[Bug 60196] New: isMandatory erroneously always set to true for JASPIC SAM

2016-10-02 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=60196

Bug ID: 60196
   Summary: isMandatory erroneously always set to true for JASPIC
SAM
   Product: Tomcat 9
   Version: 9.0.0.M10
  Hardware: All
OS: All
Status: NEW
  Severity: normal
  Priority: P2
 Component: Catalina
  Assignee: dev@tomcat.apache.org
  Reporter: arjan.ti...@gmail.com

When the validateRequest method of a JASPIC SAM is called in Tomcat 9, the
"javax.security.auth.message.MessagePolicy.isMandatory" key in the MessageInfo
map is erroneously always set to true.

This happens in
org.apache.catalina.authenticator.AuthenticatorBase.getJaspicState via the
following code:

new MessageInfoImpl(request.getRequest(), response.getResponse(), true);

The "true" param becomes the "authMandatory" value in the MessageInfo map:

map.put(IS_MANDATORY, Boolean.toString(authMandatory));

However, according to section 3.8.1.1 of the JASPIC 1.1 spec this should only
be true if the target resource is protected. To be more exact when:

"... the resource identified by the HttpServletRequest is covered by a Servlet
auth- constraint, or in a JSR 115 compatible runtime, if the corresponding
WebResourcePermission is NOT granted to an unauthenticated caller."

So while the SAM should always be called (whether authentication is required or
not), "javax.security.auth.message.MessagePolicy.isMandatory" should only be
set to true when authentication is actually required (which incidentally, is
also the case when HttpServletRequest#authenticate is called).

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 60195] No javadoc in Maven Central

2016-10-02 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=60195

Michael Osipov <1983-01...@gmx.net> changed:

   What|Removed |Added

 CC||1983-01...@gmx.net
 OS||All

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 60195] New: No javadoc in Maven Central

2016-10-02 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=60195

Bug ID: 60195
   Summary: No javadoc in Maven Central
   Product: Tomcat Modules
   Version: unspecified
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: jdbc-pool
  Assignee: dev@tomcat.apache.org
  Reporter: peterhansson...@yahoo.com

Created attachment 34319
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34319=edit
Screenshot from Maven Central

There are sources attached to the tomcat-jdbc artifact in Maven Central, but no
Javadoc. This ought to be there.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 60194] New: Support for isValid, needs clarification

2016-10-02 Thread bugzilla 
https://bz.apache.org/bugzilla/show_bug.cgi?id=60194

Bug ID: 60194
   Summary: Support for isValid, needs clarification
   Product: Tomcat Modules
   Version: unspecified
  Hardware: PC
Status: NEW
  Severity: normal
  Priority: P2
 Component: jdbc-pool
  Assignee: dev@tomcat.apache.org
  Reporter: peterhansson...@yahoo.com

It is now 2016 and most people are using Java 7 or Java 8. In Java 6 the
Connection.isValid() method was introduced as a way to "ping" a connection.
Yet, for anyone wishing to implement Tomcat JDBC Pool it will appear to them as
if they'll need to figure out and configure a validation query for each type of
database that they'll be using. And I guess this is true. tomcat-jdbc doesn't
take advantage of Connection.isValid(). The documentation doesn't mention
anything about Connection.isValid() as an alternative to custom validation
queries.

Other JDBC Pools takes the approach of using Connection.isValid() if present
and otherwise falling back to custom query. 

While bug 48817 discusses this issue back in 2010, I cannot really see what
came out it. 

I believe there are a number of things that can be done (in order of effort):

1. Improve documentation. What are people supposed to do?  Is the recommended
approach to implement a custom Validator which would then call
Connection.isValid()?  

2. Perhaps include a ready-made Validator which does just that. Then people can
use it simply by adding config ("show them the path").

3. Maybe time to ditch Java 5 compatibility ?  .. meaning do what other JDBC
Pools do and let Connection.isValid() be the default.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] tomcat pull request #35: Provide a default extension classpath directory for...

