[Tomcat Wiki] Update of "AddOns" by KonstantinKolinko

2019-02-12 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "AddOns" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/AddOns?action=diff=13=14

Comment:
Move PicketLink Vault to a named section

  
  
  
+ = PropertySource =
+ 
+ == PicketLink Vault ==
+ 
+  * [[https://github.com/picketbox/tomcat-vault|PicketLink Vault extension for 
Apache Tomcat]] - Provides a custom `PropertySource` that can be used with 
Tomcat. See [[FAQ/Password]].
+ 
+ 
+ 
  = Web Applications =
  
  == PSI Probe manager application ==
@@ -43, +51 @@

  (Historically, the name is a tribute to Lambda Probe project, which they 
continued as a fork. The original Lambda Probe project (www.lambdaprobe.org) 
closed more than 10 years ago (2006) and is not applicable to current versions 
of Tomcat).
  
  
- 
- = Other =
- 
-  * [[https://github.com/picketbox/tomcat-vault|PicketLink Vault extension for 
Apache Tomcat]] - Provides a custom `PropertySource` that can be used with 
Tomcat. See [[FAQ/Password]].
- 
- 
  [[CategoryFAQ]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "AddOns" by KonstantinKolinko

2019-02-12 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "AddOns" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/AddOns?action=diff=14=15

Comment:
Add a link to Agafua-syslog

  (Historically, the name is a tribute to Lambda Probe project, which they 
continued as a fork. The original Lambda Probe project (www.lambdaprobe.org) 
closed more than 10 years ago (2006) and is not applicable to current versions 
of Tomcat).
  
  
+ 
+ = Logging =
+ 
+ == Logging to Syslog ==
+ 
+  * See a 
[[https://stackoverflow.com/questions/2311697/is-there-a-robust-java-util-logging-handler-implementation-of-syslog|StackOverflow
 question]] and [[http://rusv.github.io/agafua-syslog/|Agafua-syslog]] project 
([[https://github.com/rusv/agafua-syslog/tree/master|GitHub]]).
+ 
+ 
  [[CategoryFAQ]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FrontPage" by KonstantinKolinko

2019-02-11 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FrontPage" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FrontPage?action=diff=41=42

Comment:
Add link to development pages at CWiki.

   * '''[[GSOC]]''' - Google Summer of Code
   * '''[[AddOns]]''' - Third party tools and add-ons not included in the 
official distribution
   * '''[[ReleaseProcess|Release Process]]''' - How to perform an official 
Apache Tomcat release
-  * '''[[Development|Development Issues]]''' - Work in progress design and/or 
development documentation
+  * '''[[Development|Development Issues]]''' - Work in progress design and/or 
development documentation. These pages have moved to 
[[https://cwiki.apache.org/confluence/display/TOMCAT/Design+and+Development+Issues|CWiki]].
   * '''[[Events]]''' - Upcoming Tomcat events
  
  = Special Wiki pages =

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/CharacterEncoding" by GarretWilson

2019-02-01 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/CharacterEncoding" page has been changed by GarretWilson:
https://wiki.apache.org/tomcat/FAQ/CharacterEncoding?action=diff=27=28

Comment:
Clarified legacy percent encoding of form submissions in HTML 4.01.

  
  ''Percent Encoding for `application/x-www-form-urlencoded`''
  
- The [[https://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1|HTML 
4.0.1]] specification indicated that percent-encoding of non-ASCII characters 
of `application/x-www-form-urlencoded` (the default content type for HTML form 
submissions) should be performed using `US-ASCII` byte sequences. However 
[[https://url.spec.whatwg.org/#concept-urlencoded-serializer|HTML 5]] changed 
this to use UTF-8 byte sequences, matching the modern percent encoding for 
URLs. Modern browsers therefore percent-encode UTF-8 sequences when submitting 
forms using `application/x-www-form-urlencoded`.
+ The [[https://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1|HTML 
4.01]] specification indicated that percent-encoding of any non alphanumeric 
characters of `application/x-www-form-urlencoded` (the default content type for 
HTML form submissions) should be performed using `US-ASCII` byte sequences. 
However [[https://url.spec.whatwg.org/#concept-urlencoded-serializer|HTML 5]] 
changed this to use UTF-8 byte sequences, matching the modern percent encoding 
for URLs. Modern browsers therefore percent-encode UTF-8 sequences when 
submitting forms using `application/x-www-form-urlencoded`.
  
  The servlet specification, however, requires servlet containers to interpret 
percent-encoded sequences in `application/x-www-form-urlencoded` as 
`ISO-8859-1`, which in a default configuration will result in corrupted content 
because of the charset mismatch. See below for how this can be reconfigured in 
Tomcat.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/CharacterEncoding" by GarretWilson

2019-02-01 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/CharacterEncoding" page has been changed by GarretWilson:
https://wiki.apache.org/tomcat/FAQ/CharacterEncoding?action=diff=26=27

Comment:
Updated sections related to percent encoding charset of HTML form posts.

  
  <>'''Why does everything have to be this way?'''
  
- Everything covered in this page comes down to practical interpretation of a 
number of specifications. When working with Java servlets, the Java Servlet 
Specification is the primary reference, but the servlet spec itself relies on 
older specifications such as HTTP for its foundation. Here are a couple of 
references before we cover exactly where these items are located in them.
+ Everything covered in this page comes down to practical interpretation of a 
number of specifications. When working with Java servlets, the Java Servlet 
Specification is the primary reference, but the servlet spec itself relies on 
older specifications such as HTTP for its foundation. Here are a couple of 
references before we cover exactly where these items are located in them. A 
more detailed list can be found on the 
[[https://wiki.apache.org/tomcat/Specifications|Specifications]] page.
  
+  1. [[https://www.jcp.org/en/jsr/detail?id=369|Java Servlet Specification 
4.0]]
+  1. [[https://tools.ietf.org/html/rfc7230|HTTP 1.1 Protocol: Message Syntax 
and Routing]], [[https://tools.ietf.org/html/rfc7231|HTTP 1.1 Protocol: 
Semantics and Content]] …
-  1. [[http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index2.html|Java 
Servlet Specification 2.5]]
-  1. [[http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html|Java 
Servlet Specification 2.4]]
-  1. [[http://www.w3.org/Protocols/rfc2616/rfc2616.txt|HTTP 1.1 Protocol]] 
([[http://www.w3.org/Protocols/rfc2616/rfc2616.html|hyperlinked version]])
-  1. [[http://www.ietf.org/rfc/rfc2396.txt|URI Syntax]]
+  1. [[https://tools.ietf.org/html/rfc3986|URI Syntax]]
-  1. [[http://www.w3.org/Protocols/rfc822/|ARPA Internet Text Messages]]
+  1. [[https://tools.ietf.org/html/rfc822|ARPA Internet Text Messages]]
-  1. [[http://www.w3.org/TR/html4|HTML 4]]
+  1. [[https://www.w3.org/TR/html4/|HTML 4]], 
[[https://www.w3.org/TR/html/|HTML 5]]
  
  ''Default encoding for request and response bodies''
  
@@ -47, +46 @@

  
  ''Default encoding for GET''
  
- The character set for HTTP query strings (that's the technical term for 'GET 
parameters') can be found in sections 2 and 2.1 the "URI Syntax" specification. 
The character set is defined to be 
[[http://en.wikipedia.org/wiki/ASCII|US-ASCII]]. Any character that does not 
map to US-ASCII must be encoded in some way. Section 2.1 of the URI Syntax 
specification says that characters outside of US-ASCII must be encoded using 
`%` escape sequences: each character is encoded as a literal `%` followed by 
the two hexadecimal codes which indicate its character code. Thus, `a` 
(US-ASCII character code 97 = 0x61) is equivalent to `%61`. There ''is no 
default encoding for URIs'' specified anywhere, which is why there is a lot of 
confusion when it comes to decoding these values.
+ The character set for HTTP query strings (that's the technical term for 'GET 
parameters') can be found in sections 2 and 2.1 the "URI Syntax" specification. 
The character set is defined to be 
[[http://en.wikipedia.org/wiki/ASCII|US-ASCII]]. Any character that does not 
map to US-ASCII must be encoded in some way. Section 2.1 of the URI Syntax 
specification says that characters outside of US-ASCII must be encoded using 
`%` escape sequences: each character is encoded as a literal `%` followed by 
the two hexadecimal codes which indicate its character code. Thus, `a` 
(US-ASCII character code 97 = 0x61) is equivalent to `%61`. Although the URI 
specification does not mandate a default encoding for percent-encoded octets, 
it recommends UTF-8 especially for new URI schemes, and most modern user agents 
have settled on UTF-8 for percent-encoding URI characters.
  
  Some notes about the character encoding of URIs:
-  1. ISO-8859-1 and ASCII are compatible for character codes 0x20 to 0x7E, so 
they are often used interchangeably. Most of the web uses ISO-8859-1 as the 
default for query strings.
+  1. ISO-8859-1 and ASCII are compatible for character codes 0x20 to 0x7E, so 
they are often used interchangeably.
-  1. Many browsers are starting to offer (default) options of encoding URIs 
using UTF-8 instead of ISO-8859-1. Some browsers appear to use the encoding of 
the current page to encode URIs for links (see the note above regarding browser 
behavior for POST encoding).
+  1. Modern browsers encoding URIs using UTF-8. Some browsers appear to use 
the encoding of the current page to encode URIs for links.
-  1. [[http://www.w3.org/TR/html40/appendix/notes.html#non-ascii-chars|HTML 
4.0]] recommends the use of UTF-8 to encode the query string.
+  1.

[Tomcat Wiki] Update of "ContributorsGroup" by markt

2019-01-23 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by markt:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=33=34

Comment:
+= GarretWilson

   * developintelligence
   * DmytroMrachkovskyi
   * EmericVernat
+  * GarretWilson
   * GaryBriggs
   * GeorgeSexton
   * GFUCyrusAG

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by dblevins

2018-11-26 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by dblevins:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=67=68

Comment:
Add Tomitribe to the support list

  
[[https://linuxhostsupport.com|{{https://linuxhostsupport.com/blog/wp-content/uploads/2017/05/linuxhostsupport-300.png|https://linuxhostsupport.com}}]]
  
  [[https://linuxhostsupport.com|LinuxHostSupport]] is a server management 
company that provides Tomcat server support services, including, but not 
limited to: Tomcat installation services, Tomcat configuration services, Tomcat 
server migration services etc. You can get a free quote.
+ 
+ 
[[https://www.tomitribe.com|{{https://www.tomitribe.com/wp-content/uploads/2018/04/tomitribe.png|https://www.tomitribe.com|width=150}}]]
+ 
+ Tomitribe was founded by several members of the ASF to be completely 
dedicated to Tomcat and TomEE offering [[https://www.tomitribe.com|7/24 global 
support]].  Subscriptions also include 365-day CVE scanning, notification and 
patching for all versions of Tomcat both EOL and active, and annual 
professional services and training benefits.
  
  === Example company name ===
  Use this example as a basis for your entry. New entries should be added just 
above this example.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Building Tomcat on MacOS" by ChristopherSchultz

2018-11-06 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Building Tomcat on MacOS" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/Building%20Tomcat%20on%20MacOS?action=diff=5=6

  While you can set {{{ld.library.path}}} to include libraries from all over 
the place, I recommend that you copy everything into one place so you can 
easily find everything and it won't interfere with anything else on your system.
  
  First, copy the {{{libtcnative}}} binaries from where they were built:
+ 
   {{{ $ cp -aR tomcat-native-x.y.z/native/.libs/* 
apache-tomcat-x.y.z-src/output/build/bin/}}}
  
  Next, copy the APR libraries:
  
-  {{{ $ cp -a$ $APR_HOME/libexec/lib/* 
apache-tomcat-x.y.z-src/output/build/bin/}}}
+  {{{ $ cp -aR $APR_HOME/libexec/lib/* 
apache-tomcat-x.y.z-src/output/build/bin/}}}
  
  Finally, if you are using a custom OpenSSL build, copy those libraries as 
well:
  
-  {{{ $ cp -a$ $OPENSSL_HOME/lib/* apache-tomcat-x.y.z-src/output/build/bin/}}}
+  {{{ $ cp -aR $OPENSSL_HOME/lib/* apache-tomcat-x.y.z-src/output/build/bin/}}}
  
  == Running Tomcat with libtcnative ==
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Building Tomcat on MacOS" by ChristopherSchultz

2018-11-06 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Building Tomcat on MacOS" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/Building%20Tomcat%20on%20MacOS?action=diff=4=5

  Building Tomcat from source on MacOS can require some additional work, 
especially if you want to build all of the optional items such as 
{{{libtcnative}}}.
  
- == Building Tomcat==
+ == Building Tomcat ==
  
- Building Tomcat itself is fairly straightforward. Simply download the source 
distribution of Tomcat and follow the indtructions in the BUILDING.txt file 
bundled with the distribution.
+ Building Tomcat itself is fairly straightforward. Simply download the source 
distribution of Tomcat and follow the instructions in the BUILDING.txt file 
bundled with the distribution.
  
  Briefly, you'll need:
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Building Tomcat on MacOS" by ChristopherSchultz

2018-11-05 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Building Tomcat on MacOS" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/Building%20Tomcat%20on%20MacOS?action=diff=3=4

  
  == Running Tomcat with libtcnative ==
  
+ Tomcat (really Java) needs to know where to find these native libraries. We 
do that by setting the {{{java.library.path}}} environment variable for the JVM 
during startup. The easiest way to do this is by setting {{{CATALINA_OPTS}}} on 
startup. This can be done by adding this line to {{{bin/setenv.sh}}}:
+ 
+  {{{export CATALINA_OPTS="-Djava.library.path=$CATALINA_HOME/bin"}}}
+ 
+ Then you can startup Tomcat as usual, either:
+ 
+  {{{$ bin/startup.sh }}}
+ 
+ or
+ 
+  {{{$ bin/catalina.sh start }}}
+ 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Building Tomcat on MacOS" by ChristopherSchultz

2018-11-05 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Building Tomcat on MacOS" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/Building%20Tomcat%20on%20MacOS?action=diff=2=3

  
  You may have to set your {{{JAVA_HOME}}} environment variable and/or specify 
the full path to your {{{ant}}} binary.
  
- == Building {{{libtcnative}}} ==
+ == Building libtcnative ==
  
  Building {{{libtcnative}}} it fairly straightforward as well, but you will 
need a number of prerequisites that are not terribly obvious as to how to get 
them.
  
@@ -26, +26 @@

   1. Apache Portal Runtime (APR), available either directly from Apache 
([[https://apr.apache.org/download.cgi|APR downloads]]) or by using 
[[brew|https://brew.sh/]] ({{{brew install apr}}})
   1. (Optional) OpenSSL 1.1.1 (latest at the time of this writing), available 
either directly from OpenSSL ([[|OpenSSL Downloads]]) or by using [[brew|]] 
({{{brew install openssl1
  
+ Download and unpack the libtcnative sources:
+ 
+  {{{$ tar xzf tomcat-native-x.y.x.tar.gz}}}
+  {{{$ cd tomcat-native-x.y.z/native}}}
+ 
  === Using OpenSSL ===
  If using OpenSSL:
  
-   {{{./configure --with-ssl=[path to OpenSSL] --with-apr=[path to APR] 
--with-java-home=[your java home]}}}
+   {{{$ ./configure --with-ssl=[path to OpenSSL] --with-apr=[path to APR] 
--with-java-home=[your java home]}}}
  
  For example:
  
-   {{{./configure --with-ssl=/usr/local/Cellar/openssl\@1.1/1.1.1 
--with-apr=/usr/local/Cellar/apr/1.6.5 
--with-java-home=/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home}}}
+   {{{$ ./configure --with-ssl=/usr/local/Cellar/openssl\@1.1/1.1.1 
--with-apr=/usr/local/Cellar/apr/1.6.5 
--with-java-home=/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home}}}
  
  === Without OpenSSL (LibreSSL) ===
  
@@ -43, +48 @@

  
{{{./configure --with-ssl=yes --with-apr=/usr/local/Cellar/apr/1.6.5 
--with-java-home=/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home}}}
  
+ 
+ In either case (OpenSSL or not), proceed with the build process:
+ 
+  {{{make}}}
+ 
+ Once this process has completed, your built libraries can be found in 
{{{.libs/}}}.
+ 
+ == Installing libtcnative ==
+ 
+ While you can set {{{ld.library.path}}} to include libraries from all over 
the place, I recommend that you copy everything into one place so you can 
easily find everything and it won't interfere with anything else on your system.
+ 
+ First, copy the {{{libtcnative}}} binaries from where they were built:
+  {{{ $ cp -aR tomcat-native-x.y.z/native/.libs/* 
apache-tomcat-x.y.z-src/output/build/bin/}}}
+ 
+ Next, copy the APR libraries:
+ 
+  {{{ $ cp -a$ $APR_HOME/libexec/lib/* 
apache-tomcat-x.y.z-src/output/build/bin/}}}
+ 
+ Finally, if you are using a custom OpenSSL build, copy those libraries as 
well:
+ 
+  {{{ $ cp -a$ $OPENSSL_HOME/lib/* apache-tomcat-x.y.z-src/output/build/bin/}}}
+ 
+ == Running Tomcat with libtcnative ==
+ 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Building Tomcat on MacOS" by ChristopherSchultz

2018-11-05 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Building Tomcat on MacOS" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/Building%20Tomcat%20on%20MacOS?action=diff=1=2

- Building Tomcat from source on MacOS can require some additional work, 
especially if you want to build all of the optional items such as libtcnative.
+ Building Tomcat from source on MacOS can require some additional work, 
especially if you want to build all of the optional items such as 
{{{libtcnative}}}.
  
  == Building Tomcat==
+ 
  Building Tomcat itself is fairly straightforward. Simply download the source 
distribution of Tomcat and follow the indtructions in the BUILDING.txt file 
bundled with the distribution.
  
  Briefly, you'll need:
@@ -17, +18 @@

  
  You may have to set your {{{JAVA_HOME}}} environment variable and/or specify 
the full path to your {{{ant}}} binary.
  
+ == Building {{{libtcnative}}} ==
+ 
+ Building {{{libtcnative}}} it fairly straightforward as well, but you will 
need a number of prerequisites that are not terribly obvious as to how to get 
them.
+ 
+  1. Xcode command-line tools, available from 
[[https://developer.apple.com/download/more/|Apple's developer tools download 
site]]. Make sure you get the proper version for your XCode version (if you 
have XCode already installed) and your OS version (10.x)
+  1. Apache Portal Runtime (APR), available either directly from Apache 
([[https://apr.apache.org/download.cgi|APR downloads]]) or by using 
[[brew|https://brew.sh/]] ({{{brew install apr}}})
+  1. (Optional) OpenSSL 1.1.1 (latest at the time of this writing), available 
either directly from OpenSSL ([[|OpenSSL Downloads]]) or by using [[brew|]] 
({{{brew install openssl1
+ 
+ === Using OpenSSL ===
+ If using OpenSSL:
+ 
+   {{{./configure --with-ssl=[path to OpenSSL] --with-apr=[path to APR] 
--with-java-home=[your java home]}}}
+ 
+ For example:
+ 
+   {{{./configure --with-ssl=/usr/local/Cellar/openssl\@1.1/1.1.1 
--with-apr=/usr/local/Cellar/apr/1.6.5 
--with-java-home=/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home}}}
+ 
+ === Without OpenSSL (LibreSSL) ===
+ 
+ If not using OpenSSL:
+ 
+   {{{./configure --with-ssl=yes --with-apr=[path to APR] 
--with-java-home=[your java home]}}}
+ 
+   {{{./configure --with-ssl=yes --with-apr=/usr/local/Cellar/apr/1.6.5 
--with-java-home=/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home}}}
+ 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Building Tomcat on MacOS" by ChristopherSchultz

2018-11-05 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Building Tomcat on MacOS" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/Building%20Tomcat%20on%20MacOS

New page:
Building Tomcat from source on MacOS can require some additional work, 
especially if you want to build all of the optional items such as libtcnative.

