DO NOT REPLY [Bug 51735] New: welcome page deadlock at startup

https://issues.apache.org/bugzilla/show_bug.cgi?id=51735 Bug #: 51735 Summary: welcome page deadlock at startup Product: Tomcat 7 Version: 7.0.16 Platform: All OS/Version: All Status: NEW Severity: normal

DO NOT REPLY [Bug 51735] welcome page deadlock at startup

https://issues.apache.org/bugzilla/show_bug.cgi?id=51735 Andy Chapman andrew.chap...@brighterworking.com changed: What|Removed |Added CC|

Re: [VOTE] Grant Olivier Lamy commit karma to the Tomcat repo (for the Maven plugin)

On 25.08.2011 16:44, Mark Thomas wrote: Subject says it all. +1 Rainer - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [VOTE] Grant Olivier Lamy commit karma to the Tomcat repo (for the Maven plugin)

2011/8/25 Mark Thomas ma...@apache.org: Subject says it all. Here is my +1 to start this off. +1 -- Keiichi.Fujino - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail:

DO NOT REPLY [Bug 51736] New: Make rpcTimeout configurable in BackupManager.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51736 Bug #: 51736 Summary: Make rpcTimeout configurable in BackupManager. Product: Tomcat 7 Version: trunk Platform: All OS/Version: All Status: NEW Severity:

DO NOT REPLY [Bug 51735] welcome page deadlock at startup

https://issues.apache.org/bugzilla/show_bug.cgi?id=51735 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED

svn commit: r1162721 - in /tomcat/trunk: java/org/apache/catalina/ha/session/ java/org/apache/catalina/tribes/tipis/ webapps/docs/config/

Author: kfujino Date: Mon Aug 29 10:30:38 2011 New Revision: 1162721 URL: http://svn.apache.org/viewvc?rev=1162721view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51736. Make rpcTimeout configurable in BackupManager. Modified:

svn commit: r1162735 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/ha/session/ java/org/apache/catalina/tribes/tipis/ webapps/docs/ webapps/docs/config/

Author: kfujino Date: Mon Aug 29 11:08:42 2011 New Revision: 1162735 URL: http://svn.apache.org/viewvc?rev=1162735view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51736. Make rpcTimeout configurable in BackupManager. Modified:

DO NOT REPLY [Bug 51736] Make rpcTimeout configurable in BackupManager.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51736 Keiichi Fujino kfuj...@apache.org changed: What|Removed |Added Component|Cluster |Cluster

DO NOT REPLY [Bug 51735] welcome page deadlock at startup

https://issues.apache.org/bugzilla/show_bug.cgi?id=51735 --- Comment #2 from Andy Chapman andrew.chap...@brighterworking.com 2011-08-29 11:55:19 UTC --- Thanks. Just in case anyone else gets this, it looks like it was the Eclipse server launcher which seems to check the context URL as part of

svn commit: r1162769 - /tomcat/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java

Author: kkolinko Date: Mon Aug 29 12:45:42 2011 New Revision: 1162769 URL: http://svn.apache.org/viewvc?rev=1162769view=rev Log: Followup to r1162721 Get list of members only once Improve message and code formatting Modified:

svn commit: r1162773 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java

Author: kkolinko Date: Mon Aug 29 12:48:27 2011 New Revision: 1162773 URL: http://svn.apache.org/viewvc?rev=1162773view=rev Log: Followup to r1162721 (r1162735) Get list of members only once Improve message and code formatting Modified: tomcat/tc7.0.x/trunk/ (props changed)

svn commit: r1162774 - /tomcat/tc6.0.x/trunk/STATUS.txt

Author: kkolinko Date: Mon Aug 29 12:51:47 2011 New Revision: 1162774 URL: http://svn.apache.org/viewvc?rev=1162774view=rev Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL:

DO NOT REPLY [Bug 51739] New: If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Bug #: 51739 Summary: If landingpage is a XHTML (JSF/CDI), nullpointer exception. Product: Tomcat 7 Version: 7.0.20 Platform: PC Status: NEW

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 --- Comment #2 from Flávio Henrique serv...@ig.com.br 2011-08-29 13:52:47 UTC --- Valve className=org.apache.catalina.authenticator.FormAuthenticator landingPage=/restrito/principal.xhtml / A workaround is the use of a jsp

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 --- Comment #3 from Flávio Henrique serv...@ig.com.br 2011-08-29 13:55:34 UTC --- (In reply to comment #1) No information provided. Sorry, save the information before entering futher information. -- Configure bugmail:

[RESULT] [VOTE] Grant Olivier Lamy commit karma to the Tomcat repo (for the Maven plugin)

This vote has passed. I have added Olivier to the Tomcat committers group. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Flávio Henrique serv...@ig.com.br changed: What|Removed |Added Status|RESOLVED|REOPENED

DO NOT REPLY [Bug 51727] Manager deploy cannot be invoked without path parameter

https://issues.apache.org/bugzilla/show_bug.cgi?id=51727 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED

DO NOT REPLY [Bug 47467] Deployment of the war file by URL when contextpath is not specified in Manager Application.

https://issues.apache.org/bugzilla/show_bug.cgi?id=47467 Mark Thomas ma...@apache.org changed: What|Removed |Added CC||jer...@netmesh.us

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|REOPENED|RESOLVED

Re: [RESULT] [VOTE] Grant Olivier Lamy commit karma to the Tomcat repo (for the Maven plugin)

Hello, Thanks folks for the karma ! Really honored by the trust ! FYI : I will start importing sources tomorrow. @Mark I will have to review some details with you regarding jira import. 2011/8/29 Mark Thomas ma...@apache.org: This vote has passed. I have added Olivier to the Tomcat

svn commit: r1162836 - /tomcat/trunk/java/org/apache/catalina/authenticator/AuthenticatorBase.java

Author: markt Date: Mon Aug 29 14:40:27 2011 New Revision: 1162836 URL: http://svn.apache.org/viewvc?rev=1162836view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51712 Ensure cache control headers are sent even if request is secure. Patch provided by Michael Zampani Modified:

svn commit: r1162838 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/AuthenticatorBase.java webapps/docs/changelog.xml

Author: markt Date: Mon Aug 29 14:42:49 2011 New Revision: 1162838 URL: http://svn.apache.org/viewvc?rev=1162838view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51712 Ensure cache control headers are sent even if request is secure. Patch provided by Michael Zampani Modified:

DO NOT REPLY [Bug 51712] Regression in cache-control headers for requests with security-constraints

https://issues.apache.org/bugzilla/show_bug.cgi?id=51712 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED

DO NOT REPLY [Bug 51727] Manager deploy cannot be invoked without path parameter

https://issues.apache.org/bugzilla/show_bug.cgi?id=51727 Johannes Ernst jer...@netmesh.us changed: What|Removed |Added Status|RESOLVED|REOPENED

DO NOT REPLY [Bug 51727] Manager deploy cannot be invoked without path parameter

https://issues.apache.org/bugzilla/show_bug.cgi?id=51727 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|REOPENED|RESOLVED

DO NOT REPLY [Bug 47467] Deployment of the war file by URL when contextpath is not specified in Manager Application.

https://issues.apache.org/bugzilla/show_bug.cgi?id=47467 --- Comment #19 from Mark Thomas ma...@apache.org 2011-08-29 15:16:48 UTC --- *** Bug 51727 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 --- Comment #5 from Christopher Schultz ch...@christopherschultz.net 2011-08-29 17:10:52 UTC --- To elaborate in order to avoid a REOPEN: Flávio, you must have an enumerated type that is broken. -- Configure bugmail:

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Konstantin Kolinko knst.koli...@gmail.com changed: What|Removed |Added Status|RESOLVED

DO NOT REPLY [Bug 51730] Exception while trying to use is prefixed boolean property inherited from package private base class

https://issues.apache.org/bugzilla/show_bug.cgi?id=51730 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED

svn commit: r1162932 - /tomcat/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java

Author: markt Date: Mon Aug 29 18:28:28 2011 New Revision: 1162932 URL: http://svn.apache.org/viewvc?rev=1162932view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Set the method when using a landing page Modified:

svn commit: r1162933 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/FormAuthenticator.java webapps/docs/changelog.xml

Author: markt Date: Mon Aug 29 18:30:11 2011 New Revision: 1162933 URL: http://svn.apache.org/viewvc?rev=1162933view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Set the method when using a landing page Modified: tomcat/tc7.0.x/trunk/ (props changed)

DO NOT REPLY [Bug 51739] If landingpage is a XHTML (JSF/CDI), nullpointer exception.

https://issues.apache.org/bugzilla/show_bug.cgi?id=51739 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|REOPENED|RESOLVED

svn commit: r1162957 - in /tomcat/trunk/java/org/apache/coyote/ajp: AbstractAjpProcessor.java AjpAprProcessor.java AjpNioProcessor.java AjpProcessor.java

Author: markt Date: Mon Aug 29 19:44:53 2011 New Revision: 1162957 URL: http://svn.apache.org/viewvc?rev=1162957view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 Fix CVE-2011-3190 Prevent AJP request forgery via unread request body packet Modified:

svn commit: r1162958 - in /tomcat/tc7.0.x/trunk: java/org/apache/coyote/ajp/ webapps/docs/

Author: markt Date: Mon Aug 29 19:45:13 2011 New Revision: 1162958 URL: http://svn.apache.org/viewvc?rev=1162958view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 Fix CVE-2011-3190 Prevent AJP request forgery via unread request body packet Modified:

svn commit: r1162959 - in /tomcat/tc6.0.x/trunk: java/org/apache/coyote/ajp/AjpAprProcessor.java java/org/apache/coyote/ajp/AjpProcessor.java webapps/docs/changelog.xml

Author: markt Date: Mon Aug 29 19:45:42 2011 New Revision: 1162959 URL: http://svn.apache.org/viewvc?rev=1162959view=rev Log: Fix CVE-2011-3190 Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 Prevent AJP request forgery via unread request body packet Modified:

svn commit: r1162960 - in /tomcat/tc5.5.x/trunk: connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java container/webapps/docs/changelog.xml

Author: markt Date: Mon Aug 29 19:45:52 2011 New Revision: 1162960 URL: http://svn.apache.org/viewvc?rev=1162960view=rev Log: Fix CVE-2011-3190 Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 Prevent AJP request forgery via unread request body packet Modified:

DO NOT REPLY [Bug 51698] ajp CPing/Forward-Request packet forgery, is a design decision? or a security vulnerability?

https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED

svn commit: r1162962 - in /tomcat/site/trunk: docs/security-5.html docs/security-6.html docs/security-7.html xdocs/security-5.xml xdocs/security-6.xml xdocs/security-7.xml

Author: markt Date: Mon Aug 29 19:49:44 2011 New Revision: 1162962 URL: http://svn.apache.org/viewvc?rev=1162962view=rev Log: Add info for CVE-2011-3190 Modified: tomcat/site/trunk/docs/security-5.html tomcat/site/trunk/docs/security-6.html tomcat/site/trunk/docs/security-7.html

[SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure

CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.20 - Tomcat 6.0.0 to 6.0.33 - Tomcat 5.5.0 to 5.5.33 - Earlier, unsupported versions may also be affected

svn commit: r1162976 - in /tomcat/tc7.0.x/tags/TOMCAT_7_0_21: ./ build.properties.default

Author: markt Date: Mon Aug 29 20:14:36 2011 New Revision: 1162976 URL: http://svn.apache.org/viewvc?rev=1162976view=rev Log: Tag 7.0.21 Added: tomcat/tc7.0.x/tags/TOMCAT_7_0_21/ (props changed) - copied from r1162971, tomcat/tc7.0.x/trunk/ Modified:

svn commit: r1162997 - in /tomcat/site/trunk: docs/security-5.html xdocs/security-5.xml

Author: kkolinko Date: Mon Aug 29 20:52:22 2011 New Revision: 1162997 URL: http://svn.apache.org/viewvc?rev=1162997view=rev Log: Update link: the patch has been applied. Modified: tomcat/site/trunk/docs/security-5.html tomcat/site/trunk/xdocs/security-5.xml Modified:

[VOTE] Release Apache Tomcat 7.0.21

The proposed Apache Tomcat 7.0.21 release is now available for voting. It can be obtained from: http://people.apache.org/~markt/dev/tomcat-7/v7.0.21/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_21/ The proposed 7.0.21 release is: [ ] Broken - do not release [

DO NOT REPLY [Bug 51741] New: Eclipse WTP Serve modules without publishing broken with tc7, needs patch in tomcat

https://issues.apache.org/bugzilla/show_bug.cgi?id=51741 Bug #: 51741 Summary: Eclipse WTP Serve modules without publishing broken with tc7, needs patch in tomcat Product: Tomcat 7 Version: 7.0.20 Platform: Macintosh

DO NOT REPLY [Bug 51741] Eclipse WTP Serve modules without publishing broken with tc7, needs patch in tomcat

https://issues.apache.org/bugzilla/show_bug.cgi?id=51741 Sylvain Laurent slaur...@apache.org changed: What|Removed |Added OS/Version||All ---

Re: [VOTE] Release Apache Tomcat 7.0.21

2011/8/30 Mark Thomas ma...@apache.org: The proposed Apache Tomcat 7.0.21 release is now available for voting. It can be obtained from: http://people.apache.org/~markt/dev/tomcat-7/v7.0.21/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_21/ The proposed

Re: [VOTE] Release Apache Tomcat 7.0.21

On 29/08/2011 22:32, Konstantin Kolinko wrote: 2011/8/30 Mark Thomas ma...@apache.org: The proposed Apache Tomcat 7.0.21 release is now available for voting. It can be obtained from: http://people.apache.org/~markt/dev/tomcat-7/v7.0.21/ The svn tag is:

DO NOT REPLY [Bug 51741] Eclipse WTP Serve modules without publishing broken with tc7, needs patch in tomcat

https://issues.apache.org/bugzilla/show_bug.cgi?id=51741 Mark Thomas ma...@apache.org changed: What|Removed |Added Severity|normal |enhancement ---