This is an automated email from the ASF dual-hosted git repository. juanpablo pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/jspwiki.git
commit 875552d286b6ae7e76ce9fd953a7724eb6e1bc93 Author: juanpablo <[email protected]> AuthorDate: Fri Mar 6 00:01:23 2020 +0100 update tomcat server files from 8.5 to 9.0 --- .../src/overlay/tomcat/conf/catalina.properties | 48 ++++++------ .../src/overlay/tomcat/conf/server.xml | 87 +++++++++++++++------- jspwiki-portable/src/overlay/tomcat/conf/web.xml | 50 +++++++++++-- 3 files changed, 127 insertions(+), 58 deletions(-) diff --git a/jspwiki-portable/src/overlay/tomcat/conf/catalina.properties b/jspwiki-portable/src/overlay/tomcat/conf/catalina.properties index d1ef1c2..b4a7601 100644 --- a/jspwiki-portable/src/overlay/tomcat/conf/catalina.properties +++ b/jspwiki-portable/src/overlay/tomcat/conf/catalina.properties @@ -45,8 +45,13 @@ org.apache.jasper.,org.apache.naming.,org.apache.tomcat. # "foo/*.jar": Add all the JARs of the specified folder as class # repositories # "foo/bar.jar": Add bar.jar as a class repository -# common.loader=${catalina.base}/lib,${catalina.base}/lib/*.jar,${catalina.home}/lib,${catalina.home}/lib/*.jar -common.loader=${catalina.base}/lib,${catalina.base}/lib/*.jar,${catalina.home}/lib,${catalina.home}/lib/*.jar,${catalina.home}/jspwiki/lib,${catalina.home}/jspwiki/lib/*.jar +# +# Note: Values are enclosed in double quotes ("...") in case either the +# ${catalina.base} path or the ${catalina.home} path contains a comma. +# Because double quotes are used for quoting, the double quote character +# may not appear in a path. +#common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar" +common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar","${catalina.home}/jspwiki/lib","${catalina.home}/jspwiki/lib/*.jar" # # List of comma-separated paths defining the contents of the "server" @@ -59,6 +64,11 @@ common.loader=${catalina.base}/lib,${catalina.base}/lib/*.jar,${catalina.home}/l # "foo/*.jar": Add all the JARs of the specified folder as class # repositories # "foo/bar.jar": Add bar.jar as a class repository +# +# Note: Values may be enclosed in double quotes ("...") in case either the +# ${catalina.base} path or the ${catalina.home} path contains a comma. +# Because double quotes are used for quoting, the double quote character +# may not appear in a path. server.loader= # @@ -73,15 +83,21 @@ server.loader= # "foo/bar.jar": Add bar.jar as a class repository # Please note that for single jars, e.g. bar.jar, you need the URL form # starting with file:. +# +# Note: Values may be enclosed in double quotes ("...") in case either the +# ${catalina.base} path or the ${catalina.home} path contains a comma. +# Because double quotes are used for quoting, the double quote character +# may not appear in a path. shared.loader= -# List of JAR files that should not be scanned using the JarScanner +# Default list of JAR files that should not be scanned using the JarScanner # functionality. This is typically used to scan JARs for configuration # information. JARs that do not contain such information may be excluded from # the scan to speed up the scanning process. This is the default list. JARs on -# this list are excluded from all scans. Scan specific lists (to exclude JARs -# from individual scans) follow this. The list must be a comma separated list of -# JAR file names. +# this list are excluded from all scans. The list must be a comma separated list +# of JAR file names. +# The list of JARs to skip may be over-ridden at a Context level for individual +# scan types by configuring a JarScanner with a nested JarScanFilter. # The JARs listed below include: # - Tomcat Bootstrap JARs # - Tomcat API JARs @@ -100,10 +116,9 @@ aspectj*.jar,\ bootstrap.jar,\ catalina-ant.jar,\ catalina-ha.jar,\ -catalina-jmx-remote.jar,\ +catalina-ssi.jar,\ catalina-storeconfig.jar,\ catalina-tribes.jar,\ -catalina-ws.jar,\ catalina.jar,\ cglib-*.jar,\ cobertura-*.jar,\ @@ -157,11 +172,7 @@ tagsoup-*.jar,\ tomcat-api.jar,\ tomcat-coyote.jar,\ tomcat-dbcp.jar,\ -tomcat-i18n-en.jar,\ -tomcat-i18n-es.jar,\ -tomcat-i18n-fr.jar,\ -tomcat-i18n-ja.jar,\ -tomcat-i18n-ru.jar,\ +tomcat-i18n-*.jar,\ tomcat-jdbc.jar,\ tomcat-jni.jar,\ tomcat-juli-adapters.jar,\ @@ -189,17 +200,6 @@ log4j-web*.jar,\ log4javascript*.jar,\ slf4j-taglib*.jar -# Additional JARs (over and above the default JARs listed above) to skip when -# scanning for Servlet 3.0 pluggability features. These features include web -# fragments, annotations, SCIs and classes that match @HandlesTypes. The list -# must be a comma separated list of JAR file names. -org.apache.catalina.startup.ContextConfig.jarsToSkip= - -# Additional JARs (over and above the default JARs listed above) to skip when -# scanning for TLDs. The list must be a comma separated list of JAR file names. -org.apache.catalina.startup.TldConfig.jarsToSkip=tomcat-websocket.jar - -# # String cache configuration. tomcat.util.buf.StringCache.byte.enabled=true #tomcat.util.buf.StringCache.char.enabled=true diff --git a/jspwiki-portable/src/overlay/tomcat/conf/server.xml b/jspwiki-portable/src/overlay/tomcat/conf/server.xml index facd6ad..20a7630 100644 --- a/jspwiki-portable/src/overlay/tomcat/conf/server.xml +++ b/jspwiki-portable/src/overlay/tomcat/conf/server.xml @@ -1,4 +1,4 @@ -<?xml version='1.0' encoding='utf-8'?