== Building Tomcat==
Building Tomcat itself is fairly straightforward. Simply download the source 
distribution of Tomcat and follow the indtructions in the BUILDING.txt file 
bundled with the distribution.

Briefly, you'll need:

 1. The Tomcat source tarball (the ZIP file is fine, but we're on UNIX, so the 
tarball is more natural)
 1. A Java Development Kit, available from [[https://jdk.java.net/|Java.net]]
 1. Apache ant, available from the 
[[https://ant.apache.org/bindownload.cgi|Apache ant downloads]] page

Once you have all that,

 {{{ant deploy}}}

You may have to set your {{{JAVA_HOME}}} environment variable and/or specify 
the full path to your {{{ant}}} binary.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ClusteringCloud" by JeanFredericClere

2018-10-10 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ClusteringCloud" page has been changed by JeanFredericClere:
https://wiki.apache.org/tomcat/ClusteringCloud?action=diff=3=4



  
+ 2 - Example there is an example to use it with OpenShift in 
https://github.com/jfclere/tomcat-kubernetes
+ 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ClusteringCloud" by JeanFredericClere

2018-10-10 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ClusteringCloud" page has been changed by JeanFredericClere:
https://wiki.apache.org/tomcat/ClusteringCloud?action=diff=2=3

  There are 2 ways to organize your images, use a standalone tomcat and add 
your webapps to it or prepare your webapps as a micro service and have one 
image per webapps.
  Each image will be started as a pod on kubernetes, you can scale up and down 
by changing the number of pods running your webapp or your tomcat. Hanging or 
dying pods are restarted by kubernetes.
  
- = "Standalone" tomcat  configuration: =;
+ 1 - "Full" tomcat  configuration:
+ 
  In server.xml use the following:



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ClusteringCloud" by JeanFredericClere

2018-10-10 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ClusteringCloud" page has been changed by JeanFredericClere:
https://wiki.apache.org/tomcat/ClusteringCloud?action=diff=1=2

  There are 2 ways to organize your images, use a standalone tomcat and add 
your webapps to it or prepare your webapps as a micro service and have one 
image per webapps.
  Each image will be started as a pod on kubernetes, you can scale up and down 
by changing the number of pods running your webapp or your tomcat. Hanging or 
dying pods are restarted by kubernetes.
  
- = 1 - "Standalone" tomcat  configuration: =;
+ = "Standalone" tomcat  configuration: =;
  In server.xml use the following:



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ClusteringCloud" by JeanFredericClere

2018-10-10 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ClusteringCloud" page has been changed by JeanFredericClere:
https://wiki.apache.org/tomcat/ClusteringCloud

New page:
How to use tomcat clustering in the cloud.

The load-balancer and the sticky (or not sticky) logic is provided by the cloud 
it self, basically you have to expose a service and configure a route. Cloud 
configuration depends on the cloud providers, document for the mean cloud 
providers will be added to this wiki.
The tomcat clustering for the cloud uses Kubernetes you have to configure your 
nodes to use Kubernetes, all cloud providers support Kubernetes. Kubernetes 
uses Docker so you have to create a Docker image to use tomcat in the cloud.
There are 2 ways to organize your images, use a standalone tomcat and add your 
webapps to it or prepare your webapps as a micro service and have one image per 
webapps.
Each image will be started as a pod on kubernetes, you can scale up and down by 
changing the number of pods running your webapp or your tomcat. Hanging or 
dying pods are restarted by kubernetes.

= 1 - "Standalone" tomcat  configuration: =;
In server.xml use the following:
  
  
  
  
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2018-04-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=23=24

Comment:
Update OpenSSL table

  
  == APR with OpenSSL Results (Default) ==
  
- |||| Java 6 || Java 7 || Java 8 ||
+ |||| Java 6 || Java 7 || Java 8 || Java 9 || Java 10 ||
- || Tomcat 7   ||   A||   A||   A||
+ || Tomcat 7   ||   A||   A||   A||   A||A||
- || Tomcat 8   ||  N/A   ||   A||   A||
+ || Tomcat 8   ||  N/A   ||   A||   A||   A||A||
- || Tomcat 8.5 ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   A||   A||   A||A||
- || Tomcat 9   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||   A||A||
  
  The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2018-04-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=22=23

Comment:
Update JSSE+OpenSSL table

  
  == NIO/NIO2 with JSSE+OpenSSL Results (Default) ==
  
- |||| Java 6 || Java 7 || Java 8 ||
+ |||| Java 6 || Java 7 || Java 8 || Java 9 || Java 10 ||
- || Tomcat 8.5 ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   A||   A||   A||A||
- || Tomcat 9   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||   A||A||
  
  The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
- 
- Note: JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native release to 
achieve an A since, without it, the full certificate chain is not presented to 
the client.
  
  == APR with OpenSSL Results (Default) ==
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2018-04-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=21=22

Comment:
Add Java 10 for JSSE

  
  == BIO/NIO/NIO2 with JSSE Results (Default) ==
  
- |||| Java 6 || Java 7 || Java 8 || Java 9 ||
+ |||| Java 6 || Java 7 || Java 8 || Java 9 || Java 10 ||
- || Tomcat 7   ||   C||   B||   A||   A||
+ || Tomcat 7   ||   C||   B||   A||   A||A||
- || Tomcat 8   ||  N/A   ||   B||   A||   A||
+ || Tomcat 8   ||  N/A   ||   B||   A||   A||A||
- || Tomcat 8.5 ||  N/A   ||   B||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   B||   A||   A||A||
- || Tomcat 9   ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||   A||A||
  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2018-04-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=20=21

Comment:
Update versions, add Java 9 and update JSSE results

  
  == BIO/NIO/NIO2 with JSSE Results (Default) ==
  
- |||| Java 6 || Java 7 || Java 8 ||
+ |||| Java 6 || Java 7 || Java 8 || Java 9 ||
- || Tomcat 7   ||   C||   A||   A||
+ || Tomcat 7   ||   C||   B||   A||   A||
- || Tomcat 8   ||  N/A   ||   A||   A||
+ || Tomcat 8   ||  N/A   ||   B||   A||   A||
- || Tomcat 8.5 ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   B||   A||   A||
- || Tomcat 9   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||   A||
  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  
- Note: The 6 results are capped at C because Java 6 does not support TLS 1.1 
or 1.2.
+ Note: The Java 6 results are capped at C because Java 6 does not support TLS 
1.1 or 1.2.
+ 
+ Note: The Java 7 results are capped at B because Java 7 does not support AEAD 
ciphers.
  
  The equivalent OpenSSL cipher configurations used to obtain the above results 
are:
  
  || Java 6 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!DHE ||
  || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE ||
  || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
+ || Java 9 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
  
  Note: kRSA ciphers are not excluded in Java 6 since they are likely to be the 
only ones left
  
@@ -51, +54 @@

  The results above were generated with:
   * Java 6, 64-bit, update 45
   * Java 7, 64-bit, update 80
-  * Java 8, 64-bit, update 77
+  * Java 8, 64-bit, update 172
+  * Java 9, 9.0.4
-  * Apache Tomcat 7.0.69-dev, r1737253.
+  * Apache Tomcat 7.0.88-dev, r1737253.
-  * Apache Tomcat 8.0.34-dev, r1737224.
+  * Apache Tomcat 8.0.53-dev, r1737224.
-  * Apache Tomcat 8.5.1-dev, r1737241.
+  * Apache Tomcat 8.5.32-dev, r1737241.
-  * Apache Tomcat 9.0.0.M5-dev, r1737193.
+  * Apache Tomcat 9.0.9-dev, r1737193.
-  * tc-native 1.2.5
+  * tc-native 1.2.16
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2018-04-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=19=20

Comment:
Remove references to Java 5 and Tomcat 6

  
  == BIO/NIO/NIO2 with JSSE Results (Default) ==
  
- |||| Java 5 || Java 6 || Java 7 || Java 8 ||
+ |||| Java 6 || Java 7 || Java 8 ||
- || Tomcat 6   ||   C||   C||   A||   A||
- || Tomcat 7   ||  N/A   ||   C||   A||   A||
+ || Tomcat 7   ||   C||   A||   A||
- || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8   ||  N/A   ||   A||   A||
- || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   A||   A||
- || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||
  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  
- Note: The Java 5 and 6 results are capped at C because neither Java 5 nor 6 
support TLS 1.1 or 1.2.
+ Note: The 6 results are capped at C because Java 6 does not support TLS 1.1 
or 1.2.
  
  The equivalent OpenSSL cipher configurations used to obtain the above results 
are:
  
- || Java 5 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!DHE ||
  || Java 6 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!DHE ||
  || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE ||
  || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
  
- Note: kRSA ciphers are not excluded in Java 6 and earlier since they are 
likely to be the only ones left
+ Note: kRSA ciphers are not excluded in Java 6 since they are likely to be the 
only ones left
  
  Note: In Java 7 and earlier DHE ciphers use insecure DH keys with no means to 
configure longer keys which is why DHE ciphers are excluded in those Java 
versions.
  
  == NIO/NIO2 with JSSE+OpenSSL Results (Default) ==
  
- |||| Java 5 || Java 6 || Java 7 || Java 8 ||
+ |||| Java 6 || Java 7 || Java 8 ||
- || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   A||   A||
- || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||
  
  The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
  
@@ -40, +38 @@

  
  == APR with OpenSSL Results (Default) ==
  
- |||| Java 5 || Java 6 || Java 7 || Java 8 ||
+ |||| Java 6 || Java 7 || Java 8 ||
- || Tomcat 6   ||   A||   A||   A||   A||
- || Tomcat 7   ||  N/A   ||   A||   A||   A||
+ || Tomcat 7   ||   A||   A||   A||
- || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8   ||  N/A   ||   A||   A||
- || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||   A||   A||
- || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||   A||
  
  The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
  
  == Environment ==
  
  The results above were generated with:
-  * Java 5, 64-bit, update 22
   * Java 6, 64-bit, update 45
   * Java 7, 64-bit, update 80
   * Java 8, 64-bit, update 77
-  * Apache Tomcat 6.0.46-dev, r1737284.
   * Apache Tomcat 7.0.69-dev, r1737253.
   * Apache Tomcat 8.0.34-dev, r1737224.
   * Apache Tomcat 8.5.1-dev, r1737241.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Troubleshooting_and_Diagnostics" by KonstantinKolinko

2018-04-12 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Troubleshooting_and_Diagnostics" page has been changed by 
KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics?action=diff=21=22

Comment:
Add link to Security page.

  
   When the above flag is set, Tomcat recycles facades to its internal objects 
when request processing completes. This makes it easier to spot illegal access 
when it happens, instead of waiting until side effects of such access become 
visible.<><>
   This flag is also mentioned on the 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-howto.html#System_Properties|Security
 Considerations]] page.<><>
-  The flag is `true` when Tomcat runs with enabled 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-manager-howto.html|Java 
Security Manager]].
+  The flag is `true` when Tomcat runs with enabled 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-manager-howto.html|Java 
Security Manager]].<><>
+  You can also search the archives of the Tomcat users' 
[[http://tomcat.apache.org/lists.html|mailing lists]] for previous discussions 
mentioning the `RECYCLE_FACADES` flag.
  
   2. Read about [[FAQ/KnownIssues#ImageIOIssues|Java ImageIO]] issue.
  
+ Accessing response objects after their lifetime can lead to security issues 
in your application, such as sending responses to wrong clients, mixing up 
responses. If you can reproduce the issue and the above diagnostic does not 
show your own bug, but a bug in Apache Tomcat,
+  * if the problem manifests as a security issue, see 
[[http://tomcat.apache.org/security.html|how to report it]].
  
  
  [[CategoryFAQ]]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Troubleshooting_and_Diagnostics" by KonstantinKolinko

2018-04-12 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Troubleshooting_and_Diagnostics" page has been changed by 
KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics?action=diff=20=21

Comment:
Rearrange text about Response state troubleshooting

  
  E.g. [[https://bz.apache.org/bugzilla/show_bug.cgi?id=61289|61289]], 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=58457|58457]]
  
- The main suspect is your own web application keeping a reference to Request / 
Response objects outside of their life cycle. (*)
+ The main suspect is '''your own web application''' keeping a reference to 
Request / Response objects outside of their life cycle.
+ 
+ {{{#!wiki note
+ 
+ The lifetime of the Response object is documented in the 
[[Specifications|Servlet specification]]. Quoting from section "5.8 Lifetime of 
the Response Object" of Servlet 4.0 specification:
+ 
+ "Each response object is valid only within the scope of a servlet’s service 
method, or within the scope of a filter’s doFilter method, unless the 
associated request object has asynchronous processing enabled for the 
component. If asynchronous processing on the associated request is started, 
then the response object remains valid until complete method on !AsyncContext 
is called."
+ 
+ In case of asynchronous processing, when an error occurs Tomcat notifies all 
registered `AsyncListener`s and then calls `complete()` automatically if none 
of the listeners have called it yet. (Reference: 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=61768#c3|61768]])
+ 
+ Also see sections "2.3.3.4 Thread Safety" and "3.13 Lifetime of the Request 
Object" of the same specification.
+ }}}
+ 
+ To troubleshoot the issue:
  
   1. Set the following 
[[http://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html#Security|system
 property]] in Tomcat configuration:
  
  {{{org.apache.catalina.connector.RECYCLE_FACADES=true}}}
  
-  When flag is set, Tomcat recycles facades to its internal objects when 
request processing completes. This makes it easier to spot illegal access when 
it happens, instead of waiting until side effects of such access become 
visible.<><>
+  When the above flag is set, Tomcat recycles facades to its internal objects 
when request processing completes. This makes it easier to spot illegal access 
when it happens, instead of waiting until side effects of such access become 
visible.<><>
-  This flag is also mentioned on the 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-howto.html#System_Properties|Security
 Considerations]] page. The flag is `true` when Tomcat runs with enabled 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-manager-howto.html|Java 
Security Manager]].
+  This flag is also mentioned on the 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-howto.html#System_Properties|Security
 Considerations]] page.<><>
+  The flag is `true` when Tomcat runs with enabled 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-manager-howto.html|Java 
Security Manager]].
  
   2. Read about [[FAQ/KnownIssues#ImageIOIssues|Java ImageIO]] issue.
  
- (*) '''Note'''
- 
- The lifetime of the Response object is documented in the 
[[Specifications|Servlet specification]]. Quoting from section "5.8 Lifetime of 
the Response Object" of Servlet 4.0 specification:
- 
- || Each response object is valid only within the scope of a servlet’s service 
method, or within the scope of a filter’s doFilter method, unless the 
associated request object has asynchronous processing enabled for the 
component. If asynchronous processing on the associated request is started, 
then the response object remains valid until complete method on AsyncContext is 
called. ||
- 
- In case of asynchronous processing, when an error occurs Tomcat notifies all 
registered `AsyncListener`s and then calls `complete()` automatically if none 
of the listeners have called it yet. (Reference: 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=61768#c3|61768]])
- 
- Also see sections "2.3.3.4 Thread Safety" and "3.13 Lifetime of the Request 
Object" of the same specification.
  
  
  [[CategoryFAQ]]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FrontPage" by KonstantinKolinko

2018-03-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FrontPage" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FrontPage?action=diff=40=41

Comment:
Add steps on how to create a Wiki name, following suggestion by Charlie Arehart 
on the users' list

  
  This is the Wiki for Apache Tomcat, a Servlet and Java Server Pages container 
developed under the Apache License. The main documentation for this product is 
at [[http://tomcat.apache.org|tomcat.apache.org]]. Below is a list of some 
useful pages: we encourage everyone to contribute to these pages or start new 
ones as desired. But before you do, please check out the main documentation 
site as well as the [[FAQ]] and the 
[[http://tomcat.apache.org/lists.html|mailing lists]] (whose archives are 
searchable).
  
- If you do decide to contribute, you will need to create a Wiki login name and 
then send an e-mail to the Tomcat developers' mailing list or 
[[FAQ/Tomcat_User|Tomcat users' mailing list]], see 
[[http://tomcat.apache.org/lists.html|mailing lists]] page for details, asking 
to be added to the ContributorsGroup. Please remember to provide your Wiki 
name. (Do not send personal e-mails to committers. Ask on a mailing list, so 
that a public record of this remains in an archive.) Apologies for this extra 
step, but it's necessary to combat spam.
+ If you do decide to contribute, you will need to create a Wiki login name 
(click "Login" link at the top of the page, then "create one now") and then 
send an e-mail to the Tomcat developers' mailing list or 
[[FAQ/Tomcat_User|Tomcat users' mailing list]], see 
[[http://tomcat.apache.org/lists.html|mailing lists]] page for details, asking 
to be added to the ContributorsGroup. Please remember to provide your Wiki 
name. (Do not send personal e-mails to committers. Ask on a mailing list, so 
that a public record of this remains in an archive.) Apologies for this extra 
step, but it's necessary to combat spam.
  
   * '''[[GettingStarted|Getting Started]]''' - Getting started with Tomcat.
   * '''[[TomcatVersions|Tomcat versions]]''' - A list of every Tomcat version 
and its current status.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ContributorsGroup" by ChristopherSchultz

2018-03-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=32=33

   * AndreaBrugiolo
   * AndrewCarr
   * BrianBurch
+  * CharlieArehart
   * CoreyNorthcutt
   * dblevins
   * developintelligence

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "TomcatVersions" by VioletaGeorgieva

2018-01-25 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "TomcatVersions" page has been changed by VioletaGeorgieva:
https://wiki.apache.org/tomcat/TomcatVersions?action=diff=29=30

  
  = Tomcat 9.0.x =
  ||Spec versions: ||Servlet 4.0, JSP 2.3, EL 3.0, !WebSocket 1.1, JASPIC 1.1 ||
- ||Stable: ||No ||
+ ||Stable: ||Yes ||
  ||Enhancements: ||Yes ||
  ||Bug Fixes: ||Yes ||
  ||Security Fixes: ||Yes ||

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "AddOns" by KonstantinKolinko

2018-01-23 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "AddOns" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/AddOns?action=diff=12=13

Comment:
Add link to "PicketLink Vault extension for Apache Tomcat" project.

