DO NOT REPLY [Bug 13014] - OS/390/USS - Invalid url-pattern  in servlet mapping

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13014. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

apps conversion from 3.3.1 to 4.1.12

Hi to all, While converting some applications from 3.3.1 to 4.1.12 I noticed some little problems. 1) We used to define our own default servlet, but 4.1.x definie its own default in conf/web.xml. Could we change from org.apache.catalina.servlets.DefaultServlet to our actual default

Re: apps conversion from 3.3.1 to 4.1.12

Henri Gomez wrote: Hi to all, While converting some applications from 3.3.1 to 4.1.12 I noticed some little problems. 1) We used to define our own default servlet, but 4.1.x definie its own default in conf/web.xml. Could we change from org.apache.catalina.servlets.DefaultServlet

DO NOT REPLY [Bug 13014] - OS/390/USS - Invalid url-pattern  in servlet mapping

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13014. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-connectors/jk/java/org/apache/jk/common ChannelSocket.java

hgomez 2002/10/08 23:58:31 Modified:jk/java/org/apache/jk/common ChannelSocket.java Log: tcpnodelay to true by default, but could be turned off by setting tcpnodelay=false from outside (howto in server.xml ?) Revision ChangesPath 1.23 +3 -3

Re: apps conversion from 3.3.1 to 4.1.12

Remy Maucherat wrote: Henri Gomez wrote: Hi to all, While converting some applications from 3.3.1 to 4.1.12 I noticed some little problems. 1) We used to define our own default servlet, but 4.1.x definie its own default in conf/web.xml. Could we change from

Re: cvs commit: jakarta-tomcat-connectors/jk/java/org/apache/jk/commonChannelSocket.java

[EMAIL PROTECTED] wrote: hgomez 2002/10/08 23:58:31 Modified:jk/java/org/apache/jk/common ChannelSocket.java Log: tcpnodelay to true by default, but could be turned off by Only ChannelSocket need to be updated. Ajp14Interceptor allready called tcpnodelay(true), and other

DO NOT REPLY [Bug 13014] - OS/390/USS - Invalid url-pattern  in servlet mapping

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13014. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

Re: apps conversion from 3.3.1 to 4.1.12

- Original Message - From: Henri Gomez [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, October 08, 2002 11:33 PM Subject: apps conversion from 3.3.1 to 4.1.12 Hi to all, While converting some applications from 3.3.1 to 4.1.12 I noticed some little problems. Wot? 3.3.1 isn't

UML Class Diagram

Hi, I was wondering if I can get the Catalina class diagram to help me understand how it works, or if it is available online. Thanks, budi -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

DO NOT REPLY [Bug 13443] New: - request.getRequestURI() problem with jsp:include tag

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13443. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core DummyRequest.java DummyResponse.java ApplicationContext.java StandardWrapper.java MappingRequest.java

remm2002/10/09 01:01:12 Modified:catalina/src/share/org/apache/catalina/core ApplicationContext.java StandardWrapper.java Added: catalina/src/share/org/apache/catalina/core DummyRequest.java DummyResponse.java Removed:

DO NOT REPLY [Bug 13445] New: - Installing without the examples makes Tomcat startup fail

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13445. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

DO NOT REPLY [Bug 13445] - Installing without the examples makes Tomcat startup fail

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13445. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

[5.0] [VOTE] Remove deprecated and unsupported components

The connectors which depend on the org.apache.catalina.connector package (including JK 1, webapp, and the old HTTP connectors) will either need to be updated or removed. The Coyote family of connectors is well supported and provides a suitable replacement (IMO). Coyote is the default

DO NOT REPLY [Bug 13446] New: - Invalide error page with request attribute.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13446. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

Re: [5.0] [VOTE] Remove deprecated and unsupported components

Remy Maucherat wrote: The connectors which depend on the org.apache.catalina.connector package (including JK 1, webapp, and the old HTTP connectors) will either need to be updated or removed. The Coyote family of connectors is well supported and provides a suitable replacement (IMO).