2016-10-02 Thread gchauvet 
GitHub user gchauvet opened a pull request:

https://github.com/apache/tomcat/pull/35

Provide a default extension classpath directory for extra libraries.

A pull request to avoid to mix external end users libs (e.g JDBC drivers 
used to define datasources at server level) from provided tomcat libs.

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/gchauvet/tomcat ext-lib-path

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/tomcat/pull/35.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #35


commit 7931eeb33bde4c256a781f8ac65e3c218bf66aa8
Author: Guillaume Chauvet 
Date:   2016-10-02T14:31:28Z

Provide a default extension classpath directory for extra libraries.




---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Bug report for Tomcat 8 [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|43925|Opn|Enh|2007-11-21|org.apache.jasper.runtime.BodyContentImpl causing |
|51497|New|Enh|2011-07-11|Use canonical IPv6 text representation in logs|
|53737|Opn|Enh|2012-08-18|Use ServletContext.getJspConfigDescriptor() in Jas|
|53930|New|Enh|2012-09-24|allow capture of catalina stdout/stderr to a comma|
|54700|New|Enh|2013-03-15|Improvement: Add support for system property to sp|
|54741|New|Enh|2013-03-22|Add org.apache.catalina.startup.Tomcat#addWebapp(S|
|55243|New|Enh|2013-07-11|Add special search string for nested roles|
|55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC   |
|55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages  |
|9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI  |
|55675|New|Enh|2013-10-18|Checking and handling invalid configuration option|
|55770|New|Enh|2013-11-12|Allow the crlFile to be reloaded  |
|55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp|
|55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta|
|56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia|
|56361|New|Enh|2014-04-08|org.apache.tomcat.websocket.WsWebSocketContainer#b|
|56398|New|Enh|2014-04-11|Support Arquillian-based unit testing |
|56399|New|Enh|2014-04-11|Re-factor request/response recycling so Coyote and|
|56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components|
|56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S|
|56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi|
|56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.|
|56676|New|Enh|2014-06-26|Normalize access to native library|
|56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap|
|56724|New|Enh|2014-07-15|Restart Container background thread if it died une|
|56890|Inf|Maj|2014-08-26|getRealPath returns null  |
|56966|New|Enh|2014-09-11|AccessLogValve's elapsed time has 15ms precision o|
|57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or |
|57287|New|Enh|2014-11-29|Sort files listed by DefaultServlet   |
|57345|New|Enh|2014-12-12|APR/Native HTTPS Connector Should Support All Open|
|57421|New|Enh|2015-01-07|Farming default directories   |
|57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances|
|57665|New|Enh|2015-03-05|support x-forwarded-host  |
|57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio|
|57830|New|Enh|2015-04-18|Add support for ProxyProtocol |
|58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir|
|58072|New|Enh|2015-06-23|ECDH curve selection  |
|58433|New|Enh|2015-09-21|RemoteIpValve not activated on redirect from mappi|
|58577|New|Enh|2015-11-03|JMX Proxy Servlet can't handle overloaded methods |
|58837|New|Enh|2016-01-12|support "X-Content-Security-Policy" a.k.a as "CSP"|
|58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context   |
|59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI|
|59423|New|Enh|2016-05-03|amend "No LoginModules configured for ..." with hi|
|59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo|
|59825|New|Enh|2016-07-07|Better diagnostic needed for missing asyncSupporte|
|59832|Inf|Reg|2016-07-08|SLS/TLS 8.5.3 upgrade from 8.0.32 using NIO2 encod|
|59876|Inf|Reg|2016-07-17|java.io.EOFException is thrown|
|60087|New|Nor|2016-09-06|Bouncy Castle in WEB-INF/lib not working on Tomcat|
|60100|Inf|Nor|2016-09-09|Garbage appended at end of request URL|
|60192|New|Min|2016-10-01|There is a typographical error at 2 places|
+-+---+---+--+--+
|