  (Historically, the name is a tribute to Lambda Probe project, which they 
continued as a fork. The original Lambda Probe project (www.lambdaprobe.org) 
closed more than 10 years ago (2006) and is not applicable to current versions 
of Tomcat).
  
  
+ 
+ = Other =
+ 
+  * [[https://github.com/picketbox/tomcat-vault|PicketLink Vault extension for 
Apache Tomcat]] - Provides a custom `PropertySource` that can be used with 
Tomcat. See [[FAQ/Password]].
+ 
+ 
  [[CategoryFAQ]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Password" by KonstantinKolinko

2018-01-23 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Password" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Password?action=diff=12=13

Comment:
Update entry about setting a custom PropertySource. Add link to "PicketLink 
Vault extension for Apache Tomcat" project.

   . Now, whenever you write {{{}}} in the text below, it will be 
replaced by the content of the file "resources.txt". The file path is relative 
to the conf directory.
   * Write your own datasource implementation which wraps your datasource and 
obscure your brains out ([[http://en.wikipedia.org/wiki/XOR_cipher|XOR]] and 
[[http://en.wikipedia.org/wiki/ROT13|ROT13]] are great candidates for this 
since their strength matches the protection you'll actually get). See the docs 
on how to do this.
   * Write your own {{{javax.naming.spi.ObjectFactory}}} implementation that 
creates and configures your datasource.
-  * (Tomcat 7) Write your own 
{{{org.apache.tomcat.util.IntrospectionUtils.PropertySource}}} implementation 
to 'decrypt' passwords that are 'encrypted' in catalina.properties and 
referenced via ${...} in server.xml. You will need to set the system property 
{{{org.apache.tomcat.util.digester.PROPERTY_SOURCE}}} to point to your 
!PropertySource implementation. 
+  * Write your own 
{{{org.apache.tomcat.util.IntrospectionUtils.PropertySource}}} implementation 
to 'decrypt' passwords that are 'encrypted' in catalina.properties and 
referenced via ${...} in server.xml. You will need to set the 
[[https://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html|system 
property]] {{{org.apache.tomcat.util.digester.PROPERTY_SOURCE}}} to point to 
your !PropertySource implementation.
+ * An example of a project that provides such custom !PropertySource: 
[[https://github.com/picketbox/tomcat-vault|PicketLink Vault extension for 
Apache Tomcat]].
  
  A cultural reference:
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "tools/SSLUtils.java" by ChristopherSchultz

2018-01-13 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "tools/SSLUtils.java" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/tools/SSLUtils.java?action=diff=2=3

Comment:
Replace source file with link to GitHub repository.

+ This utility has been replaced by a project on GitHub:
+ https://github.com/ChristopherSchultz/ssltest
- {{{
- /*
-  * SSLUtils.java
-  *
-  * Contains useful SSL/TLS methods.
-  *
-  * Copyright (c) 2015 Christopher Schultz
-  *
-  * Christopher Schultz licenses this file to You under the Apache License,
-  * Version 2.0 (the "License"); you may not use this file except in
-  * compliance with the License.  You may obtain a copy of the License at
-  *
-  *   http://www.apache.org/licenses/LICENSE-2.0
-  *
-  *  Unless required by applicable law or agreed to in writing, software
-  *  distributed under the License is distributed on an "AS IS" BASIS,
-  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  *  See the License for the specific language governing permissions and
-  *  limitations under the License.
-  */
- import java.io.File;
- import java.io.FileInputStream;
- import java.io.IOException;
- import java.io.InputStream;
- import java.net.InetAddress;
- import java.net.ServerSocket;
- import java.net.Socket;
- import java.net.UnknownHostException;
- import java.security.InvalidAlgorithmParameterException;
- import java.security.KeyManagementException;
- import java.security.KeyStore;
- import java.security.KeyStoreException;
- import java.security.NoSuchAlgorithmException;
- import java.security.NoSuchProviderException;
- import java.security.SecureRandom;
- import java.security.cert.CRL;
- import java.security.cert.CRLException;
- import java.security.cert.CertPathParameters;
- import java.security.cert.CertStore;
- import java.security.cert.CertStoreParameters;
- import java.security.cert.CertificateException;
- import java.security.cert.CertificateFactory;
- import java.security.cert.CollectionCertStoreParameters;
- import java.security.cert.PKIXBuilderParameters;
- import java.security.cert.X509CertSelector;
- import java.security.cert.X509Certificate;
- import java.util.Collection;
  
- import javax.net.ssl.CertPathTrustManagerParameters;
- import javax.net.ssl.HostnameVerifier;
- import javax.net.ssl.HttpsURLConnection;
- import javax.net.ssl.ManagerFactoryParameters;
- import javax.net.ssl.SSLContext;
- import javax.net.ssl.SSLServerSocket;
- import javax.net.ssl.SSLServerSocketFactory;
- import javax.net.ssl.SSLSession;
- import javax.net.ssl.SSLSocket;
- import javax.net.ssl.SSLSocketFactory;
- import javax.net.ssl.TrustManager;
- import javax.net.ssl.TrustManagerFactory;
- import javax.net.ssl.X509TrustManager;
- 
- /**
-  * Lots of useful SSL-related goodies.
-  *
-  * @author Christopher Schultz
-  * @author Apache Software Foundation (some code adapted/lifted from Apache 
Tomcat).
-  */
- public class SSLUtils
- {
- public static void disableSSLHostnameVerification()
- {
- HostnameVerifier verifyEverything = new HostnameVerifier() {
- public boolean verify(String hostname, SSLSession session)
- {
- return true;
- }
- };
- 
- HttpsURLConnection.setDefaultHostnameVerifier(verifyEverything);
- }
- 
- private static final TrustManager[] trustAllCerts = new TrustManager[] {
- new X509TrustManager() {
- public X509Certificate[] getAcceptedIssuers() {
- return null;
- }
- public void checkClientTrusted(X509Certificate[] certs,
-String authType) {
- // Trust all clients
- }
- public void checkServerTrusted(X509Certificate[] certs,
-String authType) {
- // Trust all servers
- }
- }
- };
- 
- public static TrustManager[] getTrustAllCertsTrustManagers()
- {
- return trustAllCerts.clone();
- }
- 
- /**
-  * Configures SSLSocketFactory for Java's HttpsURLConnection.
-  */
- public static void configureHttpsURLConnection(String protocol,
-String[] 
sslEnabledProtocols,
-String[] sslCipherSuites,
-SecureRandom random,
-TrustManager[] tms)
- throws NoSuchAlgorithmException, KeyManagementException
- {
- 
HttpsURLConnection.setDefaultSSLSocketFactory(getSSLSocketFactory(protocol,
-   
sslEnabledProtocols,
-

[Tomcat Wiki] Update of "tools/SSLTest.java" by ChristopherSchultz

2018-01-13 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "tools/SSLTest.java" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/tools/SSLTest.java?action=diff=4=5

Comment:
Replace source file with link to GitHub repository.

+ This utility has been replaced by a project on GitHub:
+ https://github.com/ChristopherSchultz/ssltest
- {{{
- /*
-  * SSLTest.java
-  *
-  * Tests servers for SSL/TLS protocol and cipher support.
-  *
-  * Copyright (c) 2015 Christopher Schultz
-  *
-  * Christopher Schultz licenses this file to You under the Apache License,
-  * Version 2.0 (the "License"); you may not use this file except in
-  * compliance with the License.  You may obtain a copy of the License at
-  *
-  *   http://www.apache.org/licenses/LICENSE-2.0
-  *
-  *  Unless required by applicable law or agreed to in writing, software
-  *  distributed under the License is distributed on an "AS IS" BASIS,
-  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  *  See the License for the specific language governing permissions and
-  *  limitations under the License.
-  */
- // Note this class requires [[SSLUtils.java]]
- import java.io.IOException;
- import java.net.InetSocketAddress;
- import java.net.Socket;
- import java.net.SocketTimeoutException;
- import java.security.NoSuchAlgorithmException;
- import java.security.Provider;
- import java.security.SecureRandom;
- import java.security.Security;
- import java.security.cert.Certificate;
- import java.security.cert.X509Certificate;
- import java.util.ArrayList;
- import java.util.Arrays;
- import java.util.Collections;
- import java.util.HashSet;
- import java.util.List;
- import java.util.Map.Entry;
  
- import javax.net.ssl.SSLContext;
- import javax.net.ssl.SSLSocket;
- import javax.net.ssl.SSLSocketFactory;
- import javax.net.ssl.TrustManager;
- 
- /**
-  * A driver class to test a server's SSL/TLS support.
-  *
-  * Usage: java SSLTest [opts] host[:port]
-  *
-  * Try "java SSLTest -h" for help.
-  *
-  * This tester will attempts to handshake with the target host with all
-  * available protocols and ciphers and report which ones were accepted and
-  * which were rejected. An HTTP connection is never fully made, so these
-  * connections should not flood the host's access log with entries.
-  *
-  * @author Christopher Schultz
-  */
- public class SSLTest
- {
- public static void usage()
- {
- System.out.println("Usage: java " + SSLTest.class + " [opts] 
host[:port]");
- System.out.println();
- System.out.println("-sslprotocol Sets the SSL/TLS 
protocol to be used (e.g. SSL, TLS, SSLv3, TLSv1.2, etc.)");
- System.out.println("-enabledprotocols protocols  Sets individual 
SSL/TLS ptotocols that should be enabled");
- System.out.println("-ciphers cipherspec  A comma-separated 
list of SSL/TLS ciphers");
- 
- System.out.println("-truststore  Sets the trust store 
for connections");
- System.out.println("-truststoretype type Sets the type for 
the trust store");
- System.out.println("-truststorepassword pass Sets the password 
for the trust store");
- System.out.println("-truststorealgorithm alg Sets the algorithm 
for the trust store");
- System.out.println("-truststoreprovider provider Sets the crypto 
provider for the trust store");
- 
- System.out.println("-no-check-certificateIgnores certificate 
errors");
- System.out.println("-no-verify-hostname  Ignores hostname 
mismatches");
- 
- System.out.println("-h -help --help Shows this help message");
- }
- 
- public static void main(String[] args)
- throws Exception
- {
- int connectTimeout = 0; // default = infinite
- int readTimeout = 1000;
- 
- boolean disableHostnameVerification = true;
- boolean disableCertificateChecking = true;
- 
- String trustStoreFilename = 
System.getProperty("javax.net.ssl.trustStore");
- String trustStorePassword = 
System.getProperty("javax.net.ssl.trustStorePassword");
- String trustStoreType = 
System.getProperty("javax.net.ssl.trustStoreType");
- String trustStoreProvider = 
System.getProperty("javax.net.ssl.trustStoreProvider");
- String trustStoreAlgorithm = null;
- String sslProtocol = "TLS";
- String[] sslEnabledProtocols = new String[] { "SSLv2", "SSLv2hello", 
"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" };
- String[] sslCipherSuites = null; // Default = default for protocol
- String crlFilename = null;
- boolean showCerts = false;
- 
- if(args.length < 1)
- {
- usage();
- System.exit(0);
- }
- 
- int argIndex;
- for(argIndex = 0; argIndex < args.length; ++argIndex)
- {
-

[Tomcat Wiki] Update of "ContributorsGroup" by ChristopherSchultz

2017-12-08 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=31=32

   * DmytroMrachkovskyi
   * EmericVernat
   * GaryBriggs
+  * GeorgeSexton
   * GFUCyrusAG
   * GlenIhrig
   * GregTrasuk

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Security" by KonstantinKolinko

2017-12-08 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Security" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Security?action=diff=21=22

Comment:
Mention CVE-2009-3548 in the "Record" section.

  === The Record ===
  
  There have been no public cases of damage done to a company, organization, or 
individual due to a Tomcat security issue. There have been no documented cases 
of data loss or application crashes caused by an intruder. While there have 
been numerous analyses conducted on Tomcat, partially because this is easy to 
do with Tomcat's source code openly available, there have been only 
'''theoretical''' vulnerabilities found. All of those were addressed even 
though there were no documented cases of actual exploitation of these 
vulnerabilities.
+ 
+ That said,
+  * There have been several reports of a compromise done via guess of the 
password of a user of the Manager web application.<><>There was once a 
bug that blindly clicking-trough the Windows installer configured a manager 
user with blank password 
([[http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.24|CVE-2009-3548]]).
 This was fixed by April 2010 (Tomcat 5.5.29, 6.0.24 and later are 
safe).<><>Please see "Security considerations" pages in Tomcat 
documentation ([[#Links|linked below]]) for a reference on how access to 
Management Applications in Tomcat should be secured.
+ 
+  * There have been several reports of compromises via vulnerabilities in 3-rd 
party web applications deployed on Tomcat. E.g. vulnerabilities in Apache 
Struts framework were a popular attack target several times in years 2013-2017. 
E.g. 
[[https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax|Equifax
 breach]] in year 2017. It is unknown whether Equifax has run their application 
on Tomcat, but there have been a number of similar compromise reports from 
Tomcat users. Those are not caused by a vulnerability in Tomcat.
+ 
  === Role of Customization ===
  
  We believe, and the evidence suggests, that Tomcat is more than secure enough 
for most use-cases. However, like all other components of Tomcat, you can 
customize any and all of the relevant parts of the server to achieve even 
higher security. For example, the session manager implementation is pluggable, 
and even the default implementation has support for pluggable random number 
generators. If you have a special need that you feel is not met by Tomcat out 
of the box, consider these customization options. At the same time, please 
bring up your requirements on the user mailing list, where we'll be glad to 
discuss it and assist in your approach/design/implementation as needed.
+ 
+ It is also possible to configure Tomcat insecurely. Please see "Security 
considerations" pages in Tomcat documentation ([[#Links|linked below]]) for the 
list of security-sensitive options.
  
  === Links ===
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Security" by KonstantinKolinko

2017-12-08 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Security" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Security?action=diff=20=21

Comment:
Add links to Tomcat 8.5 and Tomcat 9 "Security Considerations" pages.

  === Links ===
  
   * Known vulnerabilities [[http://tomcat.apache.org/security.html]]
-  * Security considerations (Tomcat documentation) - 
[[http://tomcat.apache.org/tomcat-8.0-doc/security-howto.html|Tomcat 8]], 
[[http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html|Tomcat 7]]
+  * Security considerations (Tomcat documentation) - 
[[http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html|Tomcat 9]],
+  [[http://tomcat.apache.org/tomcat-8.5-doc/security-howto.html|Tomcat 8.5]],
+  [[http://tomcat.apache.org/tomcat-8.0-doc/security-howto.html|Tomcat 8.0]],
+  [[http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html|Tomcat 7]]
  
  == Questions ==
   1. [[#Q1|How do I use OpenSSL to set up my own Certificate Authority (CA)?]]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Troubleshooting_and_Diagnostics" by KonstantinKolinko

2017-11-29 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Troubleshooting_and_Diagnostics" page has been changed by 
KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics?action=diff=19=20

Comment:
Document what is the lifetime of Request/Response objects. Reference the 
specification.

  
  E.g. [[https://bz.apache.org/bugzilla/show_bug.cgi?id=61289|61289]], 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=58457|58457]]
  
- The main suspect is your own web application keeping a reference to Request / 
Response objects outside of their life cycle.
+ The main suspect is your own web application keeping a reference to Request / 
Response objects outside of their life cycle. (*)
  
   1. Set the following 
[[http://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html#Security|system
 property]] in Tomcat configuration:
  
  {{{org.apache.catalina.connector.RECYCLE_FACADES=true}}}
  
-  This flag instructs Tomcat to recycle facades to its internal objects, so 
that it is easier to spot illegal access when it happens, instead of waiting 
until internal state of referenced object becomes corrupted from concurrent 
access.
+  When flag is set, Tomcat recycles facades to its internal objects when 
request processing completes. This makes it easier to spot illegal access when 
it happens, instead of waiting until side effects of such access become 
visible.<><>
+  This flag is also mentioned on the 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-howto.html#System_Properties|Security
 Considerations]] page. The flag is `true` when Tomcat runs with enabled 
[[http://tomcat.apache.org/tomcat-8.5-doc/security-manager-howto.html|Java 
Security Manager]].
  
   2. Read about [[FAQ/KnownIssues#ImageIOIssues|Java ImageIO]] issue.
+ 
+ (*) '''Note'''
+ 
+ The lifetime of the Response object is documented in the 
[[Specifications|Servlet specification]]. Quoting from section "5.8 Lifetime of 
the Response Object" of Servlet 4.0 specification:
+ 
+ || Each response object is valid only within the scope of a servlet’s service 
method, or within the scope of a filter’s doFilter method, unless the 
associated request object has asynchronous processing enabled for the 
component. If asynchronous processing on the associated request is started, 
then the response object remains valid until complete method on AsyncContext is 
called. ||
+ 
+ In case of asynchronous processing, when an error occurs Tomcat notifies all 
registered `AsyncListener`s and then calls `complete()` automatically if none 
of the listeners have called it yet. (Reference: 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=61768#c3|61768]])
+ 
+ Also see sections "2.3.3.4 Thread Safety" and "3.13 Lifetime of the Request 
Object" of the same specification.
  
  
  [[CategoryFAQ]]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Troubleshooting_and_Diagnostics" by KonstantinKolinko

2017-11-10 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Troubleshooting_and_Diagnostics" page has been changed by 
KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics?action=diff=18=19

Comment:
Change section title

  
*  A good place for a breakpoint is 
`org.apache.catalina.connector.CoyoteAdapter.service()` method. That is the 
entry point from Tomcat connectors and into the Servlet engine. At that place 
your request has already been received and its processing starts.
  
- == Troubleshooting Response State Problems ==
+ == Troubleshooting unexpected Response state problems ==
  
- If you encounter problems that manifest themselves as accessing a request / 
response that is an inconsistent state. 
+ If you encounter problems that manifest themselves as accessing a request or 
response that is an inconsistent state. 
  
  E.g. [[https://bz.apache.org/bugzilla/show_bug.cgi?id=61289|61289]], 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=58457|58457]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Troubleshooting_and_Diagnostics" by KonstantinKolinko

2017-10-02 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Troubleshooting_and_Diagnostics" page has been changed by 
KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics?action=diff=17=18

Comment:
Add a section on RECYCLE_FACADES

  
*  A good place for a breakpoint is 
`org.apache.catalina.connector.CoyoteAdapter.service()` method. That is the 
entry point from Tomcat connectors and into the Servlet engine. At that place 
your request has already been received and its processing starts.
  
