[GUMP@vmgump]: Project tomcat-taglibs-standard (in module tomcat-taglibs) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-taglibs-standard has an issue affecting its community integration. This issue affects 2 projects, and has been outstanding for 37 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-taglibs-standard : Standard Taglib - tomcat-taglibs-standard-install : JSP Taglibs Full details are available at: http://vmgump.apache.org/gump/public/tomcat-taglibs/tomcat-taglibs-standard/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -INFO- Optional dependency httpunit failed with reason build failed -DEBUG- (Apache Gump generated) Apache Maven Settings in: /srv/gump/public/workspace/tomcat-taglibs/standard/gump_mvn_settings.xml -INFO- Failed with reason build failed -DEBUG- Maven POM in: /srv/gump/public/workspace/tomcat-taglibs/standard/pom.xml -INFO- Failed to extract fallback artifacts from Gump Repository The following work was performed: http://vmgump.apache.org/gump/public/tomcat-taglibs/tomcat-taglibs-standard/gump_work/build_tomcat-taglibs_tomcat-taglibs-standard.html Work Name: build_tomcat-taglibs_tomcat-taglibs-standard (Type: Build) Work ended in a state of : Failed Elapsed: 20 secs Command Line: /opt/maven2/bin/mvn --batch-mode -DskipTests=true --settings /srv/gump/public/workspace/tomcat-taglibs/standard/gump_mvn_settings.xml install [Working Directory: /srv/gump/public/workspace/tomcat-taglibs/standard] M2_HOME: /opt/maven2 - [INFO] [compiler:compile {execution: default-compile}] [INFO] Nothing to compile - all classes are up to date [debug] execute contextualize [INFO] [resources:testResources {execution: default-testResources}] [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /srv/gump/public/workspace/tomcat-taglibs/standard/spec/src/test/resources [INFO] Copying 3 resources [INFO] [compiler:testCompile {execution: default-testCompile}] [INFO] No sources to compile [INFO] [surefire:test {execution: default-test}] [INFO] Tests are skipped. [INFO] [bundle:bundle {execution: default-bundle}] [INFO] [install:install {execution: default-install}] [INFO] Installing /srv/gump/public/workspace/tomcat-taglibs/standard/spec/target/taglibs-standard-spec-1.2-SNAPSHOT.jar to /srv/gump/public/workspace/mvnlocalrepo/shared/org/apache/taglibs/taglibs-standard-spec/1.2-SNAPSHOT/taglibs-standard-spec-1.2-SNAPSHOT.jar [INFO] [bundle:install {execution: default-install}] [INFO] Parsing file:/srv/gump/public/workspace/mvnlocalrepo/shared/repository.xml [INFO] Installing org/apache/taglibs/taglibs-standard-spec/1.2-SNAPSHOT/taglibs-standard-spec-1.2-SNAPSHOT.jar [INFO] Writing OBR metadata [INFO] [INFO] Building JSTL Implementation [INFO]task-segment: [install] [INFO] [INFO] [remote-resources:process {execution: default}] [INFO] snapshot org.apache.taglibs:taglibs-standard-spec:1.2-SNAPSHOT: checking for updates from apache.snapshots [debug] execute contextualize [INFO] [resources:resources {execution: default-resources}] [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 14 resources [INFO] Copying 3 resources [INFO] [compiler:compile {execution: default-compile}] [INFO] Compiling 96 source files to /srv/gump/public/workspace/tomcat-taglibs/standard/impl/target/classes [INFO] - [ERROR] COMPILATION ERROR : [INFO] - [ERROR] /srv/gump/public/workspace/tomcat-taglibs/standard/impl/src/main/java/org/apache/taglibs/standard/tag/common/sql/DataSourceWrapper.java:[38,7] error: DataSourceWrapper is not abstract and does not override abstract method getParentLogger() in CommonDataSource [INFO] 1 error [INFO] - [INFO] [ERROR] BUILD FAILURE [INFO] [INFO] Compilation failure /srv/gump/public/workspace/tomcat-taglibs/standard/impl/src/main/java/org/apache/taglibs/standard/tag/common/sql/DataSourceWrapper.java:[38,7] error: DataSourceWrapper is not abstract and does not override abstract method getParentLogger() in CommonDataSource [INFO] [INFO] For more information, run Maven with the -e switch [INFO] ---
[Bug 53469] possible bug in Response.normalize(CharChunk cc)
https://issues.apache.org/bugzilla/show_bug.cgi?id=53469 --- Comment #18 from mgrigorov --- (In reply to comment #16) > I have fixed the IAE in trunk and 7.0.x. Unfortunately with this fix apps that work only with jsessionid encoded in the url will still break. If JSESSIONID is in a cookie then all is OK because Tomcat wont even try to normalize in this case. But if Tomcat is configured to always encode it in the url and the normalization fails then with this fix the relative url will not have the jsessionid and next request will be considered as not authenticated and depending on the application configuration it will most probably lead to a redirect to the login page. Unfortunately I don't see how to fix this in Wicket too. There is no way to inform the servlet container that there is a new base url which should be used for the resolving. The only solution is to configure the Wicket application to use REDIRECT_TO_RENDER strategy instead of REDIRECT_TO_BUFFER (the default one). With REDIRECT_TO_RENDER Wicket will make a http redirect before starting the render of the page responsible for /a/b/c/d. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53469] possible bug in Response.normalize(CharChunk cc)
https://issues.apache.org/bugzilla/show_bug.cgi?id=53469 --- Comment #19 from mgrigorov --- I think I found the solution. Wicket can pass always an absolute url to the web container for encoding. Wicket knows the current base url and can make it absolute safely. This way the web container will only try to normalize it but this will do nothing since there are no '../' in the passed absolute url. After encoding it Wicket can make it relative again and write it in the response. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53783] New: Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found
https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 Priority: P2 Bug ID: 53783 Assignee: dev@tomcat.apache.org Summary: Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found Severity: normal Classification: Unclassified Reporter: violet...@apache.org Hardware: PC Status: NEW Version: 7.0.29 Component: Catalina Product: Tomcat 7 Created attachment 29283 --> https://issues.apache.org/bugzilla/attachment.cgi?id=29283&action=edit Example Hi, According to Servlet Specification, Servlet container should serve static resources and jsp files, located in META-INF/resources in any jar file under WEB-INF/lib. " 10.5 Directory Structure A Web application exists as a structured hierarchy of directories. The root of this hierarchy serves as the document root for files that are part of the application. For example, for a Web application with the context path /catalog in a Web container, the index.html file at the base of the Web application hierarchy or in a JAR file inside WEB-INF/lib that includes the index.html under META-INF/resources directory can be served to satisfy a request from /catalog/index.html. If an index.html is present both in the root context and in the META-INF/resources directory of a JAR file in the WEB-INF/lib directory of the application, then the file that is available in the root context MUST be used. " When requesting such static resource/jsp file, Tomcat returns 404 Not Found. Example is attached. Request: http://localhost:8080/test-meta-inf-resources/test.jsp http://localhost:8080/test-meta-inf-resources/meta_inf_resource.jsp After investigating the issue I think that the problem is in the following code: org.apache.catalina.startup.ContextConfig protected void processResourceJARs(Set fragments) { ... if (jar.entryExists("META-INF/resources/")) { context.addResourceJarUrl(url); ... } When I list the entries in jar, I receive: INFO: Deploying web application archive C:\apache-tomcat-7.0.29\webapps\test-met a-inf-resources.war META-INF/MANIFEST.MF META-INF/resources/meta_inf_resource.jsp There is no entry "META-INF/resources/" I would like to propose a patch (attached) with which the request URLs above are working as expected. Best Regards Violeta Georgieva -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53783] Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found
https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 --- Comment #1 from Violeta Georgieva --- Created attachment 29284 --> https://issues.apache.org/bugzilla/attachment.cgi?id=29284&action=edit Patch proposal -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53783] Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found
https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 Konstantin Kolinko changed: What|Removed |Added OS||All --- Comment #2 from Konstantin Kolinko --- Does specification allow JAR files that do not have directory entries? 1. The "jar" tool always creates entries for directories. There are no options to omit them, http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/jar.html 2. The spec says "in the META-INF/resources directory of a JAR file". There is no such "directory" in this resource.jar. That said, I am OK with the patch. For stream access to a jar file (o.a.t.util.scan.UrlJar) the entryExists() method does such iteration internally, so proposed patch would not slow it down. For random access to a jar file (o.a.t.util.scan.FileUrlJar) the ZIP archive index is read when JAR file is opened and iteration over the index (JarFile.entries()) should not waste much time. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377688 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java webapps/docs/config/systemprops.xml
Author: fhanik Date: Mon Aug 27 14:15:36 2012 New Revision: 1377688 URL: http://svn.apache.org/viewvc?rev=1377688&view=rev Log: Per http://markmail.org/message/nqnogctvfuyzhtol 1. Already encountered two users that would like to set this value. There is never any need to hard code any value, regardless of its use 2. This turns it into a property on the listener Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=1377688&r1=1377687&r2=1377688&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java Mon Aug 27 14:15:36 2012 @@ -218,6 +218,17 @@ public class JreMemoryLeakPreventionList this.classesToInitialize = classesToInitialize; } +/** + * Sets the time that this listener will request for garbage-collection latency + * @see {@link sun.misc.GC#requestLatency(long)} + */ +private long gcDaemonPeriod = Long.MAX_VALUE - 1; +public long getGcDaemonPeriod() { +return gcDaemonPeriod; +} +public void setGcDaemonPeriod(long gcDaemonPeriod) { +this.gcDaemonPeriod = gcDaemonPeriod; +} @Override public void lifecycleEvent(LifecycleEvent event) { @@ -297,7 +308,7 @@ public class JreMemoryLeakPreventionList Method method = clazz.getDeclaredMethod( "requestLatency", new Class[] {long.class}); -method.invoke(null, Long.getLong("org.apache.catalina.core.jreMemoryLeakPreventionGCDaemonPeriod", Long.valueOf(Long.MAX_VALUE-1))); +method.invoke(null, getGcDaemonPeriod()); } catch (ClassNotFoundException e) { if (System.getProperty("java.vendor").startsWith( "Sun")) { Modified: tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml?rev=1377688&r1=1377687&r2=1377688&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/config/systemprops.xml Mon Aug 27 14:15:36 2012 @@ -637,11 +637,6 @@ $CATALINA_BASE/catalina.properties file. - - The timeout period set when the leak prevention code triggers the GC Daemon. - If not specified, the default value of Long.MAX_VALUE-1 will be used. - - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
Author: fhanik Date: Mon Aug 27 14:20:55 2012 New Revision: 1377689 URL: http://svn.apache.org/viewvc?rev=1377689&view=rev Log: Per http://markmail.org/message/nqnogctvfuyzhtol 1. Already encountered two users that would like to set this value. There is never any need to hard code any value, regardless of its use 2. This turns it into a property on the listener Modified: tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java Modified: tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=1377689&r1=1377688&r2=1377689&view=diff == --- tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java Mon Aug 27 14:20:55 2012 @@ -218,6 +218,17 @@ public class JreMemoryLeakPreventionList this.classesToInitialize = classesToInitialize; } +/** + * Sets the time that this listener will request for garbage-collection latency + * @see {@link sun.misc.GC#requestLatency(long)} + */ +private long gcDaemonPeriod = Long.MAX_VALUE - 1; +public long getGcDaemonPeriod() { +return gcDaemonPeriod; +} +public void setGcDaemonPeriod(long gcDaemonPeriod) { +this.gcDaemonPeriod = gcDaemonPeriod; +} @Override public void lifecycleEvent(LifecycleEvent event) { @@ -297,7 +308,7 @@ public class JreMemoryLeakPreventionList Method method = clazz.getDeclaredMethod( "requestLatency", new Class[] {long.class}); -method.invoke(null, Long.getLong("org.apache.catalina.core.jreMemoryLeakPreventionGCDaemonPeriod", Long.valueOf(Long.MAX_VALUE-1))); +method.invoke(null, getGcDaemonPeriod()); } catch (ClassNotFoundException e) { if (System.getProperty("java.vendor").startsWith( "Sun")) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tagging 7.0.30
Dear Mark, would you mind to take a look at BZ51496? As you pointed out your focus is to get open bugs fixed for 7.0.30. Well, this is not a bug, but an enhancement and to be honest I don’t know if it is planned to consider enhancements for minor releases as well. I proposed a patch. Thank you. Regards, Ralph - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 51496] NSIS - Warn that duplicate service name will result in install failure
https://issues.apache.org/bugzilla/show_bug.cgi?id=51496 --- Comment #3 from Konstantin Kolinko --- -1 for the patch (attachment 29251) It does not check that a service is installed. What it checks is whether the "Tomcat Monitor" application is configured to auto-launch on Windows startup or not. That is quite a differing thing. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53783] Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found
https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 --- Comment #3 from Violeta Georgieva --- (In reply to comment #2) > Does specification allow JAR files that do not have directory entries? > > 1. The "jar" tool always creates entries for directories. > There are no options to omit them, > Eclipse IDE is used for jar creation (project type 'java project' and export artifact jar) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
On 27/08/2012 15:20, fha...@apache.org wrote: > Author: fhanik > Date: Mon Aug 27 14:20:55 2012 > New Revision: 1377689 > > URL: http://svn.apache.org/viewvc?rev=1377689&view=rev > Log: > Per http://markmail.org/message/nqnogctvfuyzhtol > > 1. Already encountered two users that would like to set this value. There is > never any need to hard code any value, regardless of its use What is the use case for wanting to set this value? I can understand users not liking the previous value that triggered a full GC every hour and wanting to change that but I fail to see why anyone would want to change this now it is set to trigger a full GC every 290 million years or so. > 2. This turns it into a property on the listener Thanks. If the feature is retained, that is a much better implementation. Mark > > > Modified: > > tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java > > Modified: > tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=1377689&r1=1377688&r2=1377689&view=diff > == > --- > tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java > (original) > +++ > tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java > Mon Aug 27 14:20:55 2012 > @@ -218,6 +218,17 @@ public class JreMemoryLeakPreventionList > this.classesToInitialize = classesToInitialize; > } > > +/** > + * Sets the time that this listener will request for garbage-collection > latency > + * @see {@link sun.misc.GC#requestLatency(long)} > + */ > +private long gcDaemonPeriod = Long.MAX_VALUE - 1; > +public long getGcDaemonPeriod() { > +return gcDaemonPeriod; > +} > +public void setGcDaemonPeriod(long gcDaemonPeriod) { > +this.gcDaemonPeriod = gcDaemonPeriod; > +} > > @Override > public void lifecycleEvent(LifecycleEvent event) { > @@ -297,7 +308,7 @@ public class JreMemoryLeakPreventionList > Method method = clazz.getDeclaredMethod( > "requestLatency", > new Class[] {long.class}); > -method.invoke(null, > Long.getLong("org.apache.catalina.core.jreMemoryLeakPreventionGCDaemonPeriod", > Long.valueOf(Long.MAX_VALUE-1))); > +method.invoke(null, getGcDaemonPeriod()); > } catch (ClassNotFoundException e) { > if (System.getProperty("java.vendor").startsWith( > "Sun")) { > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377785 - /tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java
Author: markt Date: Mon Aug 27 18:40:09 2012 New Revision: 1377785 URL: http://svn.apache.org/viewvc?rev=1377785&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 Handle case where tool generating JARs does not generate entries for directories. Modified: tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java Modified: tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java?rev=1377785&r1=1377784&r2=1377785&view=diff == --- tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java (original) +++ tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java Mon Aug 27 18:40:09 2012 @@ -1590,8 +1590,15 @@ public class ContextConfig implements Li // Note: Ignore file URLs for now since only jar URLs will be accepted if ("jar".equals(url.getProtocol())) { jar = JarFactory.newInstance(url); -if (jar.entryExists("META-INF/resources/")) { -context.addResourceJarUrl(url); +jar.nextEntry(); +String entryName = jar.getEntryName(); +while (entryName != null) { +if (entryName.startsWith("META-INF/resources/")) { +context.addResourceJarUrl(url); +break; +} +jar.nextEntry(); +entryName = jar.getEntryName(); } } else if ("file".equals(url.getProtocol())) { FileDirContext fileDirContext = new FileDirContext(); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377786 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/startup/ContextConfig.java webapps/docs/changelog.xml
