling Product: Tomcat 8 Version: trunk Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: WebSocket Assignee: dev@tomcat.apache.org Reporter: khandelwal.anu...@gmail.com Hi, I want to understand how a websocket upgrade request is handled by Tomcat. Is it done by filters or servlets ? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57041] Tomcat Websocket upgrade request handling
https://issues.apache.org/bugzilla/show_bug.cgi?id=57041 Chuck Caldarale changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Chuck Caldarale --- Bugzilla is not a support forum. Post your query on the Tomcat users' mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in ASF Buildbot on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/493 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1628160 Blamelist: markt BUILD FAILED: failed compile_1 sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 7.0.56
Violeta, On 28.9.2014 14:34, Violeta Georgieva wrote: The proposed 7.0.56 release is: [ ] Broken - do not release [X] Stable - go ahead and release as 7.0.56 Stable (non-binding) Tested .zip distribution on Windows 7 64-bit: - Tested TLS/SSL connectivity for BIO, NIO and APR connectors. - Crawled all links (except /manager, /host-manager and /examples/async*). No broken links found, except links to JavaDocs. - Smoke tests of BIO, NIO and APR, with and without TLS, all passed. - Tested with several webapps that are in active development. -Ognjen - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628266 - in /tomcat/trunk: java/org/apache/catalina/realm/ java/org/apache/tomcat/util/buf/ test/org/apache/tomcat/util/buf/ webapps/docs/
Author: markt
Date: Mon Sep 29 19:24:38 2014
New Revision: 1628266
URL: http://svn.apache.org/r1628266
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57027
Add additional validation for stored credentials used by Realms when the
credential is stored using hex encoding.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/DigestCredentialHandlerBase.java
tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java
tomcat/trunk/java/org/apache/tomcat/util/buf/LocalStrings.properties
tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java
tomcat/trunk/webapps/docs/changelog.xml
Modified:
tomcat/trunk/java/org/apache/catalina/realm/DigestCredentialHandlerBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/DigestCredentialHandlerBase.java?rev=1628266&r1=1628265&r2=1628266&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/realm/DigestCredentialHandlerBase.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/realm/DigestCredentialHandlerBase.java
Mon Sep 29 19:24:38 2014
@@ -150,12 +150,7 @@ public abstract class DigestCredentialHa
if (sep1 < 0 || sep2 < 0) {
// Stored credentials are invalid
// This may be expected if nested credential handlers are being
used
-if (logInvalidStoredCredentials) {
-// Logging credentials could be a security concern but they are
-// invalid and that is probably a bigger problem
-
getLog().warn(sm.getString("credentialHandler.invalidStoredCredential",
-storedCredentials));
-}
+logInvalidStoredCredentials(storedCredentials);
return false;
}
@@ -164,7 +159,13 @@ public abstract class DigestCredentialHa
int iterations = Integer.parseInt(storedCredentials.substring(sep1 +
1, sep2));
String storedHexEncoded = storedCredentials.substring(sep2 + 1);
-byte[] salt = HexUtils.fromHexString(hexSalt);
+byte[] salt;
+try {
+salt = HexUtils.fromHexString(hexSalt);
+} catch (IllegalArgumentException iae) {
+logInvalidStoredCredentials(storedCredentials);
+return false;
+}
String inputHexEncoded = mutate(inputCredentials, salt, iterations);
@@ -172,6 +173,16 @@ public abstract class DigestCredentialHa
}
+private void logInvalidStoredCredentials(String storedCredentials) {
+if (logInvalidStoredCredentials) {
+// Logging credentials could be a security concern but they are
+// invalid and that is probably a bigger problem
+
getLog().warn(sm.getString("credentialHandler.invalidStoredCredential",
+storedCredentials));
+}
+}
+
+
/**
* Get the default salt length used by the {@link CredentialHandler}.