+ == Troubleshooting Response State Problems ==
+ 
+ If you encounter problems that manifest themselves as accessing a request / 
response that is an inconsistent state. 
+ 
+ E.g. [[https://bz.apache.org/bugzilla/show_bug.cgi?id=61289|61289]], 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=58457|58457]]
+ 
+ The main suspect is your own web application keeping a reference to Request / 
Response objects outside of their life cycle.
+ 
+  1. Set the following 
[[http://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html#Security|system
 property]] in Tomcat configuration:
+ 
+ {{{org.apache.catalina.connector.RECYCLE_FACADES=true}}}
+ 
+  This flag instructs Tomcat to recycle facades to its internal objects, so 
that it is easier to spot illegal access when it happens, instead of waiting 
until internal state of referenced object becomes corrupted from concurrent 
access.
+ 
+  2. Read about [[FAQ/KnownIssues#ImageIOIssues|Java ImageIO]] issue.
+ 
  
  [[CategoryFAQ]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/KnownIssues" by KonstantinKolinko

2017-10-02 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/KnownIssues" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/KnownIssues?action=diff=15=16

Comment:
Replace obsolete bugzilla links with a link to tomcat.apache.org/bugreport.html

  
  To determine the known issues for any given Tomcat version, you'll need to 
review the following:
   * The currently open bugs and enhancement requests in Bugzilla
-* 
[[https://issues.apache.org/bugzilla/buglist.cgi?query_format=advanced;bug_status=UNCONFIRMED;bug_status=NEW;bug_status=ASSIGNED;bug_status=REOPENED;bug_status=NEEDINFO;product=Tomcat%207|Open
 Tomcat 7 bugs]]
-* 
[[https://issues.apache.org/bugzilla/buglist.cgi?query_format=advanced;bug_status=UNCONFIRMED;bug_status=NEW;bug_status=ASSIGNED;bug_status=REOPENED;bug_status=NEEDINFO;product=Tomcat%206|Open
 Tomcat 6 bugs]]
   * The latest (from svn) change log entries for all newer versions
+ 
+ See chapter 
[[https://tomcat.apache.org/bugreport.html#Looking_for_known_issues|Looking for 
known issues]] on Tomcat web site.
-* 
[[http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml| 
Tomcat 8 change log]]
-* 
[[http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml|
 Tomcat 7 change log]]
-* 
[[http://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml|
 Tomcat 6 change log]]
  
  <>
  === What are the known issues with the Oracle JRE? ===

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/KnownIssues" by KonstantinKolinko

2017-10-02 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/KnownIssues" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/KnownIssues?action=diff=14=15

Comment:
Minor formatting corrections. Split paragraphs.

  
  '''Are there any other corresponding cases of this bug?'''
  
- The third party PDF generating software module PD4ML has had a corresponding 
problem when calling the render() methods in class org.zefer.pd4ml.PD4ML with 
response.getOutputStream() as argument. That causes the response stream to be 
closed from a finalizer() method of a class called PD4Device. When using an 
Apache/Tomcat connector, this unexpected stream close from the finalizer thread 
has occationally caused responses to be sent to wrong requestor 
(request/response mix up). The workarounds described above for ImageIO works 
perfectly in this case too. A general way to protect the response output 
streams from misbehaving web applications is to set the system property 
org.apache.catalina.connector.RECYCLE_FACADES=true, since that makes Tomcat 
create new stream instances for each request (of course at the cost of 
performance).
+ The third party PDF generating software module PD4ML has had a corresponding 
problem when calling the render() methods in class org.zefer.pd4ml.PD4ML with 
response.getOutputStream() as argument. That causes the response stream to be 
closed from a finalizer() method of a class called PD4Device. When using an 
Apache/Tomcat connector, this unexpected stream close from the finalizer thread 
has occationally caused responses to be sent to wrong requestor 
(request/response mix up). The workarounds described above for ImageIO works 
perfectly in this case too.
- <>
- <>
- PD4ML has fixed this bug in their latest releases, but sites using older 
versions of the library can still be affected. PD4ML version 3.2.3 definitely 
has this flaw, but the currently latest version 3.8.0 is fixed. The release 
notes gives no clues where in between the problem was fixed and the vendor was 
not able to tell either in 
[[http://pd4ml.com/support/pdf-generation-troubleshooting-f4/pd4device-finalize-closes-output-stream-and-causes-mixup-t543.html|this
 bug report]].
  
+ A general way to protect the response output streams from misbehaving web 
applications is to set the system property 
org.apache.catalina.connector.RECYCLE_FACADES=true, since that makes Tomcat 
create new stream instances for each request (of course at the cost of 
performance).
+ 
+ PD4ML has fixed this bug in their latest releases, but sites using older 
versions of the library can still be affected. PD4ML version 3.2.3 definitely 
has this flaw, but the currently latest version 3.8.0 is fixed. The release 
notes document gives no clues where in between the problem was fixed, and the 
vendor was not able to tell either in 
[[http://pd4ml.com/support/pdf-generation-troubleshooting-f4/pd4device-finalize-closes-output-stream-and-causes-mixup-t543.html|this
 bug report]].
+ 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=47=48

Comment:
Move HTTP/2 specifications to HTTP section. Remove SPDY protocol.

  
  The following are specifications for the web protocols supported by Tomcat.
  
- == HTTP ==
+ == HTTP, HTTP/2 ==
  
  || HTTP 0.9 || [[http://www.w3.org/Protocols/HTTP/AsImplemented.html|The 
Original HTTP as defined in 1991]] at W3.org||
  || HTTP/1.0 || [[http://tools.ietf.org/html/rfc1945|RFC 1945]] ||
- || HTTP/1.1 || [[http://tools.ietf.org/html/rfc2068|RFC 2068]] (January 1997) 
- obsolete, replaced by 2616<>[[http://tools.ietf.org/html/rfc2616|RFC 
2616]] (June 1999) - obsolete, replaced by 
7230...7235<>[[http://tools.ietf.org/html/rfc7230|RFC 7230]] (June 2014) - 
Message Syntax and Routing<>[[http://tools.ietf.org/html/rfc7231|RFC 7231]] 
(June 2014) - Semantics and 
Content<>[[http://tools.ietf.org/html/rfc7232|RFC 7232]] (June 2014) - 
Conditional Requests<>[[http://tools.ietf.org/html/rfc7233|RFC 7233]] (June 
2014) - Range Requests<>[[http://tools.ietf.org/html/rfc7234|RFC 7234]] 
(June 2014) - Caching<>[[http://tools.ietf.org/html/rfc7235|RFC 7235]] 
(June 2014) - Authentication ||
+ || HTTP/1.1 || [[http://tools.ietf.org/html/rfc2068|RFC 2068]] (January 1997) 
- obsolete, replaced by 2616<>[[http://tools.ietf.org/html/rfc2616|RFC 
2616]] (June 1999) - obsolete, replaced by 
7230...7235<><>[[http://tools.ietf.org/html/rfc7230|RFC 7230]] (June 
2014) - Message Syntax and 
Routing<>[[http://tools.ietf.org/html/rfc7231|RFC 7231]] (June 2014) - 
Semantics and Content<>[[http://tools.ietf.org/html/rfc7232|RFC 7232]] 
(June 2014) - Conditional 
Requests<>[[http://tools.ietf.org/html/rfc7233|RFC 7233]] (June 2014) - 
Range Requests<>[[http://tools.ietf.org/html/rfc7234|RFC 7234]] (June 2014) 
- Caching<>[[http://tools.ietf.org/html/rfc7235|RFC 7235]] (June 2014) - 
Authentication ||
+ || HTTP/2 || [[http://tools.ietf.org/html/rfc7540|RFC 7540]] (May 2015) - 
Hypertext Transfer Protocol Version 2 
(HTTP/2)<>[[http://tools.ietf.org/html/rfc7541|RFC 7541]] (May 2015) - 
HPACK: Header Compression for HTTP/2<><> 
[[http://http2.github.io/|HTTP/2 home page, maintained by the IETF HTTPbis 
Working Group]] ||
  
  === Related Specifications ===
  
@@ -168, +169 @@

  
  || AJP/1.3 || [[http://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html|AJP 
Protocol Reference - AJPv13]] ||
  
- == SPDY ==
- 
- TBD
- 
- SPDY protocol is obsolete, has been replaced by HTTP/2.
- 
- 
[[http://tools.ietf.org/html/draft-mbelshe-httpbis-spdy-00|draft-mbelshe-httpbis-spdy-00]]
 (Draft 3), Expires: August 4, 2012
- 
- [[http://dev.chromium.org/spdy/spdy-protocol|List of protocol specifications, 
at dev.chromium.org]]
- 
- == HTTP/2 ==
- 
- [[http://http2.github.io/|HTTP/2 home page, maintained by the IETF HTTPbis 
Working Group]]
- 
- || HTTP/2 || [[http://tools.ietf.org/html/rfc7540|RFC 7540]] (May 2015) - 
Hypertext Transfer Protocol Version 2 
(HTTP/2)<>[[http://tools.ietf.org/html/rfc7541|RFC 7541]] (May 2015) - 
HPACK: Header Compression for HTTP/2 ||
- 
- Note: Firefox enabled HTTP/2 protocol starting with version 34 (released on 
December 1, 2014), according to its 
[[https://developer.mozilla.org/en-US/Firefox/Releases/34/Site_Compatibility#Networking|Site
 Compatibility for Firefox 34]].
- 
  == WebSocket ==
  
  !WebSocket protocol is specified by [[http://tools.ietf.org/html/rfc6455|RFC 
6455]].

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=46=47

Comment:
Reorder JSP & EL specifications, with newer ones first. Add Java EE 8 link.

  
  Expression Language was covered by JSP 2.0 and JSP 2.1 specifications, but 
became a separate document starting with JSP 2.2.
  
- ||Spec versions: ||JSP 2.0 ||
+ ||Spec versions: ||JSP 2.3 || EL 3.0 ||
+ ||Main page: ||[[http://www.jcp.org/en/jsr/detail?id=245|JSR245]] 
||[[http://www.jcp.org/en/jsr/detail?id=341|JSR341]] ||
+ ||Java.net project: || 
[[http://java.net/projects/jsp-spec-public/|jsp-spec-public ]] ? || 
[[http://java.net/projects/el-spec/|el-spec]] ||
+ ||Stable: || Maintenance Release 2<>''The naming is according to JSR 245. 
The title page of the<>JSP specification document says "Maintenace Release 
3"'' || Final Release ||
+ ||Date: || 12 Jun, 2013 || 22 May, 2013 ||
+ ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/mrel/jsr245/index2.html|Overview]]<>[[http://download.oracle.com/otndocs/jcp/jsp-2_3-mrel2-eval-spec/|Direct
 Download]] || 
[[http://jcp.org/aboutJava/communityprocess/final/jsr341/index.html|Overview]]<>[[http://download.oracle.com/otndocs/jcp/el-3_0-fr-eval-spec/index.html|Direct
 Download]] ||
+ ||Online Javadoc: ||<-2> [[http://docs.oracle.com/javaee/7/api/|Java EE 7]], 
[[https://javaee.github.io/javaee-spec/javadocs/ | Java EE 8]] ||
+ ||Minimum Tomcat version: ||<-2> 8.0.0 ||
+ 
+ ||Spec versions: ||JSP 2.2, EL 2.2 ||
- ||Main page: ||[[http://www.jcp.org/en/jsr/summary?id=152|JSR152]] ||
+ ||Main page: ||[[http://www.jcp.org/en/jsr/summary?id=245|JSR245]] ||
- ||Stable: ||Final Release ||
- ||Date: ||24 November, 2003 ||
- ||Download Page: 
||[[http://jcp.org/aboutJava/communityprocess/final/jsr152/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/jsp-2.0-fr-oth-JSpec/|Direct 
Download]] ||
+ ||Stable: ||Maintenance Release<>''The naming is according to JSR 245. 
The title page of the<>JSP specification document says "Maintenace Release 
2"'' ||
+ ||Date: ||10 Dec, 2009 ||
+ ||Download Page: 
||[[http://jcp.org/aboutJava/communityprocess/mrel/jsr245/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/jsp-2.2-mrel-eval-oth-JSpec/|Direct 
Download - JSP 2.2]]<> 
[[http://download.oracle.com/otndocs/jcp/expression_language-2.2-mrel-eval-oth-JSpec/|Direct
 Download - EL 2.2]] ||
- ||Online Javadoc: || [[http://docs.oracle.com/javaee/1.4/api/|Java EE 1.4]] ||
+ ||Online Javadoc: || [[http://docs.oracle.com/javaee/6/api/|Java EE 6]]||
- ||Minimum Tomcat version: || 5.0.0 ||
+ ||Minimum Tomcat version: || 7.0.0 ||
  
  ||Spec versions: ||JSP 2.1 ||
  ||Main page: ||[[http://www.jcp.org/en/jsr/summary?id=245|JSR245]] ||
@@ -94, +103 @@

  ||Online Javadoc: || [[http://docs.oracle.com/javaee/5/api/|Java EE 5]]||
  ||Minimum Tomcat version: || 6.0.0 ||
  
- ||Spec versions: ||JSP 2.2, EL 2.2 ||
+ ||Spec versions: ||JSP 2.0 ||
- ||Main page: ||[[http://www.jcp.org/en/jsr/summary?id=245|JSR245]] ||
+ ||Main page: ||[[http://www.jcp.org/en/jsr/summary?id=152|JSR152]] ||
- ||Stable: ||Maintenance Release<>''The naming is according to JSR 245. 
The title page of the<>JSP specification document says "Maintenace Release 
2"'' ||
- ||Date: ||10 Dec, 2009 ||
- ||Download Page: 
||[[http://jcp.org/aboutJava/communityprocess/mrel/jsr245/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/jsp-2.2-mrel-eval-oth-JSpec/|Direct 
Download - JSP 2.2]]<> 
[[http://download.oracle.com/otndocs/jcp/expression_language-2.2-mrel-eval-oth-JSpec/|Direct
 Download - EL 2.2]] ||
+ ||Stable: ||Final Release ||
+ ||Date: ||24 November, 2003 ||
+ ||Download Page: 
||[[http://jcp.org/aboutJava/communityprocess/final/jsr152/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/jsp-2.0-fr-oth-JSpec/|Direct 
Download]] ||
- ||Online Javadoc: || [[http://docs.oracle.com/javaee/6/api/|Java EE 6]]||
+ ||Online Javadoc: || [[http://docs.oracle.com/javaee/1.4/api/|Java EE 1.4]] ||
- ||Minimum Tomcat version: || 7.0.0 ||
+ ||Minimum Tomcat version: || 5.0.0 ||
- 
- ||Spec versions: ||JSP 2.3 || EL 3.0 ||
- ||Main page: ||[[http://www.jcp.org/en/jsr/detail?id=245|JSR245]] 
||[[http://www.jcp.org/en/jsr/detail?id=341|JSR341]] ||
- ||Java.net project: || 
[[http://java.net/projects/jsp-spec-public/|jsp-spec-public ]] ? || 
[[http://java.net/projects/el-spec/|el-spec]] ||
- ||Stable: || Maintenance Release 2<>''The naming is according to JSR 245. 
The title page of the<>JSP specification document says "Maintenace Release 
3"'' || Final Release ||
- ||Date: || 12 Jun, 2013 || 22 May, 2013 ||
- ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/mrel/jsr245/index2.html|Overview]]<>[[http://download.oracle.com/otndocs/jcp/jsp-2_3-mrel2-eval-spec/|Direct
 Download]] ||

[Tomcat Wiki] Update of "TomcatVersions" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "TomcatVersions" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/TomcatVersions?action=diff=28=29

Comment:
Update specification versions for Tomcat 9.0, based on Java EE Platform v8 
Final Release document - ch.EE.6.1.2 (Required Java Technologies)

  The "Process" field in the following tables documents what development model 
is accepted by that project, either 
[[http://www.apache.org/foundation/glossary.html#ReviewThenCommit|Review-Then-Commit]]
 or 
[[http://www.apache.org/foundation/glossary.html#CommitThenReview|Commit-Then-Review]].
 For RTC model the changes are first proposed in the `STATUS.txt` file in the 
root of the project and have to gain at least 3 "`+1`" votes before being 
applied. The project members have agreed on several 
[[#RTC_Exceptions|exceptions]] from the RTC rule (documented below).
  
  = Tomcat 9.0.x =
- ||Spec versions: ||Servlet 4.0, JSP 2.4?, EL 3.1?, !WebSocket 1.2?, JASPIC 
1.1 ||
+ ||Spec versions: ||Servlet 4.0, JSP 2.3, EL 3.0, !WebSocket 1.1, JASPIC 1.1 ||
  ||Stable: ||No ||
  ||Enhancements: ||Yes ||
  ||Bug Fixes: ||Yes ||

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=45=46

Comment:
Correct naming of JavaEE project

  
  ||Spec versions: ||Servlet 4.0 ||
  ||Main page: || [[http://www.jcp.org/en/jsr/detail?id=369|JSR369]] ||
- ||Java.net project: || 
[[https://javaee.github.io/servlet-spec/|servlet-spec]]<>Also see JavaEE 
specification project, [[https://javaee.github.io/javaee-spec/|javaee-spec]]||
+ ||Java.net project: || 
[[https://javaee.github.io/servlet-spec/|servlet-spec]]<>Also see Java EE 
Platform Specification project, 
[[https://javaee.github.io/javaee-spec/|javaee-spec]]||
  ||Stable: || Final Release ||
  ||Date: || 05 Sept, 2017 ||
  ||Download Page: || 
[[https://jcp.org/aboutJava/communityprocess/final/jsr369/index.html|Overview]]<>
 
[[http://download.oracle.com/otndocs/jcp/servlet-4-final-eval-spec/index.html|Direct
 Download]] ||

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "TomcatVersions" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "TomcatVersions" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/TomcatVersions?action=diff=27=28

Comment:
Update information on releases. (Tomcat 6.0 archived, 9.0 available, names of 
release managers)

  ||Enhancements: ||Yes ||
  ||Bug Fixes: ||Yes ||
  ||Security Fixes: ||Yes ||
- ||Releases: ||Not yet ||
+ ||Releases: ||Yes ||
- ||Release Manager: ||TBD ||
+ ||Release Manager: ||Mark Thomas (markt) ||
  ||Process: ||CTR ||
- ||Listed on download pages: ||Not yet ||
+ ||Listed on download pages: ||Yes ||
  
  = Tomcat 8.5.x =
  ||Spec versions: ||Servlet 3.1, JSP 2.3, EL 3.0, !WebSocket 1.1, JASPIC 1.1 ||
@@ -38, +38 @@

  ||Bug Fixes: ||Yes ||
  ||Security Fixes: ||Yes ||
  ||Releases: ||Yes ||
- ||Release Manager: ||Mark Thomas (markt) ||
+ ||Release Manager: ||Violeta Georgieva (violetagg) ||
  ||Process: ||CTR ||
  ||Listed on download pages: ||Yes ||
  
@@ -57, +57 @@

  = Tomcat 6.0.x =
  ||Spec versions: ||Servlet 2.5, JSP 2.1 ||
  ||Stable: ||Yes ||
- ||Enhancements: ||Unlikely ||
+ ||Enhancements: ||Highly unlikely  ||
- ||Bug Fixes: ||Yes ||
- ||Security Fixes: ||Yes ||
- ||Releases: ||Yes ||
- ||Release Manager: ||Jean-Frederic Clere (jfclere) ||
+ ||Bug Fixes: ||Highly unlikely  ||
+ ||Security Fixes: ||Highly unlikely  ||
+ ||Releases: ||Highly unlikely  ||
+ ||Release Manager: ||Violeta Georgieva (violetagg)  ||
  ||Process: ||CTR ||
- ||Listed on download pages: ||Yes ||
+ ||Listed on download pages: ||No ||
  
  
  = Tomcat 5.5.x =

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=44=45

Comment:
Reorder Sevler specs with newer ones first. Add Servlet 4.0 specification.