Bug report for Tomcat Native [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|48655|Inf|Nor|2010-02-02|Active multipart downloads prevent tomcat shutdown|
|49038|Inf|Nor|2010-04-02|Crash in tcnative |
|52319|Inf|Maj|2011-12-12|Tomcat 6 crashes with [libapr-1.so.0+0x196da]  sig|
|52627|New|Min|2012-02-08|Segmentation fault in org.apache.tomcat.jni.File.i|
|53605|Inf|Nor|2012-07-26|use tcnative-1.1.24 Tomcat shutdown still crash   |
|53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration|
|54085|New|Nor|2012-11-01|ssl_socket_recv sometimes loops infinitely with no|
|55087|New|Cri|2013-06-10|tomcat crashes in tcnative-1.dll with OCSP when OC|
|55113|Inf|Nor|2013-06-18|FIPS-compatible OpenSSL fails fingerprint test in |
|55114|New|Nor|2013-06-18|BUILDING file in win32 source package contains UNI|
|55771|New|Maj|2013-11-12|Memory leak and then crash in org.apache.tomcat.jn|
|55797|Inf|Nor|2013-11-19|Tomcat 7.0.47 crashes using server jvm.dll and APR|
|55938|New|Nor|2013-12-29|clang-analyzer report for 1.1.31  |
|56027|Opn|Nor|2014-01-17|Unable to use TCN on RHEL6 boxes if box is booted |
|56378|New|Nor|2014-04-09|Cert load fails if cert is located in path with no|
|56415|New|Maj|2014-04-16|EXCEPTION_ACCESS_VIOLATION (0xc005) in tcnativ|
|57140|New|Cri|2014-10-24|tcnative-1.dll 1.1.31 indicated in fatal error|
|57521|New|Cri|2015-02-02|Tomcat randomly crashes with [libtcnative-1.so.0.1|
|57815|New|Enh|2015-04-15|Improve error message when OpenSSL does not suppor|
|58082|New|Nor|2015-06-29|Old version of JUnit specified|
|58194|New|Maj|2015-07-30|Tomcat crash EXCEPTION_ACCESS_VIOLATION in tcnativ|
|58244|New|Nor|2015-08-14|two way SSL loses client certificate after a few r|
|58263|New|Nor|2015-08-19|APR SSL connector crashes |
|58434|New|Nor|2015-09-21|Make Fails Against LibreSSL   |
|59163|New|Nor|2016-03-10|TC Native 1.2.0 & later does not compile with open|
|59286|New|Nor|2016-04-07|Socket binding failures when using APR|
|59797|New|Nor|2016-07-04|Per thread error hash grows indefinitely  |
|59807|New|Nor|2016-07-06|tomcat 8.5.3  use native cause NULL when AprEndpoi|
|59811|New|Nor|2016-07-06|TLS Session ID not available if session tickets ar|
|59996|New|Nor|2016-08-12|tcnative.m4 always refers to lib directory|
+-+---+---+--+--+
| Total   30 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Bug report for Tomcat 7 [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|41007|Opn|Enh|2006-11-20|Can't define customized 503 error page|
|43866|New|Enh|2007-11-14|add support for session attribute propagation with|
|49395|New|Enh|2010-06-06|manager.findLeaks : display the date when the leak|
|49589|New|Enh|2010-07-12|Tag handlers with constant attribute values are al|
|49821|New|Enh|2010-08-25|Tomcat CLI [PATCH/Contribution]   |
|50019|New|Enh|2010-09-28|Adding JNDI "lookup-name" support In XML and Resou|
|50175|New|Enh|2010-10-28|Enhance memory leak detection by selectively apply|
|50234|New|Enh|2010-11-08|JspC use servlet 3.0 features |
|50670|New|Enh|2011-01-27|Tribes | RpcChannel | Add option to specify extern|
|50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac|
|51195|New|Enh|2011-05-13|"Find leaks" reports a false positive memory/class|
|51423|Inf|Enh|2011-06-23|[Patch] to add a path and a version parameters to |
|51463|New|Enh|2011-07-01|Tomcat.setBaseDir  (package org.apache.catalina.st|
|51496|New|Enh|2011-07-11|NSIS - Warn that duplicate service name will resul|
|51587|New|Enh|2011-07-29|Implement status and uptime commands  |
|51953|New|Enh|2011-10-04|Proposal: netmask filtering valve and filter [PATC|
|52381|New|Enh|2011-12-22|Please add OSGi metadata  |
|52448|New|Enh|2012-01-11|Cache jar indexes in WebappClassLoader to speed up|
|52489|New|Enh|2012-01-19|Enhancement request for code signing of war files |
|52688|New|Enh|2012-02-16|Add ability to remove old access log files [PATCHE|
|52952|New|Enh|2012-03-20|Improve ExtensionValidator handling for embedded s|
|53085|New|Enh|2012-04-16|[perf] [concurrency] DefaultInstanceManager.annota|
|53387|New|Enh|2012-06-08|SSI: Allow to use $1 to get result of regular expr|
|53411|Opn|Enh|2012-06-13|NullPointerException in org.apache.tomcat.util.buf|
|53492|New|Enh|2012-07-01|Make JspC shell multithreaded |
|53553|New|Enh|2012-07-16|[PATCH] Deploy uploaded WAR with context.xml from |
|53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l|
|54499|New|Enh|2013-01-29|Implementation of Extensible EL Interpreter   |
|54802|New|Enh|2013-04-04|Provide location information for exceptions thrown|
|55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae|
|55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star|
|55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security |
|56148|New|Enh|2014-02-17|support (multiple) ocsp stapling  |
|56181|New|Enh|2014-02-23|RemoteIpValve & RemoteIpFilter: HttpServletRequest|
|56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation|
|56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co|
|56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta|
|56787|New|Enh|2014-07-29|Simplified jndi name parsing  |
|57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the|
|57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta|
|57870|New|Enh|2015-04-29|backport GzipOutputFilter #doWrite to Tomcat 7 to |
|57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due|
|57892|New|Enh|2015-05-05|Log once a warning if a symbolic link is ignored (|
|58338|New|Nor|2015-09-07|BasicDataSourceFactory uses wrong attribute name  |
|59710|Inf|Nor|2016-06-15|java.io.IOException: Connection timed out |
|59716|New|Enh|2016-06-17|Allow JNDI configuration of CorsFilter|
+-+---+---+--+--+
| Total   46 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail:

