cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java
billbarker2004/07/24 00:07:38
Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
Log:
Load the Connector classes from their new package, with their new names.
Revision ChangesPath
1.17 +21 -21
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
Index: SecurityClassLoad.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- SecurityClassLoad.java27 Feb 2004 14:58:46 - 1.16
+++ SecurityClassLoad.java24 Jul 2004 07:07:37 - 1.17
@@ -117,55 +117,55 @@
private final static void loadCoyotePackage(ClassLoader loader)
throws Exception {
-String basePackage = org.apache.coyote.tomcat5.;
+String basePackage = org.apache.catalina.connector.;
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetAttributePrivilegedAction);
+ RequestFacade$GetAttributePrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetParameterMapPrivilegedAction);
+ RequestFacade$GetParameterMapPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetRequestDispatcherPrivilegedAction);
+ RequestFacade$GetRequestDispatcherPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetParameterPrivilegedAction);
+ RequestFacade$GetParameterPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetParameterNamesPrivilegedAction);
+ RequestFacade$GetParameterNamesPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetParameterValuePrivilegedAction);
+ RequestFacade$GetParameterValuePrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetCharacterEncodingPrivilegedAction);
+ RequestFacade$GetCharacterEncodingPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetHeadersPrivilegedAction);
+ RequestFacade$GetHeadersPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetHeaderNamesPrivilegedAction);
+ RequestFacade$GetHeaderNamesPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetCookiesPrivilegedAction);
+ RequestFacade$GetCookiesPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetLocalePrivilegedAction);
+ RequestFacade$GetLocalePrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetLocalesPrivilegedAction);
+ RequestFacade$GetLocalesPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteResponseFacade$SetContentTypePrivilegedAction);
+ ResponseFacade$SetContentTypePrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteResponseFacade$DateHeaderPrivilegedAction);
+ ResponseFacade$DateHeaderPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteRequestFacade$GetSessionPrivilegedAction);
+ RequestFacade$GetSessionPrivilegedAction);
loader.loadClass
(basePackage +
- CoyoteResponseFacade$1);
+ ResponseFacade$1);
loader.loadClass
(basePackage +
OutputBuffer$1);
@@ -189,13 +189,13 @@
InputBuffer$1);
loader.loadClass
(basePackage +
- CoyoteResponse$1);
+ Response$1);
loader.loadClass
(basePackage +
- CoyoteResponse$2);
+ Response$2);
loader.loadClass
(basePackage +
- CoyoteResponse$3);
+ Response$3);
}
private final static void loadJkPackage(ClassLoader loader)
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 30306] New: - JasperLoader throws NPE (wrapped in a j.s.PAE) on non-existant securityManager
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30306.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=30306
JasperLoader throws NPE (wrapped in a j.s.PAE) on non-existant securityManager
Summary: JasperLoader throws NPE (wrapped in a j.s.PAE) on non-
existant securityManager
Product: Tomcat 4
Version: 4.1.30
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: Jasper
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
The source of org.apache.jasper.servlet.JasperLoader contains abug around line#
179 where it says:
if (System.getSecurityManager() != null) {
where it should be:
if (securityManager != null) {
in rare occasions (thay actually do happen!) the instance variable
securityManager is NULL when the class is instantiated, but when a class is
loaded through this classloader and somehow the System.getSecurityManager() is
set, an NPE is thrown (wrapped in a java.security.PriveligedActionException).
Could you patch this please for a Tomcat 4.1.31 release? ;-)
I don't know what exactly triggered this bug - basically, that
System.getSecurityManager() is null initially and gets an assignment later. The
Tomcat5 (Jasper2) version does not have this bug, and has this very patch applied.
We have a JSP with a JSTL forEach tag, and nested in that tag another (custom)
tag. When the JSP is executed in the JVM (after it is successfully compiled) the
NPE is thrown while executing (preparing, actually) the forEach tag.
We found a workaround by executing our custom tag before the forEach body in
HTML comment ;-) which seemed to solve the problem. Patching Jasper works
better, of course, but my co-workers don't want a custom patched Tomcat for a
webapp to work :-(
Thanks in advance for patching Jasper!
Bart Guijt
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: DO NOT REPLY [Bug 30306] New: - JasperLoader throws NPE (wrapped in a j.s.PAE) on non-existant securityManager
ACCUSE DE NON RECEPTION Chère Cliente, Cher Client, Merci de nous avoir contactés. Vous venez d'envoyer un message à une adresse ne permettant pas de recevoir d'e-mail. Pour trouver les réponses à vos questions sur vos commandes, sur les produits, sur le site, consultez nos pages d'aide en ligne en cliquant sur : http://www.fnac.com/Help/A01.asp Vous pouvez également suivre en direct l'évolution de vos commandes en cours, en consultant la rubrique Vos Commande en un clin d'oeil en cliquant sur : https://www.fnac.com/Account/Profil/default.asp Nous espérons que ces pages vous apporteront toutes les informations nécessaires. Dans le cas contraire, vous pouvez nous contacter par e-mail en cliquant sur le lien : http://www.fnac.com/Service_Client/FnacAGC.asp Merci de votre fidélité à www.fnac.com. Très cordialement, L'équipe Fnac.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 30309] New: - Clarify error message
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=30309. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=30309 Clarify error message Summary: Clarify error message Product: Tomcat 5 Version: 5.0.19 Platform: PC OS/Version: Windows XP Status: NEW Severity: Enhancement Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Getting an error message of: java.lang.IllegalAccessException: Class org.apache.catalina.core.StandardWrapper can not access a member of class class name goes here with modifiers is very uninstructive. Do everyone and favour and modify this exception to read: You have tried running a Servlet that did not have a public access modifier. Please modify the servlet and try again. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Response from Rolia.net
This email account no longer exists. To contact the management team of Rolia.net, please visit: http://www.rolia.net/mem/mem_mailRolia.php Thank you! ´Ëµç×ÓÓÊÏäÒѾֹͣʹÓÃ. Èç¹ûÄúÒªÁªÏµÏàÔ¼¼ÓÄôóÍøÉÏÉçÇø(Rolia.net), Çë·ÃÎÊ´ËÍøÒ³: http://www.rolia.net/mem/mem_mailRolia.php лл! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: getReader() BUG in tomcat 4.1.30 and beyond ?
Yoav Shapira wrote thusly: I saw your message on tomcat-user. Several other Tomcat developers also follow that list. I personally looking at the stack trace chose to discard your message for a few reasons: You reply is retarded; more signifantly you are not and have never been a core developer ON THE JSP CODE. What you choose to do is irrelevant. The bug is very real. That my twice posted message (on both dev and user) got no response from core developers is frightening. - The AJP connector in the stack trace indicates Apache in front of Tomcat, making Apache and the AJP connector possible culprits. Unless you reproduce this with Tomcat standalone, I'm not convinced. A simple servlet using the same setup does not display the bug. I can getInputStream() OR getReader() from a servlet's doPost method and print out the entire POST'ed body. The bug only happens for JSP's in tomcat 4.1.30 and beyond. - The fact it's 4.1.30, which is a mature branch that's been in the market for a while, and if what you're reporting is really true we would have heard about it via bug reports a long time ago. 'tis better to remain silent and appear a fool than to speak and remove all doubt ... (and your above statement removes all doubt). - Also being on a 4.x release, I'm not as interested, because only 5.x is being actively developed. If you reported this error on 5.0.27 standalone tomcat I suspect you would have gotten replies on the tomcat- user list from me and others. Don't matter if you are interested or not. The bug is real and needs to be fixed by the core developers for the hundreds of thousands of people who are using the stable 4.1.x branch today. And if the core developers are so cock-sure that this is not a bug, then why don't they at least say that they could NOT replicate this ? After all, the sample jsp that shows the bug is only a few lines long and extremely simple to test. Again, I don't know what is more troubling: the severity of this bug, your post, or the total lack of response from the core jsp developers (one way or another) Best regards, --j __ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 29526] - Cannot undeploy and deploy war file with on the same context
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=29526. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=29526 Cannot undeploy and deploy war file with on the same context --- Additional Comments From [EMAIL PROTECTED] 2004-07-24 19:57 --- Not using Windows isn't always an option... The changes for 28272 uses the jar URL to see if the context.xml file exists inside the .war. The jar URL connection class caches by default, and leaves a file descriptor open to the jar file. By disabling caching, it doesn't and the jar file can be deleted. --- ManagerServlet.java.origThu Jun 17 21:02:56 2004 +++ ManagerServlet.java Sat Jul 24 20:40:52 2004 @@ -27,6 +27,7 @@ import java.io.IOException; import java.io.PrintWriter; import java.net.URL; +import java.net.URLConnection; import java.net.MalformedURLException; import java.util.Iterator; import java.util.jar.JarEntry; @@ -845,7 +846,9 @@ } contextXml = new URL(contextWar + META-INF/context.xml); -stream = contextXml.openStream(); +URLConnection jarUrlConnection=contextXml.openConnection(); +jarUrlConnection.setUseCaches(false); +stream = jarUrlConnection.getInputStream();; // WAR contains META-INF/context.xml resource - install deployer.install(new URL(contextWar)); return; - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: getReader() BUG in tomcat 4.1.30 and beyond ?
- Original Message - From: j.random.programmer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, July 24, 2004 12:31 PM Subject: RE: getReader() BUG in tomcat 4.1.30 and beyond ? Yoav Shapira wrote thusly: I saw your message on tomcat-user. Several other Tomcat developers also follow that list. I personally looking at the stack trace chose to discard your message for a few reasons: You reply is retarded; more signifantly you are not and have never been a core developer ON THE JSP CODE. What you choose to do is irrelevant. The bug is very real. That my twice posted message (on both dev and user) got no response from core developers is frightening. Ok, a response from a core (connector) developer: I tested your report on TC 5 and the JKCoyote connector, and it works perfectly. Since what I choose to do is also irrelevant (and I wouldn't have it any other way :), I'm choosing not to look into it further. However, if you see this problem on 3.3.2, I'd be more than happy to look at it again ;-). - The AJP connector in the stack trace indicates Apache in front of Tomcat, making Apache and the AJP connector possible culprits. Unless you reproduce this with Tomcat standalone, I'm not convinced. A simple servlet using the same setup does not display the bug. I can getInputStream() OR getReader() from a servlet's doPost method and print out the entire POST'ed body. The bug only happens for JSP's in tomcat 4.1.30 and beyond. - The fact it's 4.1.30, which is a mature branch that's been in the market for a while, and if what you're reporting is really true we would have heard about it via bug reports a long time ago. 'tis better to remain silent and appear a fool than to speak and remove all doubt ... (and your above statement removes all doubt). - Also being on a 4.x release, I'm not as interested, because only 5.x is being actively developed. If you reported this error on 5.0.27 standalone tomcat I suspect you would have gotten replies on the tomcat- user list from me and others. Don't matter if you are interested or not. The bug is real and needs to be fixed by the core developers for the hundreds of thousands of people who are using the stable 4.1.x branch today. Patches are alway welcome ;-). And if the core developers are so cock-sure that this is not a bug, then why don't they at least say that they could NOT replicate this ? After all, the sample jsp that shows the bug is only a few lines long and extremely simple to test. Again, I don't know what is more troubling: the severity of this bug, your post, or the total lack of response from the core jsp developers (one way or another) Best regards, --j __ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: getReader() BUG in tomcat 4.1.30 and beyond ?
FWIW (I must have too much free time) I tried your hello world example as a recipient of a posted form and it seems to work just fine for me with either request.getReader or request.getInputStream. Though I was using TC 5.0.25 (standalone) and even tried it in IBM WAS 5.1 Test Environment. Works fine everywhere from what I can see. Mike j.random.programmer wrote: Yoav Shapira wrote thusly: I saw your message on tomcat-user. Several other Tomcat developers also follow that list. I personally looking at the stack trace chose to discard your message for a few reasons: You reply is retarded; more signifantly you are not and have never been a core developer ON THE JSP CODE. What you choose to do is irrelevant. The bug is very real. That my twice posted message (on both dev and user) got no response from core developers is frightening. - The AJP connector in the stack trace indicates Apache in front of Tomcat, making Apache and the AJP connector possible culprits. Unless you reproduce this with Tomcat standalone, I'm not convinced. A simple servlet using the same setup does not display the bug. I can getInputStream() OR getReader() from a servlet's doPost method and print out the entire POST'ed body. The bug only happens for JSP's in tomcat 4.1.30 and beyond. - The fact it's 4.1.30, which is a mature branch that's been in the market for a while, and if what you're reporting is really true we would have heard about it via bug reports a long time ago. 'tis better to remain silent and appear a fool than to speak and remove all doubt ... (and your above statement removes all doubt). - Also being on a 4.x release, I'm not as interested, because only 5.x is being actively developed. If you reported this error on 5.0.27 standalone tomcat I suspect you would have gotten replies on the tomcat- user list from me and others. Don't matter if you are interested or not. The bug is real and needs to be fixed by the core developers for the hundreds of thousands of people who are using the stable 4.1.x branch today. And if the core developers are so cock-sure that this is not a bug, then why don't they at least say that they could NOT replicate this ? After all, the sample jsp that shows the bug is only a few lines long and extremely simple to test. Again, I don't know what is more troubling: the severity of this bug, your post, or the total lack of response from the core jsp developers (one way or another) Best regards, --j - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 30249] - org.apache.catalina.core.StandardHostDeployer.install creates webappname.xml from META-INF/context.xml as a _directory_ and not a file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=30249. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=30249 org.apache.catalina.core.StandardHostDeployer.install creates webappname.xml from META-INF/context.xml as a _directory_ and not a file --- Additional Comments From [EMAIL PROTECTED] 2004-07-25 05:16 --- Hey, see my bug fix at: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=29688 regards Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Response from Rolia.net
This email account no longer exists. To contact the management team of Rolia.net, please visit: http://www.rolia.net/mem/mem_mailRolia.php Thank you! ´Ëµç×ÓÓÊÏäÒѾֹͣʹÓÃ. Èç¹ûÄúÒªÁªÏµÏàÔ¼¼ÓÄôóÍøÉÏÉçÇø(Rolia.net), Çë·ÃÎÊ´ËÍøÒ³: http://www.rolia.net/mem/mem_mailRolia.php лл! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