  
  == Java Servlet Specifications ==
  
+ Servlet 4.0 specification is JSR 369.
+ 
  Servlet 3.1 specification is JSR 340.
  
  Servlet 3.0 specification is JSR 315.
  
  Servlet 2.5 is a maintenance release of Servlet 2.4. Both are JSR 154.
  
- ||Spec versions: ||Servlet 2.4 ||
+ ||Spec versions: ||Servlet 4.0 ||
- ||Main page: || [[http://www.jcp.org/en/jsr/summary?id=154|JSR154]] ||
+ ||Main page: || [[http://www.jcp.org/en/jsr/detail?id=369|JSR369]] ||
+ ||Java.net project: || 
[[https://javaee.github.io/servlet-spec/|servlet-spec]]<>Also see JavaEE 
specification project, [[https://javaee.github.io/javaee-spec/|javaee-spec]]||
- ||Stable: ||Final Release ||
+ ||Stable: || Final Release ||
- ||Date: ||24 Nov, 2003 ||
+ ||Date: || 05 Sept, 2017 ||
- ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/servlet-2.4-fr-spec-oth-JSpec/|Direct 
Download]] ||
+ ||Download Page: || 
[[https://jcp.org/aboutJava/communityprocess/final/jsr369/index.html|Overview]]<>
 
[[http://download.oracle.com/otndocs/jcp/servlet-4-final-eval-spec/index.html|Direct
 Download]] ||
- ||Online Javadoc: || [[http://docs.oracle.com/javaee/1.4/api/|Java EE 1.4]] ||
+ ||Online Javadoc: || [[https://javaee.github.io/javaee-spec/javadocs/ | Java 
EE 8]] (A javaee.github.io link. Not available at docs.oracle.com?) ||
- ||Minimum Tomcat version: || 5.0.0 ||
+ ||Minimum Tomcat version: || 9.0.0 ||
+ 
+ ||Spec versions: ||Servlet 3.1 ||
+ ||Main page: || [[http://www.jcp.org/en/jsr/detail?id=340|JSR340]] ||
+ ||Java.net project: || [[http://java.net/projects/servlet-spec/|servlet-spec 
]]||
+ ||Stable: || Final Release ||
+ ||Date: || 28 May, 2013 ||
+ ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/final/jsr340/index.html|Overview]]<>
 
[[http://download.oracle.com/otndocs/jcp/servlet-3_1-fr-eval-spec/index.html|Direct
 Download]] ||
+ ||Online Javadoc: || [[http://docs.oracle.com/javaee/7/api/|Java EE 7]] ||
+ ||Minimum Tomcat version: || 8.0.0 ||
+ 
+ ||Spec versions: ||<-2>Servlet 3.0 ||
+ ||Main page: ||<-2> [[http://www.jcp.org/en/jsr/summary?id=315|JSR315]] ||
+ ||Stable: ||Final Release ||Maintenance Release (Version 3.0 Rev a) ||
+ ||Date: ||10 Dec, 2009 ||6 Feb, 2011||
+ ||Download Page: 
||[[http://jcp.org/aboutJava/communityprocess/final/jsr315/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/servlet-3.0-fr-eval-oth-JSpec/|Direct 
Download]] || 
[[http://jcp.org/aboutJava/communityprocess/mrel/jsr315/index.html|Overview]]<>[[http://jcp.org/aboutJava/communityprocess/maintenance/jsr315/315ChangeLog.html|Change
 
Log]]<>[[http://download.oracle.com/otndocs/jcp/servlet-3.0-mrel-eval-oth-JSpec/|Direct
 Download - PDF]] ||
+ ||Online Javadoc: ||<-2> [[http://docs.oracle.com/javaee/6/api/|Java EE 6]]||
+ ||Minimum Tomcat version: || 7.0.0 || 7.0.25 ||
  
  ||Spec versions: ||<-2> Servlet 2.5 ||
  ||Main page: ||<-2> [[http://www.jcp.org/en/jsr/summary?id=154|JSR154]] ||
@@ -38, +58 @@

  ||Online Javadoc: ||<-2> [[http://docs.oracle.com/javaee/5/api/|Java EE 5]]||
  ||Minimum Tomcat version: || 6.0.0 || 6.0.44 
([[https://bz.apache.org/bugzilla/show_bug.cgi?id=57703|bug 57703]]) ||
  
- ||Spec versions: ||<-2>Servlet 3.0 ||
+ ||Spec versions: ||Servlet 2.4 ||
- ||Main page: ||<-2> [[http://www.jcp.org/en/jsr/summary?id=315|JSR315]] ||
+ ||Main page: || [[http://www.jcp.org/en/jsr/summary?id=154|JSR154]] ||
- ||Stable: ||Final Release ||Maintenance Release (Version 3.0 Rev a) ||
- ||Date: ||10 Dec, 2009 ||6 Feb, 2011||
- ||Download Page: 
||[[http://jcp.org/aboutJava/communityprocess/final/jsr315/index.html|Overview]]<>
 [[http://download.oracle.com/otndocs/jcp/servlet-3.0-fr-eval-oth-JSpec/|Direct 
Download]] || 
[[http://jcp.org/aboutJava/communityprocess/mrel/jsr315/index.html|Overview]]<>[[http://jcp.org/aboutJava/communityprocess/maintenance/jsr315/315ChangeLog.html|Change
 
Log]]<>[[http://download.oracle.com/otndocs/jcp/servlet-3.0-mrel-eval-oth-JSpec/|Direct
 Download - PDF]] ||
- ||Online Javadoc: ||<-2> [[http://docs.oracle.com/javaee/6/api/|Java EE 6]]||
- ||Minimum Tomcat version: || 7.0.0 || 7.0.25 ||
- 
- ||Spec versions: ||Servlet 3.1 ||
- ||Main page: || [[http://www.jcp.org/en/jsr/detail?id=340|JSR340]] ||
- ||Java.net project: || [[http://java.net/projects/servlet-spec/|servlet-spec 
]]||
- ||Stable: || Final Release ||
+ ||Stable: ||Final Release ||
- ||Date: || 28 May, 2013 ||
+ ||Date: ||24 Nov, 2003 ||
- ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/final/jsr340/index.html|Overview]]<>

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2017-09-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=43=44

Comment:
Update spec compliance values, as bug 57703 was fixed in 6.0.44

  ||Date: ||11 May, 2006 ||11 Sep, 2007 ||
  ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index.html|Overview]]<>
 
[[http://download.oracle.com/otndocs/jcp/servlet-2.5-mrel-eval-oth-JSpec/|Direct
 Download - Javadoc, classes]] || 
[[http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index2.html|Overview]]<>
 
[[http://download.oracle.com/otndocs/jcp/servlet-2.5-mrel2-eval-oth-JSpec/|Direct
 Download - PDF]]||
  ||Online Javadoc: ||<-2> [[http://docs.oracle.com/javaee/5/api/|Java EE 5]]||
- ||Minimum Tomcat version: || 6.0.0 || N/A 
([[https://bz.apache.org/bugzilla/show_bug.cgi?id=57703|bug 57703]]) ||
+ ||Minimum Tomcat version: || 6.0.0 || 6.0.44 
([[https://bz.apache.org/bugzilla/show_bug.cgi?id=57703|bug 57703]]) ||
  
  ||Spec versions: ||<-2>Servlet 3.0 ||
  ||Main page: ||<-2> [[http://www.jcp.org/en/jsr/summary?id=315|JSR315]] ||

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "tools/check_jmxproxy.pl" by ChristopherSchultz

2017-08-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "tools/check_jmxproxy.pl" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/tools/check_jmxproxy.pl?action=diff=2=3

Comment:
Move to GitHub

+ In order to provide better history and community participation, this script 
has moved to:
- {{{
- #!/usr/bin/perl
- #
- # check_jmxproxy
- #
- # Contacts a JMX proxy (like that which Apache Tomcat provides)
- # and compares the return value to the warning and critical values
- # provided as parameters to this script.
- #
- # Copyright (c) 2012 Christopher Schultz
- #
- # Christopher Schultz licenses this file to You under the Apache License,
- # Version 2.0 (the "License"); you may not use this file except in
- # compliance with the License.  You may obtain a copy of the License at
- #
- #   http://www.apache.org/licenses/LICENSE-2.0
- #
- #  Unless required by applicable law or agreed to in writing, software
- #  distributed under the License is distributed on an "AS IS" BASIS,
- #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- #  See the License for the specific language governing permissions and
- #  limitations under the License.
- #
- # Special thanks to Susan Burgee for her help with Perl.
- #
  
- use strict;
+ 
https://github.com/ChristopherSchultz/apache-tomcat-stuff/tree/master/bin/nagios
  
- # For getopt:
- use Getopt::Long qw(:config no_ignore_case bundling);;
- 
- # For HTTP stuff:
- use LWP::UserAgent;
- use HTTP::Request;
- use HTTP::Response;
- use URI::Heuristic;
- 
- my $help = '';
- my $url  = '';
- my $warn = '';
- my $critical = '';
- my $verbose = '';
- my $authorization = '';
- my $useragent = 'Nagios check_jmxproxy/0.1';
- my $timeout = 180;
- my $fetchingRegexp = '^OK.*=\s*([0-9]+)$';
- # $fetchingRegexp = 'OK.*used=([0-9]+).*';
- my $outputFilterRegexp;
- 
- GetOptions(
- 'U=s' => \$url,
- 'url=s'   => \$url,
- 'w=s' => \$warn,
- 'warn=s'  => \$warn,
- 'c=s' => \$critical,
- 'critical=s'  => \$critical,
- 'h'   => \$help,
- 'help'=> \$help,
- 'v'   => \$verbose,
- 'verbose' => \$verbose,
- 'a=s' => \$authorization,
- 'authorization=s' => \$authorization,
- 'A'   => \$useragent,
- 'useragent'   => \$useragent,
- 't=i' => \$timeout,
- 'timeout=i'   => \$timeout,
- 'r=s' => \$fetchingRegexp,
- 'regexp=s'=> \$fetchingRegexp,
- 'R=s' => \$outputFilterRegexp,
- 'filtering-regexp=s' => \$outputFilterRegexp,
- ) or $help = '-h';
- 
- $help = 1 if ( $url eq '' || $warn eq '' || $critical eq '' );
- 
- if( $help ) {
- print <

[Tomcat Wiki] Update of "HowTo/FasterStartUp" by markt

2017-07-18 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "HowTo/FasterStartUp" page has been changed by markt:
https://wiki.apache.org/tomcat/HowTo/FasterStartUp?action=diff=27=28

Comment:
Un-wikify WebSocket

  
  }}}
  
- The impact of disabling WebSocket support will depend on how many JARs were 
being scanned for WebSocket annotations and whether any other SCIs trigger 
annotation scans. Generally, it is the first SCI scan that has the biggest 
performance impact. The impact of additional scans is minimal.
+ The impact of disabling !WebSocket support will depend on how many JARs were 
being scanned for !WebSocket annotations and whether any other SCIs trigger 
annotation scans. Generally, it is the first SCI scan that has the biggest 
performance impact. The impact of additional scans is minimal.
  
  References: [[https://bz.apache.org/bugzilla/show_bug.cgi?id=55855|Bug 
55855]], [[http://tomcat.apache.org/tomcat-8.0-doc/config/context.html|Tomcat 8 
Context documentation]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "HowTo/FasterStartUp" by markt

2017-07-18 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "HowTo/FasterStartUp" page has been changed by markt:
https://wiki.apache.org/tomcat/HowTo/FasterStartUp?action=diff=26=27

Comment:
Complete some TODOs

  
  There exists an attribute on `Context` element, `containerSciFilter`. It can 
be used to disable container-provided features that are plugged into Tomcat via 
SCI API: !WebSocket support (in Tomcat 7 and later), JSP support (in Tomcat 8 
and later).
  
- The class names to filter can be detected by looking into 
`META-INF/services/javax.servlet.ServletContainerInitializer` files in Tomcat 
JARs. For !WebSocket support the name is 
`org.apache.tomcat.websocket.server.WsSci`, for JSP support the name is 
`org.apache.jasper.servlet.JasperInitializer`.
+ The class names to filter can be detected by looking into 
`META-INF/services/javax.servlet.ServletContainerInitializer` files in Tomcat 
JARs. For !WebSocket support the name is 
`org.apache.tomcat.websocket.server.WsSci`, for JSP support the name is 
`org.apache.jasper.servlet.JasperInitializer`. e.g.:
+ {{{
+ 
+ }}}
  
+ The impact of disabling WebSocket support will depend on how many JARs were 
being scanned for WebSocket annotations and whether any other SCIs trigger 
annotation scans. Generally, it is the first SCI scan that has the biggest 
performance impact. The impact of additional scans is minimal.
- ''TODO: Configuration example''
- 
- ''TODO: How much faster does it make it? In short: Delays due to annotation 
scanning caused by !WebSocket have been already mentioned in another paragraphs 
on this page. This is an alternative to removing websocket JARs from Tomcat 
installation.''
  
  References: [[https://bz.apache.org/bugzilla/show_bug.cgi?id=55855|Bug 
55855]], [[http://tomcat.apache.org/tomcat-8.0-doc/config/context.html|Tomcat 8 
Context documentation]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-04-17 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=65=66

Comment:
Better link for pivotal OSS support

  -
  = Support =
  -
- 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings|width=150}}]]
+ 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|https://pivotal.io/support/oss|width=150}}]]
  
- Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
+ Pivotal provides global, 24x7, [[https://pivotal.io/support/oss|enterprise 
support]] for production users of Apache Tomcat. Pivotal employs the leading 
experts on Apache Tomcat to ensure that support customers can get their 
questions answered quickly and accurately and that bug fixes are incorporated 
into the open source code base.
  
  
[[http://www.kippdata.de|{{http://www.kippdata.de/site/themes/kippdata/img/elements/kippdata_logo.gif|http://www.kippdata.de}}]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=64=65

Comment:
Make expected location of new entries clearer.

  
  The ASF does not endorse any of the organisations listed on this page nor any 
services that they may provide.
  
- If you would like to add your company to this page, feel free to do so. You 
will need to create a wiki account to do so. There aren't any hard and fast 
rules about what is acceptable but please keep your entry to a few lines, a 
link and a small logo. Excessive entries will be edited. Remember to add you 
company to both sections if you provide support and training.
+ If you would like to add your company to this page, feel free to do so. You 
will need to create a wiki account to do so. There aren't any hard and fast 
rules about what is acceptable but please keep your entry to a few lines, a 
link and a small logo. Excessive entries will be edited. Remember to add you 
company to both sections if you provide support and training. New entries 
should be added to the end of the relevant section.
  
  -
  = Support =

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=63=64

Comment:
Review support ordering SpringSource/Pivotal was the first entry. 
OpenLogic/RougeWave was sixth. Review training ordering. OpenLogic/RougeWave 
was fourth.

  -
  = Support =
  -
+ 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings|width=150}}]]
+ 
+ Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
+ 
  
[[http://www.kippdata.de|{{http://www.kippdata.de/site/themes/kippdata/img/elements/kippdata_logo.gif|http://www.kippdata.de}}]]
  
  Kippdata's [[https://www.kippdata.de/tomcat/|eSupport for Apache Tomcat]] 
features several eSupport packages starting from basic support levels up to 
mission critical enterprise support. We actively contribute to the Apache 
Tomcat project, so that our bug fixes and other code enhancements become part 
of the standard Apache Tomcat code. Kippdata is located in Bonn, Germany.
@@ -24, +28 @@

  Site: [[http://www.opengate.biz|www.opengate.biz]]<>
  eMail: i...@opengate.biz.<><>
  
- 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings|width=150}}]]
- 
- Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
- 
  
[[http://www.mulesoft.com|{{https://www.mulesoft.com/sites/default/files/3C_mulesoft_logo_updated.svg|http://www.mulesoft.com|width=150}}]]
  
  !MuleSoft provides global [[http://www.mulesoft.com/tomcat-support|enterprise 
Tomcat support]] as well as free, user-contributed howto guides. A 
general-audience [[http://www.mulesoft.com/understanding-apache-tomcat|Apache 
Tomcat]] guide is meant for absolute beginners, while intermediate Tomcat users 
can benefit from guides on how to resolve 
[[http://www.mulesoft.com/tomcat-logging|Tomcat logging]] problems or how to 
use [[http://www.mulesoft.com/tomcat-eclipse|Tomcat in eclipse]]. !MuleSoft 
also provides resources on upcoming releases of Tomcat like 
[[http://www.mulesoft.com/tomcat-7|Tomcat 7]]. !MuleSoft employs leading 
experts and authors on Apache Tomcat to ensure that customers can get their 
questions answered quickly and accurately. !MuleSoft also provides 
[[http://www.mulesoft.com/free-apache-tomcat-support|Free Tomcat Assistance]].
@@ -37, +37 @@

  
  [[http://innraz.ru/|InnRaz.ru]] offers enterprise support and consulting for 
Apache Tomcat users.
  
+ 
+ 
[[http://www.roguewave.com|{{http://www.roguewave.com/CMSPages/GetAzureFile.aspx?path=~\roguewave\media\assets\logos\rw-logo.png=a8e0402f2ee46c3ac9de1b48128e0d1465ef716dde369d3cd448811ab1c55206|http://www.roguewave.com}}]]
+ 
+ [[http://www.roguewave.com/|Roguewave Tomcat Support]] / 
[[http://www.openlogic.com/|OpenLogic]] has a dedicated team of OSS experts 
offering round-the-clock Production Support with competitive SLAs for 
troubleshooting Tomcat issues and outages. 
  
  
[[http://www.savoirfairelinux.com|{{http://www.savoirfairelinux.com/image/image_gallery?img_id=53315=1287776986392|http://www.savoirfairelinux.com}}]]
  
@@ -49, +53 @@

  
  
[[http://www.it-schulungen.com|{{http://www.it-schulungen.com/images/banners/its-banner-ulmerv.gif|http://www.it-schulungen.com}}]]
  IT-Schulungen.com 
[[http://www.it-schulungen.com/seminare/opensource/index.html|Training and 
Support for Apache Tomcat]] IT-Schulungen.com is located in nurumberg, Germany.
- 
- 
[[http://www.roguewave.com|{{http://www.roguewave.com/CMSPages/GetAzureFile.aspx?path=~\roguewave\media\assets\logos\rw-logo.png=a8e0402f2ee46c3ac9de1b48128e0d1465ef716dde369d3cd448811ab1c55206|http://www.roguewave.com}}]]
- 
- [[http://www.roguewave.com/|Roguewave Tomcat Support]] / 
[[http://www.openlogic.com/|OpenLogic]] has a dedicated team of OSS experts 
offering round-the-clock Production Support with competitive SLAs for 
troubleshooting Tomcat issues and outages. 
  
  
[[https://www.rosehosting.com|{{https://media.rosehosting.com/uploads/2016/12/rosehosting-logo50.png|https://www.rosehosting.com}}]]
  
@@ -79, +79 @@

  
[[http://www.nobleprog.com|{{http://www.nobleprog.com/sites/all/themes/nexus_subtheme/logo.png|http://www.nobleprog.com}}]]
  
  !NobleProg provides

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=62=63

Comment:
Headings were getting lost in the logos. Add horizontal rules to make then 
stand out.