Author: markt Date: Mon Aug 27 18:43:18 2012 New Revision: 1377786 URL: http://svn.apache.org/viewvc?rev=1377786&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 Handle case where tool generating JARs does not generate entries for directories. Patch by Violeta Georgieva. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377785 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java?rev=1377786&r1=1377785&r2=1377786&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/startup/ContextConfig.java Mon Aug 27 18:43:18 2012 @@ -1684,8 +1684,15 @@ public class ContextConfig implements Li // Note: Ignore file URLs for now since only jar URLs will be accepted if ("jar".equals(url.getProtocol())) { jar = JarFactory.newInstance(url); -if (jar.entryExists("META-INF/resources/")) { -context.addResourceJarUrl(url); +jar.nextEntry(); +String entryName = jar.getEntryName(); +while (entryName != null) { +if (entryName.startsWith("META-INF/resources/")) { +context.addResourceJarUrl(url); +break; +} +jar.nextEntry(); +entryName = jar.getEntryName(); } } else if ("file".equals(url.getProtocol())) { FileDirContext fileDirContext = new FileDirContext(); Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1377786&r1=1377785&r2=1377786&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 18:43:18 2012 @@ -168,6 +168,11 @@ wrong point because the isMatchAfter logic was inverted. (markt) + +53783: Correctly handle JARs generated by tools that do not +create specific entries for directories. Patch provided by Violeta +Georgieva. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53783] Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found
https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED Severity|normal |enhancement --- Comment #4 from Mark Thomas --- The JAR spec (nor the ZIP spec) states one way or the other if an entry should be made for a directory - empty or not. On that basis and given the performance impacts described by Konstantin I am OK with this patch. Fixed in trunk and 7.0.x and will be included in 7.0.30 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53783] Static resources and jsp files under WEB-INF/lib/*.jar!/META-INF/resources are not found
https://issues.apache.org/bugzilla/show_bug.cgi?id=53783 --- Comment #5 from Violeta Georgieva --- Thanks -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377794 - in /tomcat/trunk: java/org/apache/catalina/authenticator/ java/org/apache/catalina/util/ test/org/apache/catalina/authenticator/ webapps/docs/config/
Author: markt Date: Mon Aug 27 19:03:04 2012 New Revision: 1377794 URL: http://svn.apache.org/viewvc?rev=1377794&view=rev Log: Digest improvements: - disable caching of authenticated user in session by default - track server rather than client nonces - better handling of stale nonce values Added: tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java (with props) Modified: tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java tomcat/trunk/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java tomcat/trunk/webapps/docs/config/valve.xml Modified: tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377794&r1=1377793&r2=1377794&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 19:03:04 2012 @@ -60,6 +60,7 @@ public class DigestAuthenticator extends public DigestAuthenticator() { super(); +setCache(false); try { if (md5Helper == null) { md5Helper = MessageDigest.getInstance("MD5"); @@ -81,16 +82,16 @@ public class DigestAuthenticator extends /** - * List of client nonce values currently being tracked + * List of server nonce values currently being tracked */ -protected Map cnonces; +protected Map nonces; /** - * Maximum number of client nonces to keep in the cache. If not specified, + * Maximum number of server nonces to keep in the cache. If not specified, * the default value of 1000 is used. */ -protected int cnonceCacheSize = 1000; +protected int nonceCacheSize = 1000; /** @@ -120,13 +121,13 @@ public class DigestAuthenticator extends // - Properties -public int getCnonceCacheSize() { -return cnonceCacheSize; +public int getNonceCacheSize() { +return nonceCacheSize; } -public void setCnonceCacheSize(int cnonceCacheSize) { -this.cnonceCacheSize = cnonceCacheSize; +public void setNonceCacheSize(int nonceCacheSize) { +this.nonceCacheSize = nonceCacheSize; } @@ -231,17 +232,19 @@ public class DigestAuthenticator extends // Validate any credentials already included with this request String authorization = request.getHeader("authorization"); DigestInfo digestInfo = new DigestInfo(getOpaque(), getNonceValidity(), -getKey(), cnonces, isValidateUri()); +getKey(), nonces, isValidateUri()); if (authorization != null) { -if (digestInfo.validate(request, authorization)) { -principal = digestInfo.authenticate(context.getRealm()); -} +if (digestInfo.parse(request, authorization)) { +if (digestInfo.validate(request)) { +principal = digestInfo.authenticate(context.getRealm()); +} -if (principal != null) { -String username = digestInfo.getUsername(); -register(request, response, principal, -HttpServletRequest.DIGEST_AUTH, username, null); -return (true); +if (principal != null && !digestInfo.isNonceStale()) { +register(request, response, principal, +HttpServletRequest.DIGEST_AUTH, +digestInfo.getUsername(), null); +return true; +} } } @@ -252,11 +255,9 @@ public class DigestAuthenticator extends String nonce = generateNonce(request); setAuthenticateHeader(request, response, nonce, -digestInfo.isNonceStale()); +principal != null && digestInfo.isNonceStale()); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); -// hres.flushBuffer(); -return (false); - +return false; } @@ -314,7 +315,14 @@ public class DigestAuthenticator extends ipTimeKey.getBytes(B2CConverter.ISO_8859_1)); } -return currentTime + ":" + MD5Encoder.encode(buffer); +String nonce = currentTime + ":" + MD5Encoder.encode(buffer); + +NonceInfo info = new NonceInfo(currentTime, 100); +synchronized (nonces) { +nonces.put(nonce, info); +} + +return nonce; } @@ -382,7 +390,7 @@ public class DigestAuthenticator extends setOpaque(sessionIdGenerator.generateSessionId()); } -cnonces = new LinkedHashMap() { +non
svn commit: r1377807 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/ java/org/apache/catalina/util/ test/org/apache/catalina/authenticator/ webapps/docs/ webapps/docs/config/
Author: markt Date: Mon Aug 27 19:43:06 2012 New Revision: 1377807 URL: http://svn.apache.org/viewvc?rev=1377807&view=rev Log: Digest improvements: - disable caching of authenticated user in session by default - track server rather than client nonces - better handling of stale nonce values Added: tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java - copied, changed from r1377794, tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TesterDigestAuthenticatorPerformance.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377794 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377807&r1=1377806&r2=1377807&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 19:43:06 2012 @@ -20,7 +20,6 @@ package org.apache.catalina.authenticato import java.io.IOException; -import java.nio.charset.Charset; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.Principal; @@ -38,6 +37,7 @@ import org.apache.catalina.deploy.LoginC import org.apache.catalina.util.MD5Encoder; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; +import org.apache.tomcat.util.buf.B2CConverter; @@ -83,6 +83,7 @@ public class DigestAuthenticator extends public DigestAuthenticator() { super(); +setCache(false); try { if (md5Helper == null) md5Helper = MessageDigest.getInstance("MD5"); @@ -103,16 +104,16 @@ public class DigestAuthenticator extends /** - * List of client nonce values currently being tracked + * List of server nonce values currently being tracked */ -protected Map cnonces; +protected Map nonces; /** - * Maximum number of client nonces to keep in the cache. If not specified, + * Maximum number of server nonces to keep in the cache. If not specified, * the default value of 1000 is used. */ -protected int cnonceCacheSize = 1000; +protected int nonceCacheSize = 1000; /** @@ -153,13 +154,13 @@ public class DigestAuthenticator extends } -public int getCnonceCacheSize() { -return cnonceCacheSize; +public int getNonceCacheSize() { +return nonceCacheSize; } -public void setCnonceCacheSize(int cnonceCacheSize) { -this.cnonceCacheSize = cnonceCacheSize; +public void setNonceCacheSize(int nonceCacheSize) { +this.nonceCacheSize = nonceCacheSize; } @@ -266,18 +267,19 @@ public class DigestAuthenticator extends // Validate any credentials already included with this request String authorization = request.getHeader("authorization"); DigestInfo digestInfo = new DigestInfo(getOpaque(), getNonceValidity(), -getKey(), cnonces, isValidateUri()); +getKey(), nonces, isValidateUri()); if (authorization != null) { -if (digestInfo.validate(request, authorization, config)) { -principal = digestInfo.authenticate(context.getRealm()); -} +if (digestInfo.parse(request, authorization)) { +if (digestInfo.validate(request, config)) { +principal = digestInfo.authenticate(context.getRealm()); +} -if (principal != null) { -String username = digestInfo.getUsername(); -register(request, response, principal, -HttpServletRequest.DIGEST_AUTH, - username, null); -return (true); +if (principal != null && !digestInfo.isNonceStale()) { +register(request, response, principal, +HttpServletRequest.DIGEST_AUTH, +digestInfo.getUsername(), null); +return true; +} } } @@ -288,11 +290,9 @@ public class DigestAuthenticator extends String nonce = generateNonce(request); setAuthenticateHeader(request, response, config, nonce, -digestInfo.isNonceStale());
svn commit: r1377811 - /tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java
Author: markt Date: Mon Aug 27 20:01:28 2012 New Revision: 1377811 URL: http://svn.apache.org/viewvc?rev=1377811&view=rev Log: Add a MD5 digest method as it is the most commonly used. Modified: tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java Modified: tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java?rev=1377811&r1=1377810&r2=1377811&view=diff == --- tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java (original) +++ tomcat/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java Mon Aug 27 20:01:28 2012 @@ -30,6 +30,8 @@ import java.util.concurrent.ConcurrentLi */ public class ConcurrentMessageDigest { +private static final String MD5 = "MD5"; + private static final Map> queues = new HashMap<>(); @@ -38,6 +40,18 @@ public class ConcurrentMessageDigest { // Hide default constructor for this utility class } +static { +try { +// Init commonly used algorithms +init(MD5); +} catch (NoSuchAlgorithmException e) { +throw new IllegalArgumentException(e); +} +} + +public static byte[] digestMD5(byte[] input) { +return digest(MD5, input); +} public static byte[] digest(String algorithm, byte[] input) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
2012/8/27 Mark Thomas : > On 27/08/2012 15:20, fha...@apache.org wrote: >> Author: fhanik >> Date: Mon Aug 27 14:20:55 2012 >> New Revision: 1377689 >> >> URL: http://svn.apache.org/viewvc?rev=1377689&view=rev >> Log: >> Per http://markmail.org/message/nqnogctvfuyzhtol >> >> 1. Already encountered two users that would like to set this value. There is >> never any need to hard code any value, regardless of its use > > What is the use case for wanting to set this value? I can understand > users not liking the previous value that triggered a full GC every hour > and wanting to change that but I fail to see why anyone would want to > change this now it is set to trigger a full GC every 290 million years > or so. > >> 2. This turns it into a property on the listener > > Thanks. If the feature is retained, that is a much better implementation. > Re: 1: Maybe somebody wants their full GC once an hour, or once a day? There are documentation glitches yet to be fixed: a. systemprops.xml change in trunk was not reverted by this commit. It was reverted in 7.0.x only. b. The new property is yet to be documented in listeners.xml. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377824 - /tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java
Author: markt Date: Mon Aug 27 20:21:21 2012 New Revision: 1377824 URL: http://svn.apache.org/viewvc?rev=1377824&view=rev Log: Take advantage of new ConcurrentMessageDigest Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java?rev=1377824&r1=1377823&r2=1377824&view=diff == --- tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java Mon Aug 27 20:21:21 2012 @@ -16,8 +16,6 @@ */ package org.apache.catalina.authenticator; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -36,6 +34,7 @@ import org.apache.catalina.startup.TestT import org.apache.catalina.startup.TesterServlet; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; +import org.apache.catalina.util.ConcurrentMessageDigest; import org.apache.catalina.util.MD5Encoder; import org.apache.tomcat.util.buf.ByteChunk; @@ -310,7 +309,7 @@ public class TestDigestAuthenticator ext */ private static String buildDigestResponse(String user, String pwd, String uri, String realm, String nonce, String opaque, String nc, -String cnonce, String qop) throws NoSuchAlgorithmException { +String cnonce, String qop) { String a1 = user + ":" + realm + ":" + pwd; String a2 = "GET:" + uri; @@ -361,11 +360,8 @@ public class TestDigestAuthenticator ext return auth.toString(); } -private static String digest(String input) throws NoSuchAlgorithmException { -// This is slow but should be OK as this is only a test -MessageDigest md5 = MessageDigest.getInstance("MD5"); - -md5.update(input.getBytes()); -return MD5Encoder.encode(md5.digest()); +private static String digest(String input) { +return MD5Encoder.encode( +ConcurrentMessageDigest.digestMD5(input.getBytes())); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377826 - in /tomcat/trunk/test/org/apache/catalina/authenticator: TestDigestAuthenticator.java TestNonLoginAndBasicAuthenticator.java TestSSOnonLoginAndBasicAuthenticator.java TestSSOnon
Author: markt Date: Mon Aug 27 20:23:42 2012 New Revision: 1377826 URL: http://svn.apache.org/viewvc?rev=1377826&view=rev Log: Java 7 <> Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java tomcat/trunk/test/org/apache/catalina/authenticator/TestNonLoginAndBasicAuthenticator.java tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndBasicAuthenticator.java tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java?rev=1377826&r1=1377825&r2=1377826&view=diff == --- tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java Mon Aug 27 20:23:42 2012 @@ -175,14 +175,13 @@ public class TestDigestAuthenticator ext } else { digestUri = uri; } -List auth = new ArrayList(); +List auth = new ArrayList<>(); auth.add(buildDigestResponse(user, pwd, digestUri, realm, "null", "null", nc1, cnonce, qop)); -Map> reqHeaders = new HashMap>(); +Map> reqHeaders = new HashMap<>(); reqHeaders.put(CLIENT_AUTH_HEADER, auth); -Map> respHeaders = -new HashMap>(); +Map> respHeaders = new HashMap<>(); // The first request will fail - but we need to extract the nonce ByteChunk bc = new ByteChunk(); Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestNonLoginAndBasicAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/TestNonLoginAndBasicAuthenticator.java?rev=1377826&r1=1377825&r2=1377826&view=diff == --- tomcat/trunk/test/org/apache/catalina/authenticator/TestNonLoginAndBasicAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/TestNonLoginAndBasicAuthenticator.java Mon Aug 27 20:23:42 2012 @@ -155,10 +155,8 @@ public class TestNonLoginAndBasicAuthent private void doTestNonLogin(String uri, boolean expectedReject, int expectedRC) throws Exception { -Map> reqHeaders = -new HashMap>(); -Map> respHeaders = -new HashMap>(); +Map> reqHeaders = new HashMap<>(); +Map> respHeaders = new HashMap<>(); ByteChunk bc = new ByteChunk(); int rc = getUrl(HTTP_PREFIX + getPort() + uri, bc, reqHeaders, @@ -180,10 +178,8 @@ public class TestNonLoginAndBasicAuthent boolean expectedReject2, int expectedRC2) throws Exception { // the first access attempt should be challenged -Map> reqHeaders1 = -new HashMap>(); -Map> respHeaders1 = -new HashMap>(); +Map> reqHeaders1 = new HashMap<>(); +Map> respHeaders1 = new HashMap<>(); ByteChunk bc = new ByteChunk(); int rc = getUrl(HTTP_PREFIX + getPort() + uri, bc, reqHeaders1, @@ -206,13 +202,12 @@ public class TestNonLoginAndBasicAuthent String authScheme = verifyAuthSchemeCase ? "bAsIc " : "Basic "; String authLine = authScheme + base64auth; -List auth = new ArrayList(); +List auth = new ArrayList<>(); auth.add(authLine); -Map> reqHeaders2 = new HashMap>(); +Map> reqHeaders2 = new HashMap<>(); reqHeaders2.put(CLIENT_AUTH_HEADER, auth); -Map> respHeaders2 = -new HashMap>(); +Map> respHeaders2 = new HashMap<>(); bc.recycle(); rc = getUrl(HTTP_PREFIX + getPort() + uri, bc, reqHeaders2, Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndBasicAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndBasicAuthenticator.java?rev=1377826&r1=1377825&r2=1377826&view=diff == --- tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndBasicAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndBasicAuthenticator.java Mon Aug 27 20:23:42 2012 @@ -189,13 +189,11 @@ public class TestSSOnonLoginAndBasicAuth boolean expectedReject, int expectedRC) throws Exception { -Map> reqHeaders = -new HashMap>(); +Map> reqHeaders = new HashMap<>(); if (addCookies) { addCookies(reqHeaders); } -Map> respHeaders = -new HashMap>(); +
svn commit: r1377827 - /tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java