Bug report for Taglibs [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field   |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements   |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57434|New|Nor|2015-01-11|Race condition in EL1.0 validation|
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
+-+---+---+--+--+
| Total   10 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Bug report for Tomcat Modules [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|48240|New|Nor|2009-11-19|Tomcat-Lite missing @Override markers |
|48268|New|Nor|2009-11-23|Patch to fix generics in tomcat-lite  |
|48861|New|Nor|2010-03-04|Files without AL headers  |
|49685|New|Nor|2010-08-02|Unsafe synchronization in class ManagedBean   |
|49686|New|Nor|2010-08-02|Using an instance lock to protect static shared da|
|50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen|
|51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho|
|51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods   |
|52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o|
|53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe|
|54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int|
|54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang|
|55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ|
|55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di|
|56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p|
|56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio|
|56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr|
|56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =|
|56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue|
|56779|New|Nor|2014-07-28|Allow multiple connection initialization statement|
|56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti|
|56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i|
|56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f|
|56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl|
|56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic|
|56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat|
|56974|New|Nor|2014-09-12|jdbc-pool validation query defaultAutoCommit statu|
|57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem|
|57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e|
|58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti|
|58816|New|Enh|2016-01-07|additional jdbc pool mbean attributes - CreatedCou|
|59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source  |
|59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect |
|59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec|
+-+---+---+--+--+
| Total   34 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Bug report for Tomcat 9 [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|53602|Opn|Enh|2012-07-25|Support for HTTP status code 451  |
|57505|New|Enh|2015-01-27|Add integration tests for JspC|
|57661|New|Enh|2015-03-04|Delay sending of 100 continue response until appli|
|57767|New|Enh|2015-03-27|Websocket client proprietary configuration|
|58242|New|Enh|2015-08-13|Scanning jars in classpath to get annotations in p|
|58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI |
|58548|New|Enh|2015-10-26|support certifcate transparency   |
|58590|New|Enh|2015-11-05|org.apache.catalina.realm.MemoryRealm can use back|
|58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T|
|59179|New|Enh|2016-03-14|HTTP Public Key Pinning (HPKP) for Tomcat |
|59203|New|Enh|2016-03-21|Try to call Thread.interrupt before calling Thread|
|59344|Ver|Enh|2016-04-18|PEM file support for JSSE |
|59649|Inf|Maj|2016-06-01|org.apache.coyote.http11.Http11Processor.service E|
|59661|Opn|Enh|2016-06-03|MailSessionFactory ignores system properties  |
|59706|New|Enh|2016-06-15|HTTP/2 load testing performance   |
|59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means |
|59901|New|Enh|2016-07-26|Reduce I/O associated with JSP compilation|
|60152|New|Enh|2016-09-20|Allow exceptions from Connector.start() to be caug|
|60193|New|Nor|2016-10-02|A child container failed during start |
+-+---+---+--+--+
| Total   19 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Bug report for Tomcat 6 [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|41679|New|Enh|2007-02-22|SemaphoreValve should be able to filter on url pat|
|43400|New|Enh|2007-09-14|enum support for tag libs |
|43979|New|Enh|2007-11-27|Add abstraction for Java and Classfile output |
|44199|New|Enh|2008-01-10|expose current backlog queue size |
|44225|New|Enh|2008-01-14|SSL connector tries to load the private keystore f|
|44294|New|Enh|2008-01-25|Support for EL functions with varargs |
|44312|Opn|Enh|2008-01-28|Warn when overwritting docBase of the default Host|
|44645|New|Enh|2008-03-20|[Patch] JNDIRealm - Doesn't support JNDI "java.nam|
|44787|New|Enh|2008-04-09|provide more error context on "java.lang.IllegalSt|
|45014|New|Enh|2008-05-15|Request and Response classes should have wrappers |
|45832|New|Enh|2008-09-18|add DIGEST authentication support to Ant tasks|
|45879|Opn|Enh|2008-09-24|Windows installer fails to install NOTICE and RELE|
|45931|Opn|Enh|2008-10-01|trimSpaces incorrectly modifies output|
|46173|New|Enh|2008-11-09|Small patch for manager app: Setting an optional c|
|46284|New|Enh|2008-11-24|Add flag to DeltaManager that blocks processing cl|
|46350|New|Enh|2008-12-05|Maven repository should contain source bundles|
|46558|Opn|Enh|2009-01-19|Shutdown port with address binding|
|47214|New|Enh|2009-05-17|Inner classes that are explicitly referenced - sho|
|47242|New|Enh|2009-05-22|request for AJP command line client   |
|47407|New|Enh|2009-06-23|HttpSessionListener doesn't operate in the session|
|47467|New|Enh|2009-07-02|Deployment of the war file by URL when contextpath|
|47834|New|Enh|2009-09-14|TldConfig throws Exception when exploring unpacked|
|48358|Opn|Enh|2009-12-09|JSP-unloading reloaded|
|48543|New|Enh|2010-01-14|[Patch] More flexibility in specifying -Dcatalina.|
|48672|New|Enh|2010-02-03|Tomcat Virtual Host Manager (/host-manager) have b|
|48743|New|Enh|2010-02-15|Make the SLEEP variable in catalina.sh settable fr|
|49176|Opn|Enh|2010-04-23|Jasper in Dev Mode Is Memory Inefficient  |
|49464|New|Enh|2010-06-18|DefaultServlet and CharacterEncoding  |
|49531|New|Enh|2010-06-30|singlesignon failover not working on DeltaManager/|
|49804|New|Enh|2010-08-23|Allow Embedded.redirectStreams value to be configu|
|49943|New|Enh|2010-09-16|Logging (via juli) does not reread configuration c|
|50285|New|Enh|2010-11-17|Standard HTTP and AJP connectors silently ignore a|
|50677|Opn|Enh|2011-01-27|Allow system property variables in catalina.proper|
|50692|New|Enh|2011-01-31|Improve log message in ThreadPool.logFull |
|51142|New|Enh|2011-05-03|Offer possible resolution of StringIndexOutOfBound|
|51513|New|Enh|2011-07-15|GzipInterceptor: Do not compress small packages   |
|52791|New|Enh|2012-02-28|[PATCH] read windows installer default values from|
|52924|New|Enh|2012-03-15|Add support for per-application JSP compile config|
|53011|New|Enh|2012-03-31|Ant Jasper task fails after one error |
|53031|New|Enh|2012-04-03|Ant Jasper task should support Fork option|
|53677|New|Nor|2012-08-07|ArrayIndexOutOfBoundsException when response heade|
|53971|Opn|Nor|2012-10-05|Unlock accept doesn't work with address="::"  |
|54007|New|Nor|2012-10-15|Improve handling of failed web application deploym|
|56607|New|Enh|2014-06-09|shutdown.bat exits before shutdown|
|56653|New|Nor|2014-06-21|Concurrency issue with Mapper$ContextList when sto|
+-+---+---+--+--+
| Total   45 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Bug report for Tomcat Connectors [2016/10/02]