cvs commit: jakarta-tomcat-5/resources welcome.bin.html welcome.main.html INSTALLLICENSE

remm2002/10/09 03:06:07 Modified:.build.xml resources INSTALLLICENSE Added: .CHANGELOG RELEASE-NOTES resources welcome.bin.html welcome.main.html Log: - Improve release target, so that it will create a ready to upload

cvs commit: jakarta-tomcat-5 .cvsignore

remm2002/10/09 03:06:34 Modified:..cvsignore Log: - Update .cvsignore. Revision ChangesPath 1.3 +1 -0 jakarta-tomcat-5/.cvsignore Index: .cvsignore === RCS file:

cvs commit: jakarta-tomcat-5 build.xml

remm2002/10/09 03:07:48 Modified:.build.xml Log: - No reason to clean the release folder. Revision ChangesPath 1.39 +0 -2 jakarta-tomcat-5/build.xml Index: build.xml === RCS

RE: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [X] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot IAS Jakarta-Seoul Project Coordinator http://jakarta.apache-korea.org -Original Message- From: Remy Maucherat [mailto:[EMAIL PROTECTED]] Sent: Wednesday,

[GUMP] Build Failure - jakarta-tomcat-util

This email is autogenerated from the output from: http://jakarta.apache.org/builds/gump/2002-10-09/jakarta-tomcat-util.html Buildfile: build.xml detect: build-prepare: [mkdir] Created

RE: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [ ] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [X ] Leave them in /ballot Atleast untill all the excessive log messages are removed from the coyote connectors (ie the socket error messages) or there is a way to disable them (ie give

Re: apps conversion from 3.3.1 to 4.1.12

This is likely the protection against reading anything outside the webapp root (see the allowLinking of FileDirContext), although I don't know how the digester will try to load the included file. Digester code is derived from XmlMapper which is able to locate entities in ../../../

commons-daemon release ?

I wonder if a release of commons-daemon is planned. JF ? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

Re: commons-daemon release ?

Henri Gomez wrote: I wonder if a release of commons-daemon is planned. No, because promoting it to commons proper got vetoed. At the moment, it looks like a split between daemon and launcher will happen. (like Costin, I'd really like to get rid of the Java code in daemon - the o.a.c.daemon

cvs commit: jakarta-tomcat-5/resources INSTALLLICENSE

remm2002/10/09 05:20:40 Modified:.build.xml tomcat.nsi resources INSTALLLICENSE Log: - Cleanups and small fixes. Revision ChangesPath 1.40 +1 -1 jakarta-tomcat-5/build.xml Index: build.xml

Re: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [X] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot Cheers Jean-frederic -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core StandardWrapperValve.java

remm2002/10/09 05:40:53 Modified:catalina/src/share/org/apache/catalina/core StandardWrapperValve.java Log: - The decoded URI should be used there. Revision ChangesPath 1.5 +15 -10

Re: commons-daemon release ?

Henri Gomez wrote: I wonder if a release of commons-daemon is planned. JF ? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] I am using it in a product named openIS. The FSC QA are still complaining about small

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/valves ErrorReportValve.java

remm2002/10/09 05:42:51 Modified:catalina/src/share/org/apache/catalina/valves ErrorReportValve.java Log: - Port patch. Revision ChangesPath 1.3 +6 -9

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core StandardWrapperValve.java

remm2002/10/09 05:52:40 Modified:catalina/src/share/org/apache/catalina/core StandardWrapperValve.java Log: - Oops, not the right object. Revision ChangesPath 1.6 +5 -5

cvs commit: jakarta-tomcat-connectors/jk/xdocs/jk2 confighowto.xml

mturk 2002/10/09 06:01:29 Modified:jk/xdocs/jk2 confighowto.xml Log: Add the JNI Minimum configuration. Revision ChangesPath 1.2 +57 -1 jakarta-tomcat-connectors/jk/xdocs/jk2/confighowto.xml Index: confighowto.xml

Re: commons-daemon release ?