Author: markt Date: Mon Aug 27 20:24:48 2012 New Revision: 1377827 URL: http://svn.apache.org/viewvc?rev=1377827&view=rev Log: Take advantage of new ConcurrentMessageDigest Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java Modified: tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java?rev=1377827&r1=1377826&r2=1377827&view=diff == --- tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java Mon Aug 27 20:24:48 2012 @@ -16,9 +16,6 @@ */ package org.apache.catalina.authenticator; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -36,6 +33,7 @@ import org.apache.catalina.deploy.Securi import org.apache.catalina.startup.TesterServlet; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; +import org.apache.catalina.util.ConcurrentMessageDigest; import org.apache.catalina.util.MD5Encoder; import org.apache.tomcat.util.buf.ByteChunk; @@ -412,7 +410,7 @@ public class TestSSOnonLoginAndDigestAut */ private static String buildDigestResponse(String user, String pwd, String uri, String realm, String nonce, String opaque, String nc, -String cnonce, String qop) throws NoSuchAlgorithmException { +String cnonce, String qop) { String a1 = user + ":" + realm + ":" + pwd; String a2 = "GET:" + uri; @@ -463,12 +461,9 @@ public class TestSSOnonLoginAndDigestAut return auth.toString(); } -private static String digest(String input) throws NoSuchAlgorithmException { -// This is slow but should be OK as this is only a test -MessageDigest md5 = MessageDigest.getInstance("MD5"); - -md5.update(input.getBytes()); -return MD5Encoder.encode(md5.digest()); +private static String digest(String input) { +return MD5Encoder.encode( +ConcurrentMessageDigest.digestMD5(input.getBytes())); } /* - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377831 - in /tomcat/trunk: java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java webapps/docs/config/systemprops.xml
Author: kkolinko Date: Mon Aug 27 20:26:34 2012 New Revision: 1377831 URL: http://svn.apache.org/viewvc?rev=1377831&view=rev Log: Followup to r1377689 1. Cleanup removed property from systemprops.xml 2. Do not reference inaccessible class in Javadoc (With my setting of JRE="Execution environment JavaSE-1.7", Eclipse complained about this in red). 3. Perform boxing explicitly. Modified: tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java tomcat/trunk/webapps/docs/config/systemprops.xml Modified: tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=1377831&r1=1377830&r2=1377831&view=diff == --- tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java Mon Aug 27 20:26:34 2012 @@ -220,7 +220,7 @@ public class JreMemoryLeakPreventionList /** * Sets the time that this listener will request for garbage-collection latency - * @see {@link sun.misc.GC#requestLatency(long)} + * @see {@code sun.misc.GC#requestLatency(long)} */ private long gcDaemonPeriod = Long.MAX_VALUE - 1; public long getGcDaemonPeriod() { @@ -308,7 +308,7 @@ public class JreMemoryLeakPreventionList Method method = clazz.getDeclaredMethod( "requestLatency", new Class[] {long.class}); -method.invoke(null, getGcDaemonPeriod()); +method.invoke(null, Long.valueOf(getGcDaemonPeriod())); } catch (ClassNotFoundException e) { if (System.getProperty("java.vendor").startsWith( "Sun")) { Modified: tomcat/trunk/webapps/docs/config/systemprops.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/systemprops.xml?rev=1377831&r1=1377830&r2=1377831&view=diff == --- tomcat/trunk/webapps/docs/config/systemprops.xml (original) +++ tomcat/trunk/webapps/docs/config/systemprops.xml Mon Aug 27 20:26:34 2012 @@ -443,11 +443,6 @@ else the default value will be false. - - The timeout period set when the leak prevention code triggers the GC Daemon. - If not specified, the default value of Long.MAX_VALUE-1 will be used. - - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377835 - /tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java
Author: markt Date: Mon Aug 27 20:32:19 2012 New Revision: 1377835 URL: http://svn.apache.org/viewvc?rev=1377835&view=rev Log: Clean-up - Fix FindBugs NPE warnings - Java 7 <> - Remove static imports (auto completes are easier without them) Modified: tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java Modified: tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java?rev=1377835&r1=1377834&r2=1377835&view=diff == --- tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java (original) +++ tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java Mon Aug 27 20:32:19 2012 @@ -38,10 +38,7 @@ import javax.naming.InitialContext; import javax.naming.NamingException; import javax.servlet.http.HttpServletRequest; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - +import org.junit.Assert; import org.junit.Test; import org.apache.catalina.Context; @@ -84,11 +81,12 @@ public class TestWebSocket extends Tomca // Make sure we got an upgrade response String responseLine = client.reader.readLine(); -assertTrue(responseLine.startsWith("HTTP/1.1 101")); +Assert.assertNotNull(responseLine); +Assert.assertTrue(responseLine.startsWith("HTTP/1.1 101")); // Swallow the headers String responseHeaderLine = client.reader.readLine(); -while (!responseHeaderLine.equals("")) { +while (!"".equals(responseHeaderLine)) { responseHeaderLine = client.reader.readLine(); } @@ -96,7 +94,7 @@ public class TestWebSocket extends Tomca client.sendMessage("foo", false); client.sendMessage("foo", true); -assertEquals("foofoo", client.readMessage()); +Assert.assertEquals("foofoo", client.readMessage()); // Finished with the socket client.close(); @@ -123,17 +121,18 @@ public class TestWebSocket extends Tomca // Make sure we got an upgrade response String responseLine = client.reader.readLine(); -assertTrue(responseLine.startsWith("HTTP/1.1 426")); +Assert.assertNotNull(responseLine); +Assert.assertTrue(responseLine.startsWith("HTTP/1.1 426")); -List headerlines = new ArrayList(); +List headerlines = new ArrayList<>(); String responseHeaderLine = client.reader.readLine(); -while (!responseHeaderLine.equals("")) { +while (!"".equals(responseHeaderLine)) { headerlines.add(responseHeaderLine); responseHeaderLine = client.reader.readLine(); } -assertTrue(headerlines.contains("Sec-WebSocket-Version: 13")); +Assert.assertTrue(headerlines.contains("Sec-WebSocket-Version: 13")); // Finished with the socket client.close(); } @@ -159,7 +158,8 @@ public class TestWebSocket extends Tomca // Make sure we got an upgrade response String responseLine = client.reader.readLine(); -assertTrue(responseLine.startsWith("HTTP/1.1 400")); +Assert.assertNotNull(responseLine); +Assert.assertTrue(responseLine.startsWith("HTTP/1.1 400")); // Finished with the socket client.close(); @@ -186,7 +186,8 @@ public class TestWebSocket extends Tomca // Make sure we got an upgrade response String responseLine = client.reader.readLine(); -assertTrue(responseLine.startsWith("HTTP/1.1 400")); +Assert.assertNotNull(responseLine); +Assert.assertTrue(responseLine.startsWith("HTTP/1.1 400")); // Finished with the socket client.close(); @@ -213,28 +214,29 @@ public class TestWebSocket extends Tomca // Make sure we got an upgrade response String responseLine = client.reader.readLine(); -assertTrue(responseLine.startsWith("HTTP/1.1 101")); +Assert.assertNotNull(responseLine); +Assert.assertTrue(responseLine.startsWith("HTTP/1.1 101")); String accept = null; String responseHeaderLine = client.reader.readLine(); -while (!responseHeaderLine.equals("")) { +while (!"".equals(responseHeaderLine)) { if(responseHeaderLine.startsWith("Sec-WebSocket-Accept: ")) { accept = responseHeaderLine.substring(responseHeaderLine.indexOf(":")+2); break; } responseHeaderLine = client.reader.readLine(); } -assertTrue(accept != null); +Assert.assertTrue(accept != null); MessageDigest sha1Helper = MessageDigest.getInstance("SHA1"); sha1Helper.reset(); sha1Helper.update("TODO".getBytes(B2CConverter.ISO_8859_1)); String source = Base64.encode(sha1H
svn commit: r1377839 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
Author: kkolinko Date: Mon Aug 27 20:38:05 2012 New Revision: 1377839 URL: http://svn.apache.org/viewvc?rev=1377839&view=rev Log: Followup to r1377688 Merged revision 1377831 from tomcat/trunk: 1. Do not reference inaccessible class in Javadoc (With my setting of JRE="Execution environment JavaSE-1.6", Eclipse complained about this in red). 2. Perform boxing explicitly. Updated mergeinfo as if 1377544, 1377689 have been merged from trunk. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377544,1377689,1377831 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java?rev=1377839&r1=1377838&r2=1377839&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java Mon Aug 27 20:38:05 2012 @@ -220,7 +220,7 @@ public class JreMemoryLeakPreventionList /** * Sets the time that this listener will request for garbage-collection latency - * @see {@link sun.misc.GC#requestLatency(long)} + * @see {@code sun.misc.GC#requestLatency(long)} */ private long gcDaemonPeriod = Long.MAX_VALUE - 1; public long getGcDaemonPeriod() { @@ -308,7 +308,7 @@ public class JreMemoryLeakPreventionList Method method = clazz.getDeclaredMethod( "requestLatency", new Class[] {long.class}); -method.invoke(null, getGcDaemonPeriod()); +method.invoke(null, Long.valueOf(getGcDaemonPeriod())); } catch (ClassNotFoundException e) { if (System.getProperty("java.vendor").startsWith( "Sun")) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377852 - /tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java
Author: markt Date: Mon Aug 27 20:51:05 2012 New Revision: 1377852 URL: http://svn.apache.org/viewvc?rev=1377852&view=rev Log: Better handling of exception Modified: tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377852&r1=1377851&r2=1377852&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 20:51:05 2012 @@ -66,8 +66,7 @@ public class DigestAuthenticator extends md5Helper = MessageDigest.getInstance("MD5"); } } catch (NoSuchAlgorithmException e) { -e.printStackTrace(); -throw new IllegalStateException(); +throw new IllegalStateException(e); } } @@ -78,7 +77,7 @@ public class DigestAuthenticator extends /** * MD5 message digest provider. */ -protected static volatile MessageDigest md5Helper; + protected static volatile MessageDigest md5Helper; /** - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53725] Some GZipped responses result in java.io.IOException: Corrupt GZIP trailer during gunzip.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53725 --- Comment #3 from kevin.l.st...@nokia.com --- Created attachment 29286 --> https://issues.apache.org/bugzilla/attachment.cgi?id=29286&action=edit Demonstrates the same problem post-fix. Please unzip to obtain the data.bin which causes the issue. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53725] Some GZipped responses result in java.io.IOException: Corrupt GZIP trailer during gunzip.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53725 kevin.l.st...@nokia.com changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED |--- --- Comment #4 from kevin.l.st...@nokia.com --- I have attached a new data.bin which demonstrates that the problem remains post-fix. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377853 - /tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java
Author: markt Date: Mon Aug 27 20:53:56 2012 New Revision: 1377853 URL: http://svn.apache.org/viewvc?rev=1377853&view=rev Log: Improve concurrency of DIGEST auth Modified: tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377853&r1=1377852&r2=1377853&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 20:53:56 2012 @@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRes import org.apache.catalina.LifecycleException; import org.apache.catalina.Realm; import org.apache.catalina.connector.Request; +import org.apache.catalina.util.ConcurrentMessageDigest; import org.apache.catalina.util.MD5Encoder; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; @@ -76,8 +77,10 @@ public class DigestAuthenticator extends /** * MD5 message digest provider. + * @deprecated Unused - will be removed in Tomcat 8.0.x onwards */ - protected static volatile MessageDigest md5Helper; +@Deprecated +protected static volatile MessageDigest md5Helper; /** @@ -308,12 +311,8 @@ public class DigestAuthenticator extends String ipTimeKey = request.getRemoteAddr() + ":" + currentTime + ":" + getKey(); -byte[] buffer; -synchronized (md5Helper) { -buffer = md5Helper.digest( -ipTimeKey.getBytes(B2CConverter.ISO_8859_1)); -} - +byte[] buffer = ConcurrentMessageDigest.digestMD5( +ipTimeKey.getBytes(B2CConverter.ISO_8859_1)); String nonce = currentTime + ":" + MD5Encoder.encode(buffer); NonceInfo info = new NonceInfo(currentTime, 100); @@ -583,11 +582,8 @@ public class DigestAuthenticator extends } String serverIpTimeKey = request.getRemoteAddr() + ":" + nonceTime + ":" + key; -byte[] buffer = null; -synchronized (md5Helper) { -buffer = md5Helper.digest( -serverIpTimeKey.getBytes(B2CConverter.ISO_8859_1)); -} +byte[] buffer = ConcurrentMessageDigest.digestMD5( +serverIpTimeKey.getBytes(B2CConverter.ISO_8859_1)); String md5ServerIpTimeKey = MD5Encoder.encode(buffer); if (!md5ServerIpTimeKey.equals(md5clientIpTimeKey)) { return false; @@ -645,10 +641,8 @@ public class DigestAuthenticator extends // MD5(Method + ":" + uri) String a2 = method + ":" + uri; -byte[] buffer; -synchronized (md5Helper) { -buffer = md5Helper.digest(a2.getBytes(B2CConverter.ISO_8859_1)); -} +byte[] buffer = ConcurrentMessageDigest.digestMD5( +a2.getBytes(B2CConverter.ISO_8859_1)); String md5a2 = MD5Encoder.encode(buffer); return realm.authenticate(userName, response, nonce, nc, cnonce, - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377856 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/util/ConcurrentMessageDigest.java
Author: markt Date: Mon Aug 27 20:56:10 2012 New Revision: 1377856 URL: http://svn.apache.org/viewvc?rev=1377856&view=rev Log: Add a MD5 digest method as it is the most commonly used. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377811 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java?rev=1377856&r1=1377855&r2=1377856&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/util/ConcurrentMessageDigest.java Mon Aug 27 20:56:10 2012 @@ -30,6 +30,8 @@ import java.util.concurrent.ConcurrentLi */ public class ConcurrentMessageDigest { +private static final String MD5 = "MD5"; + private static final Map> queues = new HashMap>(); @@ -38,6 +40,18 @@ public class ConcurrentMessageDigest { // Hide default constructor for this utility class } +static { +try { +// Init commonly used algorithms +init(MD5); +} catch (NoSuchAlgorithmException e) { +throw new IllegalArgumentException(e); +} +} + +public static byte[] digestMD5(byte[] input) { +return digest(MD5, input); +} public static byte[] digest(String algorithm, byte[] input) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377857 - in /tomcat/tc7.0.x/trunk: ./ test/org/apache/catalina/authenticator/TestDigestAuthenticator.java test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.jav
Author: markt Date: Mon Aug 27 20:57:15 2012 New Revision: 1377857 URL: http://svn.apache.org/viewvc?rev=1377857&view=rev Log: Take advantage of new ConcurrentMessageDigest Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377824,1377827 Modified: tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java?rev=1377857&r1=1377856&r2=1377857&view=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestDigestAuthenticator.java Mon Aug 27 20:57:15 2012 @@ -16,8 +16,6 @@ */ package org.apache.catalina.authenticator; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -36,6 +34,7 @@ import org.apache.catalina.startup.TestT import org.apache.catalina.startup.TesterServlet; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; +import org.apache.catalina.util.ConcurrentMessageDigest; import org.apache.catalina.util.MD5Encoder; import org.apache.tomcat.util.buf.ByteChunk; @@ -310,7 +309,7 @@ public class TestDigestAuthenticator ext */ private static String buildDigestResponse(String user, String pwd, String uri, String realm, String nonce, String opaque, String nc, -String cnonce, String qop) throws NoSuchAlgorithmException { +String cnonce, String qop) { String a1 = user + ":" + realm + ":" + pwd; String a2 = "GET:" + uri; @@ -361,11 +360,8 @@ public class TestDigestAuthenticator ext return auth.toString(); } -private static String digest(String input) throws NoSuchAlgorithmException { -// This is slow but should be OK as this is only a test -MessageDigest md5 = MessageDigest.getInstance("MD5"); - -md5.update(input.getBytes()); -return MD5Encoder.encode(md5.digest()); +private static String digest(String input) { +return MD5Encoder.encode( +ConcurrentMessageDigest.digestMD5(input.getBytes())); } } Modified: tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java?rev=1377857&r1=1377856&r2=1377857&view=diff == --- tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java (original) +++ tomcat/tc7.0.x/trunk/test/org/apache/catalina/authenticator/TestSSOnonLoginAndDigestAuthenticator.java Mon Aug 27 20:57:15 2012 @@ -16,9 +16,6 @@ */ package org.apache.catalina.authenticator; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -36,6 +33,7 @@ import org.apache.catalina.deploy.Securi import org.apache.catalina.startup.TesterServlet; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; +import org.apache.catalina.util.ConcurrentMessageDigest; import org.apache.catalina.util.MD5Encoder; import org.apache.tomcat.util.buf.ByteChunk; @@ -418,7 +416,7 @@ public class TestSSOnonLoginAndDigestAut */ private static String buildDigestResponse(String user, String pwd, String uri, String realm, String nonce, String opaque, String nc, -String cnonce, String qop) throws NoSuchAlgorithmException { +String cnonce, String qop) { String a1 = user + ":" + realm + ":" + pwd; String a2 = "GET:" + uri; @@ -469,12 +467,9 @@ public class TestSSOnonLoginAndDigestAut return auth.toString(); } -private static String digest(String input) throws NoSuchAlgorithmException { -// This is slow but should be OK as this is only a test -MessageDigest md5 = MessageDigest.getInstance("MD5"); - -md5.update(input.getBytes()); -return MD5Encoder.encode(md5.digest()); +private static String digest(String input) { +return MD5Encoder.encode( +ConcurrentMessageDigest.digestMD5(input.getBytes())); } /*