2016-10-02 Thread bugzilla 
+---+
| Bugzilla Bug ID   |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved)   |
| |   +-+
| |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
| |   |   MIN=Minor   NOR=NormalENH=Enhancement TRV=Trivial |
| |   |   +-+
| |   |   | Date Posted |
| |   |   |  +--+
| |   |   |  | Description  |
| |   |   |  |  |
|35959|Opn|Enh|2005-08-01|mod_jk not independant of UseCanonicalName|
|43303|New|Enh|2007-09-04|Versioning under Windows not reported by many conn|
|45313|New|Nor|2008-06-30|mod_jk 1.2.26 & apache 2.2.9 static compiled on so|
|46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca|
|47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A|
|47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j|
|47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit|
|48513|New|Enh|2010-01-09|IIS Quick setup instructions  |
|48564|New|Enh|2010-01-18|Allow to turn off retries for LB worker   |
|48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv|
|49063|New|Enh|2010-04-07|Please add JkStripSession status in jk-status work|
|49822|New|Enh|2010-08-25|Add hash lb worker method |
|49903|New|Enh|2010-09-09|Make workers file reloadable  |
|52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus|
|53883|New|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe  on the p|
|53977|New|Maj|2012-10-07|32bits isapi connector cannot work in wow64 mode  |
|54027|New|Cri|2012-10-18|isapi send request to outside address instead of i|
|54117|New|Maj|2012-11-08|access violation exception in isapi_redirect.dll  |
|54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks |
|56489|New|Enh|2014-05-05|Include a directory for configuration files   |
|56576|New|Enh|2014-05-29|Websocket support |
|57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce|
|57403|New|Enh|2014-12-30|Persist configuration changes made via status work|
|57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook|
|57790|New|Enh|2015-04-03|Check worker names for typos  |
|57946|New|Nor|2015-05-23|Configuration example for mod_jk should be updated|
|58287|New|Nor|2015-08-26|Questionable use of "Global" objects on Windows   |
|59897|New|Nor|2016-07-25|Buffer Overflow in FD_SET in nb_connect (jk_connec|
+-+---+---+--+--+
| Total   28 bugs   |
+---+

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org