*/
Modified: tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java?rev=1628266&r1=1628265&r2=1628266&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java Mon Sep 29
19:24:38 2014
@@ -16,6 +16,8 @@
*/
package org.apache.tomcat.util.buf;
+import org.apache.tomcat.util.res.StringManager;
+
/**
* Tables useful when converting byte arrays to and from strings of hexadecimal
* digits.
@@ -25,6 +27,8 @@ package org.apache.tomcat.util.buf;
*/
public final class HexUtils {
+private static final StringManager sm =
+StringManager.getManager(Constants.Package);
// -- Constants
@@ -93,10 +97,21 @@ public final class HexUtils {
return null;
}
+if (input.length() % 2 == 1) {
+// Odd number of characters
+throw new
IllegalArgumentException(sm.getString("hexUtils.fromHex.oddDigits"));
+}
+
char[] inputChars = input.toCharArray();
byte[] result = new byte[input.length() >> 1];
for (int i = 0; i < result.length; i++) {
-result[i] = (byte) ((getDec(inputChars[2*i]) << 4) +
getDec(inputChars[2*i + 1]));
+int upperNibble = getDec(inputChars[2*i]);
+int lowerNibble = getDec(inputChars[2*i + 1]);
+if (upperNibble < 0 || lowerNibble < 0) {
+// Non hex character
+throw new
IllegalArgumentException(sm.getString("hexUtils.fromHex.nonHex"));
+}
+result[i] = (byte) ((upperNibble << 4) + lowerNibble);
}
return result;
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/buf/LocalStrings.properties
URL:
http:/
[Bug 57027] DigesterCredentialHandlerBase and HexUtils shall test for invalid hex characters
https://issues.apache.org/bugzilla/show_bug.cgi?id=57027 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED OS||All --- Comment #1 from Mark Thomas --- This has been fixed in 8.0.x for 8.0.15 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1628324 - in /tomcat/trunk: java/org/apache/tomcat/util/http/CookieSupport.java java/org/apache/tomcat/util/http/LegacyCookieProcessor.java test/org/apache/tomcat/util/http/TestCookiePars
Author: markt
Date: Mon Sep 29 21:45:10 2014
New Revision: 1628324
URL: http://svn.apache.org/r1628324
Log:
Move cookie header preservation to an option on the legacy cookie processor
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java
tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java
tomcat/trunk/webapps/docs/config/cookie-processor.xml
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java?rev=1628324&r1=1628323&r2=1628324&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/CookieSupport.java Mon Sep 29
21:45:10 2014
@@ -67,7 +67,10 @@ public final class CookieSupport {
/**
* If set to true, the cookie header will be preserved. In most cases
* except debugging, this is not useful.
+ *
+ * @deprecated Will be removed in Tomcat 9.
*/
+@Deprecated
public static final boolean PRESERVE_COOKIE_HEADER;
/**
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java?rev=1628324&r1=1628323&r2=1628324&view=diff
==
--- tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/http/LegacyCookieProcessor.java
Mon Sep 29 21:45:10 2014
@@ -54,6 +54,10 @@ public final class LegacyCookieProcessor
@SuppressWarnings("deprecation") // Default to false when deprecated code
is removed
private boolean allowHttpSepsInV0 =
CookieSupport.ALLOW_HTTP_SEPARATORS_IN_V0;
+@SuppressWarnings("deprecation") // Default to STRICT_SERVLET_COMPLIANCE
+ // when deprecated code is removed
+private boolean presserveCookieHeader =
CookieSupport.PRESERVE_COOKIE_HEADER;
+
public boolean getAllowEqualsInValue() {
return allowEqualsInValue;
@@ -85,6 +89,16 @@ public final class LegacyCookieProcessor
}
+public boolean getPreserveCookieHeader() {
+return presserveCookieHeader;
+}
+
+
+public void setPreserveCookieHeader(boolean presserveCookieHeader) {
+this.presserveCookieHeader = presserveCookieHeader;
+}
+
+
@Override
public Charset getCharset() {
return StandardCharsets.ISO_8859_1;
@@ -113,7 +127,7 @@ public final class LegacyCookieProcessor
log.debug("Cookies: Parsing b[]: " +
cookieValue.toString());
}
ByteChunk bc = cookieValue.getByteChunk();
-if (CookieSupport.PRESERVE_COOKIE_HEADER) {
+if (getPreserveCookieHeader()) {