> +<?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -20,16 +20,16 @@ Documentation at /docs/config/server.html --> <Server port="8025" shutdown="SHUTDOWN"> - <Listener className="org.apache.catalina.startup.VersionLoggerListener"/> + <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <!-- Security listener. Documentation at /docs/config/listeners.html <Listener className="org.apache.catalina.security.SecurityListener" /> --> <!--APR library loader. Documentation at /docs/apr.html --> - <Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/> + <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <!-- Prevent memory leaks due to use of particular java/javax APIs--> - <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/> - <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/> - <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/> + <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <!-- Global JNDI resources Documentation at /docs/jndi-resources-howto.html @@ -38,11 +38,11 @@ <!-- Editable user database that can also be used by UserDatabaseRealm to authenticate users --> - <Resource name="UserDatabase" auth="Container" - description="User database that can be updated and saved" - factory="org.apache.catalina.users.MemoryUserDatabaseFactory" - pathname="conf/tomcat-users.xml" - type="org.apache.catalina.UserDatabase" /> + <Resource name="UserDatabase" auth="Container" + description="User database that can be updated and saved" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" + type="org.apache.catalina.UserDatabase" /> </GlobalNamingResources> <!-- A "Service" is a collection of one or more "Connectors" that share @@ -53,17 +53,20 @@ <Service name="Catalina"> <!--The connectors can use a shared executor, you can define one or more named thread pools--> - <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="150" minSpareThreads="4"/> + <!-- + <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" + maxThreads="150" minSpareThreads="4"/> + --> + <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : - Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) + Java HTTP Connector: /docs/config/http.html Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html - Define a non-SSL HTTP/1.1 Connector on port 8080 + Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 --> - <Connector executor="tomcatThreadPool" port="9627" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="9643" compression="on"/> - + <Connector port="9627" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="9643" /> <!-- A "Connector" using the shared thread pool--> <!-- <Connector executor="tomcatThreadPool" @@ -71,19 +74,49 @@ connectionTimeout="20000" redirectPort="8443" /> --> - <!-- Define a SSL HTTP/1.1 Connector on port 8443 - This connector uses the JSSE configuration, when using APR, the - connector should be using the OpenSSL style configuration - described in the APR documentation --> + <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 + This connector uses the NIO implementation. The default + SSLImplementation will depend on the presence of the APR/native + library and the useOpenSSL attribute of the + AprLifecycleListener. + Either JSSE or OpenSSL style configuration may be used regardless of + the SSLImplementation selected. JSSE style configuration is used below. + --> <!-- - <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" - maxThreads="150" scheme="https" secure="true" - clientAuth="false" sslProtocol="TLS" /> + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true"> + <SSLHostConfig> + <Certificate certificateKeystoreFile="conf/localhost-rsa.jks" + type="RSA" /> + </SSLHostConfig> + </Connector> + --> + <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2 + This connector uses the APR/native implementation which always uses + OpenSSL for TLS. + Either JSSE or OpenSSL style configuration may be used. OpenSSL style + configuration is used below. + --> + <!-- + <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" + maxThreads="150" SSLEnabled="true" > + <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> + <SSLHostConfig> + <Certificate certificateKeyFile="conf/localhost-rsa-key.pem" + certificateFile="conf/localhost-rsa-cert.pem" + certificateChainFile="conf/localhost-rsa-chain.pem" + type="RSA" /> + </SSLHostConfig> + </Connector> --> <!