  
  If you would like to add your company to this page, feel free to do so. You 
will need to create a wiki account to do so. There aren't any hard and fast 
rules about what is acceptable but please keep your entry to a few lines, a 
link and a small logo. Excessive entries will be edited. Remember to add you 
company to both sections if you provide support and training.
  
+ -
  = Support =
+ -
  
[[http://www.kippdata.de|{{http://www.kippdata.de/site/themes/kippdata/img/elements/kippdata_logo.gif|http://www.kippdata.de}}]]
  
  Kippdata's [[https://www.kippdata.de/tomcat/|eSupport for Apache Tomcat]] 
features several eSupport packages starting from basic support levels up to 
mission critical enterprise support. We actively contribute to the Apache 
Tomcat project, so that our bug fixes and other code enhancements become part 
of the standard Apache Tomcat code. Kippdata is located in Bonn, Germany.
@@ -59, +61 @@

  === Example company name ===
  Use this example as a basis for your entry. New entries should be added just 
above this example.
  
+ -
  = Training =
+ -
+ 
  
[[http://www.kippdata.de|{{http://www.kippdata.de/site/themes/kippdata/img/elements/kippdata_logo.gif|http://www.kippdata.de}}]]
  
  Kippdata offers a 
[[http://www.kippdata.de/red/workshops/opensource/|selection of trainings for 
Apache Tomcat]]. We focus on single day trainings like „Apache Tomcat Best 
Practices“, „Java Memory Sizing and Garbage Collection Tuning“. Kippdata is 
located in Bonn, Germany.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=61=62

Comment:
Add a logo for mechsoft otherwise their entry gets lots in the text

  
  !Intertech [[http://www.intertech.com|delivers training and consulting for 
Tomcat]] in our complete line-up of open source-related training and 
consulting.  For training, students can attend courses virtually, in-person at 
Intertech's facility, or we can come to your location.  
  
- [[http://mechsoft.com.tr|Mechsoft]]
+ 
[[http://mechsoft.com.tr|{{https://www.mechsoft.com.tr/images/logo/mechsoft.jpg|http://mechsoft.com.tr}}]]
  
  !MechSoft supports the development of open source software in Turkey and the 
world. We always aim to use open source applications and tools while developing 
our enterprise applications. Besides, our highly talented developers represent 
!MechSoft and Turkey at well-known open source foundation.  !MechSoft helps 
companies to adopt open source solutions in their IT infrastructure.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=60=61

Comment:
Add a logo for intertech else their entry gets lost in the text

  
  Savoir-faire Linux provides 24/7 support, consulting, development and 
training services on Apache Tomcat. We provide 
[[http://www.savoirfairelinux.com/services/training/open-source-softwares/oss111-tomcat|Tomcat
 training]] in our offices in Montreal, Quebec City and Ottawa, Canada. For 
private, on-site and custom courses, contact train...@savoirfairelinux.com or 
call 1-877-735-4689.
  
- 
[[http://www.intertech.com|{{attachment:intertech.jpg|http://www.intertech.com}}]]
+ 
[[http://www.intertech.com|{{attachment:intertech.jpg|http://www.intertech.com|width=100}}]]
  
  !Intertech [[http://www.intertech.com|delivers training and consulting for 
Tomcat]] in our complete line-up of open source-related training and 
consulting.  For training, students can attend courses virtually, in-person at 
Intertech's facility, or we can come to your location.  
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] New attachment added to page SupportAndTraining

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page "SupportAndTraining" for change 
notification. An attachment has been added to that page by markt. Following 
detailed information is available:

Attachment name: intertech.jpg
Attachment size: 6926
Attachment link: 
https://wiki.apache.org/tomcat/SupportAndTraining?action=AttachFile=get=intertech.jpg
Page link: https://wiki.apache.org/tomcat/SupportAndTraining

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=59=60

  
  Savoir-faire Linux provides 24/7 support, consulting, development and 
training services on Apache Tomcat. We provide 
[[http://www.savoirfairelinux.com/services/training/open-source-softwares/oss111-tomcat|Tomcat
 training]] in our offices in Montreal, Quebec City and Ottawa, Canada. For 
private, on-site and custom courses, contact train...@savoirfairelinux.com or 
call 1-877-735-4689.
  
+ 
[[http://www.intertech.com|{{attachment:intertech.jpg|http://www.intertech.com}}]]
  
  !Intertech [[http://www.intertech.com|delivers training and consulting for 
Tomcat]] in our complete line-up of open source-related training and 
consulting.  For training, students can attend courses virtually, in-person at 
Intertech's facility, or we can come to your location.  
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=58=59

Comment:
Fix GFU logo

  
  !LearnComputer offers instructor-led online and onsite 
[[http://www.learncomputer.com/training/tomcat/|Tomcat training]] courses for 
companies and public. We also offer beginner to advanced courses in Android, 
Apache, Hadoop, PHP, MySQL, Linux, Java and Networking.
  
- 
[[http://www.gfu.net|{{http://www.gfu.net/css/screen/images/logo.jpg|http://www.gfu.net
 - GFU Cyrus AG in Köln}}]]
+ [[http://www.gfu.net|{{attachment:gfu.jpg|http://www.gfu.net - GFU Cyrus AG 
in Köln|height=100}}]]
  
  GFU Cyrus AG offers extensive 
[[http://www.gfu.net/schulung-tomcat-grundlagen.html|seminars and inhouse 
training on Apache Tomcat]], from basic principles to advanced and intensive 
courses. Architecture, installation and configuration – in the cologne training 
centre you obtain an overview of the possibilities of the application server.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] New attachment added to page SupportAndTraining

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page "SupportAndTraining" for change 
notification. An attachment has been added to that page by markt. Following 
detailed information is available:

Attachment name: gfu.jpg
Attachment size: 3601
Attachment link: 
https://wiki.apache.org/tomcat/SupportAndTraining?action=AttachFile=get=gfu.jpg
Page link: https://wiki.apache.org/tomcat/SupportAndTraining

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=57=58

Comment:
Remove JMatrix. Website is no longer active.

  
  !Intertech [[http://www.intertech.com|delivers training and consulting for 
Tomcat]] in our complete line-up of open source-related training and 
consulting.  For training, students can attend courses virtually, in-person at 
Intertech's facility, or we can come to your location.  
  
- 
[[http://www.jmatrix.in//|{{http://www.jmatrix.in//attachments/Logo/SS_1.GIF?template=generic}}]]
- 
- Jmatrix provides technical support for tomcat customization and migration.
- 
  [[http://mechsoft.com.tr|Mechsoft]]
  
  !MechSoft supports the development of open source software in Turkey and the 
world. We always aim to use open source applications and tools while developing 
our enterprise applications. Besides, our highly talented developers represent 
!MechSoft and Turkey at well-known open source foundation.  !MechSoft helps 
companies to adopt open source solutions in their IT infrastructure.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=56=57

Comment:
Fix other Mulesoft logo

  
  Kippdata bietet eine 
[[http://www.kippdata.de/red/workshops/opensource/|Auswahl an Schulungen für 
Apache Tomcat]] an. Wir haben uns auf Ein-Tages-Schulungen zu Themen wie 
„Apache Tomcat Best Practices“, „Java Memory Sizing and Garbage Collection 
Tuning“ spezialisiert. Kippdata ist in Bonn, Deutschland, ansässig.
  
- 
[[http://www.MuleSoft.com|{{http://www.mulesoft.com/sites/default/files/mulesoft-logo-final.gif|http://www.MuleSoft.com}}]]
+ 
[[http://www.mulesoft.com|{{https://www.mulesoft.com/sites/default/files/3C_mulesoft_logo_updated.svg|http://www.mulesoft.com|width=150}}]]
  
  !MuleSoft provides comprehensive 
[[http://www.mulesoft.com/mule-training|Tomcat Training]] for users of Apache 
Tomcat. !MuleSoft offers a FREE pre-recorded training course to help users to 
get started with Apache Tomcat and also intensive instructor led training 
courses on advanced topics such as 
[[http://www.mulesoft.com/tomcat-performance-tuning|Tomcat performance 
tuning]], [[http://www.mulesoft.com/tomcat-configuration-training|configuration 
management]]. The training is designed by Tomcat experts and delivered by 
experienced instructors.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=55=56

Comment:
Fix broken Mulesoft logo

  
  Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
  
- 
[[http://www.mulesoft.com|{{http://www.mulesoft.com/sites/default/files/mulesoft-logo-final.gif|http://www.mulesoft.com}}]]
+ 
[[http://www.mulesoft.com|{{https://www.mulesoft.com/sites/default/files/3C_mulesoft_logo_updated.svg|http://www.mulesoft.com|width=150}}]]
  
  !MuleSoft provides global [[http://www.mulesoft.com/tomcat-support|enterprise 
Tomcat support]] as well as free, user-contributed howto guides. A 
general-audience [[http://www.mulesoft.com/understanding-apache-tomcat|Apache 
Tomcat]] guide is meant for absolute beginners, while intermediate Tomcat users 
can benefit from guides on how to resolve 
[[http://www.mulesoft.com/tomcat-logging|Tomcat logging]] problems or how to 
use [[http://www.mulesoft.com/tomcat-eclipse|Tomcat in eclipse]]. !MuleSoft 
also provides resources on upcoming releases of Tomcat like 
[[http://www.mulesoft.com/tomcat-7|Tomcat 7]]. !MuleSoft employs leading 
experts and authors on Apache Tomcat to ensure that customers can get their 
questions answered quickly and accurately. !MuleSoft also provides 
[[http://www.mulesoft.com/free-apache-tomcat-support|Free Tomcat Assistance]].
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=54=55

Comment:
Reduce logo size

  Site: [[http://www.opengate.biz|www.opengate.biz]]<>
  eMail: i...@opengate.biz.<><>
  
- 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings}}]]
+ 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings|width=150}}]]
  
  Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by LucaVisconti

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by LucaVisconti:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=53=54

Comment:
Sorry Pivotal, but I've noticed only now that on "Revision 44 as of 2015-02-03 
20:52:47" you changed your position from line 61 to in front of Open Gate. I 
re-established original order.

  
  Kippdatas [[https://www.kippdata.de/tomcat/|eSupport für Apache Tomcat]] 
bietet von Basis Level Support bis hin zu Support für unternehmenskritische 
Anwendungen verschiedene eSupport-Pakete. Wir beteiligen uns aktiv am Apache 
Tomcat Projekt, so dass unsere Fehlerbeseitigungen und andere Erweiterungen des 
Codes in den Standard Apache Tomcat Code einfliessen. Kippdata ist in Bonn, 
Deutschland, ansässig.
  
- 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings}}]]
- 
- Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
- 
  
[[http://www.opengate.biz/|{{http://www.opengate.biz/wp-content/uploads/2014/02/logo_opengate_hea...@2x-300x51.png|http://www.opengate.biz/}}]]
  
  !OpenGate provides support for Apache Tomcat enterprise users located in 
Italy. !OpenGate has over 13 years experience in helping customers adopting 
Apache Tomcat and hundreds of success stories.<> !OpenGate fornisce 
supporto in Italia per gli utenti di Apache Tomcat. !OpenGate ha più di 13 anni 
di esperienza nell'aiutare i clienti nell'adozione di Apache Tomcat e centinaia 
di storie di successo.<>
  <>
  Site: [[http://www.opengate.biz|www.opengate.biz]]<>
  eMail: i...@opengate.biz.<><>
+ 
+ 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings}}]]
+ 
+ Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
  
  
[[http://www.mulesoft.com|{{http://www.mulesoft.com/sites/default/files/mulesoft-logo-final.gif|http://www.mulesoft.com}}]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=52=53

Comment:
Pivotal no longer offers Tomcat training

  
  Kippdata bietet eine 
[[http://www.kippdata.de/red/workshops/opensource/|Auswahl an Schulungen für 
Apache Tomcat]] an. Wir haben uns auf Ein-Tages-Schulungen zu Themen wie 
„Apache Tomcat Best Practices“, „Java Memory Sizing and Garbage Collection 
Tuning“ spezialisiert. Kippdata ist in Bonn, Deutschland, ansässig.
  
- 
[[http://www.pivotal.io/support/offerings|{{http://www.pivotal.io/assets/images/Pivotal_Logo.png|http://www.pivotal.io/support/offerings}}]]
- 
- Pivotal provides comprehensive 
[[http://mylearn.vmware.com/mgrReg/plan.cfm?plan=31719=www_edu|education]] 
on enterprise Java with specific 
[[http://mylearn.vmware.com/mgrreg/courses.cfm?ui=www_edu=one_subject=23470|training]]
 for Apache Tomcat. The four-day, intensive instructor-led training provides 
practical, hands-on knowledge about installation, configuration, deployment, 
load balancing and troubleshooting for production systems using Apache Tomcat.
- 
  
[[http://www.MuleSoft.com|{{http://www.mulesoft.com/sites/default/files/mulesoft-logo-final.gif|http://www.MuleSoft.com}}]]
  
  !MuleSoft provides comprehensive 
[[http://www.mulesoft.com/mule-training|Tomcat Training]] for users of Apache 
Tomcat. !MuleSoft offers a FREE pre-recorded training course to help users to 
get started with Apache Tomcat and also intensive instructor led training 
courses on advanced topics such as 
[[http://www.mulesoft.com/tomcat-performance-tuning|Tomcat performance 
tuning]], [[http://www.mulesoft.com/tomcat-configuration-training|configuration 
management]]. The training is designed by Tomcat experts and delivered by 
experienced instructors.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by markt

2017-03-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by markt:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=51=52

Comment:
Fix logo

  
  Kippdatas [[https://www.kippdata.de/tomcat/|eSupport für Apache Tomcat]] 
bietet von Basis Level Support bis hin zu Support für unternehmenskritische 
Anwendungen verschiedene eSupport-Pakete. Wir beteiligen uns aktiv am Apache 
Tomcat Projekt, so dass unsere Fehlerbeseitigungen und andere Erweiterungen des 
Codes in den Standard Apache Tomcat Code einfliessen. Kippdata ist in Bonn, 
Deutschland, ansässig.
  
- 
[[https://www.pivotal.io/support/offerings|{{http://www.pivotal.io/assets/images/Pivotal_Logo.png|http://www.pivotal.io/support/offerings}}]]
+ 
[[https://www.pivotal.io/support/offerings|{{http://www.apache.org/foundation/images/pivotal-platinum.png|http://www.pivotal.io/support/offerings}}]]
  
  Pivotal provides global, 24x7, 
[[http://www.pivotal.io/support/offerings|enterprise support]] for production 
users of Apache Tomcat. Pivotal employs the leading experts on Apache Tomcat to 
ensure that support customers can get their questions answered quickly and 
accurately and that bug fixes are incorporated into the open source code base.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ServletProxy" by WoonsanKo

2017-01-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ServletProxy" page has been changed by WoonsanKo:
https://wiki.apache.org/tomcat/ServletProxy?action=diff=8=9

  [2] http://noodle.tigris.org/, “home page – noodle”.
  
  [3] http://edwardstx.net/wiki/Wiki.jsp?page=HttpProxyServlet, “ Http proxy 
Servlet –  main page”.
+ 
+ [4] 
http://portals.apache.org/applications/webcontent2/reverse-proxy-module.html, 
“Apache Portals Web Content Application 2 - Http proxy Servlet Reverse Proxy 
Module”.
  
  [[CategoryGSOC|CategoryGSOC]]
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ServletProxy" by WoonsanKo

2017-01-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ServletProxy" page has been changed by WoonsanKo:
https://wiki.apache.org/tomcat/ServletProxy?action=diff=7=8

  
  Link: http://edwardstx.net/wiki/Wiki.jsp?page=HttpProxyServlet
  
+ ' 4)  Apache Portals WebContent-2 Reverse Proxy Module '  :   
 The Reverse Proxy Module provides the features of Reverse Proxy, and it 
consists of HTTP Client builder components (using HttpClient-4), Reverse Proxy 
Command/Chain components (using Apache Commons Chain), and built-in or 
extensible Reverse Proxy Servlets and Filters.
+ With this Reverse Proxy Module, you can configure proxy mappings with 
YAML configuration, you can rewrite content using built-in or custom content 
rewriting components, and you can even customize the processing commands in the 
chain easily.
+ This module is part of WebContent-2 portlet web application project, but 
the reverse proxy jar module has been designed and working in normal servlet 
(non-portlet) environments independently as well. For details, see 
http://portals.apache.org/applications/webcontent2/modules-overview.html.
+ 
+ Link:  
http://portals.apache.org/applications/webcontent2/reverse-proxy-module.html
+ 
  __ ''' These are only some of the existing proxies. ''' __
  
  === References : ===

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ContributorsGroup" by markt

2017-01-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by markt:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=30=31

Comment:
+= WoonsanKo

   * StevenHeckler
   * SiegfriedGoeschl
   * theimpaler
+  * WoonsanKo
  
- 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Monitoring" by EmericVernat

2017-01-26 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Monitoring" page has been changed by EmericVernat:
https://wiki.apache.org/tomcat/FAQ/Monitoring?action=diff=17=18

Comment:
fix javamelody links

  
  [[http://moskito.org/|MoSKito]], an open source solution by 
[[http://anotheria.net/home.html|Anotheria]], is a multi-purpose, non-invasive, 
interval-based monitoring system kit that collects, stores and provides instant 
analysis of a Tomcat application’s performance and behavior data. 
  
- [[http://javamelody.googlecode.com|JavaMelody]] can monitor your 
JavaEE/Tomcat application from dev to production. It is open-source and easy: 
get the [[http://code.google.com/p/javamelody/wiki/Screenshots#Charts|first 
view]] of your application in 
[[https://code.google.com/p/javamelody/wiki/UserGuide#Setup|about 2 minutes]] 
from now.
+ [[https://github.com/javamelody/javamelody/wiki|JavaMelody]] can monitor your 
JavaEE/Tomcat application from dev to production. It is open-source and easy: 
get the 
[[https://github.com/javamelody/javamelody/wiki/Screenshots#charts|first view]] 
of your application in 
[[https://github.com/javamelody/javamelody/wiki/UserGuide#javamelody-setup|about
 2 minutes]] from now.
  
  Other plug-in-based monitoring software like Nagios or Icinga may need some 
help interacting with Tomcat's JMXProxyServlet. [[tools/check_jmxproxy.pl]] is 
a Perl script that can be used with these tools to monitor Tomcat via the 
JMXProxyServlet.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by RoseHosting

2016-12-29 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by RoseHosting:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=48=49

Comment:
added our Tomcat services

  
  [[http://www.roguewave.com/|Roguewave Tomcat Support]] / 
[[http://www.openlogic.com/|OpenLogic]] has a dedicated team of OSS experts 
offering round-the-clock Production Support with competitive SLAs for 
troubleshooting Tomcat issues and outages. 
  