int len = bc.getLength();
if (len > 0) {
byte[] buf = new byte[len];
Modified: tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java?rev=1628324&r1=1628323&r2=1628324&view=diff
==
--- tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java
(original)
+++ tomcat/trunk/test/org/apache/tomcat/util/http/TestCookieParsing.java Mon
Sep 29 21:45:10 2014
@@ -44,9 +44,12 @@ public class TestCookieParsing extends T
private static final String COOKIES_WITH_NAME_ONLY_CONCAT = "bob=bob=";
private static final String[] COOKIES_WITH_SEPS = new String[] {
-"name=val(ue" };
+"name=val(ue" };
private static final String COOKIES_WITH_SEPS_TRUNC = "name=val";
+private static final String[] COOKIES_WITH_QUOTES = new String[] {
+"name=\"val\\\"ue\"" };
+private static final String COOKIES_WITH_QUOTES_TRUNC =
"name=\"val\"uee\"";
@Test
public void testLegacyWithEquals() throws Exception {
@@ -163,6 +166,43 @@ public class TestCookieParsing extends T
}
+@Test
+public void testLegacyPreserveHeader() throws Exception {
+doTestLegacyPreserveHeader(true);
+}
+
+
+@Test
+public void testLegacyNoPreserveHeader() throws Exception {
+doTestLegacyPreserveHeader(false);
+}
+
+
+private void doTestLegacyPreserveHeader(boolean preserveHeader) throws
Exception {
+LegacyCookieProcessor legacyCookieProcessor = new
LegacyCookieProcessor();
+legacyCookieProcessor.setPreserveCookieHeader(preserveHeader);
+
+String expected;
+if (preserveHeader) {
+expected = concat(COOKIES
[Bug 57022] Tomcat Spnego authentication against Active Directory fails with Java 8
https://issues.apache.org/bugzilla/show_bug.cgi?id=57022 --- Comment #4 from Detelin Yordanov --- I managed to overcome this error by setting -Djavax.security.auth.useSubjectCredsOnly=false Still, I would like to know if there is a reason not to use Subject.doAs when doing GSSAPI authentication against LDAP. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56995] Errors from servlet writer flush() causing threads in BLOCK state
https://issues.apache.org/bugzilla/show_bug.cgi?id=56995 --- Comment #4 from charlie --- Okay. I'm trying to understand this better. So is the synchronization on the socket only implemented for handling exceptions? Application should not use separate thread to do any of response write/flush using BIO connector? Tomcat doesn't seem to prevent that and it works when there are no exceptions. Thanks. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/495 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1628266 Blamelist: markt Build succeeded! sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-test-apr (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-apr has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 11 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-apr : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-APR -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-APR/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-apr/gump_work/build_tomcat-trunk_tomcat-trunk-test-apr.html Work Name: build_tomcat-trunk_tomcat-trunk-test-apr (Type: Build) Work ended in a state of : Failed Elapsed: 24 mins 29 secs Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.12-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.2-SNAPSHOT.jar -Dtest.reports=output/logs-APR -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20140930-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/P20140317-1600/ecj-P20140317-1600.jar -Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native/dest-20140930/lib -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20140930.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20140930-native-src.tar.gz -Dtest.temp=output/test-tmp-APR -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl/dest-20140930/bin/openssl -Dexecute.test.apr=true -Dexecute.test.bio=false -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/easymock/target/easymock-3.3-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/public/workspace/hamcrest/build/hamcrest-all-20140930.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-