-- Define an AJP 1.3 Connector on port 8009 --> - <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> - + <!-- + <Connector protocol="AJP/1.3" + address="::1" + port="8009" + redirectPort="8443" /> + --> <!-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone @@ -126,11 +159,9 @@ <!-- Access log processes all example. Documentation at: /docs/config/valve.html Note: The pattern used is equivalent to using pattern="common" --> - <!-- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" - prefix="localhost_access_log." suffix=".txt" + prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> - --> </Host> </Engine> diff --git a/jspwiki-portable/src/overlay/tomcat/conf/web.xml b/jspwiki-portable/src/overlay/tomcat/conf/web.xml index f6a32d2..584d6d2 100644 --- a/jspwiki-portable/src/overlay/tomcat/conf/web.xml +++ b/jspwiki-portable/src/overlay/tomcat/conf/web.xml @@ -18,8 +18,8 @@ <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee - http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"; - version="3.1"> + http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"; + version="4.0"> <!-- ======================== Introduction ============================== --> <!-- This document defines default values for *all* web applications --> @@ -48,6 +48,11 @@ <!-- fileEncoding Encoding to be used to read static resources --> <!-- [platform default] --> <!-- --> + <!-- useBomIfPresent If a static file contains a byte order mark --> + <!-- (BOM), should this be used to determine the --> + <!-- file encoding in preference to fileEncoding. --> + <!-- [true] --> + <!-- --> <!-- input Input buffer size (in bytes) when reading --> <!-- resources to be served. [2048] --> <!-- --> @@ -99,6 +104,11 @@ <!-- showServerInfo Should server information be presented in the --> <!-- response sent to clients when directory --> <!-- listings is enabled? [true] --> + <!-- --> + <!-- allowPartialPut Should the server treat an HTTP PUT request --> + <!-- with a Range header as a partial PUT? Note --> + <!-- that RFC 7233 clarified that Range headers are --> + <!-- only valid for GET requests. [true] --> <servlet> <servlet-name>default</servlet-name> @@ -138,9 +148,9 @@ <!-- pages. See the jasper documentation for more --> <!-- information. --> <!-- --> - <!-- compilerSourceVM Compiler source VM. [1.7] --> + <!-- compilerSourceVM Compiler source VM. [1.8] --> <!-- --> - <!-- compilerTargetVM Compiler target VM. [1.7] --> + <!-- compilerTargetVM Compiler target VM. [1.8] --> <!-- --> <!-- development Is Jasper used in development mode? If true, --> <!-- the frequency at which JSPs are checked for --> @@ -233,7 +243,13 @@ <!-- debugging be suppressed? [false] --> <!-- --> <!-- trimSpaces Should template text that consists entirely of --> - <!-- whitespace be removed from the output? [false] --> + <!-- whitespace be removed from the output (true), --> + <!-- replaced with a single space (single) or left --> + <!-- unchanged (false)? Note that if a JSP page or --> + <!-- tag file specifies a trimDirectiveWhitespaces --> + <!-- value of true, that will take precedence over --> + <!-- this configuration setting for that page/tag. --> + <!-- [false] --> <!-- --> <!-- xpoweredBy Determines whether X-Powered-By response --> <!-- header is added by generated servlet. [false] --> @@ -335,10 +351,32 @@ <!-- If not set, then webAppRootDir is used. --> <!-- Recommended value: WEB-INF/cgi --> <!-- --> + <!-- cmdLineArgumentsDecoded --> + <!-- Only used when enableCmdLineArguments is --> + <!-- true. The pattern that individual decoded --> + <!-- command line arguments must match else the --> + <!-- request will be rejected. This is to --> + <!-- work-around various issues when Java passes --> + <!-- the arguments to the OS. See the CGI How-To --> + <!-- for more details. The default varies by --> + <!-- platform. --> + <!-- Windows: [[a-zA-Z0-9\Q-_.\\/:\E]+] --> + <!-- Others: [.*] --> + <!-- Note that internally the CGI Servlet treats --> + <!-- [.*] as a special case to improve performance --> + <!-- --> + <!-- cmdLineArgumentsEncoded --> + <!-- Only used when enableCmdLineArguments is --> + <!-- true. The pattern that individual encoded --> + <!-- command line arguments must match else the --> + <!-- request will be rejected. The default matches --> + <!-- the allowed values defined by RFC3875. --> + <!-- [[a-zA-Z0-9\Q%;/?:@&,$-_.!~*'()\E]+] --> + <!-- --> <!-- enableCmdLineArguments --> <!-- Are command line parameters generated from --> <!-- the query string as per section 4.4 of 3875 --> - <!-- RFC? [true] --> + <!-- RFC? [false] --> <!-- --> <!-- executable Name of the executable used to run the --> <!-- script. [perl] -->