Re: svn commit: r1377835 - /tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java
2012/8/28 : > Author: markt > Date: Mon Aug 27 20:32:19 2012 > New Revision: 1377835 > > URL: http://svn.apache.org/viewvc?rev=1377835&view=rev > Log: > - Remove static imports (auto completes are easier without them) > In Eclipse settings Java -> Editor -> Content Assist -> Favorites My list there is: [[[ org.hamcrest.CoreMatchers org.hamcrest.Matchers org.junit.Assert org.junit.matchers.JUnitMatchers ]]] (each line added with "New Type.." button) After that content assist begins suggesting the static methods. We are not yet using Hamcrest library in Tomcat, but I think one time we might start using it. (The library that provides matchers that are used with org.junit.Assert.assertThat(..), org.junit.rules.ErrorCollector.checkThat(...) etc.). I am not insisting on reverting this. Just FYI. > Modified: > tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java > > Modified: tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java?rev=1377835&r1=1377834&r2=1377835&view=diff > == > --- tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java > (original) > +++ tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java Mon > Aug 27 20:32:19 2012 > @@ -38,10 +38,7 @@ import javax.naming.InitialContext; > import javax.naming.NamingException; > import javax.servlet.http.HttpServletRequest; > > -import static org.junit.Assert.assertEquals; > -import static org.junit.Assert.assertFalse; > -import static org.junit.Assert.assertTrue; > - > +import org.junit.Assert; > import org.junit.Test; > > import org.apache.catalina.Context; > @@ -84,11 +81,12 @@ public class TestWebSocket extends Tomca > > // Make sure we got an upgrade response > String responseLine = client.reader.readLine(); > -assertTrue(responseLine.startsWith("HTTP/1.1 101")); > +Assert.assertNotNull(responseLine); > +Assert.assertTrue(responseLine.startsWith("HTTP/1.1 101")); > Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377858 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/DigestAuthenticator.java
Author: markt Date: Mon Aug 27 20:58:04 2012 New Revision: 1377858 URL: http://svn.apache.org/viewvc?rev=1377858&view=rev Log: Better handling of exception Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377852 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377858&r1=1377857&r2=1377858&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 20:58:04 2012 @@ -88,8 +88,7 @@ public class DigestAuthenticator extends if (md5Helper == null) md5Helper = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { -e.printStackTrace(); -throw new IllegalStateException(); +throw new IllegalStateException(e); } } @@ -100,7 +99,7 @@ public class DigestAuthenticator extends /** * MD5 message digest provider. */ -protected static volatile MessageDigest md5Helper; + protected static volatile MessageDigest md5Helper; /** - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 51966] Tomcat does not support ssha hashed passwords in all contexts
https://issues.apache.org/bugzilla/show_bug.cgi?id=51966 --- Comment #11 from da...@leppik.net --- Unfortunately, just adding salt to hashes doesn't provide much more security these days. Modern password hashing algorithms, such as bcrypt, include the salt as part of the hash. What's more, the current digest algorithms are woefully out of date, so just adding salt will just extend the illusion that they are secure. A better solution would be to allow users to plug in a digest algorithm that they trust, and perhaps to bundle a few high quality third-party algorithms as well. I'm going to create a separate bug report with more details. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377835 - /tomcat/trunk/test/org/apache/catalina/websocket/TestWebSocket.java
On 27/08/2012 21:58, Konstantin Kolinko wrote: > 2012/8/28 : >> Author: markt >> Date: Mon Aug 27 20:32:19 2012 >> New Revision: 1377835 >> >> URL: http://svn.apache.org/viewvc?rev=1377835&view=rev >> Log: > >> - Remove static imports (auto completes are easier without them) >> > > In Eclipse settings > Java -> Editor -> Content Assist -> Favorites > > My list there is: > [[[ > org.hamcrest.CoreMatchers > org.hamcrest.Matchers > org.junit.Assert > org.junit.matchers.JUnitMatchers > ]]] > (each line added with "New Type.." button) > > After that content assist begins suggesting the static methods. Ah. Useful. Thanks. I'll remember that. I think I still prefer the non-static approach (simply style reasons - not technical) but that removes probably the biggest pain of the static approach. Cheers, Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377861 - /tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Author: markt Date: Mon Aug 27 21:04:02 2012 New Revision: 1377861 URL: http://svn.apache.org/viewvc?rev=1377861&view=rev Log: Correct section Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1377861&r1=1377860&r2=1377861&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:04:02 2012 @@ -173,6 +173,11 @@ create specific entries for directories. Patch provided by Violeta Georgieva. (markt) + +Improvements to DIGEST authenticator including the disabling caching of +authenticated user in session by default, tracking server rather than +client nonces and better handling of stale nonce values. (markt) + @@ -197,11 +202,6 @@ 53725: Fix possible corruption of GZIP'd output. (markt) - -Improvements to DIGEST authenticator including the disabling caching of -authenticated user in session by default, tracking server rather than -client nonces and better handling of stale nonce values. (markt) - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377863 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/DigestAuthenticator.java webapps/docs/changelog.xml
Author: markt Date: Mon Aug 27 21:05:50 2012 New Revision: 1377863 URL: http://svn.apache.org/viewvc?rev=1377863&view=rev Log: Improve concurrency of DIGEST auth Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377853 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java?rev=1377863&r1=1377862&r2=1377863&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/DigestAuthenticator.java Mon Aug 27 21:05:50 2012 @@ -34,6 +34,7 @@ import org.apache.catalina.LifecycleExce import org.apache.catalina.Realm; import org.apache.catalina.connector.Request; import org.apache.catalina.deploy.LoginConfig; +import org.apache.catalina.util.ConcurrentMessageDigest; import org.apache.catalina.util.MD5Encoder; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; @@ -98,8 +99,10 @@ public class DigestAuthenticator extends /** * MD5 message digest provider. + * @deprecated Unused - will be removed in Tomcat 8.0.x onwards */ - protected static volatile MessageDigest md5Helper; +@Deprecated +protected static volatile MessageDigest md5Helper; /** @@ -382,12 +385,8 @@ public class DigestAuthenticator extends String ipTimeKey = request.getRemoteAddr() + ":" + currentTime + ":" + getKey(); -byte[] buffer; -synchronized (md5Helper) { -buffer = md5Helper.digest( -ipTimeKey.getBytes(B2CConverter.ISO_8859_1)); -} - +byte[] buffer = ConcurrentMessageDigest.digestMD5( +ipTimeKey.getBytes(B2CConverter.ISO_8859_1)); String nonce = currentTime + ":" + MD5Encoder.encode(buffer); NonceInfo info = new NonceInfo(currentTime, 100); @@ -656,11 +655,8 @@ public class DigestAuthenticator extends } String serverIpTimeKey = request.getRemoteAddr() + ":" + nonceTime + ":" + key; -byte[] buffer = null; -synchronized (md5Helper) { -buffer = md5Helper.digest( -serverIpTimeKey.getBytes(B2CConverter.ISO_8859_1)); -} +byte[] buffer = ConcurrentMessageDigest.digestMD5( +serverIpTimeKey.getBytes(B2CConverter.ISO_8859_1)); String md5ServerIpTimeKey = MD5Encoder.encode(buffer); if (!md5ServerIpTimeKey.equals(md5clientIpTimeKey)) { return false; @@ -718,10 +714,8 @@ public class DigestAuthenticator extends // MD5(Method + ":" + uri) String a2 = method + ":" + uri; -byte[] buffer; -synchronized (md5Helper) { -buffer = md5Helper.digest(a2.getBytes(B2CConverter.ISO_8859_1)); -} +byte[] buffer = ConcurrentMessageDigest.digestMD5( +a2.getBytes(B2CConverter.ISO_8859_1)); String md5a2 = MD5Encoder.encode(buffer); return realm.authenticate(userName, response, nonce, nc, cnonce, Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1377863&r1=1377862&r2=1377863&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:05:50 2012 @@ -178,6 +178,10 @@ authenticated user in session by default, tracking server rather than client nonces and better handling of stale nonce values. (markt) + +Improve performance of DIGEST authenticator for concurrent requests. +(markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53725] Some GZipped responses result in java.io.IOException: Corrupt GZIP trailer during gunzip.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53725 --- Comment #5 from kevin.l.st...@nokia.com --- Note that, not surprisingly, using Java 7's GZIPOutputStream with syncFlush=true resolves the issue. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53725] Some GZipped responses result in java.io.IOException: Corrupt GZIP trailer during gunzip.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53725 --- Comment #6 from Mark Thomas --- That is an option for Tomcat 8 (which will require Java 7) but not for Tomcat 7 and earlier. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377876 - in /tomcat/tc6.0.x/trunk: ./ java/org/apache/catalina/valves/ java/org/apache/tomcat/util/http/res/ webapps/docs/
Author: markt Date: Mon Aug 27 21:21:44 2012 New Revision: 1377876 URL: http://svn.apache.org/viewvc?rev=1377876&view=rev Log: Further fixes for https://issues.apache.org/bugzilla/show_bug.cgi?id=53071 - Use standard text for standard HTTP error codes - Trim Jasper error messages Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/ErrorReportValve.java tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings.properties tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings_es.properties tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings_fr.properties tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/res/LocalStrings.properties tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/res/LocalStrings_ja.properties tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377876&r1=1377875&r2=1377876&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 21:21:44 2012 @@ -171,19 +171,7 @@ PATCHES PROPOSED TO BACKPORT: schultz: My new patch against 6.0.x should address kkolinko's concerns. -* Further fixes for https://issues.apache.org/bugzilla/show_bug.cgi?id=53071 - - Use standard text for standard HTTP error codes - - Trim Jasper error messages - http://svn.apache.org/viewvc?view=revision&revision=1361991 - http://svn.apache.org/viewvc?rev=1372131&view=rev - +1: markt, rjung, kkolinko - -1: - rjung: 1361991 doesn't apply cleanly, because the list of status codes - was extended in 1361263 and 1361962. - I would be +1 to backport those two as well. - kkolinko: +1 for 1361263 and 1361962 as well. - -+ Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53725 +* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53725 Fix possible corruption of GZIP'd output. http://svn.apache.org/viewvc?rev=1377342&view=rev (r1377343 in 7.0) Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/ErrorReportValve.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/ErrorReportValve.java?rev=1377876&r1=1377875&r2=1377876&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/ErrorReportValve.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/ErrorReportValve.java Mon Aug 27 21:21:44 2012 @@ -21,6 +21,7 @@ package org.apache.catalina.valves; import java.io.IOException; import java.io.Writer; +import java.util.Scanner; import javax.servlet.ServletException; import javax.servlet.http.HttpServletResponse; @@ -161,7 +162,11 @@ public class ErrorReportValve String message = RequestUtil.filter(response.getMessage()); if (message == null) { if (throwable != null) { -message = RequestUtil.filter(throwable.getMessage()); +String exceptionMessage = throwable.getMessage(); +if (exceptionMessage != null && exceptionMessage.length() > 0) { +message = RequestUtil.filter( +(new Scanner(exceptionMessage)).nextLine()); +} } if (message == null) { message = ""; @@ -171,7 +176,7 @@ public class ErrorReportValve // Do nothing if there is no report for the specified status code String report = null; try { -report = sm.getString("http." + statusCode, message); +report = sm.getString("http." + statusCode); } catch (Throwable t) { ; } Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings.properties?rev=1377876&r1=1377875&r2=1377876&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings.properties (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/LocalStrings.properties Mon Aug 27 21:21:44 2012 @@ -61,45 +61,63 @@ stuckThreadDetectionValve.notifyStuckThr stuckThreadDetectionValve.notifyStuckThreadCompleted=Thread "{0}" (id={3}) was previously reported to be stuck but has completed. It was active for approximately {1} milliseconds.{2,choice,0#|0< There is/are still {2} thread(s) that are monitored by this Valve and may be stuck.} # HTTP status reports -http.100=The client may continue ({0}). -http.101=The server is switching protocols according to the "Upgrade" header ({0}). -http.201=The request succeeded and a new resource ({0}) has been created on the s
svn commit: r1377878 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/authenticator/FormAuthenticator.java java/org/apache/catalina/authenticator/SavedRequest.java webapps/docs/changelo
Author: markt Date: Mon Aug 27 21:28:04 2012 New Revision: 1377878 URL: http://svn.apache.org/viewvc?rev=1377878&view=rev Log: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53584 Ignore path parameters when comparing URIs for FORM authentication. This prevents users being prompted twice for passwords when logging in when session IDs are being encoded as path parameters. Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377878&r1=1377877&r2=1377878&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 21:28:04 2012 @@ -136,16 +136,6 @@ PATCHES PROPOSED TO BACKPORT: +1: kfujino, kkolinko -1: -* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53584 - Ignore path parameters when comparing URIs for FORM authentication. This - prevents users being prompted twice for passwords when logging in when session - IDs are being encoded as path parameters. - http://svn.apache.org/viewvc?rev=1370537&view=rev - http://svn.apache.org/viewvc?rev=1372390&view=rev (addresses kkolinko's -1) - +1: markt, schultz - +1: kkolinko (OK, my concerns were addressed) - -1: - * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481 Add support for SSLHonorCipherOrder http://svn.apache.org/viewvc?view=revision&revision=1371298 Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?rev=1377878&r1=1377877&r2=1377878&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java Mon Aug 27 21:28:04 2012 @@ -397,11 +397,11 @@ public class FormAuthenticator return (false); // Does the request URI match? - String requestURI = request.getRequestURI(); - if (requestURI == null) + String decodedRequestURI = request.getDecodedRequestURI(); + if (decodedRequestURI == null) { return (false); - return (requestURI.equals(sreq.getRequestURI())); - + } + return (decodedRequestURI.equals(sreq.getDecodedRequestURI())); } @@ -547,6 +547,7 @@ public class FormAuthenticator saved.setMethod(request.getMethod()); saved.setQueryString(request.getQueryString()); saved.setRequestURI(request.getRequestURI()); +saved.setDecodedRequestURI(request.getDecodedRequestURI()); // Stash the SavedRequest in our session for later use session.setNote(Constants.FORM_REQUEST_NOTE, saved); Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java?rev=1377878&r1=1377877&r2=1377878&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java Mon Aug 27 21:28:04 2012 @@ -169,6 +169,21 @@ public final class SavedRequest { /** + * The decode request URI associated with this Request. Path parameters are + * also excluded + */ +private String decodedRequestURI = null; + +public String getDecodedRequestURI() { +return (this.decodedRequestURI); +} + +public void setDecodedRequestURI(String decodedRequestURI) { +this.decodedRequestURI = decodedRequestURI; +} + + +/** * The body of this request. */ private ByteChunk body = null; Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1377878&r1=1377877&r2=1377878&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:28:04 2012 @@ -180,6 +180,12 @@ serializable so that it can be replicated across a cluster and/or persisted across Tomcat restarts. (markt) + +53584: Ignore path parameters when comparing URIs for FORM +authentication. This prevents users being prompted twice for passwords +when logging in when sessio
[Bug 53071] ErrorReportValve ignores message from throwable
https://issues.apache.org/bugzilla/show_bug.cgi?id=53071 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #15 from Mark Thomas --- Fixed in 6.0.x and will be included in 6.0.36 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53584] Forms authentication without cookies requires double submission in 6.0.33