Remy Maucherat wrote: Henri Gomez wrote: I wonder if a release of commons-daemon is planned. No, because promoting it to commons proper got vetoed. And the reasons why have not been changed... I had no time to write the needed code (and I was on holidays at the time of the veto: it was

Re: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [ X ] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot -- Jeanfrancois -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

Re: administration-howto.html

jean-frederic clere wrote: Hi, I am willing to use the administration tools of Tomcat but I am wondering where the administration-howto.html is located. If it is not existing I will create one similar to the existing manager-howto.xml. Any comments? I know that Amy has been

DO NOT REPLY [Bug 13456] New: - allowChuncking=false not working

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13456. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

RE: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [X] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot Saludos, Ignacio J. Ortega -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

DO NOT REPLY [Bug 13365] - JSP source disclosure vulnerability not fixed when invoking servlets by name

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13365. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

DO NOT REPLY [Bug 13456] - allowChuncking=false not working

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13456. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESupport.java

bobh2002/10/09 08:03:21 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESupport.java Log: - make gump happy by getting rid of 1.4 only class java.net.SocketTimeoutException Revision ChangesPath 1.3 +3 -3

DO NOT REPLY [Bug 13014] - OS/390/USS - Invalid url-pattern  in servlet mapping

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13014. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

Re: apps conversion from 3.3.1 to 4.1.12

Remy Maucherat wrote: Henri Gomez wrote: This is likely the protection against reading anything outside the webapp root (see the allowLinking of FileDirContext), although I don't know how the digester will try to load the included file. Digester code is derived from XmlMapper which is

Re: [Proposal] Security Audit

I can't think of anything more boring and tedious (bug fixing?) but I am willing to help. Maybe we should divide up the classes. Cheers, -bob On Tue, 2002-10-08 at 16:36, Jean-Francois Arcand wrote: Hi, I'm looking to do a Security Audit on the current Tomcat 5.0 codebase. I would

Re: apps conversion from 3.3.1 to 4.1.12

On Wed, 9 Oct 2002, Henri Gomez wrote: Date: Wed, 09 Oct 2002 17:39:00 +0200 From: Henri Gomez [EMAIL PROTECTED] Reply-To: Tomcat Developers List [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Subject: Re: apps conversion from 3.3.1 to 4.1.12 Remy Maucherat wrote:

Re: apps conversion from 3.3.1 to 4.1.12

Henri Gomez wrote: Remy Maucherat wrote: Henri Gomez wrote: This is likely the protection against reading anything outside the webapp root (see the allowLinking of FileDirContext), although I don't know how the digester will try to load the included file. Digester code is derived

Re: apps conversion from 3.3.1 to 4.1.12

org.apache.naming.resources.DirContextURLConnection.getInputStream(DirContextURLConnection.java:344) at java.net.URL.openStream(URL.java:793) Well, that's exactly the same. Where do you think that weird URL connection goes ?? (hint: to the aforementioned FileDirContext, through

Re: apps conversion from 3.3.1 to 4.1.12

Haven't looked at the code, but here's a couple of thoughts that might help: If your path above (../../../settings.xml) is attempting to go above the context root of the webapp, it's pretty much guaranteed to fail because of the security restrictions. Undoing that restriction would just

Re: apps conversion from 3.3.1 to 4.1.12

On Wed, 9 Oct 2002, Henri Gomez wrote: Date: Wed, 09 Oct 2002 18:13:10 +0200 From: Henri Gomez [EMAIL PROTECTED] Reply-To: Tomcat Developers List [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Subject: Re: apps conversion from 3.3.1 to 4.1.12 Haven't looked at the

Re: [Proposal] Security Audit

I'm looking to do a Security Audit on the current Tomcat 5.0 codebase. I would like to collect as more as information as where you think I should look at (code, security hole, etc.). I'm planning to do the audit using the default SecurityManager. Rigth now, I have started looking at:

Re: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [X ] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot As long as it won't break builds of 4.1 :-) -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

Tomcat 4.1.12: Xerces 2.2 problems - Struts 1.0.2 bug.

Hi, with Tomcat 4.1.12, Xerces 2.2 is throwing the following exception: org.xml.sax.SAXParseException: The string -- is not permitted within comments. at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) This is a bug in the org.apache.struts.digester.Digester class. If

Re: Tomcat 4.1.12: Xerces 2.2 problems - Struts 1.0.2 bug.

Jean-Francois Arcand wrote: Hi, with Tomcat 4.1.12, Xerces 2.2 is throwing the following exception: org.xml.sax.SAXParseException: The string -- is not permitted within comments. at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) This is a bug in the

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/xmlparser ParserUtils.java

luehe 2002/10/09 09:47:31 Modified:jasper2/src/share/org/apache/jasper/xmlparser ParserUtils.java Log: Removed dead code Revision ChangesPath 1.5 +1 -96

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/util StringManager.java

luehe 2002/10/09 09:55:14 Removed: jasper2/src/share/org/apache/jasper/util StringManager.java Log: Removed redundant org.apache.jasper.util.StringManager -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

cvs commit: jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11 Constants.java

remm2002/10/09 09:56:17 Modified:http11/src/java/org/apache/coyote/http11 Constants.java Log: - Increase a little bit buffer sizes. Revision ChangesPath 1.10 +1 -1 jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Constants.java

DO NOT REPLY [Bug 13223] - JSP pages in XML syntax do not compile properly

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13223. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_uriMap.c

mturk 2002/10/09 10:08:10 Modified:jk/native2/common jk_uriMap.c Log: Fix the hostMap checking hostname:port then hostname Revision ChangesPath 1.51 +21 -14jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c Index: jk_uriMap.c

cvs commit: jakarta-tomcat-connectors/jk/native2/server/apache13 mod_jk2.c

mturk 2002/10/09 10:10:24 Modified:jk/native2/server/apache13 mod_jk2.c Log: Skip the checking of default hostname and port. Using that scheme the same behaviour is on all web servers. Revision ChangesPath 1.25 +4 -8

cvs commit: jakarta-tomcat-connectors/jk/native2/server/apache2 mod_jk2.c

mturk 2002/10/09 10:10:52 Modified:jk/native2/server/apache2 mod_jk2.c Log: Skip the checking of default hostname and port. Using that scheme the same behaviour is on all web servers. Revision ChangesPath 1.54 +3 -7

cvs commit: jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c

mturk 2002/10/09 10:11:22 Modified:jk/native2/server/isapi jk_isapi_plugin.c Log: Skip the checking of default hostname and port. Using that scheme the same behaviour is on all web servers. Revision ChangesPath 1.50 +5 -6

Re: tomcat4 write in conf files which is not FHS compliant

I'm not sure about this. AFAIK on RedHat and Mandrake ( and probably any other distro ) there are tools that are modifying config files ( in etc ). I don't know how the FHS can request 'read only' status. jk2.properties saving can be disabled. Right now the feature is not completely implemented

Re: [5.0] [VOTE] Remove deprecated and unsupported components

Remy Maucherat wrote: ballot [X] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot -- Costin -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

Re: commons-daemon release ?

Remy Maucherat wrote: Henri Gomez wrote: I wonder if a release of commons-daemon is planned. No, because promoting it to commons proper got vetoed. At the moment, it looks like a split between daemon and launcher will happen. For the record - nobody can 'veto' a promotion to commons or

cvs commit: jakarta-servletapi-5/jsr154/src/share/dtd jsp_2_0.xsd

kinman 2002/10/09 10:38:49 Modified:jsr152/src/share/dtd jsp_2_0.xsd jsr152/src/share/javax/servlet/jsp/el Expression.java jsr154/src/share/dtd jsp_2_0.xsd Log: - Patch by Mark Roth jsr152/src/share/javax/serlvet/jsp/el/Expression.java -

Re: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [X] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot Amy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler Compiler.java Generator.java JspConfig.java PageInfo.java TagFileProcessor.java Validator.java

kinman 2002/10/09 10:41:13 Modified:jasper2/src/share/org/apache/jasper/compiler Compiler.java Generator.java JspConfig.java PageInfo.java TagFileProcessor.java Validator.java Log: - Modified because of spec changes syntax and

Re: administration-howto.html

Glenn Nielsen wrote: jean-frederic clere wrote: Hi, I am willing to use the administration tools of Tomcat but I am wondering where the administration-howto.html is located. If it is not existing I will create one similar to the existing manager-howto.xml. Any comments? I

DO NOT REPLY [Bug 13084] - jsp compilation with jikes fails

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13084. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

JNDI Initial Context, outside webapp

Hi, I noticed that is pratically impossible to retrieve a JNDI resource outside a webapp.If I need to access my resourse in some classes istantiated outside a single webapp, I always get an exception. Name jdbc/myDS is not bound in this Context I read the docs. If I understand well, the

DO NOT REPLY [Bug 13466] New: - Jikes compilation fails

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13466. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/xmlparser ParserUtils.java

luehe 2002/10/09 11:25:39 Modified:jasper2/src/share/org/apache/jasper/compiler JspConfig.java TagLibraryInfoImpl.java TldLocationsCache.java jasper2/src/share/org/apache/jasper/xmlparser ParserUtils.java Log: Removed

Re: Tomcat4: Persistent http connection problem

I also have been surfing the web to find out how to implement an applet-to-servlet communication link over a persistent http connection. There is a working implementation available for download at http://www.ustobe.com/ After clicking on the 'news' item in the menu, there are links available to

mod_jk crash, please help

I am running apache 1.3 with mod_jk, my apache has apxs. I compiled and installed mod_jk from source, tag TOMCAT_4_1_12, configured it using the following options: ./configure --with-gnu-ld --with-apxs=/myapxpath/bin/apxs --enable-EAPI --with-java-home=/usr/java/jdk1.3.1 ran make installed

Re: [Proposal] Security Audit

FYI, Just to start off, I am going to review these classes. If someone else also reviews them, thats probably a good thing... # classes, package name 17 o.a.c.deploy 9 o.a.c.users 44 o.a.c.* 34 o.a.jk.* 15 j.s.http Briefly, I am going to look for - How/if a ClassLoader is used - privilege

[JK2] make hostMap cache

Hi, I would like to make the hostMap cache for hostname:port combination. Right now we doing hostMap over and over again for each request, so I would like to make a table that will save the once found hostEnv for requested hostname:port combination, skipping hostMap when already resolved. Any

Re: [Proposal] Security Audit

AFAIK, the most important check is doPriviledged(). What we need to look for is if any of those blocks could be used by untrusted code to do something. The second very important check is the facades - making sure untrusted code can't get access to the real objects. We should also make sure

Re: [5.0] [VOTE] Remove deprecated and unsupported components

ballot [X] Remove deprecated org.apache.catalina.connector components from the j-t-catalina module [ ] Leave them in /ballot -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]

DO NOT REPLY [Bug 13467] New: - getResource() URL doesn't know the content type

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13467. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

Re: [JK2] make hostMap cache

+1 One question - do you think it's a good idea to extend the jk2_map to do the full mapping ? ( actually, all the code is there, but it's not used ). By full mapping I mean setting/sending the 'servletPath', 'pathInfo', 'wrapperName' and all the extra information that is needed - and

Axis1.0 and chains/handlers

This is just FYI, in case you don't know all this already. I'm sure some of you are already using axis. One thing it would be worth looking at is the basic architecture they use for request processing. I think the model they're using is more powerfull than both 3.3 Interceptor and 4.0 Valve,

Re: [Proposal] Security Audit

Costin Manolache wrote: AFAIK, the most important check is doPriviledged(). What we need to look for is if any of those blocks could be used by untrusted code to do something. The second very important check is the facades - making sure untrusted code can't get access to the real

DO NOT REPLY [Bug 11730] - build fails - can't find jni_md.h

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11730. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

DO NOT REPLY [Bug 13419] - Weird seg fault on Mac OS X for mod_jk2 + Apache2

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13419. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

DO NOT REPLY [Bug 11678] - JNDIRealm times out/prompts for password with BASIC authentication

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11678. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime JspRuntimeLibrary.java

luehe 2002/10/09 13:21:52 Modified:jasper2/src/share/org/apache/jasper/resources messages.properties messages_es.properties messages_ja.properties jasper2/src/share/org/apache/jasper/runtime

DO NOT REPLY [Bug 13206] - Invalid java bean property error message could be reported better.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13206. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

DO NOT REPLY [Bug 11678] - JNDIRealm times out/prompts for password with BASIC authentication

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11678. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

[SECURITY] Apache Tomcat 4.x JSP source disclosure vulnerability;Apache Tomcat 4.0.6 released

A security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x releases (including Tomcat 4.0.5), which allows to use a specially crafted URL to return the unprocessed source of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected

cvs commit: jakarta-servletapi-5/jsr152/examples/jsp2/misc config.jsp config.txt

kinman 2002/10/09 14:31:24 Modified:jsr152/examples/WEB-INF web.xml jsr152/examples/jsp2/misc config.jsp config.txt Log: - Modified the examples to use el-ignore and scripting-invalid Revision ChangesPath 1.4 +2 -2

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime JspRuntimeLibrary.java

luehe 2002/10/09 14:59:08 Modified:jasper2/src/share/org/apache/jasper/resources Tag: tomcat_4_branch messages.properties messages_es.properties messages_ja.properties jasper2/src/share/org/apache/jasper/runtime Tag:

DO NOT REPLY [Bug 13392] - When tag pooling is enabled, release() is not called on tag instances

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13392. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler JspUtil.java

luehe 2002/10/09 15:46:41 Modified:jasper2/src/share/org/apache/jasper/compiler JspUtil.java Log: Removed redundant methods Revision ChangesPath 1.18 +3 -87 jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/JspUtil.java Index:

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler JspReader.java

luehe 2002/10/09 17:49:21 Modified:jasper2/src/share/org/apache/jasper JspC.java JspCompilationContext.java jasper2/src/share/org/apache/jasper/compiler JspReader.java Log: Changed visibility of o.a.j.c.JspReader to package scope, and the

Re: mod_jk crash, please help

Quoting Eugene Gluzberg [EMAIL PROTECTED]: Please help. How can i trace this further? How do i get apache to generate a core file so i can see where in apache code this is? Any pointers for help here at all? Have a look at this: http://httpd.apache.org/dev/debugging.html Bojan -- To

DO NOT REPLY [Bug 13477] New: - tomcat 4.1.2 installed from rpms fails to start

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13477. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.

Re: [Proposal] Security Audit

The more who review/audit tomcat for security, the better. :-) Comments intermixed below. Jean-Francois Arcand wrote: Hi, I'm looking to do a Security Audit on the current Tomcat 5.0 codebase. I would like to collect as more as information as where you think I should look at (code,

Re: apps conversion from 3.3.1 to 4.1.12

If this reference is in your web.xml file, then my suggestion is already being done. To test it, try temporarily copying the settings.xml file into the WEB-INF directory and changing the relative URL appropriately. Putting the file in WEB-INF works, even if I use ../settings, ie directly in