+ 
[[https://www.rosehosting.com|{{https://media.rosehosting.com/uploads/2016/12/rosehosting-logo50.png|https://www.rosehosting.com}}]]
+ 
+ [[https://www.rosehosting.com/|RoseHosting]] provides 
[[https://www.rosehosting.com/tomcat-hosting.html|fully managed Tomcat VPS 
hosting]] with free 24/7 support. Free Tomcat installation, configuration and 
optimization included with all VPS hosting plans. ]
  
  === Example company name ===
  Use this example as a basis for your entry. New entries should be added just 
above this example.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by CotySutherland

2016-12-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by CotySutherland:
https://wiki.apache.org/tomcat/Specifications?action=diff=42=43

Comment:
Adding missing JASPIC section as it was implemented in tomcat 8.5

  ||Online Javadoc: || [[http://docs.oracle.com/javaee/7/api/|Java EE 7]] || ||
  ||Minimum Tomcat version: || 7.0.47, 8.0.0 || 7.0.56, 8.0.13 ||
  
+ == Java Authentication Service Provider Interface for Containers 
Specification ==
+ 
+ JASPIC 1.1 is the second maintenance release, Maintenance Release B, of 
JASPIC 1.0 (JSR 196).
+ 
+ ||Spec versions: || JASPIC 1.0 || JASPIC 1.1 ||
+ ||Main page: ||<-2> [[http://www.jcp.org/en/jsr/summary?id=196|JSR196]] ||
+ ||Java.net project: ||<-2> 
[[http://java.net/projects/jaspic-spec/|jaspic-spec ]]||
+ ||Stable: || Final Release || Maintenance Release B ||
+ ||Date: || 10 Oct, 2007 || 12 Jun, 2013 ||
+ ||Download Page: || 
[[http://jcp.org/aboutJava/communityprocess/final/jsr196/index.html|Overview]]<>[[http://download.oracle.com/otndocs/jcp/jaspic-1.0-fr-oth-JSpec/index.html|Direct
 Download]] || 
[[https://jcp.org/aboutJava/communityprocess/mrel/jsr196/index.html|Overview]]<>[[http://download.oracle.com/otndocs/jcp/jaspic-1_1-mrel2-eval-spec/index.html|Direct
 Download]] ||
+ ||Online Javadoc: ||<-2> [[http://docs.oracle.com/javaee/7/api/|Java EE 7]] ||
+ ||Minimum Tomcat version: ||<-2> 8.5.0 ||
+ 
  == See Also ==
  
   * [[TomcatVersions|Tomcat Versions]]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "AdminGroup" by markt

2016-12-21 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "AdminGroup" page has been changed by markt:
https://wiki.apache.org/tomcat/AdminGroup?action=diff=11=12

Comment:
+= Coty Sutherland

   * VioletaGeorgieva
   * JeanFredericClere
   * KeiichiFujino
+  * CotySutherland
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "WikiSandBox" by JamesLampert

2016-09-28 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "WikiSandBox" page has been changed by JamesLampert:
https://wiki.apache.org/tomcat/WikiSandBox?action=diff=9=10

   blockquote
. deeper
  
- IBM_MidrangeSystem
+ 
  
  === Glossary ===
   Term:: Definition

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "WikiSandBox" by JamesLampert

2016-09-28 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "WikiSandBox" page has been changed by JamesLampert:
https://wiki.apache.org/tomcat/WikiSandBox?action=diff=8=9

   blockquote
. deeper
  
- CL_Program
+ IBM_MidrangeSystem
  
  === Glossary ===
   Term:: Definition

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "WikiSandBox" by JamesLampert

2016-09-28 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "WikiSandBox" page has been changed by JamesLampert:
https://wiki.apache.org/tomcat/WikiSandBox?action=diff=7=8

  Please feel free to experiment here, after the four dashes below... and 
please do '''NOT''' create new pages without any meaningful content just to try 
it out.
  
  '''Tip:''' Shift-click "HelpOnEditing" to open a second window with the help 
pages.
+ 
  
  
  == Formatting ==
- 
- ''italic'' '''bold''' {{{typewriter}}} 
+ ''italic'' '''bold''' {{{typewriter}}}
  
  `backtick typewriter` (configurable)
  
  {{{
  preformatted
  }}}
- 
  == Linking ==
- 
- HelpOnEditing MoinMoin:InterWiki 
+ HelpOnEditing MoinMoin:InterWiki
  
  http://purl.net/wiki/moin/ [[http://www.python.org/|Python]]
  
  some...@the.inter.net
  
- 
  === Image Link ===
  {{http://c2.com/sig/wiki.gif}}
  
  == Lists ==
- 
  === Bullet ===
   * first
-1. nested and numbered
+   1. nested and numbered
-1. numbered lists are renumbered
+   1. numbered lists are renumbered
   * second
-1. number
+   1. number
-  A. letter
+A. letter
  
   * third
-1.
+   1.
-2.
+   1.
   blockquote
-deeper
+   . deeper
+ 
- CLProgram
+ CL_Program
  
  === Glossary ===
   Term:: Definition
  
  === Drawing ===
- {{drawing:mytest}}
+ {{drawing:mytest.tdraw}}
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "WikiSandBox" by JamesLampert

2016-09-28 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "WikiSandBox" page has been changed by JamesLampert:
https://wiki.apache.org/tomcat/WikiSandBox?action=diff=6=7

 2.
   blockquote
 deeper
+ CLProgram
  
  === Glossary ===
   Term:: Definition

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ContributorsGroup" by ChristopherSchultz

2016-09-28 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=29=30

   * GregTrasuk
   * HartmutBecker
   * jboynes
+  * JamesLampert
   * JonLucas
   * [[Krzysztof Gil]]
   * LucaVisconti

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Logging" by ChristopherSchultz

2016-09-08 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Logging" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/FAQ/Logging?action=diff=25=26

Comment:
Fix name/link for cronolog.

  
   1. If you are using jsvc 1.0.4 or later (from 
[[http://commons.apache.org/daemon/|Apache Commons Daemon]] project) to launch 
Tomcat, you can send SIGUSR1 signal to jsvc to get it to re-open its log files 
([[https://issues.apache.org/jira/browse/DAEMON-95|Jira Ticket]]). You can 
couple this with 'logrotate' or your favorite log-rotation utility (including 
good-old 'mv') to re-name catalina.out at intervals and then get jsvc to 
re-open the original (catalina.out) file and continue writing to it.
   1. Use 'logrotate' with the 'copytruncate' option. This allows you to 
externally rotate catalina.out without changing anything within Tomcat.
-  1. Modify bin/catalina.sh (or bin/catalina.bat) to pipe output from the JVM 
into a piped-logger such as [[http://www.cronolog.org/|chronolog]] or Apache 
httpd's [[http://httpd.apache.org/docs/2.2/logs.html#piped|rotatelogs]] (note 
that the previous reference is for Apache httpd documentation and *is not 
applicable to Tomcat* -- it merely illustrates the concept).<>See also the 
patch in [[https://bz.apache.org/bugzilla/show_bug.cgi?id=53930|Bug 53930, 
"Allow capture of catalina stdout/stderr to a command instead of just a file"]].
+  1. Modify bin/catalina.sh (or bin/catalina.bat) to pipe output from the JVM 
into a piped-logger such as [[http://linux.die.net/man/1/cronolog|cronolog]] or 
Apache httpd's [[http://httpd.apache.org/docs/2.2/logs.html#piped|rotatelogs]] 
(note that the previous reference is for Apache httpd documentation and *is not 
applicable to Tomcat* -- it merely illustrates the concept).<>See also the 
patch in [[https://bz.apache.org/bugzilla/show_bug.cgi?id=53930|Bug 53930, 
"Allow capture of catalina stdout/stderr to a command instead of just a file"]].
  
  References to mailing list discussions:
   * [[http://marc.info/?t=10554447261=1=2a|tomcat-users thread from 
2003]]

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "SupportAndTraining" by GregTrasuk

2016-07-25 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "SupportAndTraining" page has been changed by GregTrasuk:
https://wiki.apache.org/tomcat/SupportAndTraining?action=diff=47=48

Comment:
Add Web Age Solutions to training provider listings.

  
  Rogue Wave [[http://www.roguewave.com/|Roguewave Tomcat Support]] / OpenLogic 
[[http://www.openlogic.com/|Roguewave Tomcat Support]] offers a comprehensive 
week-long instructor-led training program for developers and admins. Rogue Wave 
OpenLogic also provides Architecture and Design Consulting, and a Developer 
Support contract to assist in the development of web applications.
  
+ 
[[http://www.webagesolutions.com/index.html|{{http://www.webagesolutions.com/img/web-age-solutions.png|http://www.webagesolutions.com}}]]
+ 
+ Web Age Solutions offers 
[[http://www.webagesolutions.com/courses/servers-operating-systems-training|Apache
 Tomcat training and mentoring]] on-site in the US, Canada and worldwide, at a 
training center, in a Live Virtual Class, or through our subscription-based 
video library.
+ 
  === Example company name ===
  Use this example as a basis for your entry. New entries should be added just 
above this example.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "ContributorsGroup" by KonstantinKolinko

2016-07-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "ContributorsGroup" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/ContributorsGroup?action=diff=28=29

Comment:
Add GregTrasuk, as requested on dev@ list.

   * GaryBriggs
   * GFUCyrusAG
   * GlenIhrig
+  * GregTrasuk
   * HartmutBecker
   * jboynes
   * JonLucas

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "AdminGroup" by KonstantinKolinko

2016-07-24 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "AdminGroup" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/AdminGroup?action=diff=10=11

Comment:
Add FelixSchumacher, as requested on dev@ list.

  This is a list of people who can do editing of the LocalBadContent and 
ContributorsGroup pages:
   * ChristopherSchultz
   * ChuckCaldarale
+  * FelixSchumacher
   * IanDarwin
   * KonstantinKolinko
   * markt

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2016-07-19 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=41=42

Comment:
Add link to RFC 6266

  
  === Related Specifications ===
  
- || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || "HTTP Authentication: 
Basic and Digest Access Authentication"<>It covers BASIC and DIGEST 
authentication methods<>It was updated by 
[[http://tools.ietf.org/html/rfc7235|RFC 7235]]. ||
+ || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || "HTTP Authentication: 
Basic and Digest Access Authentication"<>It covers BASIC and DIGEST 
authentication methods<><>It was updated by 
[[http://tools.ietf.org/html/rfc7235|RFC 7235]]. ||
  || [[https://tools.ietf.org/html/rfc6265|RFC 6265]] || "HTTP State Management 
Mechanism"<>The specification about cookies. Implemented by 
[[http://tomcat.apache.org/tomcat-8.0-doc/config/cookie-processor.html | 
org.apache.tomcat.util.http.Rfc6265CookieProcessor]] that is available since 
Tomcat 8.0.15 and is default with Tomcat 8.5.0 onwards. See also "Cookies" page 
in [[Development|"Development Issues"]].<><>Obsolete specifications: 
[[https://tools.ietf.org/html/rfc2109|RFC2109]], 
[[https://tools.ietf.org/html/rfc2965|RFC 2965]]. ||
+ || [[https://tools.ietf.org/html/rfc6266|RFC 6266]] || "Use of the 
Content-Disposition Header Field in the Hypertext Transfer Protocol 
(HTTP)"<>Content-Disposition header is used by file uploads. See also 
[[https://bz.apache.org/bugzilla/show_bug.cgi?id=59115#c5|Bug 59115]] ||
  
  == AJP ==
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Specifications" by KonstantinKolinko

2016-07-19 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Specifications" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/Specifications?action=diff=40=41

Comment:
Add link to Cookies RFC.

  === Related Specifications ===
  
  || [[http://tools.ietf.org/html/rfc2617|RFC 2617]] || "HTTP Authentication: 
Basic and Digest Access Authentication"<>It covers BASIC and DIGEST 
authentication methods<>It was updated by 
[[http://tools.ietf.org/html/rfc7235|RFC 7235]]. ||
+ || [[https://tools.ietf.org/html/rfc6265|RFC 6265]] || "HTTP State Management 
Mechanism"<>The specification about cookies. Implemented by 
[[http://tomcat.apache.org/tomcat-8.0-doc/config/cookie-processor.html | 
org.apache.tomcat.util.http.Rfc6265CookieProcessor]] that is available since 
Tomcat 8.0.15 and is default with Tomcat 8.5.0 onwards. See also "Cookies" page 
in [[Development|"Development Issues"]].<><>Obsolete specifications: 
[[https://tools.ietf.org/html/rfc2109|RFC2109]], 
[[https://tools.ietf.org/html/rfc2965|RFC 2965]]. ||
  
  == AJP ==
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FrontPage" by KonstantinKolinko

2016-07-19 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FrontPage" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FrontPage?action=diff=38=39

Comment:
Use HTTPS url for the image, so that Firefox (47.0.1) does not complain about 
an insecure page when accessing wiki with https://

  ##language:en
  = Welcome to the Apache Tomcat Wiki =
- {{http://tomcat.apache.org/images/tomcat.gif}}
+ {{https://tomcat.apache.org/images/tomcat.gif}}
  
  This is the Wiki for Apache Tomcat, a Servlet and Java Server Pages container 
developed under the Apache License. The main documentation for this product is 
at [[http://tomcat.apache.org|tomcat.apache.org]]. Below is a list of some 
useful pages: we encourage everyone to contribute to these pages or start new 
ones as desired. But before you do, please check out the main documentation 
site as well as the [[FAQ]] and the 
[[http://tomcat.apache.org/lists.html|mailing lists]] (whose archives are 
searchable).
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Password" by KonstantinKolinko

2016-06-28 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Password" page has been changed by KonstantinKolinko:
https://wiki.apache.org/tomcat/FAQ/Password?action=diff=11=12

Comment:
Correct DOCTYPE declaration example - it has to match the root element. See 
"Validity constraint: Root Element Type" in XML 1.0 spec (REC-xml-20081126). I 
am using this syntax in my server.xml files.

  
   * Use properties replacement so that in the xml config you have 
${db.password} and in conf/catalina.properties you put the password there. 
   * Since server.xml is an XML file — you can use XML entities. For example: 
"woot" becomes "#119;#111;#111;#116;" which is a way to 
obscure the password. You may even go through an extra layer of indirection by 
converting ${db.password} into XML entities so that the property replacement 
above is also performed. (But remember, while "clever, not more secure)
-  * XML entities can be read from an external file. That is, add the following 
lines at the top of server.xml just above the {{{}}} element:
+  * XML entities can be read from an external file. That is, add the following 
text at the top of server.xml just after the XML declaration (``) 
and before the {{{}}} element (line wraps can be removed):
  
  {{{
- 
  ]>
  }}}

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "TomcatVersions" by markt

2016-06-13 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "TomcatVersions" page has been changed by markt:
https://wiki.apache.org/tomcat/TomcatVersions?action=diff=26=27

Comment:
Add 8.5.x

  The "Process" field in the following tables documents what development model 
is accepted by that project, either 
[[http://www.apache.org/foundation/glossary.html#ReviewThenCommit|Review-Then-Commit]]
 or 
[[http://www.apache.org/foundation/glossary.html#CommitThenReview|Commit-Then-Review]].
 For RTC model the changes are first proposed in the `STATUS.txt` file in the 
root of the project and have to gain at least 3 "`+1`" votes before being 
applied. The project members have agreed on several 
[[#RTC_Exceptions|exceptions]] from the RTC rule (documented below).
  
  = Tomcat 9.0.x =
- ||Spec versions: ||Servlet 4.0, JSP 2.4?, EL 3.1?, !WebSocket 1.2? ||
+ ||Spec versions: ||Servlet 4.0, JSP 2.4?, EL 3.1?, !WebSocket 1.2?, JASPIC 
1.1 ||
  ||Stable: ||No ||
  ||Enhancements: ||Yes ||
  ||Bug Fixes: ||Yes ||
@@ -19, +19 @@

  ||Release Manager: ||TBD ||
  ||Process: ||CTR ||
  ||Listed on download pages: ||Not yet ||
+ 
+ = Tomcat 8.5.x =
+ ||Spec versions: ||Servlet 3.1, JSP 2.3, EL 3.0, !WebSocket 1.1, JASPIC 1.1 ||
+ ||Stable: ||Yes ||
+ ||Enhancements: ||Yes ||
+ ||Bug Fixes: ||Yes ||
+ ||Security Fixes: ||Yes ||
+ ||Releases: ||Yes ||
+ ||Release Manager: ||Mark Thomas (markt) ||
+ ||Process: ||CTR ||
+ ||Listed on download pages: ||Yes ||
  
  = Tomcat 8.0.x =
  ||Spec versions: ||Servlet 3.1, JSP 2.3, EL 3.0, !WebSocket 1.1 ||

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "AJP with stunnel" by ChristopherSchultz

2016-05-25 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "AJP with stunnel" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/AJP%20with%20stunnel

New page:
= AJP over stunnel =

stunnel is a little more complicated than a normal protocol because it can be 
used in a number of different ways. I'll give some contrived examples to see 
how you can set it up in different ways, depending upon the support for 
encryption of the underlying protocol.

This wiki entry is intended to be a starter-guide and not a replacement for the 
fine [https://www.stunnel.org/docs.html|documentation provided by the stunnel 
team].

Let's say that you have an HTTPS server, but your client can't speak HTTPS for 
some reason. If you set up stunnel on the *client* side, you can connect 
locally to the stunnel server and have it establish a secure-connection to the 
remote server running HTTPS. Like this:

{{{
  client -> localhost:12345 (stunnel)
  stunnel -> remote_host:443 (httpd)
}}}

As far as the client is concerned, it's using HTTP to talk to localhost. But 
really it's talking to remove_host:443, so everyone is happy. (Yes, there are 
issues with URLs and redirects produced by the server, but that's out of scope 
for this discussion).

Let's take another example: you have clients that are HTTPS-capable, but the 
service you are running can only support HTTP for some reason, and you want to 
secure it. Set up stunnel on the *server*, then have your remote clients 
connect to *it* and tunnel to localhost. Like this:

{{{
  client -> remote_host:443 (stunnel)
  stunnel localhost:8080 (httpd)
}}}

As far as the client is concerned, it's using HTTPS to communicate with 
remote_host:443, but really it's connecting to remote_host:8080. (Yes, there 
are some issues with URLs and redirects but that's out of scope for this 
discussion.)

So what if the underling protocol doesn't support TLS at all? Well, then you 
have to set up stunnel on *both sides* of the tunnel, like this:

{{{
  client (mod_jk) -> localhost:12345 (stunnel)
  stunnel -> remote_host:12345 (stunnel)
  stunnel -> localhost:8009 (Tomcat)
}}}

The setup for stunnel looks like this for the client (on the web server):

{{{
  sslVersion = all
  options = NO_SSLv2
  options = NO_SSLv3
  client = yes
  [ajp13s]
  accept=localhost:8009
  connect=remote_host:8010
}}}

On the server, it looks like this:

{{{
  sslVersion = all
  options = NO_SSLv2
  options = NO_SSLv3
  client = no
  [ajp13s]
  accept=8010
  connect=localhost:8009
}}}

On the web server, set your worker's host to "localhost" and port to 8009. 
mod_jk will connect to localhost:8009 which stunnel will accept and forward 
over the network to remote_host:8010 which will be accepted by stunnel on the 
server and forwarded to localhost:8009 on the server.

stunnel is great because it will auto-reconnect if the connection is dropped 
for some reason. Remember a few things with stunnel:

1. Depending upon the version, you might only be able to use TLSv1 (and not 
e.g. TLSv1.2)
2. stunnel generally ignores certificate issues, such as expiration, etc. You 
might want to configure it with a little more care than the default. '''THIS 
ALSO MEANS IT DOES NOT AUTHENTICATE THE SERVER BY DEFAULT'''. You could 
accidentally connect to a malicious server.

This should be enough to get you started. Please refer to the official stunnel 
documentation for specifics.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "FAQ/Connectors" by ChristopherSchultz

2016-05-25 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "FAQ/Connectors" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/FAQ/Connectors?action=diff=16=17

  directives to say http:// (or https://) instead of ajp://. This might
  help you if you need to switch protocols for debugging purposes or if
  you suddenly need switch to HTTPS to secure the traffic without any
- external configuration (e.g. stunnel or VPN).
+ external configuration (e.g. stunnel or VPN). (See [[AJP with stunnel]].)
  
  mod_proxy also supports ProxyPassMatch which lets you use regular
  expressions in your URL mappings, which mod_jk's JkMount does not

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=18=19

Comment:
Add results for Tomcat 6 and APR/native

  == APR with OpenSSL Results (Default) ==
  
  |||| Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6   ||  TBD   ||  TBD   ||  TBD   ||  TBD   ||
+ || Tomcat 6   ||   A||   A||   A||   A||
  || Tomcat 7   ||  N/A   ||   A||   A||   A||
  || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
  
  The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
- 
- 
- == JSSE (BIO/NIO/NIO2) Results (Improved) ==
- 
- ||  || Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6 ||   B||   B||   A-   ||   A||
- 
- == JSSE Settings for Improved Results ==
- 
- To use these settings:
- 
-  1. Pass JVM parameter '''-Djdk.tls.ephemeralDHKeySize=2048''' to JVM running 
Tomcat.
- 
-  1. Set the ciphers attribute on your secure connector to the list of ciphers 
shown below. The list should be comma separated.
- 
-   * Java 5
-* TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 
SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
-   * Java 6
-* TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA
-   * Java 7
- * TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 
SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
-   * Java 8
-* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  
  == Environment ==
  
@@ -79, +56 @@

   * Java 6, 64-bit, update 45
   * Java 7, 64-bit, update 80
   * Java 8, 64-bit, update 77
-  * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
+  * Apache Tomcat 6.0.46-dev, r1737284.
   * Apache Tomcat 7.0.69-dev, r1737253.
   * Apache Tomcat 8.0.34-dev, r1737224.
   * Apache Tomcat 8.5.1-dev, r1737241.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=17=18

Comment:
Add the results for Tomcat 6 and JSSE

  == BIO/NIO/NIO2 with JSSE Results (Default) ==
  
  |||| Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6   ||   C||   C||   C||   B||
+ || Tomcat 6   ||   C||   C||   A||   A||
  || Tomcat 7   ||  N/A   ||   C||   A||   A||
  || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
@@ -15, +15 @@

  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  
- Note: The Java 6 results are capped at C because Java 6 does not support TLS 
1.1 or 1.2.
+ Note: The Java 5 and 6 results are capped at C because neither Java 5 nor 6 
support TLS 1.1 or 1.2.
  
  The equivalent OpenSSL cipher configurations used to obtain the above results 
are:
  
+ || Java 5 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!DHE ||
  || Java 6 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!DHE ||
  || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE ||
  || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
@@ -33, +34 @@

  || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
  
+ The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
  
  Note: JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native release to 
achieve an A since, without it, the full certificate chain is not presented to 
the client.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=16=17

Comment:
Update Tomcat 7 APR/native results

  
  |||| Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6   ||  TBD   ||  TBD   ||  TBD   ||  TBD   ||
- || Tomcat 7   ||  N/A   ||  TBD   ||  TBD   ||  TBD   ||
+ || Tomcat 7   ||  N/A   ||   A||   A||   A||
  || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
@@ -52, +52 @@

  
  ||  || Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6 ||   B||   B||   A-   ||   A||
- 
- 
  
  == JSSE Settings for Improved Results ==
  
@@ -80, +78 @@

   * Java 7, 64-bit, update 80
   * Java 8, 64-bit, update 77
   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
-  * Apache Tomcat 7.0.69-dev, r1737249.
+  * Apache Tomcat 7.0.69-dev, r1737253.
   * Apache Tomcat 8.0.34-dev, r1737224.
   * Apache Tomcat 8.5.1-dev, r1737241.
   * Apache Tomcat 9.0.0.M5-dev, r1737193.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=15=16

Comment:
Fill in Tomcat 7 JSSE 

  
  |||| Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6   ||   C||   C||   C||   B||
- || Tomcat 7   ||  N/A   ||   C||   C||   B||
+ || Tomcat 7   ||  N/A   ||   C||   A||   A||
  || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
  || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
+ 
+ Note: The Java 6 results are capped at C because Java 6 does not support TLS 
1.1 or 1.2.
+ 
+ The equivalent OpenSSL cipher configurations used to obtain the above results 
are:
+ 
+ || Java 6 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!DHE ||
+ || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE ||
+ || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
+ 
+ Note: kRSA ciphers are not excluded in Java 6 and earlier since they are 
likely to be the only ones left
+ 
+ Note: In Java 7 and earlier DHE ciphers use insecure DH keys with no means to 
configure longer keys which is why DHE ciphers are excluded in those Java 
versions.
  
  == NIO/NIO2 with JSSE+OpenSSL Results (Default) ==
  
@@ -23, +35 @@

  
  
  Note: JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native release to 
achieve an A since, without it, the full certificate chain is not presented to 
the client.
- 
- The equivalent OpenSSL cipher configurations used to obtain the above results 
are:
- 
- || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE ||
- || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
- 
- Note: Java 7 DHE ciphers sue a 768 bit DH key which is considered insecure 
which is why those ciphers are excluded only for Java 7.
  
  == APR with OpenSSL Results (Default) ==
  
@@ -47, +52 @@

  
  ||  || Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6 ||   B||   B||   A-   ||   A||
- || Tomcat 7 ||  N/A   ||   B||   A-   ||   A||
  
  
  
@@ -76, +80 @@

   * Java 7, 64-bit, update 80
   * Java 8, 64-bit, update 77
   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
-  * Apache Tomcat 7.0.60-dev, r1664373.
+  * Apache Tomcat 7.0.69-dev, r1737249.
   * Apache Tomcat 8.0.34-dev, r1737224.
   * Apache Tomcat 8.5.1-dev, r1737241.
   * Apache Tomcat 9.0.0.M5-dev, r1737193.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=14=15

Comment:
Update the Tomcat 8.5 results. Split out JSSE, JSSE+OpenSSL and OpenSSL into 
separate tables

  
  There is no right choice since there are always trade-offs to make between 
better security better interoperability, better performance etc.. Where you 
choose to draw that line is a choice you need to make. The following 
information is provided to help you make that choice. The ratings provided are 
those calculated by the excellent [[https://www.ssllabs.com/ssltest|SSL Labs 
Test]]. Keep in mind that, as more vulnerabilities are discovered, these 
ratings are only ever going to get worse over time. The results shown on this 
page were correct at the time they were generated.
  
- As of May 2015, 1024-bit DHE is 
[[https://www.schneier.com/blog/archives/2015/05/the_logjam_and_.html|considered]]
 [[https://weakdh.org/imperfect-forward-secrecy.pdf|breakable]] by nation-state 
adversaries. 2048-bit DHE is recommended. 2048-bit DHE may be configured with 
JSSE connectors (BIO, NIO, NIO2) using JVM parameter, and for APR connector 
Apache Tomcat Native Library 1.2.2 (or later) should be used.
+ == BIO/NIO/NIO2 with JSSE Results (Default) ==
  
- 
- == JSSE (BIO/NIO/NIO2) Results (Default) ==
- 
- ||   || Java 5 || Java 6 || Java 7 || Java 8 ||
+ |||| Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6 (JSSE)   ||   C||   C||   C||   B||
+ || Tomcat 6   ||   C||   C||   C||   B||
- || Tomcat 7 (JSSE)   ||  N/A   ||   C||   C||   B||
+ || Tomcat 7   ||  N/A   ||   C||   C||   B||
- || Tomcat 8 (JSSE)   ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
- || Tomcat 8 (APR/OpenSSL)||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
- || Tomcat 8.5 (JSSE) ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
- || Tomcat 8.5 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
- || Tomcat 8.5 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
- || Tomcat 9 (JSSE)   ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
- || Tomcat 9 (JSSE/OpenSSL)   ||  N/A   ||  N/A   ||  N/A   ||   A||
- || Tomcat 9 (APR/OpenSSL)||  N/A   ||  N/A   ||  N/A   ||   A||
  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  
+ == NIO/NIO2 with JSSE+OpenSSL Results (Default) ==
+ 
+ |||| Java 5 || Java 6 || Java 7 || Java 8 ||
+ || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
+ 
+ 
- Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since, without it, the full certificate chain is not 
presented to the client.
+ Note: JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native release to 
achieve an A since, without it, the full certificate chain is not presented to 
the client.
+ 
+ The equivalent OpenSSL cipher configurations used to obtain the above results 
are:
+ 
+ || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE ||
+ || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA ||
+ 
+ Note: Java 7 DHE ciphers sue a 768 bit DH key which is considered insecure 
which is why those ciphers are excluded only for Java 7.
+ 
+ == APR with OpenSSL Results (Default) ==
+ 
+ |||| Java 5 || Java 6 || Java 7 || Java 8 ||
+ || Tomcat 6   ||  TBD   ||  TBD   ||  TBD   ||  TBD   ||
+ || Tomcat 7   ||  N/A   ||  TBD   ||  TBD   ||  TBD   ||
+ || Tomcat 8   ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 8.5 ||  N/A   ||  N/A   ||   A||   A||
+ || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A||
+ 
+ The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
+ 
  
  == JSSE (BIO/NIO/NIO2) Results (Improved) ==
  
@@ -50, +68 @@

* Java 8
 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  
- ''(It might be nice to provide the OpenSSL-style cipher suites arcana for the 
versions of Tomcat that support it)''
- 
  == Environment ==
  
  The results above were generated with:
@@ -62, +78 @@

   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
   * Apache Tomcat 7.0.60-dev, r1664373.
   * Apache Tomcat 8.0.34-dev, r1737224.
-  * Apache Tomcat 8.5.1-dev,

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=13=14

Comment:
Update Tomcat 8 results. No longer need the improved results for Tomcat 8.

  ||   || Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6 (JSSE)   ||   C||   C||   C||   B||
  || Tomcat 7 (JSSE)   ||  N/A   ||   C||   C||   B||
- || Tomcat 8 (JSSE)   ||  N/A   ||  N/A   ||   A-   ||   A-   ||
+ || Tomcat 8 (JSSE)   ||  N/A   ||  N/A   ||   A||   A||
- || Tomcat 8 (APR/OpenSSL)||  N/A   ||  N/A   ||   A-   ||   A-   ||
+ || Tomcat 8 (APR/OpenSSL)||  N/A   ||  N/A   ||   A||   A||
- || Tomcat 8.5 (JSSE) ||  N/A   ||  N/A   ||  N/A   ||  TBD   ||
+ || Tomcat 8.5 (JSSE) ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
- || Tomcat 8.5 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||  TBD   ||
+ || Tomcat 8.5 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
- || Tomcat 8.5 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  N/A   ||  TBD   ||
+ || Tomcat 8.5 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
  || Tomcat 9 (JSSE)   ||  N/A   ||  N/A   ||  N/A   ||   A||
  || Tomcat 9 (JSSE/OpenSSL)   ||  N/A   ||  N/A   ||  N/A   ||   A||
  || Tomcat 9 (APR/OpenSSL)||  N/A   ||  N/A   ||  N/A   ||   A||
@@ -30, +30 @@

  ||  || Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6 ||   B||   B||   A-   ||   A||
  || Tomcat 7 ||  N/A   ||   B||   A-   ||   A||
- || Tomcat 8 ||  N/A   ||  N/A   ||   A-   ||   A||
  
  
  
@@ -62, +61 @@

   * Java 8, 64-bit, update 77
   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
   * Apache Tomcat 7.0.60-dev, r1664373.
-  * Apache Tomcat 8.0.34-dev, r1737213.
+  * Apache Tomcat 8.0.34-dev, r1737224.
   * Apache Tomcat 8.5.1-dev, r1737213.
   * Apache Tomcat 9.0.0.M5-dev, r1737193.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=12=13

Comment:
Add placeholders for 8.5.x

  
  == JSSE (BIO/NIO/NIO2) Results (Default) ==
  
- || || Java 5 || Java 6 || Java 7 || Java 8 ||
+ ||   || Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6 (JSSE) ||   C||   C||   C||   B||
+ || Tomcat 6 (JSSE)   ||   C||   C||   C||   B||
- || Tomcat 7 (JSSE) ||  N/A   ||   C||   C||   B||
+ || Tomcat 7 (JSSE)   ||  N/A   ||   C||   C||   B||
+ || Tomcat 8 (JSSE)   ||  N/A   ||  N/A   ||   A-   ||   A-   ||
+ || Tomcat 8 (APR/OpenSSL)||  N/A   ||  N/A   ||   A-   ||   A-   ||
- || Tomcat 8 (JSSE) ||  N/A   ||  N/A   ||   A-   ||  TBD   ||
+ || Tomcat 8.5 (JSSE) ||  N/A   ||  N/A   ||  N/A   ||  TBD   ||
+ || Tomcat 8.5 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||  TBD   ||
- || Tomcat 8 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
+ || Tomcat 8.5 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  N/A   ||  TBD   ||
- || Tomcat 9 (JSSE) ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9 (JSSE)   ||  N/A   ||  N/A   ||  N/A   ||   A||
- || Tomcat 9 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9 (JSSE/OpenSSL)   ||  N/A   ||  N/A   ||  N/A   ||   A||
- || Tomcat 9 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9 (APR/OpenSSL)||  N/A   ||  N/A   ||  N/A   ||   A||
  
  Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  
- Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since without it the full certificate chain is not 
presented to the client.
+ Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since, without it, the full certificate chain is not 
presented to the client.
  
  == JSSE (BIO/NIO/NIO2) Results (Improved) ==
  
@@ -59, +62 @@

   * Java 8, 64-bit, update 77
   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
   * Apache Tomcat 7.0.60-dev, r1664373.
-  * Apache Tomcat 8.0.34-dev, r1737212.
+  * Apache Tomcat 8.0.34-dev, r1737213.
+  * Apache Tomcat 8.5.1-dev, r1737213.
   * Apache Tomcat 9.0.0.M5-dev, r1737193.
  
  == APR/native ==

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=11=12

Comment:
Update Tomcat 8 results

  || || Java 5 || Java 6 || Java 7 || Java 8 ||
  || Tomcat 6 (JSSE) ||   C||   C||   C||   B||
  || Tomcat 7 (JSSE) ||  N/A   ||   C||   C||   B||
- || Tomcat 8 (JSSE) ||  N/A   ||  N/A   ||   C||   B||
+ || Tomcat 8 (JSSE) ||  N/A   ||  N/A   ||   A-   ||  TBD   ||
+ || Tomcat 8 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  TBD   ||  TBD   ||
  || Tomcat 9 (JSSE) ||  N/A   ||  N/A   ||  N/A   ||   A||
  || Tomcat 9 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   A||
  || Tomcat 9 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  N/A   ||   A||
@@ -54, +55 @@

  The results above were generated with:
   * Java 5, 64-bit, update 22
   * Java 6, 64-bit, update 45
-  * Java 7, 64-bit, update 76
+  * Java 7, 64-bit, update 80
   * Java 8, 64-bit, update 77
   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
   * Apache Tomcat 7.0.60-dev, r1664373.
-  * Apache Tomcat 8.0.21-dev, r1664594.
+  * Apache Tomcat 8.0.34-dev, r1737212.
   * Apache Tomcat 9.0.0.M5-dev, r1737193.
  
  == APR/native ==

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=10=11

Comment:
Add note about JCE policy files

  || Tomcat 9 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   A||
  || Tomcat 9 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  N/A   ||   A||
  
+ Note: These results were obtained using the JCE Unlimited Strength 
Jurisdiction Policy Files
  
  Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since without it the full certificate chain is not 
presented to the client.
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-31 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=9=10

Comment:
Add APR/native results for Tomcat 9

  
  == JSSE (BIO/NIO/NIO2) Results (Default) ==
  
- |||| Java 5 || Java 6 || Java 7 || Java 8 ||
+ || || Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6 (JSSE)||   C||   C||   C||   B||
+ || Tomcat 6 (JSSE) ||   C||   C||   C||   B||
- || Tomcat 7 (JSSE)||  N/A   ||   C||   C||   B||
+ || Tomcat 7 (JSSE) ||  N/A   ||   C||   C||   B||
- || Tomcat 8 (JSSE)||  N/A   ||  N/A   ||   C||   B||
+ || Tomcat 8 (JSSE) ||  N/A   ||  N/A   ||   C||   B||
- || Tomcat 9 (JSSE)||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9 (JSSE) ||  N/A   ||  N/A   ||  N/A   ||   A||
- || Tomcat 9 (OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9 (JSSE/OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   A||
+ || Tomcat 9 (APR/OpenSSL)  ||  N/A   ||  N/A   ||  N/A   ||   A||
  
+ 
- Note: Tomcat 9 with JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since without it the full certificate chain is not 
presented to the client.
+ Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since without it the full certificate chain is not 
presented to the client.
  
  == JSSE (BIO/NIO/NIO2) Results (Improved) ==
  
@@ -56, +58 @@

   * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
   * Apache Tomcat 7.0.60-dev, r1664373.
   * Apache Tomcat 8.0.21-dev, r1664594.
-  * Apache Tomcat 9.0.0.M5-dev r1737119
+  * Apache Tomcat 9.0.0.M5-dev, r1737193.
  
  == APR/native ==
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Tomcat Wiki] Update of "Security/Ciphers" by markt

2016-03-30 Thread Apache Wiki 
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff=8=9

Comment:
Update Tomcat 9 results

  || Tomcat 7 (JSSE)||  N/A   ||   C||   C||   B||
  || Tomcat 8 (JSSE)||  N/A   ||  N/A   ||   C||   B||
  || Tomcat 9 (JSSE)||  N/A   ||  N/A   ||  N/A   ||   A||
- || Tomcat 9 (OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   B||
+ || Tomcat 9 (OpenSSL) ||  N/A   ||  N/A   ||  N/A   ||   A||
  
- Note: There is a bug with Tomcat 9 with JSSE+OpenSSL that limits the grade to 
B because the certificate chain is not made available.
+ Note: Tomcat 9 with JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native 
release to achieve an A since without it the full certificate chain is not 
presented to the client.
  
  == JSSE (BIO/NIO/NIO2) Results (Improved) ==
  

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

  1   2   3   4   5   6   7   8   9   10   >