https://issues.apache.org/bugzilla/show_bug.cgi?id=53584 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Mark Thomas --- Fixed in 6.0.x and will be included in 6.0.36 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377879 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Mon Aug 27 21:32:00 2012 New Revision: 1377879 URL: http://svn.apache.org/viewvc?rev=1377879&view=rev Log: Vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377879&r1=1377878&r2=1377879&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 21:32:00 2012 @@ -121,19 +121,19 @@ PATCHES PROPOSED TO BACKPORT: Fix race condition between the processing of session sync message and transfer complete message. http://svn.apache.org/viewvc?view=revision&revision=1359044 - +1: kfujino, kkolinko + +1: kfujino, kkolinko, markt -1: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53607 To avoid NPE, set TCP PING data to ChannelMessage. http://svn.apache.org/viewvc?view=revision&revision=1367456 - +1: kfujino, kkolinko + +1: kfujino, kkolinko, markt -1: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53606 Fix possible NPE when sending pings between cluster nodes. http://svn.apache.org/viewvc?view=revision&revision=1366961 - +1: kfujino, kkolinko + +1: kfujino, kkolinko, markt -1: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377880 - /tomcat/tc7.0.x/trunk/webapps/docs/config/listeners.xml
Author: fhanik Date: Mon Aug 27 21:33:49 2012 New Revision: 1377880 URL: http://svn.apache.org/viewvc?rev=1377880&view=rev Log: Update documentation to include the new value Modified: tomcat/tc7.0.x/trunk/webapps/docs/config/listeners.xml Modified: tomcat/tc7.0.x/trunk/webapps/docs/config/listeners.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/config/listeners.xml?rev=1377880&r1=1377879&r2=1377880&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/config/listeners.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/config/listeners.xml Mon Aug 27 21:33:49 2012 @@ -285,6 +285,13 @@ hard to diagnose. Defaults to true. + +Allows a user to configure the period of time the JVM will attempt to +schedule an object-inspection. This value is used as a parameter when +calling the method sun.misc.GC.requestLatency +Defaults to Long.MAX_VALUE - 1. + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377881 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java webapps/docs/changelog.xml
Author: markt Date: Mon Aug 27 21:34:27 2012 New Revision: 1377881 URL: http://svn.apache.org/viewvc?rev=1377881&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53606 Fix possible NPE when sending pings between cluster nodes. Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377881&r1=1377880&r2=1377881&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 21:34:27 2012 @@ -130,12 +130,6 @@ PATCHES PROPOSED TO BACKPORT: +1: kfujino, kkolinko, markt -1: -* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53606 - Fix possible NPE when sending pings between cluster nodes. - http://svn.apache.org/viewvc?view=revision&revision=1366961 - +1: kfujino, kkolinko, markt - -1: - * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481 Add support for SSLHonorCipherOrder http://svn.apache.org/viewvc?view=revision&revision=1371298 Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java?rev=1377881&r1=1377880&r2=1377881&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java Mon Aug 27 21:34:27 2012 @@ -118,13 +118,17 @@ public class TcpPingInterceptor extends } protected void sendPing() { -if (failureDetector.get()!=null) { -//we have a reference to the failure detector -//piggy back on that dude -failureDetector.get().checkMembers(true); -}else { -if (staticOnly && staticMembers.get()!=null) { -sendPingMessage(staticMembers.get().getMembers()); +TcpFailureDetector tcpFailureDetector = +failureDetector != null ? failureDetector.get() : null; +if (tcpFailureDetector != null) { +// We have a reference to the failure detector +// Piggy back on it +tcpFailureDetector.checkMembers(true); +} else { +StaticMembershipInterceptor smi = +staticOnly && staticMembers != null ? staticMembers.get() : null; +if (smi != null) { +sendPingMessage(smi.getMembers()); } else { sendPingMessage(getMembers()); } Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1377881&r1=1377880&r2=1377881&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:34:27 2012 @@ -265,6 +265,10 @@ Replicate principal in ClusterSingleSignOn. (kfujino) + +53606: Fix potential NPE in TcpPingInterceptor. +Based on a patch by F. Arnoud. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53606] NullPointerException in TcpPingInterceptor
https://issues.apache.org/bugzilla/show_bug.cgi?id=53606 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #7 from Mark Thomas --- Fixed in 6.0.x and will be included in 6.0.36 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53531] ExpandWar.expand does not check the return value of File.mkdir and File.mkdirs
https://issues.apache.org/bugzilla/show_bug.cgi?id=53531 Mark Thomas changed: What|Removed |Added Component|Catalina|Catalina Version|6.0.35 |Nightly Build Product|Tomcat 6|Tomcat 5 Target Milestone|default |--- -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377882 - /tomcat/trunk/webapps/docs/config/listeners.xml
Author: fhanik Date: Mon Aug 27 21:36:15 2012 New Revision: 1377882 URL: http://svn.apache.org/viewvc?rev=1377882&view=rev Log: document the new property Modified: tomcat/trunk/webapps/docs/config/listeners.xml Modified: tomcat/trunk/webapps/docs/config/listeners.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/listeners.xml?rev=1377882&r1=1377881&r2=1377882&view=diff == --- tomcat/trunk/webapps/docs/config/listeners.xml (original) +++ tomcat/trunk/webapps/docs/config/listeners.xml Mon Aug 27 21:36:15 2012 @@ -286,6 +286,13 @@ hard to diagnose. Defaults to true. + +Allows a user to configure the period of time the JVM will attempt to +schedule an object-inspection. This value is used as a parameter when +calling the method sun.misc.GC.requestLatency +Defaults to Long.MAX_VALUE - 1. + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
RE: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
> -Original Message- > From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] > Sent: Monday, August 27, 2012 2:09 PM > To: Tomcat Developers List > Subject: Re: svn commit: r1377689 - > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > ner.java > > 2012/8/27 Mark Thomas : > > On 27/08/2012 15:20, fha...@apache.org wrote: > >> Author: fhanik > >> Date: Mon Aug 27 14:20:55 2012 > >> New Revision: 1377689 > >> > >> URL: http://svn.apache.org/viewvc?rev=1377689&view=rev > >> Log: > >> Per http://markmail.org/message/nqnogctvfuyzhtol > >> > >> 1. Already encountered two users that would like to set this value. > There is > >> never any need to hard code any value, regardless of its use > > > > What is the use case for wanting to set this value? I can understand > > users not liking the previous value that triggered a full GC every > hour > > and wanting to change that but I fail to see why anyone would want to > > change this now it is set to trigger a full GC every 290 million years > > or so. > > > >> 2. This turns it into a property on the listener > > > > Thanks. If the feature is retained, that is a much better > implementation. > > > > Re: 1: > Maybe somebody wants their full GC once an hour, or once a day? > > There are documentation glitches yet to be fixed: > a. systemprops.xml change in trunk was not reverted by this commit. > It was reverted in 7.0.x only. [Filip Hanik] I don't see the property in trunk, do you? > b. The new property is yet to be documented in listeners.xml. [Filip Hanik] Done Filip > > Best regards, > Konstantin Kolinko > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377883 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java webapps/docs/changelog.xml
Author: markt Date: Mon Aug 27 21:39:51 2012 New Revision: 1377883 URL: http://svn.apache.org/viewvc?rev=1377883&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53607 To avoid NPE, set TCP PING data to ChannelMessage. Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377883&r1=1377882&r2=1377883&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 21:39:51 2012 @@ -124,12 +124,6 @@ PATCHES PROPOSED TO BACKPORT: +1: kfujino, kkolinko, markt -1: -* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53607 - To avoid NPE, set TCP PING data to ChannelMessage. - http://svn.apache.org/viewvc?view=revision&revision=1367456 - +1: kfujino, kkolinko, markt - -1: - * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481 Add support for SSLHonorCipherOrder http://svn.apache.org/viewvc?view=revision&revision=1371298 Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java?rev=1377883&r1=1377882&r2=1377883&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java Mon Aug 27 21:39:51 2012 @@ -27,6 +27,7 @@ import org.apache.catalina.tribes.Channe import org.apache.catalina.tribes.Member; import org.apache.catalina.tribes.group.ChannelInterceptorBase; import org.apache.catalina.tribes.io.ChannelData; +import org.apache.catalina.tribes.io.XByteBuffer; /** * @@ -141,6 +142,7 @@ public class TcpPingInterceptor extends data.setAddress(getLocalMember(false)); data.setTimestamp(System.currentTimeMillis()); data.setOptions(getOptionFlag()); +data.setMessage(new XByteBuffer(TCP_PING_DATA, false)); try { super.sendMessage(members, data, null); }catch (ChannelException x) { Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1377883&r1=1377882&r2=1377883&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:39:51 2012 @@ -269,6 +269,10 @@ 53606: Fix potential NPE in TcpPingInterceptor. Based on a patch by F. Arnoud. (markt) + +53607: To avoid NPE, set TCP PING data to ChannelMessage. +Patch provided by F.Arnoud (kfujino) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
2012/8/28 Filip Hanik (mailing lists) : >> >> There are documentation glitches yet to be fixed: >> a. systemprops.xml change in trunk was not reverted by this commit. >> It was reverted in 7.0.x only. > [Filip Hanik] > I don't see the property in trunk, do you? I took care of that an hour ago. http://svn.apache.org/viewvc?rev=1377831&view=rev > >> b. The new property is yet to be documented in listeners.xml. > [Filip Hanik] > Done > Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53607] No message set for PING: TcpPingInterceptor fail with NullPointerException in ChannelData.getDataPackageLength()
https://issues.apache.org/bugzilla/show_bug.cgi?id=53607 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #2 from Mark Thomas --- Fixed in 6.0.x and will be included in 6.0.36 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: >> -Original Message- >> From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] >> Sent: Monday, August 27, 2012 2:09 PM >> To: Tomcat Developers List >> Subject: Re: svn commit: r1377689 - >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe >> ner.java >> >> 2012/8/27 Mark Thomas : >>> On 27/08/2012 15:20, fha...@apache.org wrote: Author: fhanik Date: Mon Aug 27 14:20:55 2012 New Revision: 1377689 URL: http://svn.apache.org/viewvc?rev=1377689&view=rev Log: Per http://markmail.org/message/nqnogctvfuyzhtol 1. Already encountered two users that would like to set this value. >> There is never any need to hard code any value, regardless of its use >>> >>> What is the use case for wanting to set this value? I can understand >>> users not liking the previous value that triggered a full GC every >> hour >>> and wanting to change that but I fail to see why anyone would want to >>> change this now it is set to trigger a full GC every 290 million years >>> or so. >> Maybe somebody wants their full GC once an hour, or once a day? That is not what this listener is for. The listener's purpose is to prevent memory leaks, not provide options that allow users to tinker with internal JVM GC settings. I have yet to see a valid use case for this new attribute. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
RE: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
> -Original Message- > From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] > Sent: Monday, August 27, 2012 3:41 PM > To: Tomcat Developers List > Subject: Re: svn commit: r1377689 - > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > ner.java > > 2012/8/28 Filip Hanik (mailing lists) : > >> > >> There are documentation glitches yet to be fixed: > >> a. systemprops.xml change in trunk was not reverted by this commit. > >> It was reverted in 7.0.x only. > > [Filip Hanik] > > I don't see the property in trunk, do you? > > I took care of that an hour ago. > http://svn.apache.org/viewvc?rev=1377831&view=rev [Filip Hanik] Got it, what's the point of the following code change? -method.invoke(null, getGcDaemonPeriod()); +method.invoke(null, Long.valueOf(getGcDaemonPeriod())); > > > > >> b. The new property is yet to be documented in listeners.xml. > > [Filip Hanik] > > Done > > > > Best regards, > Konstantin Kolinko > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377884 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java webapps/docs/changelog.xml
Author: markt Date: Mon Aug 27 21:46:29 2012 New Revision: 1377884 URL: http://svn.apache.org/viewvc?rev=1377884&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53513 Fix race condition between the processing of session sync message and transfer complete message. Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377884&r1=1377883&r2=1377884&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 21:46:29 2012 @@ -117,13 +117,6 @@ PATCHES PROPOSED TO BACKPORT: +1: markt, kfujino, kkolinko, schultz -1: -* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53513 - Fix race condition between the processing of session sync message and transfer - complete message. - http://svn.apache.org/viewvc?view=revision&revision=1359044 - +1: kfujino, kkolinko, markt - -1: - * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481 Add support for SSLHonorCipherOrder http://svn.apache.org/viewvc?view=revision&revision=1371298 Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java?rev=1377884&r1=1377883&r2=1377884&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java Mon Aug 27 21:46:29 2012 @@ -57,6 +57,7 @@ import org.apache.catalina.tribes.group. import org.apache.catalina.tribes.group.interceptors.TcpFailureDetector; import org.apache.catalina.ha.session.JvmRouteBinderValve; import org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener; +import org.apache.catalina.ha.session.SessionMessage; /** * A Cluster implementation using simple multicast. Responsible for @@ -808,14 +809,19 @@ public class SimpleTcpCluster public void send(ClusterMessage msg, Member dest) { try { msg.setAddress(getLocalMember()); +int sendOptions = channelSendOptions; +if (msg instanceof SessionMessage +&& ((SessionMessage)msg).getEventType() == SessionMessage.EVT_ALL_SESSION_DATA) { +sendOptions = Channel.SEND_OPTIONS_SYNCHRONIZED_ACK|Channel.SEND_OPTIONS_USE_ACK; +} if (dest != null) { if (!getLocalMember().equals(dest)) { -channel.send(new Member[] {dest}, msg,channelSendOptions); +channel.send(new Member[] {dest}, msg, sendOptions); } else log.error("Unable to send message to local member " + msg); } else { if (channel.getMembers().length>0) -channel.send(channel.getMembers(),msg,channelSendOptions); +channel.send(channel.getMembers(),msg, sendOptions); else if (log.isDebugEnabled()) log.debug("No members in cluster, ignoring message:"+msg); } Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1377884&r1=1377883&r2=1377884&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 21:46:29 2012 @@ -266,6 +266,10 @@ Replicate principal in ClusterSingleSignOn. (kfujino) +53513: Fix race condition between the processing of session +sync message and transfer complete message. (kfujino) + + 53606: Fix potential NPE in TcpPingInterceptor. Based on a patch by F. Arnoud. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
RE: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
> -Original Message- > From: Mark Thomas [mailto:ma...@apache.org] > Sent: Monday, August 27, 2012 3:44 PM > To: Tomcat Developers List > Subject: Re: svn commit: r1377689 - > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > ner.java > > On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: > >> -Original Message- > >> From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] > >> Sent: Monday, August 27, 2012 2:09 PM > >> To: Tomcat Developers List > >> Subject: Re: svn commit: r1377689 - > >> > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > >> ner.java > >> > >> 2012/8/27 Mark Thomas : > >>> On 27/08/2012 15:20, fha...@apache.org wrote: > Author: fhanik > Date: Mon Aug 27 14:20:55 2012 > New Revision: 1377689 > > URL: http://svn.apache.org/viewvc?rev=1377689&view=rev > Log: > Per http://markmail.org/message/nqnogctvfuyzhtol > > 1. Already encountered two users that would like to set this value. > >> There is > never any need to hard code any value, regardless of its use > >>> > >>> What is the use case for wanting to set this value? I can understand > >>> users not liking the previous value that triggered a full GC every > >> hour > >>> and wanting to change that but I fail to see why anyone would want > to > >>> change this now it is set to trigger a full GC every 290 million > years > >>> or so. > > >> Maybe somebody wants their full GC once an hour, or once a day? > > That is not what this listener is for. The listener's purpose is to > prevent memory leaks, not provide options that allow users to tinker > with internal JVM GC settings. > > I have yet to see a valid use case for this new attribute. [Filip Hanik] The use case is very much valid, as if they had previously called that method, your code will override it. So in effect, you're hard coding the GC interval, but not letting a user control it. It's not tomcat's role to configure GC intervals. It may be that tomcat somehow initiated the GC interval, and if that is the case, it must expose the actual interval to the user. Tomcat should not change JVM settings without letting the user configure them, Filip - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
On 27/08/2012 22:48, Filip Hanik (mailing lists) wrote: > > >> -Original Message- >> From: Mark Thomas [mailto:ma...@apache.org] >> Sent: Monday, August 27, 2012 3:44 PM >> To: Tomcat Developers List >> Subject: Re: svn commit: r1377689 - >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe >> ner.java >> >> On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Monday, August 27, 2012 2:09 PM To: Tomcat Developers List Subject: Re: svn commit: r1377689 - >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe ner.java 2012/8/27 Mark Thomas : > On 27/08/2012 15:20, fha...@apache.org wrote: >> Author: fhanik >> Date: Mon Aug 27 14:20:55 2012 >> New Revision: 1377689 >> >> URL: http://svn.apache.org/viewvc?rev=1377689&view=rev >> Log: >> Per http://markmail.org/message/nqnogctvfuyzhtol >> >> 1. Already encountered two users that would like to set this value. There is >> never any need to hard code any value, regardless of its use > > What is the use case for wanting to set this value? I can understand > users not liking the previous value that triggered a full GC every hour > and wanting to change that but I fail to see why anyone would want >> to > change this now it is set to trigger a full GC every 290 million >> years > or so. >> Maybe somebody wants their full GC once an hour, or once a day? >> >> That is not what this listener is for. The listener's purpose is to >> prevent memory leaks, not provide options that allow users to tinker >> with internal JVM GC settings. >> >> I have yet to see a valid use case for this new attribute. > [Filip Hanik] > The use case is very much valid, as if they had previously called that > method, your code will override it. > So in effect, you're hard coding the GC interval, but not letting a user > control it. Nope. You should have looked at the implementation of sun.misc.GC#requestLatency(long) rather than assuming how it worked. > It's not tomcat's role to configure GC intervals. It may be that tomcat > somehow initiated the GC interval, and if that is the case, it must expose > the actual interval to the user. Tomcat should not change JVM settings > without letting the user configure them, Tomcat setting this value has zero impact on any user code or JRE code that sets a lower value either before Tomcat sets it or after. I still see no valid use case for this attribute and without a valid use case my veto remains. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377887 - /tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
Author: kkolinko Date: Mon Aug 27 22:03:33 2012 New Revision: 1377887 URL: http://svn.apache.org/viewvc?rev=1377887&view=rev Log: Remove unneeded handling of FORM auth in RealmBase. The login and error pages are handled via forward, so processing completes before this code is ever reached. The action page is handled elsewhere. Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1377887&r1=1377886&r2=1377887&view=diff == --- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original) +++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Mon Aug 27 22:03:33 2012 @@ -43,7 +43,6 @@ import org.apache.catalina.Service; import org.apache.catalina.Wrapper; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.LoginConfig; import org.apache.catalina.deploy.SecurityCollection; import org.apache.catalina.deploy.SecurityConstraint; import org.apache.catalina.util.LifecycleMBeanBase; @@ -792,31 +791,6 @@ public abstract class RealmBase extends if (constraints == null || constraints.length == 0) return (true); -// Specifically allow access to the form login and form error pages -// and the "j_security_check" action -LoginConfig config = context.getLoginConfig(); -if ((config != null) && -(Constants.FORM_METHOD.equals(config.getAuthMethod( { -String requestURI = request.getRequestPathMB().toString(); -String loginPage = config.getLoginPage(); -if (loginPage.equals(requestURI)) { -if (log.isDebugEnabled()) -log.debug(" Allow access to login page " + loginPage); -return (true); -} -String errorPage = config.getErrorPage(); -if (errorPage.equals(requestURI)) { -if (log.isDebugEnabled()) -log.debug(" Allow access to error page " + errorPage); -return (true); -} -if (requestURI.endsWith(Constants.FORM_ACTION)) { -if (log.isDebugEnabled()) -log.debug(" Allow access to username/password submission"); -return (true); -} -} - // Which user principal have we already authenticated? Principal principal = request.getPrincipal(); boolean status = false; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377888 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/realm/DataSourceRealm.java java/org/apache/catalina/realm/JDBCRealm.java webapps/docs/changelog.xml webapps/docs/co
Author: markt Date: Mon Aug 27 22:04:52 2012 New Revision: 1377888 URL: http://svn.apache.org/viewvc?rev=1377888&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53047 Allow database realms configured with an all roles mode that is authentication only to not have to define a role table Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JDBCRealm.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml tomcat/tc6.0.x/trunk/webapps/docs/config/realm.xml Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377888&r1=1377887&r2=1377888&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 22:04:52 2012 @@ -109,14 +109,6 @@ PATCHES PROPOSED TO BACKPORT: +1: kkolinko -1: -* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53047 - Allow database realms configured with an all roles mode that is authentication - only to not have to define a role table - http://svn.apache.org/viewvc?rev=1348498&view=rev - http://svn.apache.org/viewvc?rev=1377444&view=rev (documentation) - +1: markt, kfujino, kkolinko, schultz - -1: - * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481 Add support for SSLHonorCipherOrder http://svn.apache.org/viewvc?view=revision&revision=1371298 Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?rev=1377888&r1=1377887&r2=1377888&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Mon Aug 27 22:04:52 2012 @@ -458,6 +458,12 @@ public class DataSourceRealm protected String getPassword(Connection dbConnection, String username) { +if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) { +// Using an authentication only configuration and no role store has +// been defined so don't spend cycles looking +return null; +} + ResultSet rs = null; PreparedStatement stmt = null; String dbCredentials = null; @@ -622,8 +628,13 @@ public class DataSourceRealm } -// -- Lifecycle Methods +private boolean isRoleStoreDefined() { +return userRoleTable != null || roleNameCol != null; +} + + +// -- Lifecycle Methods /** * Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JDBCRealm.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JDBCRealm.java?rev=1377888&r1=1377887&r2=1377888&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JDBCRealm.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JDBCRealm.java Mon Aug 27 22:04:52 2012 @@ -619,6 +619,12 @@ public class JDBCRealm */ protected ArrayList getRoles(String username) { +if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) { +// Using an authentication only configuration and no role store has +// been defined so don't spend cycles looking +return null; +} + PreparedStatement stmt = null; ResultSet rs = null; @@ -678,8 +684,7 @@ public class JDBCRealm numberOfTries--; } -return (null); - +return null; } @@ -765,8 +770,12 @@ public class JDBCRealm } -// -- Lifecycle Methods +private boolean isRoleStoreDefined() { +return userRoleTable != null || roleNameCol != null; +} + +// -- Lifecycle Methods /** * Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1377888&r1=1377887&r2=1377888&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 22:04:52 2012 @@ -258,6 +258,12 @@ org.apache.tools.ant.Task enabling it to work with features such as namespaces within build.xml files. (mar
Re: Tomcat + j_security_check (JDBCRealm) + salt / jBCrypt
Salek, On 8/20/12 3:31 PM, Salek Talangi wrote: > Hi all, > > I just started using Tomcat+j_security_check (JDBCRealm) for Form-based > Webapp-Login. > I read [1] that only a few standard (MD5, SHA-1, MD2?) > java.security.MessageDigest methods are supported, which isn't enough in > times of (still) weak passwords and GPU brute force attacks on DB-dumps. > > What I'd like to know is if it is planned to do either of the > following in the near future: > > I) Adding a optional "salt" column that is used by j_security_check > and adding support for SHA-2 (SHA-256, SHA-512)? You can already use any message digest that is supported by your JVM. For my JVM that I have in front me me, that list is: MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-256 If you add a provided like BouncyCastle, you may be able to get more right out of the box. As for the salt, there are no current BZ enhancements requesting such a thing. I recently added a salt + iterations to my own DataSourceRealm implementation (which is largely based upon the Tomcat DataSourceRealm) and that could probably be contributed. I'm sure there will be enough impedance that it wouldn't be completely trivial, but definitely doable. > II) Integrating a pluggable digest system which allows the use of > jBCrypt Supporting separate password-obfuscation algorithms like bcrypt, scrypt, etc. is less straightforward because the current code looks like this: MessageDigest md = MessageDigest.getDigest(algorithm); byte[] hashed = md.doFinal(password); Being able to handle different non-MessageDigest APIs obviously makes the code more complicated. We might be able to create a PasswordHasher component or something like that which would know that "bcrypy", "scrypt", etc. meant something special -- or could have implementation classes registered for those names and fall-back on using MessageDigest for other names (like MD5). > At least the salt-part of "I" should be very easy to implement, most > likely in org.apache.catalina.authenticator.FormAuthenticator? No, you want that in RealmBase because the authentication actaully happens in the Realm, not the Authenticator (which certainly is confusing given the name of the component that *doesn't* do authentication). Log an enhancement request for these issues (separately, please) in Bugzilla. -chris signature.asc Description: OpenPGP digital signature
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
2012/8/28 Mark Thomas : > On 27/08/2012 22:48, Filip Hanik (mailing lists) wrote: >> >> >>> -Original Message- >>> From: Mark Thomas [mailto:ma...@apache.org] >>> Sent: Monday, August 27, 2012 3:44 PM >>> To: Tomcat Developers List >>> Subject: Re: svn commit: r1377689 - >>> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe >>> ner.java >>> >>> On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: > -Original Message- > From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] > Sent: Monday, August 27, 2012 2:09 PM > To: Tomcat Developers List > Subject: Re: svn commit: r1377689 - > >>> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > ner.java > > 2012/8/27 Mark Thomas : >> On 27/08/2012 15:20, fha...@apache.org wrote: >>> Author: fhanik >>> Date: Mon Aug 27 14:20:55 2012 >>> New Revision: 1377689 >>> >>> URL: http://svn.apache.org/viewvc?rev=1377689&view=rev >>> Log: >>> Per http://markmail.org/message/nqnogctvfuyzhtol >>> >>> 1. Already encountered two users that would like to set this value. > There is >>> never any need to hard code any value, regardless of its use >> >> What is the use case for wanting to set this value? I can understand >> users not liking the previous value that triggered a full GC every > hour >> and wanting to change that but I fail to see why anyone would want >>> to >> change this now it is set to trigger a full GC every 290 million >>> years >> or so. >>> > Maybe somebody wants their full GC once an hour, or once a day? >>> >>> That is not what this listener is for. The listener's purpose is to >>> prevent memory leaks, not provide options that allow users to tinker >>> with internal JVM GC settings. >>> >>> I have yet to see a valid use case for this new attribute. >> [Filip Hanik] >> The use case is very much valid, as if they had previously called that >> method, your code will override it. >> So in effect, you're hard coding the GC interval, but not letting a user >> control it. > > Nope. You should have looked at the implementation of > sun.misc.GC#requestLatency(long) rather than assuming how it worked. > >> It's not tomcat's role to configure GC intervals. It may be that tomcat >> somehow initiated the GC interval, and if that is the case, it must expose >> the actual interval to the user. Tomcat should not change JVM settings >> without letting the user configure them, > > Tomcat setting this value has zero impact on any user code or JRE code > that sets a lower value either before Tomcat sets it or after. > > I still see no valid use case for this attribute and without a valid use > case my veto remains. > Agreed. When a user wants to configure this value by themselves, they should just disable this feature in Tomcat with gcDaemonProtection="false". ( >> I took care of that an hour ago. >> http://svn.apache.org/viewvc?rev=1377831&view=rev > [Filip Hanik] > Got it, what's the point of the following code change? > -method.invoke(null, getGcDaemonPeriod()); > +method.invoke(null, > Long.valueOf(getGcDaemonPeriod())); There was implicit boxing operation, which gives a warning with our Eclipse settings (the ones in res/ide-support/eclipse/java-compiler-errors-warnings.txt ) ) Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53752] Tomcat restarts with error:java.lang.ArrayIndexOutOfBoundsException: -60
https://issues.apache.org/bugzilla/show_bug.cgi?id=53752 Christopher Schultz changed: What|Removed |Added Severity|critical|normal --- Comment #1 from Christopher Schultz --- Can this really be CRITICAL if it hasn't been identified in the 10 releases since 6.0.24 what you are using? Your log file is useless: it contains nothing other than your CLASSPATH and the stack trace you already provided. At least it confirms you are using a very old version of Tomcat 6: 6.0.24 (2.5 years old). Please re-test with 6.0.latest. If you can still get it to crash, attach a minimal webapp (or better yet, use the examples webapp that ships with Tomcat) and a JMeter configuration file (or similar) so we can reproduce the crash. Then you can mark it as CRITICAL. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
On 27/08/2012 23:08, Konstantin Kolinko wrote: > 2012/8/28 Mark Thomas : >> On 27/08/2012 22:48, Filip Hanik (mailing lists) wrote: >>> >>> -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Monday, August 27, 2012 3:44 PM To: Tomcat Developers List Subject: Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe ner.java On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: >> -Original Message- >> From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] >> Sent: Monday, August 27, 2012 2:09 PM >> To: Tomcat Developers List >> Subject: Re: svn commit: r1377689 - >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe >> ner.java >> >> 2012/8/27 Mark Thomas : >>> On 27/08/2012 15:20, fha...@apache.org wrote: Author: fhanik Date: Mon Aug 27 14:20:55 2012 New Revision: 1377689 URL: http://svn.apache.org/viewvc?rev=1377689&view=rev Log: Per http://markmail.org/message/nqnogctvfuyzhtol 1. Already encountered two users that would like to set this value. >> There is never any need to hard code any value, regardless of its use >>> >>> What is the use case for wanting to set this value? I can understand >>> users not liking the previous value that triggered a full GC every >> hour >>> and wanting to change that but I fail to see why anyone would want to >>> change this now it is set to trigger a full GC every 290 million years >>> or so. >> Maybe somebody wants their full GC once an hour, or once a day? That is not what this listener is for. The listener's purpose is to prevent memory leaks, not provide options that allow users to tinker with internal JVM GC settings. I have yet to see a valid use case for this new attribute. >>> [Filip Hanik] >>> The use case is very much valid, as if they had previously called that >>> method, your code will override it. >>> So in effect, you're hard coding the GC interval, but not letting a user >>> control it. >> >> Nope. You should have looked at the implementation of >> sun.misc.GC#requestLatency(long) rather than assuming how it worked. >> >>> It's not tomcat's role to configure GC intervals. It may be that tomcat >>> somehow initiated the GC interval, and if that is the case, it must expose >>> the actual interval to the user. Tomcat should not change JVM settings >>> without letting the user configure them, >> >> Tomcat setting this value has zero impact on any user code or JRE code >> that sets a lower value either before Tomcat sets it or after. >> >> I still see no valid use case for this attribute and without a valid use >> case my veto remains. >> > > Agreed. > > When a user wants to configure this value by themselves, they should > just disable this feature in Tomcat with gcDaemonProtection="false". They don't even need to do that. In the unlikely event of user code setting this or the more likely event that JRE code sets this, then the shortest period requested is used. Cancelling the request is also supported at which point the next shortest period is used and so on. On that note, I suppose that technically we should cancel the request we make but I don't think any JVM will be up long enough for it to matter. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: pooledconnection & tccl?
Filip, On 8/22/12 9:12 AM, Filip Hanik (mailing lists) wrote: > I've thought about this, you see if it is using TCCL it will cause a memory > leak on app reload as the app wont be unloaded due to the pool holding it. > But I think we should make it an option It's always been my position that DataSources created due to webapp configuration (e.g. /) ought to be cleaned-up on webapp undeploy, but there hasn't seemed to be much interest in that. -chris signature.asc Description: OpenPGP digital signature
[Bug 53513] Race condition / out of order operation in session replication at node startup
https://issues.apache.org/bugzilla/show_bug.cgi?id=53513 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #5 from Mark Thomas --- Fixed in 6.0.x and will be included in 6.0.36 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53785] New: Modern password hashing for built-in Realms
https://issues.apache.org/bugzilla/show_bug.cgi?id=53785 Priority: P2 Bug ID: 53785 Assignee: dev@tomcat.apache.org Summary: Modern password hashing for built-in Realms Severity: enhancement Classification: Unclassified OS: All Reporter: da...@leppik.net Hardware: All Status: NEW Version: unspecified Component: Catalina Product: Tomcat 6 Password-based authentication for the built-in realms can currently use three digestion algorithms from the java.security.MessageDigest class (SHA, MD2, or MD5). All of these are out of date*, and each Realm implementation does its own comparison of the password to the saved digest. [*It's not clear whether Java's SHA is SHA-1 or one of the SHA-2 algorithms. SHA-1 is obsolete; SHA-2, potentially less so.] I recently created my own custom Realm in order to support bcrypt. While I do not claim that bcrypt is the right algorithm for everyone, it is a much better default than the current built-in options-- so Tomcat should offer it. However, rather than being a general purpose hash function, bcrypt a one-way hash designed for passwords. The salt is built into the hash in such a way that it can't be extracted. That is to say, you can't say: if ( bcrypt.hash(password1) == bcrypt.hash(password2) ) log("Passwords match"); because every time you hash a password, you get a different result. This is a security feature, since novices won't mismanage the salt. Instead, you call: String hash = BCrypt.hashpw("hello"); // To hash, not to check if (BCrypt.checkpw(passwordFromLoginForm, savedPasswordHash)) log("Passwords match"); This example uses the JBCrypt implementation at http://www.mindrot.org/projects/jBCrypt/ Like I said, I don't think BCrypt is the right solution for every user. See http://www.unlimitednovelty.com/2012/03/dont-use-bcrypt.html and http://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage Also note that NIST will recommend a new secure hashing algorithm soon ( http://csrc.nist.gov/groups/ST/hash/timeline.html ) although that will be a general purpose cryptographic hash function, not an out-of-the-box password hash format like bcrypt. Instead, I propose that we make three (or four) changes: 1. Update all applicable subclasses of RealmBase to call a new method, RealmBase.checkDigest(String credentials, String savedHash), instead of each implementation doing a string comparison against the realms. 2. Implement RealmBase.checkDigest with the following rules: a. If digest == null, implement the current string comparison. b. If digest is "SHA", "MD2", or "MD5", compare with the current algorithm. c. If digest is the name of a Java class, try calling checkPassword(credentials, savedHash) on the class, both as a static method and on an instance created with no constructor arguments. 3. (Depending on legal issues) Bundle Tomcat with JBCrypt, thus providing a secure hash out of the box. 4. Write unit tests and documentation and update Tomcat 7+ with the new code. Of course, we could jump ahead and implement this in Tomcat 8, since this is a public API change. I will check with my boss to see if I can take the time to implement this. Of course, I'd prefer to get feedback before I go ahead with it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53785] Modern password hashing for built-in Realms
https://issues.apache.org/bugzilla/show_bug.cgi?id=53785 --- Comment #1 from da...@leppik.net --- Should have said under step 3: "Bundle BCrypt with Tomcat" rather than the other way around. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377892 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml
Author: kkolinko Date: Mon Aug 27 22:28:43 2012 New Revision: 1377892 URL: http://svn.apache.org/viewvc?rev=1377892&view=rev Log: Merged revision 1377887 from tomcat/trunk: Remove unneeded handling of FORM authentication in RealmBase. The login and error pages are handled via forward, so processing completes before this code is ever reached. The action page is handled elsewhere. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377887 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1377892&r1=1377891&r2=1377892&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java Mon Aug 27 22:28:43 2012 @@ -45,7 +45,6 @@ import org.apache.catalina.Service; import org.apache.catalina.Wrapper; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.LoginConfig; import org.apache.catalina.deploy.SecurityCollection; import org.apache.catalina.deploy.SecurityConstraint; import org.apache.catalina.mbeans.MBeanUtils; @@ -822,31 +821,6 @@ public abstract class RealmBase extends if (constraints == null || constraints.length == 0) return (true); -// Specifically allow access to the form login and form error pages -// and the "j_security_check" action -LoginConfig config = context.getLoginConfig(); -if ((config != null) && -(Constants.FORM_METHOD.equals(config.getAuthMethod( { -String requestURI = request.getRequestPathMB().toString(); -String loginPage = config.getLoginPage(); -if (loginPage.equals(requestURI)) { -if (log.isDebugEnabled()) -log.debug(" Allow access to login page " + loginPage); -return (true); -} -String errorPage = config.getErrorPage(); -if (errorPage.equals(requestURI)) { -if (log.isDebugEnabled()) -log.debug(" Allow access to error page " + errorPage); -return (true); -} -if (requestURI.endsWith(Constants.FORM_ACTION)) { -if (log.isDebugEnabled()) -log.debug(" Allow access to username/password submission"); -return (true); -} -} - // Which user principal have we already authenticated? Principal principal = request.getPrincipal(); boolean status = false; Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1377892&r1=1377891&r2=1377892&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 22:28:43 2012 @@ -182,6 +182,9 @@ Improve performance of DIGEST authenticator for concurrent requests. (markt) + +Remove unneeded handling of FORM authentication in RealmBase. (kkolinko) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53785] Modern password hashing for built-in Realms
https://issues.apache.org/bugzilla/show_bug.cgi?id=53785 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #2 from Mark Thomas --- Tomcat supports the use of any MessageDigest provided by the JRE. Additional algorithms may be supported by adding 3rd party security providers to the JRE. FYI: - as far as the Sun JRE is concerned, SHA is an alias for SHA-1. - the MessageDigests supported by the latest Sun JDKs for Java 5 to Java 7 are: MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512 One open source provider is BouncyCastle. It certainly provides additional digests although I haven't investigated how secure they are. I do not see the point in adding bloat to Tomcat to provide a feature that the JRE already provides. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53752] Tomcat restarts with error:java.lang.ArrayIndexOutOfBoundsException: -60
https://issues.apache.org/bugzilla/show_bug.cgi?id=53752 Konstantin Kolinko changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #2 from Konstantin Kolinko --- > During the load test Tomcat restarts What do you mean by "restarts"? Tomcat cannot restart itself. The restart process is not reflected in your log file, as Christopher correctly noted. > java.lang.ArrayIndexOutOfBoundsException: -60 The exception is caused by invalid request data. Tomcat should have rejected it silently. Does your testing framework notice that Tomcat has been restarted? AIOOBE also causes the request to be rejected, so besides the nasty log message the behaviour does not differ much from the intended one. I'll fix the AIOOBE. Thank you for the report. I am closing this report as DUPLICATE, as there has been an earlier report for this issue. *** This bug has been marked as a duplicate of bug 42181 *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 42181] parseChunkHeader
https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Konstantin Kolinko changed: What|Removed |Added CC||thyag_...@yahoo.co.in --- Comment #2 from Konstantin Kolinko --- *** Bug 53752 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377900 - in /tomcat/trunk: java/org/apache/coyote/http11/filters/ChunkedInputFilter.java java/org/apache/tomcat/util/buf/HexUtils.java test/org/apache/tomcat/util/buf/TestHexUtils.java
Author: kkolinko Date: Mon Aug 27 23:04:11 2012 New Revision: 1377900 URL: http://svn.apache.org/viewvc?rev=1377900&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Better handling of edge conditions in chunk header processing. Added: tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java (with props) Modified: tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java Modified: tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?rev=1377900&r1=1377899&r2=1377900&view=diff == --- tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java Mon Aug 27 23:04:11 2012 @@ -311,10 +311,11 @@ public class ChunkedInputFilter implemen trailer = true; } else if (!trailer) { //don't read data after the trailer -if (HexUtils.getDec(buf[pos]) != -1) { +int charValue = HexUtils.getDec(buf[pos]); +if (charValue != -1) { readDigit = true; result *= 16; -result += HexUtils.getDec(buf[pos]); +result += charValue; } else { //we shouldn't allow invalid, non hex characters //in the chunked header Modified: tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java?rev=1377900&r1=1377899&r2=1377900&view=diff == --- tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/buf/HexUtils.java Mon Aug 27 23:04:11 2012 @@ -34,22 +34,10 @@ public final class HexUtils { * Table for HEX to DEC byte translation. */ private static final int[] DEC = { --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 00, 01, 02, 03, 04, 05, 06, 07, 8, 9, -1, -1, -1, -1, -1, -1, -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, +-1, 10, 11, 12, 13, 14, 15, }; @@ -71,7 +59,12 @@ public final class HexUtils { public static int getDec(int index){ -return DEC[index]; +// Fast for correct values, slower for incorrect ones +try { +return DEC[index - '0']; +} catch (ArrayIndexOutOfBoundsException ex) { +return -1; +} } public static byte getHex(int index){ Added: tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java?rev=1377900&view=auto == --- tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java (added) +++ tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java Mon Aug 27 23:04:11 2012 @@ -0,0 +1,42 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF
svn commit: r1377902 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Mon Aug 27 23:08:08 2012 New Revision: 1377902 URL: http://svn.apache.org/viewvc?rev=1377902&view=rev Log: Proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377902&r1=1377901&r2=1377902&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Aug 27 23:08:08 2012 @@ -140,7 +140,12 @@ PATCHES PROPOSED TO BACKPORT: (r1377343 in 7.0) +1: kkolinko, markt -1: - + +* Various DIGEST improvements ported from Tomact 7 + http://people.apache.org/~markt/patches/2012-08-28-digest-tc6.patch + +1: markt + -1: + PATCHES/ISSUES THAT ARE STALLED - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377904 - /tomcat/trunk/webapps/docs/config/valve.xml
Author: markt Date: Mon Aug 27 23:08:44 2012 New Revision: 1377904 URL: http://svn.apache.org/viewvc?rev=1377904&view=rev Log: Update for new default Modified: tomcat/trunk/webapps/docs/config/valve.xml Modified: tomcat/trunk/webapps/docs/config/valve.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/valve.xml?rev=1377904&r1=1377903&r2=1377904&view=diff == --- tomcat/trunk/webapps/docs/config/valve.xml (original) +++ tomcat/trunk/webapps/docs/config/valve.xml Mon Aug 27 23:08:44 2012 @@ -831,7 +831,7 @@ Should we cache authenticated Principals if the request is part of an -HTTP session? If not specified, the default value of true +HTTP session? If not specified, the default value of false will be used. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377906 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/config/valve.xml
Author: markt Date: Mon Aug 27 23:09:17 2012 New Revision: 1377906 URL: http://svn.apache.org/viewvc?rev=1377906&view=rev Log: Update for new default Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1377904 Modified: tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml?rev=1377906&r1=1377905&r2=1377906&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml Mon Aug 27 23:09:17 2012 @@ -831,7 +831,7 @@ Should we cache authenticated Principals if the request is part of an -HTTP session? If not specified, the default value of true +HTTP session? If not specified, the default value of false will be used. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377909 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/filters/ChunkedInputFilter.java java/org/apache/tomcat/util/buf/HexUtils.java test/org/apache/tomcat/util/buf/TestHexU
Author: kkolinko Date: Mon Aug 27 23:11:20 2012 New Revision: 1377909 URL: http://svn.apache.org/viewvc?rev=1377909&view=rev Log: Merged revision 1377900 from tomcat/trunk: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Better handling of edge conditions in chunk header processing. Added: tomcat/tc7.0.x/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java - copied unchanged from r1377900, tomcat/trunk/test/org/apache/tomcat/util/buf/TestHexUtils.java Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/buf/HexUtils.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Reverse-merged /tomcat/trunk:r1377904 Merged /tomcat/trunk:r1377900 Modified: tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?rev=1377909&r1=1377908&r2=1377909&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java Mon Aug 27 23:11:20 2012 @@ -311,10 +311,11 @@ public class ChunkedInputFilter implemen trailer = true; } else if (!trailer) { //don't read data after the trailer -if (HexUtils.getDec(buf[pos]) != -1) { +int charValue = HexUtils.getDec(buf[pos]); +if (charValue != -1) { readDigit = true; result *= 16; -result += HexUtils.getDec(buf[pos]); +result += charValue; } else { //we shouldn't allow invalid, non hex characters //in the chunked header Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/buf/HexUtils.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/buf/HexUtils.java?rev=1377909&r1=1377908&r2=1377909&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/buf/HexUtils.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/buf/HexUtils.java Mon Aug 27 23:11:20 2012 @@ -34,22 +34,10 @@ public final class HexUtils { * Table for HEX to DEC byte translation. */ private static final int[] DEC = { --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 00, 01, 02, 03, 04, 05, 06, 07, 8, 9, -1, -1, -1, -1, -1, -1, -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, +-1, 10, 11, 12, 13, 14, 15, }; @@ -80,7 +68,12 @@ public final class HexUtils { } public static int getDec(int index){ -return DEC[index]; +// Fast for correct values, slower for incorrect ones +try { +return DEC[index - '0']; +} catch (ArrayIndexOutOfBoundsException ex) { +return -1; +} } public static byte getHex(int index){ Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1377909&r1=1377908&r2=1377909&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Aug 27 23:11:20 2012 @@ -199,6 +199,10 @@ shutdown. (markt) +42181: Better handling of edge conditions in chunk header +processing. (kkolinko) + + 53697: Correct a regression in
RE: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
> -Original Message- > From: Mark Thomas [mailto:ma...@apache.org] > Sent: Monday, August 27, 2012 3:55 PM > To: Tomcat Developers List > Subject: Re: svn commit: r1377689 - > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > ner.java > > On 27/08/2012 22:48, Filip Hanik (mailing lists) wrote: > > > > > >> -Original Message- > >> From: Mark Thomas [mailto:ma...@apache.org] > >> Sent: Monday, August 27, 2012 3:44 PM > >> To: Tomcat Developers List > >> Subject: Re: svn commit: r1377689 - > >> > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > >> ner.java > >> > >> On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: > -Original Message- > From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] > Sent: Monday, August 27, 2012 2:09 PM > To: Tomcat Developers List > Subject: Re: svn commit: r1377689 - > > >> > /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe > ner.java > > 2012/8/27 Mark Thomas : > > On 27/08/2012 15:20, fha...@apache.org wrote: > >> Author: fhanik > >> Date: Mon Aug 27 14:20:55 2012 > >> New Revision: 1377689 > >> > >> URL: http://svn.apache.org/viewvc?rev=1377689&view=rev > >> Log: > >> Per http://markmail.org/message/nqnogctvfuyzhtol > >> > >> 1. Already encountered two users that would like to set this > value. > There is > >> never any need to hard code any value, regardless of its use > > > > What is the use case for wanting to set this value? I can > understand > > users not liking the previous value that triggered a full GC every > hour > > and wanting to change that but I fail to see why anyone would want > >> to > > change this now it is set to trigger a full GC every 290 million > >> years > > or so. > >> > Maybe somebody wants their full GC once an hour, or once a day? > >> > >> That is not what this listener is for. The listener's purpose is to > >> prevent memory leaks, not provide options that allow users to tinker > >> with internal JVM GC settings. > >> > >> I have yet to see a valid use case for this new attribute. > > [Filip Hanik] > > The use case is very much valid, as if they had previously called that > > method, your code will override it. > > So in effect, you're hard coding the GC interval, but not letting a > user > > control it. > > Nope. You should have looked at the implementation of > sun.misc.GC#requestLatency(long) rather than assuming how it worked. > > > It's not tomcat's role to configure GC intervals. It may be that > tomcat > > somehow initiated the GC interval, and if that is the case, it must > expose > > the actual interval to the user. Tomcat should not change JVM settings > > without letting the user configure them, > > Tomcat setting this value has zero impact on any user code or JRE code > that sets a lower value either before Tomcat sets it or after. > > I still see no valid use case for this attribute and without a valid use > case my veto remains. [Filip Hanik] Now you're just being stubborn. It would be like me going back and vetoing the hard coded value, and we'd run around in circles like little chickens. The reason I think the veto is unreasonable is that there is no functionality removed with this. There is nothing to be lost. IIRC any call changes the value, since there is only one daemon thread created. And since gcDaemonProtection is true by default means that 99.9% of tomcat instances will have this daemon thread running. Since we have this thread running, then we might as well hand out the ability to the users. Since you are turning this thread on, give them the ability to change the interval at which it is running. 141 } else { 142 /* Notify the existing daemon thread 143 * that the lateency target has changed 144 */ 145 lock.notify(); 146 } > > Mark > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377689 - /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
On 28/08/2012 00:16, Filip Hanik (mailing lists) wrote: >> -Original Message- >> From: Mark Thomas [mailto:ma...@apache.org] >> Sent: Monday, August 27, 2012 3:55 PM >> To: Tomcat Developers List >> Subject: Re: svn commit: r1377689 - >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe >> ner.java >> >> On 27/08/2012 22:48, Filip Hanik (mailing lists) wrote: >>> >>> -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Monday, August 27, 2012 3:44 PM To: Tomcat Developers List Subject: Re: svn commit: r1377689 - >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe ner.java On 27/08/2012 22:37, Filip Hanik (mailing lists) wrote: >> -Original Message- >> From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] >> Sent: Monday, August 27, 2012 2:09 PM >> To: Tomcat Developers List >> Subject: Re: svn commit: r1377689 - >> >> /tomcat/trunk/java/org/apache/catalina/core/JreMemoryLeakPreventionListe >> ner.java >> >> 2012/8/27 Mark Thomas : >>> On 27/08/2012 15:20, fha...@apache.org wrote: Author: fhanik Date: Mon Aug 27 14:20:55 2012 New Revision: 1377689 URL: http://svn.apache.org/viewvc?rev=1377689&view=rev Log: Per http://markmail.org/message/nqnogctvfuyzhtol 1. Already encountered two users that would like to set this >> value. >> There is never any need to hard code any value, regardless of its use >>> >>> What is the use case for wanting to set this value? I can >> understand >>> users not liking the previous value that triggered a full GC every >> hour >>> and wanting to change that but I fail to see why anyone would want to >>> change this now it is set to trigger a full GC every 290 million years >>> or so. >> Maybe somebody wants their full GC once an hour, or once a day? That is not what this listener is for. The listener's purpose is to prevent memory leaks, not provide options that allow users to tinker with internal JVM GC settings. I have yet to see a valid use case for this new attribute. >>> [Filip Hanik] >>> The use case is very much valid, as if they had previously called that >>> method, your code will override it. >>> So in effect, you're hard coding the GC interval, but not letting a >> user >>> control it. >> >> Nope. You should have looked at the implementation of >> sun.misc.GC#requestLatency(long) rather than assuming how it worked. >> >>> It's not tomcat's role to configure GC intervals. It may be that >> tomcat >>> somehow initiated the GC interval, and if that is the case, it must >> expose >>> the actual interval to the user. Tomcat should not change JVM settings >>> without letting the user configure them, >> >> Tomcat setting this value has zero impact on any user code or JRE code >> that sets a lower value either before Tomcat sets it or after. >> >> I still see no valid use case for this attribute and without a valid use >> case my veto remains. > [Filip Hanik] > Now you're just being stubborn. No, I am being consistent. I am against unnecessary bloat. > It would be like me going back and vetoing > the hard coded value, and we'd run around in circles like little chickens. > The reason I think the veto is unreasonable is that there is no > functionality removed with this. There is nothing to be lost. It doesn't add anything either. It is pointless bloat. > IIRC any call changes the value, since there is only one daemon thread > created. Then again, I suggest you actually go and look at the source code and you'd see that you are wrong. And since gcDaemonProtection is true by default means that 99.9% of > tomcat instances will have this daemon thread running. Since we have this > thread running, then we might as well hand out the ability to the users. > Since you are turning this thread on, give them the ability to change the > interval at which it is running. Again, provide a valid use case for this option and I'll support the change. You have yet to do so. My veto stands. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377912 - /tomcat/tc5.5.x/trunk/STATUS.txt
Author: markt Date: Mon Aug 27 23:25:01 2012 New Revision: 1377912 URL: http://svn.apache.org/viewvc?rev=1377912&view=rev Log: Proposal Modified: tomcat/tc5.5.x/trunk/STATUS.txt Modified: tomcat/tc5.5.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/STATUS.txt?rev=1377912&r1=1377911&r2=1377912&view=diff == --- tomcat/tc5.5.x/trunk/STATUS.txt (original) +++ tomcat/tc5.5.x/trunk/STATUS.txt Mon Aug 27 23:25:01 2012 @@ -76,3 +76,7 @@ PATCHES PROPOSED TO BACKPORT: +1: schultz, kkolinko -1: +* Various DIGEST improvements ported from Tomact 7 + http://people.apache.org/~markt/patches/2012-08-28-digest-tc5.patch + +1: markt + -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [Bug 53531] ExpandWar.expand does not check the return value of File.mkdir and File.mkdirs
Mark, On 8/27/12 5:36 PM, bugzi...@apache.org wrote: > https://issues.apache.org/bugzilla/show_bug.cgi?id=53531 > > Mark Thomas changed: > >What|Removed |Added > > Component|Catalina|Catalina > Version|6.0.35 |Nightly Build > Product|Tomcat 6|Tomcat 5 >Target Milestone|default |--- Uh, what? -chris signature.asc Description: OpenPGP digital signature
Re: [Bug 53531] ExpandWar.expand does not check the return value of File.mkdir and File.mkdirs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/08/2012 00:53, Christopher Schultz wrote: > Mark, > > On 8/27/12 5:36 PM, bugzi...@apache.org wrote: >> https://issues.apache.org/bugzilla/show_bug.cgi?id=53531 >> >> Mark Thomas changed: >> >> What|Removed |Added >> >> >> Component|Catalina|Catalina >> Version|6.0.35 |Nightly Build Product|Tomcat >> 6|Tomcat 5 Target Milestone|default >> |--- > > Uh, what? It is fixed in 6.0.x but not 5.5.x so it got moved. When it gets fixed in 5.5.x it will get resolved. Generally: - - bugs are kept open against the highest supported version of Tomcat where they are still an issue - - bugs are fixed in the every version from the one they are reported against up to trunk - - bugs may be fixed in earlier versions than the one they were reported in if a committer feels the need to scratch that itch Mark -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQPAlhAAoJEBDAHFovYFnnWVkQAKMQ8ePbQQbmtxCFSmUa5522 rV91THSawIu6erixF8gjjg2Fm8Kkhg9czFIJjtD26jA03JAyYX8ovVjXEx8IOGVi mBnKP/tKj2rYEh+ngXUGKz0tYdKrSR2iFCVhOMQ/Pl7RWH7cyunNrsqjNZqouqSb AqIQ9HO3+JMzti/kvc97rkQMqqAxOt/oY07FaU9dvnngTCTei4hbFnPDtfWaTt04 ouYECtxnxGT7z4XvRxReFF9HVdhH7C6A9Z0gwAAjyhxZbPCHH8v71FxFOPM4Ou4o dI0fzq7G5pdpuSI0degm1mM6hpY6P7VPwJMdg+aAv1diPhitr4PAblbnWII7xHPo B7KOkarggkiWk4aGdNdpZwHzdwL4xNrt0OFvfsdMYk71jyMenxaNGtiBejSTRGFM XskToD376ElL2pgck4fRFuKj4QnLrix3ccg0fhfUbWBcSxYia1c8pNqNa59KXcV6 vr9jb9VtCfS6N8C8NK3gzWfGmOjRnvQYlkHe+eSQTlar3LpYySGK223ydKsfRM03 iUQneYk/70SG8jtz259KSXQAbdQKe2n2eC/W2jXsVw1tGpYO3ejlzGJgjSmggyFe 9pBBBAeBBmHgYD8d5vMl1HZi9QQ2CM3ed3BqFrdDpc+2yP2XeGrgKrBoAPmJVBPE YyUcdF8QwI7vr0W/KnqS =9FJz -END PGP SIGNATURE- - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377917 - /tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
Author: kkolinko Date: Tue Aug 28 00:04:29 2012 New Revision: 1377917 URL: http://svn.apache.org/viewvc?rev=1377917&view=rev Log: Correct fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=53047 Followup to r1377888. The code should have been added to getRoles() method, not getPassword(). Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?rev=1377917&r1=1377916&r2=1377917&view=diff == --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Tue Aug 28 00:04:29 2012 @@ -458,12 +458,6 @@ public class DataSourceRealm protected String getPassword(Connection dbConnection, String username) { -if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) { -// Using an authentication only configuration and no role store has -// been defined so don't spend cycles looking -return null; -} - ResultSet rs = null; PreparedStatement stmt = null; String dbCredentials = null; @@ -548,7 +542,13 @@ public class DataSourceRealm */ protected ArrayList getRoles(Connection dbConnection, String username) { - + +if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) { +// Using an authentication only configuration and no role store has +// been defined so don't spend cycles looking +return null; +} + ResultSet rs = null; PreparedStatement stmt = null; ArrayList list = null; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1377917 - /tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
On 28/08/2012 01:04, kkoli...@apache.org wrote: > Author: kkolinko > Date: Tue Aug 28 00:04:29 2012 > New Revision: 1377917 > > URL: http://svn.apache.org/viewvc?rev=1377917&view=rev > Log: > Correct fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=53047 > > Followup to r1377888. > The code should have been added to getRoles() method, not getPassword(). Thanks. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377918 - /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Tue Aug 28 00:13:14 2012 New Revision: 1377918 URL: http://svn.apache.org/viewvc?rev=1377918&view=rev Log: Move to correct section. Realms belong to Catalina, not Jasper. Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1377918&r1=1377917&r2=1377918&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Aug 28 00:13:14 2012 @@ -142,6 +142,12 @@ Based on a patch by Rüdiger Plüm. (kkolinko) +53047: If a JDBCRealm or DataSourceRealm is configured for +an all roles mode that only requires authorization (and no roles) and no +role table or column is defined, don't populate the Principal's roles. +(markt/kkolinko) + + 53050: Fix handling of entropy value when initializing session id generator in session manager. Based on proposal by Andras Rozsa. (kkolinko) @@ -258,12 +264,6 @@ org.apache.tools.ant.Task enabling it to work with features such as namespaces within build.xml files. (markt) - -53047: If a JDBC Realm or DataSource Realm is configured for -an all roles mode that only requires authorization (and no roles) and no -role table or column is defined, don't populate the Principal's roles. -(markt/kkolinko) - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53047] JDBCRealm allRolesMode="authOnly" still needs role table
https://issues.apache.org/bugzilla/show_bug.cgi?id=53047 Konstantin Kolinko changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #14 from Konstantin Kolinko --- Fixed in Tomcat 6 with r1377888 + r1377917 (+ r1377918). It will be in 6.0.36. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 42181] parseChunkHeader
https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Konstantin Kolinko changed: What|Removed |Added Status|CLOSED |REOPENED Resolution|INVALID |--- --- Comment #3 from Konstantin Kolinko --- Fixed in Tomcat 7 with r1377909. It will be in 7.0.30. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 42181] ArrayIndexOutOfBoundsException in parseChunkHeader
https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Konstantin Kolinko changed: What|Removed |Added Summary|parseChunkHeader|ArrayIndexOutOfBoundsExcept ||ion in parseChunkHeader -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 42181] ArrayIndexOutOfBoundsException in parseChunkHeader
https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 --- Comment #4 from Konstantin Kolinko --- Created attachment 29288 --> https://issues.apache.org/bugzilla/attachment.cgi?id=29288&action=edit 2012-08-28_tc6_42181.patch Patch for Tomcat 6 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377931 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: kkolinko Date: Tue Aug 28 01:03:38 2012 New Revision: 1377931 URL: http://svn.apache.org/viewvc?rev=1377931&view=rev Log: proposals Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377931&r1=1377930&r2=1377931&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Aug 28 01:03:38 2012 @@ -141,11 +141,23 @@ PATCHES PROPOSED TO BACKPORT: +1: kkolinko, markt -1: -* Various DIGEST improvements ported from Tomact 7 +* Various DIGEST improvements ported from Tomcat 7 http://people.apache.org/~markt/patches/2012-08-28-digest-tc6.patch +1: markt -1: +* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 + Better handling of edge conditions in chunk header processing + https://issues.apache.org/bugzilla/attachment.cgi?id=29288 + +1: kkolinko + -1: + +* Remove unneeded handling of FORM authentication in RealmBase + http://svn.apache.org/viewvc?rev=1377887&view=rev + (r1377892 in 7.0) + +1: kkolinko + -1: + PATCHES/ISSUES THAT ARE STALLED - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377932 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: kkolinko Date: Tue Aug 28 01:14:36 2012 New Revision: 1377932 URL: http://svn.apache.org/viewvc?rev=1377932&view=rev Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377932&r1=1377931&r2=1377932&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Aug 28 01:14:36 2012 @@ -143,8 +143,10 @@ PATCHES PROPOSED TO BACKPORT: * Various DIGEST improvements ported from Tomcat 7 http://people.apache.org/~markt/patches/2012-08-28-digest-tc6.patch - +1: markt + +1: markt, kkolinko -1: + kkolinko: It includes fix for 52954 (Android support). You might + mention that in changelog. * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Better handling of edge conditions in chunk header processing - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377933 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: kkolinko Date: Tue Aug 28 01:17:56 2012 New Revision: 1377933 URL: http://svn.apache.org/viewvc?rev=1377933&view=rev Log: Correction It is already mentioned. I have not noticed. Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1377933&r1=1377932&r2=1377933&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Aug 28 01:17:56 2012 @@ -145,8 +145,6 @@ PATCHES PROPOSED TO BACKPORT: http://people.apache.org/~markt/patches/2012-08-28-digest-tc6.patch +1: markt, kkolinko -1: - kkolinko: It includes fix for 52954 (Android support). You might - mention that in changelog. * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42181 Better handling of edge conditions in chunk header processing - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tagging 7.0.30
2012/8/27 Mark Thomas : > Hi, > > I have all the open bugs fixed for 7.0.x with the exception of BZ53469 > that is pending input from the Servlet EG before a final fix (if any) is > applied. > > I have a few other bits and pieces I want to do before I tag 7.0.30 but > (assuming no more bugs are opened) I anticipate tagging in the next few > days. If you have anything you would like to see in 7.0.30 now is the > time to commit :) > FYI: All the unit tests do pass for current 7.0 (@ r1377910), except one memory leak protection test that failed once (it happens/expected, nothing new here), TestWebappClassLoaderExecutorMemoryLeak#testTimerThreadLeak Tested BIOxNIOxAPR (native 1.1.24) with JDK 6u34 32-bit on WinXP Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1377940 - /tomcat/trunk/TOMCAT-NEXT.txt
Author: kkolinko Date: Tue Aug 28 01:50:32 2012 New Revision: 1377940 URL: http://svn.apache.org/viewvc?rev=1377940&view=rev Log: Remove fixed issue. Modified: tomcat/trunk/TOMCAT-NEXT.txt Modified: tomcat/trunk/TOMCAT-NEXT.txt URL: http://svn.apache.org/viewvc/tomcat/trunk/TOMCAT-NEXT.txt?rev=1377940&r1=1377939&r2=1377940&view=diff == --- tomcat/trunk/TOMCAT-NEXT.txt (original) +++ tomcat/trunk/TOMCAT-NEXT.txt Tue Aug 28 01:50:32 2012 @@ -216,6 +216,3 @@ but possibly 7.1.x). - Remaining code in progress 14. Review date formatting with a view to reducing duplication. - -15. Update annotation scanning code to handle Java 7 class files (BZ 53735). -Make sure that BCEL fixes this issue and that we use updated code from them. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1372394 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/FormAuthenticator.java java/org/apache/catalina/authenticator/SavedRequest.java
2012/8/13 : > Author: markt > Date: Mon Aug 13 12:29:51 2012 > New Revision: 1372394 > > URL: http://svn.apache.org/viewvc?rev=1372394&view=rev > Log: > Additional fix for http://issues.apache.org/bugzilla/show_bug.cgi?id=53584 > Store decoded and original request URI. Restore both. Use decoded for > matching. > The "Restore both" mentioned above was not implemented. The #restoreRequest(..) method was not changed and so it does not restore decodedURI. http://tomcat.markmail.org/thread/q2nudipddpwooisn > Modified: > tomcat/tc7.0.x/trunk/ (props changed) > > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java > > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java > > Propchange: tomcat/tc7.0.x/trunk/ > -- > Merged /tomcat/trunk:r1372390 > > Modified: > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java > URL: > http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java?rev=1372394&r1=1372393&r2=1372394&view=diff > == > --- > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java > (original) > +++ > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/FormAuthenticator.java > Mon Aug 13 12:29:51 2012 > @@ -498,12 +498,11 @@ public class FormAuthenticator > } > >// Does the request URI match? > - String requestURI = request.getDecodedRequestURI(); > - if (requestURI == null) { > + String decodedRequestURI = request.getDecodedRequestURI(); > + if (decodedRequestURI == null) { > return (false); > } > - return (requestURI.equals(sreq.getRequestURI())); > - > + return (decodedRequestURI.equals(sreq.getDecodedRequestURI())); > } > > > @@ -658,11 +657,11 @@ public class FormAuthenticator > > saved.setMethod(request.getMethod()); > saved.setQueryString(request.getQueryString()); > -saved.setRequestURI(request.getDecodedRequestURI()); > +saved.setRequestURI(request.getRequestURI()); > +saved.setDecodedRequestURI(request.getDecodedRequestURI()); > > // Stash the SavedRequest in our session for later use > session.setNote(Constants.FORM_REQUEST_NOTE, saved); > - > } > > > > Modified: > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java > URL: > http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java?rev=1372394&r1=1372393&r2=1372394&view=diff > == > --- > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java > (original) > +++ > tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SavedRequest.java > Mon Aug 13 12:29:51 2012 > @@ -147,6 +147,21 @@ public final class SavedRequest { > > > /** > + * The decode request URI associated with this Request. Path parameters > are > + * also excluded > + */ > +private String decodedRequestURI = null; > + > +public String getDecodedRequestURI() { > +return (this.decodedRequestURI); > +} > + > +public void setDecodedRequestURI(String decodedRequestURI) { > +this.decodedRequestURI = decodedRequestURI; > +} > + > + > +/** > * The body of this request. > */ > private ByteChunk body = null; > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-validate (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-validate has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 34 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-validate : Tomcat 8.x, a web server implementing Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/gump_work/build_tomcat-trunk_tomcat-trunk-validate.html Work Name: build_tomcat-trunk_tomcat-trunk-validate (Type: Build) Work ended in a state of : Failed Elapsed: 37 secs Command Line: /usr/lib/jvm/java-7-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-5.6-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-7-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-5.6-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-28082012.jar:/srv/gump/public/workspace/apache-commons/cli/target/commons-cli-1.3-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/exec/target/commons-exec-1.1.1-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/validator/dist/commons-validator-28082012.jar:/srv/gump/public/workspace/junit/dist/junit-28082012.jar:/srv/gump/ public/workspace/junit/dist/junit-dep-28082012.jar:/srv/gump/public/workspace/google-guava/guava/target/guava-14.0-SNAPSHOT.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-28082012.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-28082012.jar:/srv/gump/public/workspace/commons-collections-3.x/target/commons-collections-3.3-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/jdom/build/jdom.jar:/srv/gump/public/workspace/velocity-engine/bin/velocity-28082012.jar:/srv/gump/public/workspace/velocity-engine/bin/velocity-28082012-dep.jar:/srv/gump/packages/javamail-1.4/mail.jar:/srv/gump/packages/javamail-1.4/lib/mailapi.jar:/srv/gump/packages/jaf-1.1ea/activation.jar - Buildfile: /srv/gump/public/workspace/tomcat-trunk/build.xml build-prepare: [delete] Deleting directory /srv/gump/public/workspace/tomcat-trunk/output/build/temp [mkdir] Created dir: /srv/gump/public/workspace/tomcat-trunk/output/build/temp compile-prepare: download-validate: proxyflags: setproxy: testexist: [echo] Testing for /srv/gump/public/workspace/checkstyle/target/checkstyle-5.6-SNAPSHOT.jar downloadzip: validate: [mkdir] Created dir: /srv/gump/public/workspace/tomcat-trunk/output/res/checkstyle [checkstyle] Running Checkstyle 5.6-SNAPSHOT on 2308 files [checkstyle] /srv/gump/public/workspace/tomcat-trunk/webapps/docs/config/listeners.xml:290: Line matches the illegal pattern '\s+$'. BUILD FAILED /srv/gump/public/workspace/tomcat-trunk/build.xml:461: Got 1 errors and 0 warnings. Total time: 37 seconds - To subscribe to this information via syndicated feeds: - RSS: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/rss.xml - Atom: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/atom.xml == Gump Tracking Only === Produced by Apache Gump(TM) version 2.3. Gump Run 1128082012, vmgump.apache.org:vmgump:1128082012 Gump E-mail Identifier (unique within run) #41. -- Apache Gump http://gump.apache.org/ [Instance: vmgump] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional command