servlets-ssi.renametojar
Hello, I'm currently looking into the security issues pertaining to enabling this by default. I followed the conversation for why it is the way it is, but now that I'm actually in the guts of the thing, I don't think I fully understand. The issue as I remember it is that the SsiExec class in servlets-ssi.jar could be exploited even if SSI support wasn't enabled in the web.xml file. The part I'm fuzzy on is how this can be true. Since servlets-ssi.jar is loaded into the server class loader (server/lib) it seems to me that it would be impossible for a rogue webapp to access any classes in this jar. In any case, my solution should protect from these kinds of attacks also, I'm just not sure they're possible. I'll be submitting a patch shortly that should allow SSI support to be enabled by default but would require a specific configuration change to get the exec directive to work. -Paul Speed P.S.: I'd be curious to know of anyone actually using the exec directive. Looking at the code, I'm not sure I see how it works for non-CGI stuff. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Mod_webapp Solaris 8
Matt Goyer wrote: I've been struggling with this for a week or two now.. I'm able to compile mod_webapp on Solaris 8 with GCC 3.0.1 using the snapshots of mod_webapp and apr from CVS. However I have to modify my apxs since three values don't get properly set by the apache makefile. I So I then try and load my compiled mod_webapp with Apache and get the following error: Syntax error on line 206 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/libexec/mod_webapp.so into server: ld.so.1: /usr/local/apache/bin/httpd: fatal: relocation error: file /usr/local/apache/libexec/mod_webapp.so: symbol __lshrdi3: referenced symbol not found Argh...! I thought I fixed the mod_webapp to detect this problem before compiling... Could you retry with http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.1/src/webapp-module-1.0.1-tc401-src.tar.gz The configure should say Cannot mix gcc and native cc, if not tell me what uname -a tells so I can add it to the check list. The solution is _not_ using gcc with mod_webapp when apache-1.3 was compiled with a native compiler. I then pulled apart libgcc.a (as recommend in a post here) and made libgcc.so and located it in /usr/lib and when I do: export LD_PRELOAD=/usr/lib/libgcc.so /usr/local/apache/bin/apachectl configtest I then get: Syntax error on line 206 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/libexec/mod_webapp.so into server: ld.so.1: /usr/local/apache/bin/httpd: fatal: relocation error: file /usr/local/apache/libexec/mod_webapp.so: symbol ap_table_get: referenced symbol not found What am I missing? Can anyone get mod_webapp working on Solaris 8?? If some has.. If you could post a quick install guide of what you did I'd appreciate that. I posted here before and someone talked about setting LD_LIBRARY_PATH and I tried that too to no avail. Matt -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
[PATCH] SSI Security
As promissed... I've attached my patches to allow the exec directive to be enabled or disabled (disabled by default). The extra safety check I've built in isn't really necessary, but it causes no harm and may prevent some accidental foot-shootings in the future. ssi-exec.patch is a diff -u from the catalina/src directory. (We'll see if the attachment actually works to the list since I've had problems with that before.) Left up to discussion is the vulnerability of the jar file itself. I contend that since the jar is in the server/lib class loader that it is perfectly safe. Indeed, when I played with moving it into shared it resulted in broken dependencies with at least one class in server/lib. If it is not safe then it brings up a larger issue since all server/lib class have AllPermission and can therefore do whatever they want. If these classes are exploitable by webapps then it seems to me that security should be set more fine grained (including not allowing file execute for any file). Otherwise, there's always risk that some backdoor will be left open. -Paul Index: conf/web.xml === RCS file: /home/cvspublic/jakarta-tomcat-4.0/catalina/src/conf/web.xml,v retrieving revision 1.31 diff -u -r1.31 web.xml --- conf/web.xml2001/11/21 17:36:52 1.31 +++ conf/web.xml2001/11/29 08:05:04 @@ -165,6 +165,12 @@ !-- be ignored and no errors shown?-- !-- (0=false, 1=true) [1] -- !-- -- + !-- allowExecDirective -- + !-- Should the exec directive be allowed in SSI-- + !-- pages? When false, exec will be treated like -- + !-- an unknown command.-- + !-- (0=false, 1=true) [0] -- + !-- -- !-- IMPORTANT: To use the SSI servlet, you also need to rename the -- !--$CATALINA_HOME/server/lib/servlets-ssi.renametojar file -- !--to $CATALINA_HOME/server/lib/servlets-ssi.jar -- @@ -194,6 +200,10 @@ init-param param-nameignoreUnsupportedDirective/param-name param-value1/param-value +/init-param +init-param + param-nameallowExecDirective/param-name + param-value0/param-value /init-param load-on-startup4/load-on-startup /servlet Index: share/org/apache/catalina/servlets/SsiInvokerServlet.java === RCS file: /home/cvspublic/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/SsiInvokerServlet.java,v retrieving revision 1.14 diff -u -r1.14 SsiInvokerServlet.java --- share/org/apache/catalina/servlets/SsiInvokerServlet.java 2001/11/29 03:50:48 1.14 +++ share/org/apache/catalina/servlets/SsiInvokerServlet.java 2001/11/29 08:05:05 @@ -161,6 +161,13 @@ } try { +value = getServletConfig().getInitParameter(allowExecDirective); + +ssiDispatcher.setAllowExecDirective((Integer.parseInt(value)0)?true:false); +} catch (Throwable t) { +; +} + +try { value = getServletConfig().getInitParameter(expires); expires = Long.valueOf(value); } catch (NumberFormatException e) { Index: share/org/apache/catalina/util/ssi/SsiDispatcher.java === RCS file: /home/cvspublic/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/util/ssi/SsiDispatcher.java,v retrieving revision 1.2 diff -u -r1.2 SsiDispatcher.java --- share/org/apache/catalina/util/ssi/SsiDispatcher.java 2001/11/29 03:41:26 1.2 +++ share/org/apache/catalina/util/ssi/SsiDispatcher.java 2001/11/29 08:05:06 @@ -76,7 +76,7 @@ * @version $Revision: 1.2 $, $Date: 2001/11/29 03:41:26 $ * @authorPaul Speed */ -public class SsiDispatcher { +public final class SsiDispatcher { /** * Determines how to treate unknown command references. @@ -84,6 +84,11 @@ private boolean ignoreUnsupportedDirective = true; /** + * True if the exec command is allowed. + */ +private boolean allowExec = false; + +/** * Contains the SSI command instances. This is shared * across all dispatcher instances. */ @@ -99,7 +104,6 @@ ssiCommands.put(echo, new SsiEcho()); ssiCommands.put(fsize, new SsiFsize()); ssiCommands.put(flastmod, new SsiFlastmod()); -ssiCommands.put(exec, new SsiExec()); ssiCommands.put(set, new SsiSet()); SsiConditional cond = new
Re: cvs commit: jakarta-tomcat/src/facade22/org/apache/tomcat/facade JspInterceptor.java WebXmlReader.java
Thanks Bill and sorry for my laziness... Servlet only people like myself will be happier now :-) Bojan [EMAIL PROTECTED] wrote: billbarker01/11/28 19:06:05 Modified:src/facade22/org/apache/tomcat/facade JspInterceptor.java WebXmlReader.java Log: Rationalize the setting of the default mapping for JSP pages. With this code move, only JspInterceptor knows anything about JSP pages. In particular, removing JspInterceptor from server.xml disables all support for *.jsp files. Revision ChangesPath 1.32 +3 -0 jakarta-tomcat/src/facade22/org/apache/tomcat/facade/JspInterceptor.java Index: JspInterceptor.java === RCS file: /home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/JspInterceptor.java,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- JspInterceptor.java 2001/11/27 03:54:35 1.31 +++ JspInterceptor.java 2001/11/29 03:06:05 1.32 @@ -298,6 +298,9 @@ public void contextInit(Context ctx) throws TomcatException { + if(ctx.getContainer(*.jsp) == null) + ctx.addServletMapping( *.jsp, jsp); + if( useJspServlet ) { // prepare jsp servlet. Handler jasper=ctx.getServletByName( jsp ); 1.15 +0 -1 jakarta-tomcat/src/facade22/org/apache/tomcat/facade/WebXmlReader.java Index: WebXmlReader.java === RCS file: /home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/WebXmlReader.java,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- WebXmlReader.java 2001/09/29 04:28:22 1.14 +++ WebXmlReader.java 2001/11/29 03:06:05 1.15 @@ -64,7 +64,6 @@ try { // Defaults - ctx.addServletMapping( *.jsp, jsp); ctx.setSessionTimeOut( 30 ); // We may read a default web.xml from INSTALL/conf/web.xml - -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: TC 3.3: For Servlets only
Bill Barker wrote: I've checked in a change to move setting the default mapping to JspInterceptor. Now, all Bojan needs to do is to comment out JspInterceptor in server.xml and all of his *.jsp files will be served as regular text files. Again, thanks for this. It makes JSP and Servlet spec totally different beasts in Tomcat 3.3.x. Cool! The aim was actually not to have JSP files... What can I say, I'm a passionate Velocity convert ;-) Bojan -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
xsltc problems inside Tomcat 4.0.1
Hi All, I have a simple application that uses the xalan XSLTC to transform XML documents into HTML documents. When running this stand-alone (without Tomcat) it all works fine. If I run this from a servlet inside Tomcat (4.0.1 and build 20011127) I get one of the following errors: Added to the my webapp is the following jar files: - BCEL.jar - xsltc.jar - xalan.jar The servlet need to load my application and read its configuration from a static XML file. I implemented a SAX ContentHandler like this: public class SAXConfiguration extends org.xml.sax.helpers.DefaultHandler Here is the error that I get: === java.lang.LinkageError: loader constraints violated when linking org/xml/sax/helpers/DefaultHandler class at com.truteq.configuration.SAXConfiguration.init(SAXConfiguration.java:147) === The line of code is this one: vSAXParser.parse (aInputStream, this); Now I remove the xalan.jar file from the webapp. The above error is then fixed, but I get the following error: === java.lang.NoClassDefFoundError: javax/xml/transform/Source at com.truteq.presentation.Index.init(Index.java:16) at javax.servlet.GenericServlet.init(GenericServlet.java:258) === This is expected as the XSLTC requires this. But why/how does it interfere with the other SAX parser? -Deon _ TruTeq Wireless (Pty) Ltd.Tel +27 82 663 8617 http://www.truteq.com Wireless communications for remote machine management -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Info on customizing jspc - jasper
Hi Tom, and many thanks for the suggestions ! I think i'll use a filter, although the taglib solution is interesting, too. Thanks Alberto - Original Message - From: Tom Drake [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Wednesday, November 28, 2001 6:38 PM Subject: Re: Info on customizing jspc - jasper Alberto: Maybe I'm missing something here but couldn't you simply intercept the response output stream and redirect it to a file? Have you tried using a filter? Alternatively, ou may be able to do this by 'including' your jsp from a servlet or another jsp. One last thought. Tag libraries have the ability to intercept 'body content' that appears between the corresponding opening and closing tags. BodyContent body = getBodyContent(); String bodyOfCaptureTag = body.getString(); // write bodyOfCaptureTag to file here... You could create a simple BodyTagSupport taglib object, use this tag in a new jsp that you create that looks something like this. MyCaptureTagjsp:include page=TheRealUrlGoesHere//MyCaptureTag This is a little bizarre, but should even work with Tomcat 3.1 . Tom - Original Message - From: Alberto Romei [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Wednesday, November 28, 2001 2:34 AM Subject: Re: Info on customizing jspc - jasper | Hi, and many thanks for the replies. | Using %@page extends=my.jsp.page.class % allows me to change only the | name of the superclass for my JSP, but i need to do more than this. | I need to change all the fixed lines of the generated code. | For example, i would like to change: | | public void _jspService(HttpServletRequest request, HttpServletResponse | response) | in | public void _jspService(MyParam p1, String s, int n) | | or substituting | JspFactory _jspxFactory = null; | with | String name = X; | | and so on... | | The other solution proposed by Mike is good, but HttpServletResponse needs a | ServletOutputStream, and the generated servlet calls getPageContext() which | takes my request and response objects, so i guess my implementation will not | be so straightforward. Anyway, i think i'll try this way. | | If you have other ideas, please let me know | | Thanks | Alberto | | - Original Message - | From: Bill Barker [EMAIL PROTECTED] | To: Tomcat Developers List [EMAIL PROTECTED] | Sent: Tuesday, November 27, 2001 8:27 PM | Subject: Re: Info on customizing jspc - jasper | | | This is off-topic for the dev list. You'll probably get a better response | from [EMAIL PROTECTED] | | What you want is @page extends=my.jsp.page.class % | - Original Message - | From: Alberto Romei [EMAIL PROTECTED] | To: [EMAIL PROTECTED] | Sent: Tuesday, November 27, 2001 10:32 AM | Subject: Info on customizing jspc - jasper | | | I wanted to use JspC to generate a java program (not exactly a servlet) | which writes its output to a file on the disk instead of the | HttpServletResponse's JspWriter. | | In practice, i just need to customize the fixed parts of the generated | code | like: | | public class Foo extends HttpJspBase { | | or | | public void _jspService(HttpServletRequest request, | HttpServletResponse | response) | throws java.io.IOException, ServletException { | | From what i've seen, i could simply substitute JspParseEventListener in | the | jasper jars, but in this way i would throw away the normal processing | of | JSPs. | | So, what is the correct way to customize the JSP compilation ? | Must i subclass org.apache.jasper.compiler.Compiler and call | MyCompiler.something() instead of jspc.parseFiles() ? (that would be a | lot | of work... ) | If so, is there any kind of documentation on how to correctly write a | custom | JSP compiler ? (possibly working with future versions of tomcat, too) | | Any suggestion is appreciated. | | Thanks | | Alberto | | P.S. | I'm new to tomcat source, so please be patient. | | | | -- | To unsubscribe, e-mail: | mailto:[EMAIL PROTECTED] | For additional commands, e-mail: | mailto:[EMAIL PROTECTED] | | | | ** | | This message is intended only for the use of the person(s) listed above | as the intended recipient(s), and may contain information that is | PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, | you may not read, copy, or distribute this message or any attachment. | If you received this communication in error, please notify us immediately | by e-mail and then delete all copies of this message and any attachments. | | | In addition you should be aware that ordinary (unencrypted) e-mail sent | through the Internet is not secure. Do not send confidential or sensitive | information, such as social security numbers,
RE: [VOTE] Tomcat 4.0.2 Release Plan
+1 Though I'm still coming up to speed on 4.x. Fortunately I've firmly established the habit of using spaces instead tabs by now. :) Larry -Original Message- From: Remy Maucherat [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 28, 2001 1:26 AM To: [EMAIL PROTECTED] Subject: [VOTE] Tomcat 4.0.2 Release Plan Hi, I think it's the appropriate time to consider starting a new release cycle for Tomcat 4.0. There has been a variety of significant bugs fixed since 4.0.1 (although there hasn't been any fixes for any showstopper bug). I don't plan to propose a formal release plan for this release, as it is a bugfix-only release, and it will be released as soon as there are no more must-fix issues remaining in the most current release candidate. - A few more code merge will happen between now and the first beta release (at least one to add JAVA_HOME support in the install script). - The release notes will document all the fixes which occured since 4.0.1. - The release notes will list the must-fix bugs. This generally includes bugs whose severity in Bugzilla is 'blocker' (P1), 'critical' (P2) or 'major' (P3). - Tomcat 4.0.2 won't have any regressions over 4.0.1. - All betas for 4.0.2 should be considered release candidates if the must-fix issues list is empty. - Tomcat 4.0.2 beta 1 should be released between 12/02 and 12/16. - This vote will run until 12/01. ballot [ ] +1: I approve this plan, and I'll help [ ] +0: I approve this plan [ ] -0: I'm against this plan, but I won't veto it [ ] -1: I'm against this plan, and my reason is: /ballot Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: [VOTE] New Committer: Jazmin Jonson
+1 Larry -Original Message- From: Amy Roh [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 28, 2001 2:04 PM To: tomcat-dev Subject: [VOTE] New Committer: Jazmin Jonson As Bill Barker suggested, I would like to propose Jazmin Jonson as a new committer. She has contributed a numerous patches to Tomcat4 admin application. Votes please? Amy Roh -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: [VOTE] New Committer: Jazmin Jonson
+1 Amy Roh wrote: As Bill Barker suggested, I would like to propose Jazmin Jonson as a new committer. She has contributed a numerous patches to Tomcat4 admin application. Votes please? Amy Roh -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- Andy Armstrong, Tagish -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: [VOTE] Tomcat 4.0.2 Release Plan
Remy Maucherat wrote: Hi, I think it's the appropriate time to consider starting a new release cycle for Tomcat 4.0. There has been a variety of significant bugs fixed since 4.0.1 (although there hasn't been any fixes for any showstopper bug). I don't plan to propose a formal release plan for this release, as it is a bugfix-only release, and it will be released as soon as there are no more must-fix issues remaining in the most current release candidate. - A few more code merge will happen between now and the first beta release (at least one to add JAVA_HOME support in the install script). - The release notes will document all the fixes which occured since 4.0.1. - The release notes will list the must-fix bugs. This generally includes bugs whose severity in Bugzilla is 'blocker' (P1), 'critical' (P2) or 'major' (P3). - Tomcat 4.0.2 won't have any regressions over 4.0.1. - All betas for 4.0.2 should be considered release candidates if the must-fix issues list is empty. - Tomcat 4.0.2 beta 1 should be released between 12/02 and 12/16. - This vote will run until 12/01. ballot [ ] +1: I approve this plan, and I'll help [X] +0: I approve this plan [ ] -0: I'm against this plan, but I won't veto it [ ] -1: I'm against this plan, and my reason is: /ballot Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- Andy Armstrong, Tagish -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: [VOTE] New Committer: Jazmin Jonson
+1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
ClassNotFound Exception when loading Tomcat 4.0.1 via URLClassLoader
Hi all, I'm trying to write a java class that will load Tomcat 4.0.1 for me. My goal is: - Do not use the classpath. The CLASSPATH env variable's contents are clear be me first. - Use the URLClassLoader to get started. This technique works with Tomcat 3.3 With Tomcat 4.0.1 however, I get a ClassNotFoundException for org.apache.catalina.loader.Reloader which is in the same bootstrap.jar that is used to load org.apache.catalina.startup.Bootstrap However, when I stick to the batch file which adds bootstrap.jar to the system CLASSPATH, tomcat runs OK, as usual. Could some one point me to what I'm missing or doing wrong ? Thanks. Here's the code that I use to load Tomcat 4.0.1 -- begin code public class TCStart{ public static void main(String args[]){ try{ System.setProperty(catalina.home,f:/tc4.0.1/); System.setProperty(catalina.base,f:/tc4.0.1/); System.setProperty(java.class.path,); java.io.File file = new java.io.File(f:/tc4.0.1/bin/bootstrap.jar); java.net.URL[] urls = new java.net.URL[]{file.toURL()}; java.net.URLClassLoader loader = new java.net.URLClassLoader(urls); Class aClass = loader.loadClass(org.apache.catalina.startup.Bootstrap); String classLoaderName = aClass.getClassLoader().getClass().getName(); String className = aClass.getName(); System.out.println(ClassName + className); System.out.println(ClassLoader + classLoaderName); //Class aClass = Class.forName(org.apache.catalina.startup.Bootstrap); java.lang.reflect.Method method = null; Class[] argsClass = new Class[] { String[].class }; // get the main method for the org.apache.tomcat.shell.Startup class method = aClass.getMethod(main, argsClass); Object object = null; String filePath= -f conf/server.xml; Object[] arguments = new Object[] { new String[] {start}}; // now invoke the main method for the org.apache.tomcat.shell.Startup class method.invoke(object, arguments); }catch(Exception ex){ System.err.println(Ugh ! is all that I can say); ex.printStackTrace(System.err); } } } -- end code --- And here's the stack Trace that I get. begin stack trace dump --- ClassName org.apache.catalina.startup.Bootstrap ClassLoader java.net.URLClassLoader Starting service Tomcat-Standalone Apache Tomcat/4.0.1 Exception during startup processing java.lang.reflect.InvocationTargetException: java.lang.NoClassDefFoundError: org /apache/catalina/loader/Reloader at java.lang.ClassLoader.defineClass0(Native Method) at java.lang.ClassLoader.defineClass(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at org.apache.catalina.loader.StandardClassLoader.findClass(StandardClas sLoader.java:671) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClas sLoader.java:1090) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClas sLoader.java:989) at java.lang.ClassLoader.loadClassInternal(Unknown Source) at org.apache.catalina.core.StandardContext.start(StandardContext.java:3 313) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1123) at org.apache.catalina.core.StandardHost.start(StandardHost.java:612) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1123) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:307 ) at org.apache.catalina.core.StandardService.start(StandardService.java:3 88) at org.apache.catalina.core.StandardServer.start(StandardServer.java:505 ) at org.apache.catalina.startup.Catalina.start(Catalina.java:776) at org.apache.catalina.startup.Catalina.execute(Catalina.java:681) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at java.lang.reflect.Method.invoke(Native Method) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:243) at java.lang.reflect.Method.invoke(Native Method) at TCStart.main(TCStart.java:25) end stack trace dump
DO NOT REPLY [Bug 4330] - ClassCastException with DocumentBuilderFactoryImpl
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4330. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4330 ClassCastException with DocumentBuilderFactoryImpl --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 06:37 --- I encountered the same problem today, when I set up a fresh build environment, including xerces-1_4_4. Using xerces 1_4_3 instead worked for me. In both cases I used the 1.3 JDK, not 1.4. The Tomcat source tree was fresh from CVS today. Joel, were you using xerces-1_4_4 as well by any chance? I have not looked further into what the root cause or right fix is. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5181] New: - HttpConnector [8080] No processor available, rejecting this connection
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5181. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5181 HttpConnector [8080] No processor available, rejecting this connection Summary: HttpConnector [8080] No processor available, rejecting this connection Product: Tomcat 4 Version: 4.0 Beta 1 Platform: Sun OS/Version: Solaris Status: NEW Severity: Critical Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Using Tomcat 4.0 and Catalina, after a short time, receive HttpConnector [8080] No processor available, rejecting this connection error. Changing configuration in server.xml does not resolve this. This does not happen in the production 3.3 version -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Instructions for Configuring Tomcat 4.0 with IIS 4.0/IIS 5.0
Enclosed are the instructions for configuring Tomcat 4.0 with IIS. Please let me know if we can put these somewhere on the website. __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Instructions for Configuring Tomcat 4.0 with IIS 4.0/IIS 5.0
It seems that I cannot send attachments to the list. How can I send an attachment? Thanks --- Rajan Gupta [EMAIL PROTECTED] wrote: Enclosed are the instructions for configuring Tomcat 4.0 with IIS. Please let me know if we can put these somewhere on the website. __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5181] - HttpConnector [8080] No processor available, rejecting this connection
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5181. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5181 HttpConnector [8080] No processor available, rejecting this connection --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 07:44 --- Could you: - Upgrade to 4.0.1 - Give more details about your configuration and the web traffic, since this is the first report about that we got You can also try to raise the number of processors (using the 'maxProcessors' attribute of the Connector). -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Instructions for Configuring Tomcat 4.0 with IIS 4.0/IIS 5.0
Create an entry in bugzilla and say what the purpose is and attach it there.. Then you know for sure that your effort is not forgotten. Mvgr, Martin -Original Message- From: Rajan Gupta [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 29, 2001 4:32 PM To: Tomcat Developers List Subject: Re: Instructions for Configuring Tomcat 4.0 with IIS 4.0/IIS 5.0 It seems that I cannot send attachments to the list. How can I send an attachment? Thanks --- Rajan Gupta [EMAIL PROTECTED] wrote: Enclosed are the instructions for configuring Tomcat 4.0 with IIS. Please let me know if we can put these somewhere on the website. __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4816] - Container fails to prevent concurrent access to servlet implementing SingleThreadModel
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4816. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4816 Container fails to prevent concurrent access to servlet implementing SingleThreadModel [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||WORKSFORME --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 08:06 --- Issue is only apparent when running the J2EE RI. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
ClassCastException on PortableRemoteObject.narrow() call
Hi There! I am encountering ClassCastException on attempting a PortableRemoteObject.narrow() call from one of my utility class used by my JavaBeans. I am essentially looking up a EJB deployed in Weblogic Server. I have tried placing weblogic.jar(which has the factory class - weblogic.jndi.WLInitialContextFactory) and the utility.jar in each of the following directories, but with no success: * CATALINA_HOME/common/lib * CATALINA_HOME/server/lib (though not recommended) * CATALINA_HOME/lib * WEB-INF/lib * explicitly through catalina.bat's CLASSPATH (For more info: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/class-loader-howto.html) I had the same problem in version 3.2.3 when I placed my jars in WEB-INF/lib; BUT, things were working when I moved these to TOMCAT_HOME/lib. Could someone share similar experiences in Tomcat 4.0? One could reproduce the problem with these 3 steps: 1. jsp/servlet/javabean calls a utility.jar for JNDI lookup, say Utility.lookup(servicename) 2. utility.jar uses weblogic.jar or any other jar for lookup through Context.lookup() 3. jsp/servlet/javabean does a PortableRemoteObject.narrow() on the Object returned by lookup() Thanks in advance. Aprameya -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: servlets-ssi.renametojar
Glenn Nielsen wrote: I am pleased to see the interest in security issues. But when developing solutions for security issues we need to remember that Tomcat4 can use the Java SecurityManager. And in almost all cases the security needed can be achieved by using catalina.policy. We should leverarge the Java SecurityManager as much as possible to solve these types of security issues rather than writing and relying on our own code to enforce security. The issue you are addressing Paul can also be addressed by my PROPOSAL a week ago. If Tomcat is running with the Java SecurityManager the SSI servlet can't perform an exec unless it has been granted permission to do so. Yes. I like it. I hadn't thought about creating yet another class area to provide finer grain security for just the catalina servlets. I'll have to search for your original proposal and take a look. More below... -- 1. Create $CATALINA_HOME/servlets/lib and $CATALINA_HOME/servlets/classes. This is where global servlets provided with Tomcat 4 can be installed. 2. Move the following jar files into $CATALINA_HOME/servlets/lib servlets-cgi.renametojar servlets-common.jar servlets-default.jar servlets-invoker.jar servlets-manager.jar servlets-snoop.jar servlets-ssi.jar servlets-webdav.jar 3. Update the class loader creation in Bootstrap.java for the catalina loader to look for jar files and classes in $CATALINA_HOME/servlets in addition to $CATALINA_HOME/server. 4. Update the default catalina.policy so that it provides explicit permissions for each jar file in $CATALINA_HOME/servlets/lib. 5. Update the documentation regarding the above changes. Please vote +1 so I can implement the above changes. -- I'm not a committer but I'm willing to help with this. So that's my +1 for what it's worth. It is time to consider making use of the Java SecurityManager the default startup option for Tomcat, or even require that Tomcat be run with the Java SecurityManager. I agree. I had heard horror stories about getting tomcat to run with the security manager, but I found it very easy. It took me a bit to figure out that the server class loader runs with AllPermission and that's why Runtime.exec() is allowed in these servlets. I think that even with moving the servlets to their own area that the server policy should probably be finer grained. AllPermission is convenient but there are clearly a few things that that even these classes shouldn't be allowed to do. (Runtime.exec for example) Having the server area explicitly spell out its security needs will also make fine-tuning that security easier for the more paranoid sys admins. All that being said, my patches for disabling the exec directive might still be useful. Since it simply removes the directive from consideration it causes it to be treated as an unknown command rather than a security error. Currently, unknown commands can be ignored with the correct option. In an ideal world, all of the directives would be configurable but that seemed like overkill. Anyway, I'm going to try and setup your proposal here locally and see if I find any problems. -Paul Regards, Glenn Paul Speed wrote: Hello, I'm currently looking into the security issues pertaining to enabling this by default. I followed the conversation for why it is the way it is, but now that I'm actually in the guts of the thing, I don't think I fully understand. The issue as I remember it is that the SsiExec class in servlets-ssi.jar could be exploited even if SSI support wasn't enabled in the web.xml file. The part I'm fuzzy on is how this can be true. Since servlets-ssi.jar is loaded into the server class loader (server/lib) it seems to me that it would be impossible for a rogue webapp to access any classes in this jar. In any case, my solution should protect from these kinds of attacks also, I'm just not sure they're possible. I'll be submitting a patch shortly that should allow SSI support to be enabled by default but would require a specific configuration change to get the exec directive to work. -Paul Speed P.S.: I'd be curious to know of anyone actually using the exec directive. Looking at the code, I'm not sure I see how it works for non-CGI stuff. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- -- Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder| MOREnet System Programming | * if iz ina coment. | Missouri Research and Education Network | */ | -- -- To unsubscribe,
DO NOT REPLY [Bug 4156] - javadoc errors
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4156. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4156 javadoc errors [EMAIL PROTECTED] changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 09:26 --- The warnings were fixed in the HEAD branch (although I don't really know when). -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime BodyContentImpl.java JspWriterImpl.java
remm01/11/29 09:17:32 Modified:jasper/src/share/org/apache/jasper/runtime BodyContentImpl.java JspWriterImpl.java Log: - Remove the @see tags, which weren't adding any really useful information, but were causing Javadoc warnings. Revision ChangesPath 1.3 +0 -5 jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime/BodyContentImpl.java Index: BodyContentImpl.java === RCS file: /home/cvs/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime/BodyContentImpl.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- BodyContentImpl.java 2001/03/12 22:17:33 1.2 +++ BodyContentImpl.java 2001/11/29 17:17:31 1.3 @@ -244,7 +244,6 @@ * method. * * @param i The codeint/code to be printed - * @seejava.lang.Integer#toString(int) * @throws java.io.IOException */ @@ -260,7 +259,6 @@ * method. * * @param l The codelong/code to be printed - * @seejava.lang.Long#toString(long) * @throws java.io.IOException */ @@ -276,7 +274,6 @@ * method. * * @param f The codefloat/code to be printed - * @seejava.lang.Float#toString(float) * @throws java.io.IOException */ @@ -292,7 +289,6 @@ * #write(int)}/code method. * * @param d The codedouble/code to be printed - * @seejava.lang.Double#toString(double) * @throws java.io.IOException */ @@ -342,7 +338,6 @@ * method. * * @param obj The codeObject/code to be printed - * @seejava.lang.Object#toString() * @throws java.io.IOException */ 1.2 +3 -8 jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime/JspWriterImpl.java Index: JspWriterImpl.java === RCS file: /home/cvs/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime/JspWriterImpl.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- JspWriterImpl.java2000/08/12 00:52:12 1.1 +++ JspWriterImpl.java2001/11/29 17:17:31 1.2 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime/JspWriterImpl.java,v 1.1 2000/08/12 00:52:12 pierred Exp $ - * $Revision: 1.1 $ - * $Date: 2000/08/12 00:52:12 $ + * $Header: /home/cvs/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/runtime/JspWriterImpl.java,v 1.2 2001/11/29 17:17:31 remm Exp $ + * $Revision: 1.2 $ + * $Date: 2001/11/29 17:17:31 $ * * * @@ -434,7 +434,6 @@ * method. * * @param i The codeint/code to be printed - * @seejava.lang.Integer#toString(int) */ public void print(int i) throws IOException { write(String.valueOf(i)); @@ -448,7 +447,6 @@ * method. * * @param l The codelong/code to be printed - * @seejava.lang.Long#toString(long) */ public void print(long l) throws IOException { write(String.valueOf(l)); @@ -462,7 +460,6 @@ * method. * * @param f The codefloat/code to be printed - * @seejava.lang.Float#toString(float) */ public void print(float f) throws IOException { write(String.valueOf(f)); @@ -476,7 +473,6 @@ * #write(int)}/code method. * * @param d The codedouble/code to be printed - * @seejava.lang.Double#toString(double) */ public void print(double d) throws IOException { write(String.valueOf(d)); @@ -520,7 +516,6 @@ * method. * * @param obj The codeObject/code to be printed - * @seejava.lang.Object#toString() */ public void print(Object obj) throws IOException { write(String.valueOf(obj)); -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4157] - javadoc errors
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4157. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4157 javadoc errors [EMAIL PROTECTED] changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 09:34 --- Fixed. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Catalina.java
patrickl01/11/29 09:18:10 Modified:catalina/src/share/org/apache/catalina/startup Catalina.java Log: Fix for situation where an SSL connector is enabled but external dependencies (e.g. no .keystore file, etc.) are not correctly installed. Previous to this change, Tomcat would never invoke Lifecycle.start() if any connectors threw an exception. Hence, Tomcat appear to be hung. With this change, Tomcat will now properly start all connectors that are properly configured and won't get hung up by any improperly configured connectors. If desired, I can backport this change to the tomcat_40_branch for the upcoming 4.0.2 release. Revision ChangesPath 1.40 +13 -4 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java Index: Catalina.java === RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v retrieving revision 1.39 retrieving revision 1.40 diff -u -r1.39 -r1.40 --- Catalina.java 2001/11/17 08:26:06 1.39 +++ Catalina.java 2001/11/29 17:18:09 1.40 @@ -1,7 +1,7 @@ /* - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v 1.39 2001/11/17 08:26:06 remm Exp $ - * $Revision: 1.39 $ - * $Date: 2001/11/17 08:26:06 $ + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v 1.40 2001/11/29 17:18:09 patrickl Exp $ + * $Revision: 1.40 $ + * $Date: 2001/11/29 17:18:09 $ * * * @@ -97,7 +97,7 @@ * /u * * @author Craig R. McClanahan - * @version $Revision: 1.39 $ $Date: 2001/11/17 08:26:06 $ + * @version $Revision: 1.40 $ $Date: 2001/11/29 17:18:09 $ */ public class Catalina { @@ -494,6 +494,15 @@ if (server instanceof Lifecycle) { try { server.initialize(); +} catch (LifecycleException e) { +System.out.println(Catalina.start: + e); +e.printStackTrace(System.out); +if (e.getThrowable() != null) { +System.out.println(- Root Cause -); +e.getThrowable().printStackTrace(System.out); +} +} +try { ((Lifecycle) server).start(); } catch (LifecycleException e) { System.out.println(Catalina.start: + e); -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4482] - Typo: Directory referenced as /WEB-INF/web.xml instead of /WEB-INF
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4482. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4482 Typo: Directory referenced as /WEB-INF/web.xml instead of /WEB-INF [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 09:39 --- The paragraph about XML parsers was rewritten. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4560] - getParameter returning null when a value contains the equals symbol =
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4560. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4560 getParameter returning null when a value contains the equals symbol = [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||WONTFIX --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 09:42 --- As I stated, the HTTP specification is quite clear about special characters in URLs, and they must be encoded. Since it is beyond the scope of the specification, I don't see the point of changing Tomcat behavior. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: servlets-ssi.renametojar
Glenn Nielsen wrote: [snip] Glad to hear you had success using Tomcat with the Java SecurityManager. Where I work we have several different installs of Tomcat. All of them use a much more restrictive policy file than the default catalina.policy. At one point the Tomcat 4 Security Manager docs included an example of a more restrictive policy than the default catalina.policy that Tomcat 4 is distributed with. If I have time, I will update those docs for the Tomcat 4.0.2 release. And perhaps add an example catalina.policy to the distribution which is more restrictive. Hmmm, now that the framework is there for the admin web application, perhaps an easier to understand interface could be added to if for configuring the catalina.policy file. I may have to take a look at these examples. Trying to whittle down AllPermission by guess work is a daunting task to say the least. ;) I'll RTFM before I complain too loudly. :) All that being said, my patches for disabling the exec directive might still be useful. Since it simply removes the directive from consideration it causes it to be treated as an unknown command rather than a security error. Currently, unknown commands can be ignored with the correct option. In an ideal world, all of the directives would be configurable but that seemed like overkill. Yes, that might be useful. I just don't want to see Tomcat 4 littered with alot of 'security' code when security can be enforced using the Java SecurityManager and a policy file. I whole-heartedly agree with that. -Paul Anyway, I'm going to try and setup your proposal here locally and see if I find any problems. Let me know how it works out. Thanks, Glenn -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4816] - Container fails to prevent concurrent access to servlet implementing SingleThreadModel
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4816. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4816 Container fails to prevent concurrent access to servlet implementing SingleThreadModel [EMAIL PROTECTED] changed: What|Removed |Added Status|RESOLVED|REOPENED Priority|Other |Medium Resolution|WORKSFORME | --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:19 --- Guess I requested this to be closed too soon. I'm able to get the failure to appear with TC 4.01 with 20 client threads. I'm adding the client code to make this issue easily reproduced. To run the client issue: java Client hostname port number_of_threads request path When a failure occurs, the client will report an Exception that the server returned a 500. Check the TC log and the following message, or one similar depending on where the failure occurred in the Servlet: javax.servlet.ServletException: Thread counter was not 0 upon entering the service() method The value found was: 1 *** import java.net.HttpURLConnection; import java.net.URL; public class Client { private static final int SLEEPTIME = 5000; private static final int NUM_REQUESTS = 3; // For Thread Synchronization private static int threadCount = 0; private static int threadsDone = 0; private static int errors = 0; private static int port = 0; private static Object lock = new Object(); private static Object startLock = new Object(); private static Object workLock = new Object(); private static String hostname = null; private static String requestPath = null; public Client( String hostname, int port, int threadCount, String requestPath ) { this.hostname= hostname; this.port= port; this.threadCount = threadCount; this.requestPath = requestPath; } public void runTest() { try { Thread[] testThread = new Thread[ threadCount ]; for ( int i = 0; i threadCount; i++ ) { testThread[ i ] = new Thread( new TestThread( i ), TestThread- + i ); testThread[ i ].setPriority( Thread.MAX_PRIORITY ); testThread[ i ].start(); } synchronized( lock ) { while ( threadsDone testThread.length ) { lock.wait(); } try { Thread.sleep( SLEEPTIME ); } catch ( Exception e ) { ; } } //notify all to start synchronized( startLock ) { threadsDone = 0; startLock.notifyAll(); } //wait for completion synchronized( lock ) { while ( threadsDone testThread.length ) { lock.wait(); } } if ( errors 0 ) { System.err.println( Number of Errors: + errors ); System.err.println( Test FAILED ); } else { System.out.println( No Errors. Test PASSED ); } } catch ( Exception e ) { System.err.println( Unexpected Exception in runTest()! ); System.err.println( Exception: + e.toString() ); System.err.println( Message: + e.getMessage() ); e.printStackTrace(); System.exit( 1 ); } } public static void main( String[] args ) { Client client = new Client( args[ 0 ], new Integer( args[ 1 ] ).intValue(), new Integer( args[ 2 ] ).intValue(), args[ 3 ] ); client.runTest(); System.exit( 0 ); } class TestThread implements Runnable { // Instance variables private int threadNum = 0; private boolean synchronize = true; public TestThread( int threadNum ) { this.threadNum = threadNum; } public void run() { synchronized( lock ) { ++threadsDone; lock.notifyAll(); } synchronized( startLock ) { try { startLock.wait(); } catch ( InterruptedException ie ) { ; } } this.runSingleThreadModelTest(); synchronized( lock ) { ++threadsDone;
DO NOT REPLY [Bug 5185] New: - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5185. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5185 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 Summary: Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 Product: Tomcat 4 Version: 4.0.1 Final Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Enhancement Priority: Other Component: HTTP/1.1 Connector AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4690] - sessions not scoped according to spec section 7.3
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4690. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4690 sessions not scoped according to spec section 7.3 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||LATER --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:34 --- This bug is complex to fix, and for this reason will probably not be fixed in the 4.0.x branch, but more likely for 4.1. This will be mentioned in the release notes. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4706] - problem when servlet.jar is accessed by other classes
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4706. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4706 problem when servlet.jar is accessed by other classes [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:38 --- This was probably caused by a race condition in the StandardClassLoader which was found and fixed since then. Tomcat 4.0.2 will have the fix. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5185] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5185. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5185 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 [EMAIL PROTECTED] changed: What|Removed |Added Component|HTTP/1.1 Connector |AJP Connector --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:40 --- Changing category. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes HelloWorldExample.java
remm01/11/29 10:28:41 Modified:webapps/examples/WEB-INF/classes Tag: tomcat_40_branch HelloWorldExample.java Log: - Remove extra body tag. Bug 4956. Revision ChangesPath No revision No revision 1.1.4.1 +1 -2 jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/HelloWorldExample.java Index: HelloWorldExample.java === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/HelloWorldExample.java,v retrieving revision 1.1 retrieving revision 1.1.4.1 diff -u -r1.1 -r1.1.4.1 --- HelloWorldExample.java2000/08/17 00:57:52 1.1 +++ HelloWorldExample.java2001/11/29 18:28:41 1.1.4.1 @@ -1,4 +1,4 @@ -/* $Id: HelloWorldExample.java,v 1.1 2000/08/17 00:57:52 horwat Exp $ +/* $Id: HelloWorldExample.java,v 1.1.4.1 2001/11/29 18:28:41 remm Exp $ * */ @@ -34,7 +34,6 @@ out.println(title + title + /title); out.println(/head); out.println(body bgcolor=\white\); -out.println(body); // note that all links are created to be relative. this // ensures that we can move the web application that this -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4956] - There are two BODY tags found in a source code
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4956. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4956 There are two BODY tags found in a source code [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:46 --- Fixed. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 4988] - Tomcat hangs after auto-start
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4988. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4988 Tomcat hangs after auto-start [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:49 --- I've had some problems with 1.4 myself. Using Tomcat as a service uses JNI (using the jvm.dll). It is a very strange problem. Since it's unlikely Tomcat could fix the problem, I'll mark the bug as invalid. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Problem with JAAS and TOMCAT 4.0.1
Hi have modified the sample given with JAAS 1.0. I have developed a jsp that calls the sample.java file. This file has been modificated in several ways, the main method has been changed to a method class and some other changes to adapt it to a web application. The problem is that when I try to run the jsp I get the following error: java.lang.SecurityException: unable to instantiate LoginConfiguration at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:212) at javax.security.auth.login.LoginContext$1.run(LoginContext.java:166) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.init(LoginContext.java:163) at javax.security.auth.login.LoginContext.(LoginContext.java:319) at sample.Sample.run(Sample.java:47) at org.apache.jsp.Login$jsp._jspService(Login$jsp.java:64) I have tried copying the jaas.jar, the sample_jaas.config and the loginmodule classes to all the places where I think that it should work. Do you know where shouyld I put all the related classes ? Thanks -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5186] New: - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 Summary: Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 Product: Tomcat 4 Version: 4.0.1 Final Platform: PC URL: http://users.eshare.com/rgupta/ConfiguringTomcat4WithIIS .htm OS/Version: Windows NT/2K Status: NEW Severity: Enhancement Priority: Other Component: HTTP/1.1 Connector AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5186] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:58 --- That looks like it would answer a lot of user questions. Would it be possible to convert the file to the XML format used by the rest of the Tomcat 4 documentation ? See the tomcat-docs bundle for more details. I'll add a placeholder AJP 1.3 page in the documentation, which should hold all the documentation for AJP 1.3 with Tomcat 4. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5185] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5185. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5185 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||DUPLICATE --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 10:59 --- You can edit an existing bug instead of creating a new one. *** This bug has been marked as a duplicate of 5186 *** -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes HelloWorldExample.java
remm01/11/29 10:27:26 Modified:webapps/examples/WEB-INF/classes HelloWorldExample.java Log: - Remove extra body tag. Bug 4956. Revision ChangesPath 1.2 +1 -2 jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/HelloWorldExample.java Index: HelloWorldExample.java === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/HelloWorldExample.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- HelloWorldExample.java2000/08/17 00:57:52 1.1 +++ HelloWorldExample.java2001/11/29 18:27:25 1.2 @@ -1,4 +1,4 @@ -/* $Id: HelloWorldExample.java,v 1.1 2000/08/17 00:57:52 horwat Exp $ +/* $Id: HelloWorldExample.java,v 1.2 2001/11/29 18:27:25 remm Exp $ * */ @@ -34,7 +34,6 @@ out.println(title + title + /title); out.println(/head); out.println(body bgcolor=\white\); -out.println(body); // note that all links are created to be relative. this // ensures that we can move the web application that this -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5169] - If jsp_precompile is evalutated to be false, the request will be processed by the target JSP
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5169. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5169 If jsp_precompile is evalutated to be false, the request will be processed by the target JSP [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 12:00 --- Fixed (nightly 20011130), thanks Ryan Lubke for the patch. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet JspServlet.java
kinman 01/11/29 11:40:52 Modified:jasper/src/share/org/apache/jasper/servlet JspServlet.java Log: PR: 5169 Submitted by: [EMAIL PROTECTED] (Ryan Lubke) -- Spec says jsp_precompile=false means jsp_precompile=true (weird, huh?). Fix to conform. I'm confused ! Why don't we just return true all the time, then ? ;-) Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jk/native/netscape jk_nsapi_plugin.c
mmanders01/11/29 12:02:44 Modified:jk/native/netscape jk_nsapi_plugin.c Log: Added default worker_env to prevent GPF during startup. Set ssl_key_size to -1 for now until we can determine if this is available from the webserver, and how to configure it (ala JkOptions for Apache module.) Revision ChangesPath 1.7 +6 -3 jakarta-tomcat-connectors/jk/native/netscape/jk_nsapi_plugin.c Index: jk_nsapi_plugin.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native/netscape/jk_nsapi_plugin.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- jk_nsapi_plugin.c 2001/11/07 21:46:28 1.6 +++ jk_nsapi_plugin.c 2001/11/29 20:02:44 1.7 @@ -58,7 +58,7 @@ /*** * Description: NSAPI plugin for Netscape servers * * Author: Gal Shachor [EMAIL PROTECTED] * - * Version: $Revision: 1.6 $ * + * Version: $Revision: 1.7 $ * ***/ @@ -89,6 +89,7 @@ static int init_on_other_thread_is_ok = JK_FALSE; static jk_logger_t *logger = NULL; +static jk_worker_env_tworker_env; #ifdef NETWARE int (*PR_IsSocketSecure)(SYS_NETFD *csd); /* pointer to PR_IsSocketSecure function */ @@ -131,7 +132,7 @@ jk_map_t *init_map = (jk_map_t *)init_d; /* we add the URI-WORKER MAP since workers using AJP14 will feed it */ /* but where are they here in Netscape ? */ -if(wc_open(init_map, NULL, logger)) { +if(wc_open(init_map, worker_env, logger)) { init_on_other_thread_is_ok = JK_TRUE; } else { jk_log(logger, JK_LOG_EMERG, In init_workers_on_other_threads, failed\n); @@ -269,7 +270,7 @@ int rc = REQ_ABORTED; jk_map_t *init_map; -fprintf(stderr, In jk_init %s %s %s\n,worker_prp_file, log_level_str, log_file); +fprintf(stderr, In jk_init.\n Worker file = %s.\n Log level = %s.\n Log File = %s\n,worker_prp_file, log_level_str, log_file); if(!worker_prp_file) { worker_prp_file = JK_WORKER_FILE_DEF; } @@ -455,6 +456,8 @@ else #endif s-is_ssl = security_active; + +s-ssl_key_size = -1; /* required by Servlet 2.3 Api, added in jtc */ if(s-is_ssl) { s-ssl_cert = pblock_findval(auth-cert, private_data-rq-vars); if(s-ssl_cert) { -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet JspServlet.java
You can't return true always, since the spec (section 8.4.2) says that any value for jsp_precompile other than none, true, or false will return error code 500. - Original Message - From: Remy Maucherat [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Sent: Thursday, November 29, 2001 11:58 AM Subject: Re: cvs commit: jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet JspServlet.java kinman 01/11/29 11:40:52 Modified:jasper/src/share/org/apache/jasper/servlet JspServlet.java Log: PR: 5169 Submitted by: [EMAIL PROTECTED] (Ryan Lubke) -- Spec says jsp_precompile=false means jsp_precompile=true (weird, huh?). Fix to conform. I'm confused ! Why don't we just return true all the time, then ? ;-) Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] ** This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet JspServlet.java
kinman 01/11/29 13:08:59 Modified:jasper/src/share/org/apache/jasper/servlet Tag: tomcat_40_branch JspServlet.java Log: PR: 5169 Submitted by: [EMAIL PROTECTED] (Ryan Lubke) -- Spec says jsp_precompile=false means jsp_precompile=true (weird, huh?). Fix to conform. Revision ChangesPath No revision No revision 1.21.2.4 +1 -1 jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet/JspServlet.java Index: JspServlet.java === RCS file: /home/cvs/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet/JspServlet.java,v retrieving revision 1.21.2.3 retrieving revision 1.21.2.4 diff -u -r1.21.2.3 -r1.21.2.4 --- JspServlet.java 2001/11/28 17:28:11 1.21.2.3 +++ JspServlet.java 2001/11/29 21:08:59 1.21.2.4 @@ -422,7 +422,7 @@ if (value.equals(true)) return (true); // ?jsp_precompile=true else if (value.equals(false)) -return (false);// ?jsp_precompile=false +return (true); // ?jsp_precompile=false else throw new ServletException(Cannot have request parameter + Constants.PRECOMPILE + set to + -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5188] New: - AdaptiveClassLoader : Finding resources with getResources(). (jndi.properties).
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5188. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5188 AdaptiveClassLoader : Finding resources with getResources(). (jndi.properties). Summary: AdaptiveClassLoader : Finding resources with getResources(). (jndi.properties). Product: Tomcat 4 Version: 4.0.1 Final Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Hi, When trying to create a InitialContext() for a JNDI lookup, the InitialContext () attempts to locate a jndi.properties file. This files does exist in a jar file in the WEB-INF/classes directory, but Tomcat doesn't locate it. I can see, that others have had the same problem, but I can't find any bugs submitted on it. If this is a duplicate entry, send a heated flame and delete the entry *S*. I've pasted in an entry I found on the net describing the problem, and a fix for the Tomcat 3.2 - hope it's of any help. I'm currently assigned to a 25- hours-per-day project, so I haven't even taken the time to check, if this code have been merged into the released code. I've taken the easy (ugly) way out and placed the JAR file containing my jndi.properties file in the global class path. --- Paste in - start From: Christopher Audley [EMAIL PROTECTED] The following discussion applies to tomcat 3.2.1 running under Sun JDK 1.3 I spent this afternoon tracking down why a call to new InitialContext() from a web application did not appear to be finding the jndi.properties located under WEB-INF/classes. I am using the Jdk12Interceptor and verified that Thread.currentThread().getClassLoader() was the tomcat AdaptiveClassLoader before the call to new InitialContext(). After some investigation I determined that the JNDI implementation uses the classloader method getResources to find all occurances of the file jndi.properties in the classpath. AdaptiveClassLoader does not have this method implemented, the default implementation calls findResources which simply returns an empty Enumeration unless overriden. Attached are patches to AdaptiveClassLoader and ClassRepository to implement findResources so that JNDI will behave correctly when a jndi.properties is placed in the web application classpath. I have moved some code from AdaptiveClassLoader to ClassRepository to avoid code duplication and changed the implementation of getResource to findResource for consistency. I hope that this can be incorporated into the sources before 3.2.2. Cheers Chris diff -ubr jakarta-tomcat-3.2.1- src.orig/src/share/org/apache/tomcat/loader/AdaptiveClassLoader.java jakarta- tomcat-3.2.1-src/src/share/org/apache/tomcat/loader/AdaptiveClassLoader.java --- jakarta-tomcat-3.2.1- src.orig/src/share/org/apache/tomcat/loader/AdaptiveClassLoader.javaSun Mar 11 19:21:12 2001 +++ jakarta-tomcat-3.2.1- src/src/share/org/apache/tomcat/loader/AdaptiveClassLoader.java Sun Mar 11 18:40:46 2001 @@ -762,69 +762,45 @@ * @param namethe name of the resource, to be used as is. * @return an URL on the resource, or null if not found. */ -public URL getResource(String name) { -if( debug 0 ) log( getResource() + name ); -// First ask the parent class loader to fetch it, if possible -URL u = null; -if (parent != null) { -u = parent.getResource(name); -if (u != null) -return (u); -} -// Second ask the system class loader to fetch it from the classpath -u = getSystemResource(name); -if (u != null) { -return u; -} - +protected URL findResource(String name) { if (name == null) { return null; } -// Third, check our own repositories +// check our own repositories Enumeration repEnum = repository.elements(); while (repEnum.hasMoreElements()) { ClassRepository cp = (ClassRepository) repEnum.nextElement(); -File file = cp.getFile(); -// Construct a file://-URL if the repository is a directory -if (file.isDirectory()) { -String fileName = name.replace('/', File.separatorChar); -File resFile = new File(file, fileName); -if (resFile.exists()) { -// Build a file:// URL form the file name -try { -return new URL(file, null, resFile.getAbsolutePath ()); -} catch(java.net.MalformedURLException badurl) {
Re: [VOTE] New Committer: Jazmin Jonson
+1 Bojan Amy Roh wrote: As Bill Barker suggested, I would like to propose Jazmin Jonson as a new committer. She has contributed a numerous patches to Tomcat4 admin application. Votes please? Amy Roh -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5186] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 14:32 --- Created an attachment (id=851) Document for Configuring Tomcat 4.0 with IIS -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Catalina.java
patrickl01/11/29 09:18:10 Modified:catalina/src/share/org/apache/catalina/startup Catalina.java Log: Fix for situation where an SSL connector is enabled but external dependencies (e.g. no .keystore file, etc.) are not correctly installed. Previous to this change, Tomcat would never invoke Lifecycle.start() if any connectors threw an exception. Hence, Tomcat appear to be hung. With this change, Tomcat will now properly start all connectors that are properly configured and won't get hung up by any improperly configured connectors. If desired, I can backport this change to the tomcat_40_branch for the upcoming 4.0.2 release. I don't agree. If server.initialize throws an exception, why would we want to try to start it anyway (just in case it manages to be able to do something). I think we should not call await (and shutdown) if something went wrong during init. Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5188] - AdaptiveClassLoader : Finding resources with getResources(). (jndi.properties).
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5188. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5188 AdaptiveClassLoader : Finding resources with getResources(). (jndi.properties). [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||WONTFIX --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 14:55 --- I remember some people have reported that this particular thing does actually work. If it doesn't, there's nothing I can fix to make it work. Tomcat sets the context class loader appropriately. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5186] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 15:11 --- Is there a smarter tool to convert the html file to XML format. Or I have to use tool such as XMLSpy to manually do it. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
[PROPOSAL] 4.0 Jasper rewrite
1 The Problem The current JSP compiler (Jasper) in tomcat 4.0 is essentially an one-pass compiler, with a two stage process. The Jsp page is first parsed, looking for JSP syntatic elements, and a list of generators for these elements are produced. At the second stage, these generators are visited to generate the java program, which is then compiled (by javac) into bytecodes. Such a compiler is simple, light weight and fast, and works very well so far. However, it has the short-comings that are usually associated with an one-pass compiler. For instance, 1.1 It's hard to handle problems that require looking up info in another part of the page. For instance, enforcing the rule that taglib needs to be declared before use would be hard to implement. Right now, any custom tags used before declared are treaded as unprocessed tags (a bug). 1.2 It's hard to add new logic to the parts. For intance, currently, Xml view of the output is added on to the generators as a wrapper, instead of a set of generators on their own, on another visit. 1.3 It doesn't have an uniform error reporting mechanism. For instance, %@ page import directive are collected and generated outside of the generators, where the line number mapping from .java to .jsp files is non-functioning. 1.4 It's hard to do any optimization, other than the basic onces. For instance, optimizations such as taglib object reuse would be hard to do, since it's hard for the compiler to find out about the objects that were generated before. 2 The Proposed Compiler Structure I think it's time to do a rewrite of Jasper. The compilation would be a multi-pass process. 2.1 Jsp Syntax Tree The most important data structure is one that is the internal representation of the JSP page. Call it the Jsp syntax tree if you wish. It is produced by the parser, annotated by the validators, and modified and transformed by the optimizers. 2.2 The Parser It parses the origianl Jsp page and generates the Jsp syntax tree. There are little semantic processing here. Note that there will be 2 parsers, one for the regular jsp syntax, the other for the xml syntax. 2.3 Visitors Once the Jsp syntax tree is generated, it can be manipulated by various visitors. These visitors would use the visitor pattern, so that it only needs to define the actions on the jsp elements it has interest on. 2.3.1 The validator visitor Performs checking (e.g. allowed attribute values) on Jsp elements, and report errors. 2.3.2 The dump visitor Dumps the tree for debugging. Callable from the debugger. 2.3.3 The optimize visitors These optional phases can be added later. I have some ideas. 2.3.4 Xml output visitor Generates xml file only if needed. 2.3.5 Java code generator visitors Generates the Java program. 3. Current status I have been experimenting with Jsp syntax tree class definitions. Nothing working yet. I'll publish some code if there are interest. Comments are welcome. Also let me know if there are interests in helping, either in design or implementation. Thanks! -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Catalina.java
Remy, That is a valid approach as well. I only selected starting the rest of the connectors because that seemed to be the least radical change in the existing functionality. Patrick Remy Maucherat wrote: patrickl01/11/29 09:18:10 Modified:catalina/src/share/org/apache/catalina/startup Catalina.java Log: Fix for situation where an SSL connector is enabled but external dependencies (e.g. no .keystore file, etc.) are not correctly installed. Previous to this change, Tomcat would never invoke Lifecycle.start() if any connectors threw an exception. Hence, Tomcat appear to be hung. With this change, Tomcat will now properly start all connectors that are properly configured and won't get hung up by any improperly configured connectors. If desired, I can backport this change to the tomcat_40_branch for the upcoming 4.0.2 release. I don't agree. If server.initialize throws an exception, why would we want to try to start it anyway (just in case it manages to be able to do something). I think we should not call await (and shutdown) if something went wrong during init. Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- _ Patrick Luby Email: [EMAIL PROTECTED] Sun Microsystems Phone: 408-276-7471 901 San Antonio Road, USCA14-303 Palo Alto, CA 94303-4900 _ -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5189] New: - Tomcat does not recognize tag-class changes in .TLD file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5189. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5189 Tomcat does not recognize tag-class changes in .TLD file Summary: Tomcat does not recognize tag-class changes in .TLD file Product: Tomcat 4 Version: 4.0.1 Final Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Minor Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] I created a tag library and a JSP page to reference it. The .tld reference was something like this: tag namesomename/name tag-classcom.SomeJavaTagClass/tag-class ...etc... /tag I brought up the JSP page and it worked fine. Then I changed the .tld entry as follows: tag namesomename/name tag-classcom.SomeJavaTagClassThatDoesntExist/tag-class ...etc... /tag I shutdown and restarted Tomcat. When I brought up the JSP page it still worked fine. That was unexpected to me. If I then modify the JSP file and restart Tomcat, it will give a compile error as I expected it to do after the original .tld modification. Is this expected behavior??? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
[PATCH] Watchdog-4.0 - Correction/cleanup of jsp_precompile tests
I've cleaned up the jsp_precompile tests in Watchdog-4.0 in response to Bug 5169. - removed the goldenfile checks in the jsp-gtest.xml for those precompile tests that used them. - removed commented and invalid tests from that section - added new functionality to GTest to assert cases where no response body is expected from the server (precompile tests are such a case). - cleanup the assertion and test strategy text The following goldenfiles should be removed from the repository. ${wgdir}/misc/precompilation/response.html ${wgdir}/misc/precompilation/no_parameter.html Index: GTest.java === RCS file: /home/cvspublic/jakarta-watchdog-4.0/src/tools/org/apache/tomcat/task/GTest.java,v retrieving revision 1.3 diff -u -r1.3 GTest.java --- GTest.java 2001/09/28 04:09:56 1.3 +++ GTest.java 2001/11/29 23:31:03 @@ -29,6 +29,7 @@ // Expected response boolean magnitude=true; boolean exactMatch=false; +boolean expectResponseBody=true; // Match the body against a golden file String goldenFile; // Match the body against a string @@ -163,6 +164,19 @@ exactMatch=Boolean.valueOf( exact ).booleanValue(); } +/** + * codesetExpectResponseBody/code will indicate + * whether or not a response body is expected from the + * server for a particular test. In some cases, no + * body should be returned to the client. This allows + * that assertion. + * + * @param b a codeboolean/code value + */ +public void setExpectResponseBody( boolean b ) { +expectResponseBody = b; +} + /** Set the port as int - different name to avoid confusing ant */ public void setPortInt(int i) { @@ -356,7 +370,7 @@ if( responseMatch != null ) { // check if we got the string we wanted - if( responseBody == null ) { + if( responseBody == null expectResponseBody ) { System.out.println(ERROR: got no response, expecting + responseMatch); return false; } @@ -366,6 +380,11 @@ System.out.println(responseBody ); } } + +if ( !expectResponseBody responseBody != null ) { +System.out.println( ERROR: Received a response body from the server where +none was expected ); +return false; +} // compare the body if( goldenFile==null) return responseStatus; Index: jsp-gtest.xml === RCS file: /home/cvspublic/jakarta-watchdog-4.0/src/conf/jsp-gtest.xml,v retrieving revision 1.9 diff -u -r1.9 jsp-gtest.xml --- jsp-gtest.xml 2001/08/09 17:35:13 1.9 +++ jsp-gtest.xml 2001/11/29 23:39:02 @@ -15,63 +15,38 @@ !-- Precompilation tests -- gtest request=GET /jsp-tests/jsp/misc/precompilation/precompile.jsp?jsp_precompile HTTP/1.0 debug=0 host=${host} port =${port} + expectResponseBody=false returncode=200 - testName=precompile.jsp - assertion=Test that the request is not sent to the JSP - testStrategy=No HTML page received when jsp_precompile has no value - / + testName=precompileNoValueTest + assertion=If the jsp_precompile request parameter has no value, the +request will not be delivered to the target JSP page. JavaServer Pages Specification +v1.2, Sec. 8.4.2 + testStrategy=Validate that no response body is returned when +jsp_precompile has no value + / - gtest request=GET /jsp-tests/jsp/misc/precompilation/precompile.jsp?jsp_precompile=falseamp;test=insignificant HTTP/1.0 - debug=0 host=${host} port =${port} - goldenFile=${wgdir}/misc/precompilation/response.html - testName=precompile.jsp - assertion=Test that the request is forwarded properly when jsp_precompile=false - testStrategy=The value of variable passed in the request is displayed if the request goes to the JSP - / - gtest request=GET /jsp-tests/jsp/misc/precompilation/precompile.jsp?jsp_precompile=false HTTP/1.0 - debug=0 host=${host} port =${port} - goldenFile=${wgdir}/misc/precompilation/no_parameter.html - testName=precompile.jsp - assertion=Test that the request is forwarded properly when jsp_precompile=false - testStrategy=The request should be processed - / - -!-- - gtest request=GET /jsp-tests/jsp/misc/precompilation/precompile.jsp?jsp_precompile=%22false%22 HTTP/1.0 debug=0 host=${host} port =${port} - goldenFile=${wgdir}/misc/precompilation/no_parameter.html - testName=precompile.jsp - assertion=Test that the request is forwarded properly when jsp_precompile=%22false%22 - testStrategy=The request should be processed - / --- +
Re: server.xml DTD/Schema
H I've been too fast with this announcement, I need some help. I've got a problem with Connector (and other cases). I miss a concept like interface in XML Schema. A Connector might be of different types: HTTP/1.1 Connector HTTP/1.1 Connector with SSL support Warp Connector and others might come in the future. All of these three connectors have different attributes, but the XML colloquial definition name all of them simply Connector. There is no way to check for 'required' if we simply just throw all possible attributes in the dtd/schema definition, because some are mutual exclusive. Does anybody have a clue how to solve that? My suggestion would be to clean up the XML and define proper elements for different purposes which might result in some coding work... Mika - Original Message - From: Mika Goeckel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, November 30, 2001 1:01 AM Subject: server.xml DTD/Schema Hi, I've built a first version of a DTD/Schema for server.xml and would ask if someone would like to review it? I would prefer the Schema, because it allows more checking, but I haven't seen a parser which checks against schemes, so I created a DTD from it as well. As this is quite a bunch of lines, please hands up who wants to receive it. Cheers, Mika P.S.: The initial cut is from the docu, I plan to go through the source tomorrow to recheck. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Tomcat classloader problem?
I'm hoping someone here can help me with this. The folks on soap-user directed me to tomcat-user, and the tomcat-user folks suggested I try tomcat-dev. So here I am... I'm experiencing a problem with SOAP message-style services when using Tomcat 4.01. When trying to access any message-style SOAP service, my client receives a no signature match fault. I have no problem with RPC-style SOAP services, the same message-style SOAP services work fine with Tomcat 3.2.3, and the signature of the my message-style services is of the correct form; ie: public void serviceName( Envelope env, SOAPContext req, SOAPContext res ) throws IOException, MessagingException; What makes me think that this may be a Tomcat classloader problem is that I can make the fault go away by removing $CATALINA_HOME/webapps/soap/WEB-INF/classes/org/. But I don't understand why this makes the fault go away, and it's clearly an unacceptable hack. I've attached the following: details.txt-- detailed problem description echomsg.tar.gz -- a simple example details Any help in correcting/understanding this will be appreciated. Sorry for the size of this post, but I'm trying to provide all of the details necessary to resolve this. Thanks, -Chris -- Chris Malley PixelZoom, Inc. Voice: +1.303.494.8849 835 Orman Drive EMail: [EMAIL PROTECTED] Boulder CO 80303-2616 ABOUT MY SOAP SERVICE ... 'echomsg' is a SOAP message-style service that simply echoes a string that it receives from the SOAP client. For example... Here's what the client sends: ?xml version='1.0' encoding='UTF-8'? s:Envelope xmlns:s=http://schemas.xmlsoap.org/soap/envelope/; s:Body echo xmlns=urn:echomsghello/echo /s:Body /s:Envelope Here's how the server responds: ?xml version='1.0' encoding='UTF-8'? s:Envelope xmlns:s=http://schemas.xmlsoap.org/soap/envelope/; s:Body responsehello/response /s:Body /s:Envelope Here's the signature of the method that implements the service: public void echo( Envelope env, SOAPContext req, SOAPContext res ) throws IOException, MessagingException; ABOUT MY PLATFORM ... Tomcat 4.0.1 Apache SOAP 2.2 JDK 1.3.1_01 Linux 2.2.12-20 kernel SET UP ... Install Tomcat 4.01 and Apache SOAP 2.2: (1) Install Tomcat 4.01 in $CATALINA_HOME (2) Install Apache SOAP 2.2 in $SOAP_HOME (3) cp $SOAP_HOME/lib/soap.jar to $CATALINA_HOME/lib/ (4) cp $SOAP_HOME/webapps/soap.war to $CATALINA_HOME/webapps/ CLASSPATH is set in the provided Makefile. I do not have CLASSPATH set in my shell environment, and I have not changed any of the Tomcat config files. Build the SOAP service. (5) tar xzvf echomsg.tar.gz (6) cd echomsg (7) make Deploy the SOAP service: (8) make install (9) $CATALINA_HOME/bin/startup.sh (10) make deploy DEMONSTRATING THE PROBLEM ... Run the SOAP client: make test The SOAP response contains this faultstring: faultstringException while handling service request: echomsg.Server.echo(org.apache.soap.Envelope,org.apache.soap.rpc.SOAPContext,org.apache.soap.rpc.SOAPContext) -- no signature match/faultstring Again, this is a message-style service that works just fine with Tomcat 3.2.3. And (see below) I can make it work with Tomcat 4.01 if I resort to hacks. On [EMAIL PROTECTED], it was suggested that this problem was due to the presence of multiple copies of soap. The solutions suggested were to either: (a) remove $CATALINA_HOME/lib/soap.jar, or (b) remove $CATALINA_HOME/webapps/soap/WEB-INF/classes/org/ Method (a) doesn't work; it results in Tomcat not being able to handle SOAP service requests since it doesn't know about the soap servlet. To try method (b), here's what I did: (1) $CATALINA_HOME/bin/shutdown.sh (2) rm -rf $CATALINA_HOME/webapps/soap/WEB-INF/classes/org/ (3) $CATALINA_HOME/bin/startup.sh (4) make test Method (b) does work, but it's an unacceptable hack. And I still don't understand what the original problem is. ** echomsg.tar.gz Description: GNU Zip compressed data -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Tomcat classloader problem?
I'm hoping someone here can help me with this. The folks on soap-user directed me to tomcat-user, and the tomcat-user folks suggested I try tomcat-dev. So here I am... I'm experiencing a problem with SOAP message-style services when using Tomcat 4.01. When trying to access any message-style SOAP service, my client receives a no signature match fault. I have no problem with RPC-style SOAP services, the same message-style SOAP services work fine with Tomcat 3.2.3, and the signature of the my message-style services is of the correct form; ie: public void serviceName( Envelope env, SOAPContext req, SOAPContext res ) throws IOException, MessagingException; What makes me think that this may be a Tomcat classloader problem is that I can make the fault go away by removing $CATALINA_HOME/webapps/soap/WEB-INF/classes/org/. But I don't understand why this makes the fault go away, and it's clearly an unacceptable hack. I've attached the following: details.txt-- detailed problem description echomsg.tar.gz -- a simple example details Any help in correcting/understanding this will be appreciated. Sorry for the size of this post, but I'm trying to provide all of the details necessary to resolve this. Thanks, The problem is that there are class conflicts, as half of the SOAP classes are in the webapp CL, and will be loaded from there (since the CL won't delegate), and the rest will be loaded from the shared CL. The conflicts will occur because the SOAP classes loaded from the shared CL will also load a different copy of the same SOAP classes from soap.jar. Moving soap.jar to $CATALINA_HOME/webapps/soap/WEB-INF/lib/soap.jar should solve the problem, and could be used as a workaround. Alternately, you can remove from $CATALINA_HOME/webapps/soap/WEB-INF/classes/ the classes which are also present in the JAR. Note: I don't consider this a Catalina problem, but more a questionable packaging choice of the SOAP binary. Remy -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: servlets-ssi.renametojar
Hello, In my playing around with security, I've been attempting to break-out the AllPermission for the $(catalina.home}/server classes into something more granular to allow more refined tweaking. Here's what I have so far: grant codeBase file:${catalina.home}/server/- { permission java.lang.RuntimePermission *; permission java.io.FilePermission ALL FILES, read,write,delete; permission java.util.PropertyPermission *, read,write; permission java.security.SecurityPermission *; permission java.net.SocketPermission *:0-, accept,connect,listen,resolve; permission java.net.NetPermission *; permission java.io.SerializablePermission *; permission org.apache.naming.JndiPermission *; }; I've already removed the execute from the FilePermission and I've left out the reflection permission since that's a really really ugly one. Some of the above are probably way too broad... but certainly no broader than AllPermission. I decided to start from the other end of the spectrum and work backwards. With the above, I can still run my own stuff and the tester stuff. Incidentally, the tester webapp fails to initialize when the security manager is enabled. Since it uses PropertyEditorManager in one of its files, it requires PropertyPermission *, read,write in order to run. I'm still trying to figure out how to enabled this just for the tester app (I have it working if I stick it in the general grant section). The docs in catalina.policy don't seem to be helping much. The other curious thing about this particular error is that it doesn't show up as an access failure when using the debugging built into the security manager. -Paul -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5191] New: - JspReader.skipUntil() misss overlaping partial matches
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5191. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5191 JspReader.skipUntil() misss overlaping partial matches Summary: JspReader.skipUntil() misss overlaping partial matches Product: Tomcat 3 Version: 3.2.x Nightly Platform: All OS/Version: All Status: NEW Severity: Minor Priority: Other Component: Jasper AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] When the inner loop in org.apache.jasper.compiler.JspReader detects a partial match and continues the outter loop, it doesn't reset the file position. If the trailing characters of the partial match are actually the leading characters of a full match, the full match will be missed. Here's an example. If a JSP author accidentially types a closing comment with an extra dash (%-- blah ---%), when Parser$Comment searches for the end comment, the failed partial match aginst --- leaves the mark beyond the second dash, and the close comment is missed, resulting in a ParseException. I'll admit that's pretty obscure. And it's not 100% clear from the JSP spec that a leading space is not required for the close comment. But it dosen't hurt to be kind to the JSP author. I did my testing aginst the head of the tomcat_32 branch. But the same code exists in 3.3 as well as 4.0. The exception thrown in the above example is org.apache.jasper.compiler.ParseException: Unterminated %-- tag at org.apache.jasper.compiler.Parser$Comment.accept(Parser.java:412) at org.apache.jasper.compiler.Parser.parse(Parser.java:1077) at org.apache.jasper.compiler.Parser.parse(Parser.java:1042) at org.apache.jasper.compiler.Parser.parse(Parser.java:1038) at org.apache.jasper.compiler.Compiler.compile(Compiler.java:209) at org.apache.jasper.servlet.JspServlet.doLoadJSP(JspServlet.java:612) at org.apache.jasper.servlet.JasperLoader12.loadJSP(JasperLoader12.java:146) at org.apache.jasper.servlet.JspServlet.loadJSP(JspServlet.java:542) at org.apache.jasper.servlet.JspServlet$JspServletWrapper.loadIfNecessary(JspServle t.java:258) at org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.java:2 68) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405) at org.apache.tomcat.core.Handler.service(Handler.java:287) at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372) at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:806) at org.apache.tomcat.core.ContextManager.service(ContextManager.java:752) at org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpConne ctionHandler.java:213) at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416) at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501) at java.lang.Thread.run(Thread.java:479) There's a simple patch that I'll attach that covers my example and failes to break any of the JSP tests in watchdog. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5191] - JspReader.skipUntil() misss overlaping partial matches
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5191. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5191 JspReader.skipUntil() misss overlaping partial matches --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 17:38 --- Created an attachment (id=852) JSPReader.skipUtil() patch to reset the mark on partial matchs -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Help: Building mod_jk on HPUX ...
I'm struggling with getting mod_jk to build properly on HPUX within the Oracle application server (iAS). The build script that is described in the mod_jk_howto relies on the apxs script in the APACHE_HOME/bin directory. It appears that this file is no longer current (it points to a non-existent binary httpd instead of the current httpds for instance). Even after mucking with the files I end up with errors on an include file: $ build-hpux.sh Building mod_jk gcc -DSOLARIS2=260 -DMOD_SSL=204110 -DEAPI -DUSE_EXPAT -I../lib/expat-lite -fPIC -DSHARED_MODULE -I/apps/kdv2/product/iAS/Apache/Apache/include -I../common -I/apps/kdv2/product/iAS/Apache/jdk/include -I/apps/kdv2/product/iAS/Apache/jdk/include/hp-ux -DHPUX11GCC -c ../common/jk_ajp12_worker.c In file included from ../common/jk_logger.h:65, from ../common/jk_ajp12_worker.h:65, from ../common/jk_ajp12_worker.c:63: ../common/jk_global.h:94: sys/select.h: No such file or directory apxs:Break: Command failed with rc=65536 Error with apxs Rob Weaver Web Architect Enterprise e-Commerce Solutions Quovera Cisco: (408) 853-9352 Cell: (650) 823-0928
BUG: org.apache.jasper.compiler.JspReader.skipUntil(String).
All, There is a bug in org.apache.jasper.compiler.JspReader.skipUntil(String): public Mark skipUntil(String limit) throws ParseException { Mark ret = null; int limlen = limit.length(); int ch; skip: for (ret = mark(), ch = nextChar() ; ch != -1 ; ret = mark(), ch = nextChar()) { if ( ch == limit.charAt(0) ) { for (int i = 1 ; i limlen ; i++) { if (Character.toLowerCase((char) nextChar()) != limit.charAt(i)) continue skip; } return ret; } } return null; } The problem is that the inner loop cycles through the string to be skipped but when it falls out because the wrong character was encountered it needs to have saved the state it entered the inner loop with and restart just one character past the point at which it entered the last time. This causes it to fail to recognize things like: %-- this comment ends with an invisible tag (3-hyphens) ---% Cheers. --lee -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5186] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 18:16 --- I don't know how to do it. You apparently used a MS tool, so the generated HTML is useless :-( I'll try to cut paste the content in the AJP page I'm adding. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util/depend DependClassLoader12.java
billbarker01/11/29 18:27:03 Modified:src/share/org/apache/tomcat/util/depend DependClassLoader12.java Log: Add missing Java2 method. AFAIK, this is the last Java2 method that DCL12 needs to implement to support everything that a Java2 CL is supposed to do. Revision ChangesPath 1.6 +4 -0 jakarta-tomcat/src/share/org/apache/tomcat/util/depend/DependClassLoader12.java Index: DependClassLoader12.java === RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/depend/DependClassLoader12.java,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- DependClassLoader12.java 2001/11/21 03:02:27 1.5 +++ DependClassLoader12.java 2001/11/30 02:27:03 1.6 @@ -160,4 +160,8 @@ return value; } +protected Enumeration findResources(String name) + throws IOException { + return parent.getResources(name); +} } -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/webapps/tomcat-docs/config ajp.xml project.xml
remm01/11/29 18:52:08 Modified:webapps/tomcat-docs/config project.xml Added: webapps/tomcat-docs/config ajp.xml Log: - Start adding some docs on AJP support. - Add the IIS HOWTO, contributed by Rajan Gupta. Revision ChangesPath 1.5 +1 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/config/project.xml Index: project.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/project.xml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- project.xml 2001/08/25 20:06:30 1.4 +++ project.xml 2001/11/30 02:52:08 1.5 @@ -24,6 +24,7 @@ menu name=Connectors item name=HTTP/1.1 href=http11.html/ item name=Warp href=warp.html/ +item name=AJP href=ajp.html/ /menu menu name=Containers 1.1 jakarta-tomcat-4.0/webapps/tomcat-docs/config/ajp.xml Index: ajp.xml === ?xml version=1.0? !DOCTYPE document [ !ENTITY project SYSTEM project.xml ] document project; properties author email=[EMAIL PROTECTED]Remy Maucherat/author titleThe AJP Connector/title /properties body section name=Introduction pThe strongAJP Connector/strong element represents a strongConnector/strong component that communicates with a web connector via the codeAJP/code protocol. This is used for cases where you wish to invisibly integrate Tomcat 4 into an existing (or new) Apache installation, and you want Apache to handle the static content contained in the web application, and/or utilize Apache's SSL processing. In many application environments, this will result in better overall performance than running your applications under Tomcat stand-alone using the a href=http11.htmlHTTP/1.1 Connector/a. However, the only way to know for sure whether it will provide better performance for strongyour/strong application is to try it both ways./p /section section name=Attributes subsection name=Common Attributes pAll implementations of strongConnector/strong support the following attributes:/p attributes attribute name=className required=true pJava class name of the implementation to use. This class must implement the codeorg.apache.catalina.Connector/code interface. You must specify the standard value defined below./p /attribute attribute name=enableLookups required=false pSet to codetrue/code if you want calls to coderequest.getRemoteHost()/code to perform DNS lookups in order to return the actual host name of the remote client. Set to codefalse/code to skip the DNS lookup and return the IP address in String form instead (thereby improving performance). By default, DNS lookups are enabled./p /attribute attribute name=redirectPort required=false pIf this strongConnector/strong is supporting non-SSL requests, and a request is received for which a matching codelt;security-constraintgt;/code requires SSL transport, Catalina will automatically redirect the request to the port number specified here./p /attribute attribute name=scheme required=false pSet this attribute to the name of the protocol you wish to have returned by calls to coderequest.getScheme()/code. For example, you would set this attribute to codehttps/code for an SSL Connector. The default value is codehttp/code. See a href=#SSL SupportSSL Support/a for more information./p /attribute attribute name=secure required=false pSet this attribute to codetrue/code if you wish to have calls to coderequest.isSecure()/code to return codetrue/code for requests received by this Connector (you would want this on an SSL Connector). The default value is codefalse/code./p /attribute /attributes /subsection subsection name=Standard Implementation pThe standard implementation of strongAJP Connector/strong is strongorg.apache.ajp.tomcat4.Ajp13Connector/strong./p pstrongThis implementation supports the AJP 1.3 protocol./strong/p pIt supports the following additional attributes (in addition to the common attributes listed above):/p attributes attribute name=acceptCount required=false pThe maximum queue length for incoming connection requests when all possible request processing threads are in use. Any requests received when the queue is full will be refused. The default value is 10./p /attribute attribute name=debug required=false
Re: [VOTE] New Committer: Jazmin Jonson
+1 Craig On Wed, 28 Nov 2001, Amy Roh wrote: Date: Wed, 28 Nov 2001 11:04:17 -0800 From: Amy Roh [EMAIL PROTECTED] Reply-To: Tomcat Developers List [EMAIL PROTECTED] To: tomcat-dev [EMAIL PROTECTED] Subject: [VOTE] New Committer: Jazmin Jonson As Bill Barker suggested, I would like to propose Jazmin Jonson as a new committer. She has contributed a numerous patches to Tomcat4 admin application. Votes please? Amy Roh -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
DO NOT REPLY [Bug 5186] - Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5186 Installation Instructions for Configuring Tomcat 4.0 to Cooperate with IIS 4.0/5.0 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2001-11-29 19:12 --- I've added the documentation. Thanks. Note: Obviously, it's best to submit docs following the format used by the rest of the documentation. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: server.xml DTD/Schema
One thing to remember is that it is not technically possible to write a DTD for server.xml that covers all possible cases (and I suspect that's true for Schema as well). Consider the following cases: * Elements like Logger and Realm let you define which implementation class you want, from the set of choices included with Tomcat. The set of attributes that are valid depends on which implementation class you choose -- and there is no way to make that distinction in a DTD. The best you could do is list the union of all possible attributes -- but that is not semantically valid for any single implementation. * Even more generally, Tomcat users are free to install their own implementations of Tomcat classes, and there's no way your general purpose DTD would know which attributes are valid. Craig McClanahan On Fri, 30 Nov 2001, Mika Goeckel wrote: Date: Fri, 30 Nov 2001 01:01:46 +0100 From: Mika Goeckel [EMAIL PROTECTED] Reply-To: Tomcat Developers List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: server.xml DTD/Schema Hi, I've built a first version of a DTD/Schema for server.xml and would ask if someone would like to review it? I would prefer the Schema, because it allows more checking, but I haven't seen a parser which checks against schemes, so I created a DTD from it as well. As this is quite a bunch of lines, please hands up who wants to receive it. Cheers, Mika P.S.: The initial cut is from the docu, I plan to go through the source tomorrow to recheck. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
ClassNotFound Exception when loading Tomcat 4.0.1 via URLClassLoader
Hello all, I'm trying to write a Swing based UI that'll help manage Tomcat. Towards that end, I'm first trying to load Tomcat via a URLCLassLoader. This is so that one can load and test different Tomcat releases, and builds, and jar combinations. My idea is to load Tomcat via a URLCLassloader. This thing works for Tomcat 3.3, but I'm facing the following problem with Tomcat 4.0.1 Any ideas ? Thanks, Sriram --- Start of forwarded message --- From: Sriram N [EMAIL PROTECTED] To: Tomcat Developers List [EMAIL PROTECTED] Reply-To: Tomcat Developers List [EMAIL PROTECTED] Subject: ClassNotFound Exception when loading Tomcat 4.0.1 via URLClassLoader Date: 29/11/2001 6:43:02 PM Hi all, I'm trying to write a java class that will load Tomcat 4.0.1 for me. My goal is: - Do not use the classpath. The CLASSPATH env variable's contents are clear be me first. - Use the URLClassLoader to get started. This technique works with Tomcat 3.3 With Tomcat 4.0.1 however, I get a ClassNotFoundException for org.apache.catalina.loader.Reloader which is in the same bootstrap.jar that is used to load org.apache.catalina.startup.Bootstrap However, when I stick to the batch file which adds bootstrap.jar to the system CLASSPATH, tomcat runs OK, as usual. Could some one point me to what I'm missing or doing wrong ? Thanks. Here's the code that I use to load Tomcat 4.0.1 -- begin code public class TCStart{ public static void main(String args[]){ try{ System.setProperty(catalina.home,f:/tc4.0.1/); System.setProperty(catalina.base,f:/tc4.0.1/); System.setProperty(java.class.path,); java.io.File file = new java.io.File(f:/tc4.0.1/bin/bootstrap.jar); java.net.URL[] urls = new java.net.URL[]{file.toURL()}; java.net.URLClassLoader loader = new java.net.URLClassLoader(urls); Class aClass = loader.loadClass(org.apache.catalina.startup.Bootstrap); String classLoaderName = aClass.getClassLoader().getClass().getName(); String className = aClass.getName(); System.out.println(ClassName + className); System.out.println(ClassLoader + classLoaderName); //Class aClass = Class.forName(org.apache.catalina.startup.Bootstrap); java.lang.reflect.Method method = null; Class[] argsClass = new Class[] { String[].class }; // get the main method for the org.apache.tomcat.shell.Startup class method = aClass.getMethod(main, argsClass); Object object = null; String filePath= -f conf/server.xml; Object[] arguments = new Object[] { new String[] {start}}; // now invoke the main method for the org.apache.tomcat.shell.Startup class method.invoke(object, arguments); }catch(Exception ex){ System.err.println(Ugh ! is all that I can say); ex.printStackTrace(System.err); } } } -- end code --- And here's the stack Trace that I get. begin stack trace dump --- ClassName org.apache.catalina.startup.Bootstrap ClassLoader java.net.URLClassLoader Starting service Tomcat-Standalone Apache Tomcat/4.0.1 Exception during startup processing java.lang.reflect.InvocationTargetException: java.lang.NoClassDefFoundError: org /apache/catalina/loader/Reloader at java.lang.ClassLoader.defineClass0(Native Method) at java.lang.ClassLoader.defineClass(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at org.apache.catalina.loader.StandardClassLoader.findClass(StandardClas sLoader.java:671) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClas sLoader.java:1090) at org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClas sLoader.java:989) at java.lang.ClassLoader.loadClassInternal(Unknown Source) at org.apache.catalina.core.StandardContext.start(StandardContext.java:3 313) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1123) at org.apache.catalina.core.StandardHost.start(StandardHost.java:612) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1123) at
Re: Tomcat classloader problem?
Thanks, now I understand what's going on (though I still don't understand how it manifests itself as a no signature match for my service). While I've always thought that the packaging of the SOAP binary was a little strange, one could also argue that the Catalina classloader could be a bit smarter about things like this. In any case, judging by the number of people who have contacted me since I posted, I'm not the only one experiencing this problem. It should at least be documented in some hopefully-soon-to-be-written installing Apache SOAP 2.2 with Tomcat 4 doc. How do you suggest that this be resolved? Should I bring this to the attention of someone in particular in the Apache SOAP group? -Chris Remy Maucherat wrote: I'm experiencing a problem with SOAP message-style services when using Tomcat 4.01. When trying to access any message-style SOAP service, my client receives a no signature match fault. [...] The problem is that there are class conflicts, as half of the SOAP classes are in the webapp CL, and will be loaded from there (since the CL won't delegate), and the rest will be loaded from the shared CL. The conflicts will occur because the SOAP classes loaded from the shared CL will also load a different copy of the same SOAP classes from soap.jar. Moving soap.jar to $CATALINA_HOME/webapps/soap/WEB-INF/lib/soap.jar should solve the problem, and could be used as a workaround. Alternately, you can remove from $CATALINA_HOME/webapps/soap/WEB-INF/classes/ the classes which are also present in the JAR. Note: I don't consider this a Catalina problem, but more a questionable packaging choice of the SOAP binary. Remy -- Chris Malley PixelZoom, Inc. Voice: +1.303.494.8849 835 Orman Drive EMail: [EMAIL PROTECTED] Boulder CO 80303-2616 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat/src/facade22/org/apache/tomcat/facade JspInterceptor.java
billbarker01/11/29 20:37:12 Modified:src/facade22/org/apache/tomcat/facade JspInterceptor.java Log: Fix Spec compliance problem with jsp_precompile. This was reported against 4.x, but we're just as broken. There is the additional problem that the 1.1 spec actually specifies two mutually exclusive behaviors to follow. Since this section of the 1.1 spec and the 1.2 spec are mostly the same, I'm following the 1.2 spec as a 'clarification' of the 1.1 spec. This means that jsp_precompile=false still is not passed to the jsp page. Revision ChangesPath 1.33 +18 -13 jakarta-tomcat/src/facade22/org/apache/tomcat/facade/JspInterceptor.java Index: JspInterceptor.java === RCS file: /home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/JspInterceptor.java,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- JspInterceptor.java 2001/11/29 03:06:05 1.32 +++ JspInterceptor.java 2001/11/30 04:37:12 1.33 @@ -437,30 +437,34 @@ // quick test to see if we need to worry about params // ( preserve lazy eval for parameters ) boolean pre_compile=false; + boolean do_compile=true; int i=(qString==null) ? -1: qString.indexOf( jsp_precompile ); if( i= 0 ) { // Probably we are in the problem case. + pre_compile=true; req.parameters().handleQueryParameters(); String p=req.parameters().getParameter( jsp_precompile); - if( p==null || p.equalsIgnoreCase(true)) { - pre_compile=true; + if( false.equalsIgnoreCase(p) ) { + do_compile=false; + } else if( p!=null ! p.equalsIgnoreCase(true) ) { + req.setAttribute(javax.servlet.error.message, + Invalid value to jsp_precompile); + return 500; } } // Each .jsp file is compiled to a servlet, and will // have a dependency to check if it's expired + // if the jspfile is older than the class - we're ok +// this happens if the .jsp file was compiled in a previous + // run of tomcat. Dependency dep= handler.getServletInfo().getDependency(); - if( dep!=null ! dep.isExpired() ) { - // if the jspfile is older than the class - we're ok - // this happens if the .jsp file was compiled in a previous - // run of tomcat. - return 0; + if( (dep==null || dep.isExpired()) do_compile ) { + // we need to compile... ( or find previous .class ) + JasperLiaison liasion=new JasperLiaison(getLog(), debug); + liasion.processJspFile(req, jspFile, handler, args); } - - // we need to compile... ( or find previous .class ) - JasperLiaison liasion=new JasperLiaison(getLog(), debug); - liasion.processJspFile(req, jspFile, handler, args); - + if( pre_compile ) { // we may have compiled the page ( if needed ), but // we can't execute it. The handler will just @@ -468,7 +472,8 @@ // Future: detail information about compile results // and if indeed we had to do something or not - req.setHandler( ctx. + Context ctxr = req.getContext(); + req.setHandler( ctxr. getServletByName( tomcat.jspPrecompileHandler)); } -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
XSL Factory
I've written a really tight XSL factory that could be used in lot of applications. Is there a possibility of distributing it with Tomcat? I thought this might be an ideal location because so many packages that are built on Tomcat could make use of it. Thanks, Bob -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat RELEASE-NOTES-3.3.1.txt
billbarker01/11/29 21:35:10 Modified:.RELEASE-NOTES-3.3.1.txt Log: Update for spec compliance fix on JSP pages. Revision ChangesPath 1.8 +3 -1 jakarta-tomcat/RELEASE-NOTES-3.3.1.txt Index: RELEASE-NOTES-3.3.1.txt === RCS file: /home/cvs/jakarta-tomcat/RELEASE-NOTES-3.3.1.txt,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- RELEASE-NOTES-3.3.1.txt 2001/11/29 03:35:17 1.7 +++ RELEASE-NOTES-3.3.1.txt 2001/11/30 05:35:10 1.8 @@ -3,7 +3,7 @@ Release Notes = -$Id: RELEASE-NOTES-3.3.1.txt,v 1.7 2001/11/29 03:35:17 billbarker Exp $ +$Id: RELEASE-NOTES-3.3.1.txt,v 1.8 2001/11/30 05:35:10 billbarker Exp $ This document describes the changes that have been made since the @@ -40,6 +40,8 @@ Moved the setting of the default *.jsp mapping so that it is now possible to entirely disable support for jsp files. + + Fixed problem with jsp_precompile parameter to JSP files. Server: -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: [VOTE] New Committer: Jazmin Jonson
On Wed, 28 Nov 2001, Amy Roh wrote: As Bill Barker suggested, I would like to propose Jazmin Jonson as a new committer. She has contributed a numerous patches to Tomcat4 admin application. +1 ( I had little access to mail last few days, sorry for delay ) Costin -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: TC 3.3: For Servlets only
On Thu, 29 Nov 2001, Bojan Smojver wrote: Bill Barker wrote: I've checked in a change to move setting the default mapping to JspInterceptor. Now, all Bojan needs to do is to comment out JspInterceptor in server.xml and all of his *.jsp files will be served as regular text files. Again, thanks for this. It makes JSP and Servlet spec totally different beasts in Tomcat 3.3.x. Cool! Just keep in mind that the beast can't be called Tomcat after that ! Pick a different name for it. Costin -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Jk and APR
On Tue, 27 Nov 2001, jean-frederic clere wrote: No, I am not using a Gnu make - But I will: you convince me :) Would it be ok if we make Gnu make a requirement for the build system ? There are many cool feature that would make building much easier ( patterns, globs, etc ). After we start using APR I see very little benefit in using much configure - in fact we must make sure our code is platform independent. Ant + a simple gnumakefile should satisfy anyone's taste. BTW, could you help me with a small test 'apr channel' for unix-domain sockets ? I can do the java side ( and the JNI ), but it would help a lot if an apr expert could be around :-) ( or at least a reimplementation of jk_channel_socket using apr, but that woulnd't bring anything new ). I want to test the new build system and get things started on the jni side ( most of the APR features will need jni code to be useable for connector - we need both sides of the channel ) Costin -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Problem with JAAS and TOMCAT 4.0.1
Ismael Blesa Part wrote: Hi have modified the sample given with JAAS 1.0. I have developed a jsp that calls the sample.java file. This file has been modificated in several ways, the main method has been changed to a method class and some other changes to adapt it to a web application. The problem is that when I try to run the jsp I get the following error: java.lang.SecurityException: unable to instantiate LoginConfiguration at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:212) at javax.security.auth.login.LoginContext$1.run(LoginContext.java:166) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.init(LoginContext.java:163) at javax.security.auth.login.LoginContext.(LoginContext.java:319) at sample.Sample.run(Sample.java:47) at org.apache.jsp.Login$jsp._jspService(Login$jsp.java:64) I have tried copying the jaas.jar, the sample_jaas.config and the loginmodule classes to all the places where I think that it should work. Have a look at the tomcat-user archives for messages 'JAAS not working any more with Tomcat 4.0'. (Oct 2001) Antony -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Jk and APR
No, I am not using a Gnu make - But I will: you convince me :) Would it be ok if we make Gnu make a requirement for the build system ? There are many cool feature that would make building much easier ( patterns, globs, etc ). +1, even AS/400 has a gnu make :) After we start using APR I see very little benefit in using much configure - in fact we must make sure our code is platform independent. Ant + a simple gnumakefile should satisfy anyone's taste. What about autoconf stuff ? BTW, could you help me with a small test 'apr channel' for unix-domain sockets ? I can do the java side ( and the JNI ), but it would help a lot if an apr expert could be around :-) ( or at least a reimplementation of jk_channel_socket using apr, but that woulnd't bring anything new ). I want to test the new build system and get things started on the jni side ( most of the APR features will need jni code to be useable for connector - we need both sides of the channel ) JF is your man for that task... -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/webapps/tomcat-docs/config globalresources.xml ajp.xml context.xml defaultcontext.xml project.xml server.xml
remm01/11/29 22:23:13 Modified:webapps/tomcat-docs/config ajp.xml context.xml defaultcontext.xml project.xml server.xml Added: webapps/tomcat-docs/config globalresources.xml Log: - Add some documentation on the possibility to define server-global JNDI resources, in addition to the per-webapp JNDI resources. Revision ChangesPath 1.2 +6 -6 jakarta-tomcat-4.0/webapps/tomcat-docs/config/ajp.xml Index: ajp.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/ajp.xml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- ajp.xml 2001/11/30 02:52:08 1.1 +++ ajp.xml 2001/11/30 06:23:13 1.2 @@ -239,7 +239,7 @@ subsection name=Sample worker.properties file p -pre +source # Begin worker.properties ** worker.ajp13.type=ajp13 @@ -314,7 +314,7 @@ worker.ajp13.host=localhost # End worker.properties ** -/pre +/source /p /subsection @@ -322,7 +322,7 @@ subsection name=Sample uriworkermap.properties p -pre +source # *** Begin uriworkermap.properties *** # # Simple worker configuration file @@ -337,7 +337,7 @@ # Advanced mount of the examples context # /examples/servlet/*=ajp13 # * End uriworkermap.properties -/pre +/source /p /subsection @@ -345,7 +345,7 @@ subsection name=iis_redirect.reg p -pre +source REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Apache Software Foundation\Jakarta Isapi Redirector\1.0] extension_uri=/jakarta/isapi_redirect.dll @@ -353,7 +353,7 @@ log_level=emerg worker_file=C:\\jakarta-tomcat-4.0.1\\conf\\worker.properties worker_mount_file=C:\\jakarta-tomcat-4.0.1\\conf\\uriworkermap.properties -/pre +/source /p /subsection 1.7 +41 -1 jakarta-tomcat-4.0/webapps/tomcat-docs/config/context.xml Index: context.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/context.xml,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- context.xml 2001/10/25 00:38:49 1.6 +++ context.xml 2001/11/30 06:23:13 1.7 @@ -523,7 +523,7 @@ pbut does emnot/em require modification of the deployment descriptor to customize this value./p -pThe valid attriutes for a codelt;Resourcegt;/code element +pThe valid attributes for a codelt;Resourcegt;/code element are as follows:/p attributes @@ -641,6 +641,46 @@ /subsection + subsection name=Resource Links + + pThis element is used to create a link to a global JNDI resource. Doing + a JNDI lookup on the link name will then return the linked global + resource./p + +pFor example, you can create a resource link like this:/p +source +lt;Context ...gt; + ... + lt;ResourceLink name=linkToGlobalResource +global=simpleValue +type=java.lang.Integer + ... +lt;/Contextgt; +/source + +pThe valid attributes for a codelt;ResourceLinkgt;/code element +are as follows:/p + +attributes + + attribute name=global required=true +pThe name of the linked global resource in the +gobal JNDI context./p + /attribute + + attribute name=name required=true +pThe name of the resource link to be created, relative to the +codejava:comp/env/code context./p + /attribute + + attribute name=type required=true +pThe fully qualified Java class name expected by the web +application when it performs a lookup for this resource link./p + /attribute + +/attributes + + /subsection /section 1.3 +41 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/config/defaultcontext.xml Index: defaultcontext.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/defaultcontext.xml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- defaultcontext.xml2001/09/09 00:48:11 1.2 +++ defaultcontext.xml2001/11/30 06:23:13 1.3 @@ -455,6 +455,47 @@ /subsection + subsection name=Resource Links + + pThis element is used to create a link to a global JNDI resource. Doing + a JNDI lookup on the link name will then return the linked global + resource./p + +pFor example, you can create a resource link like this:/p +source +lt;DefaultContext ...gt; + ... + lt;ResourceLink
cvs commit: jakarta-tomcat-4.0/webapps/tomcat-docs jndi-resources-howto.xml
remm01/11/29 23:00:37 Modified:webapps/tomcat-docs jndi-resources-howto.xml Log: - Add some documentation on the possibility to define server-global JNDI resources, in addition to the per-webapp JNDI resources. Revision ChangesPath 1.10 +8 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/jndi-resources-howto.xml Index: jndi-resources-howto.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/jndi-resources-howto.xml,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- jndi-resources-howto.xml 2001/11/14 17:53:30 1.9 +++ jndi-resources-howto.xml 2001/11/30 07:00:36 1.10 @@ -93,6 +93,8 @@ Configure the Java class name of the resource factory implementation to be used, as well as JavaBeans properties used to configure that resource factory./li +lia href=config/context.html#Resource Linkslt;ResourceLinkgt;/a - +Add a link to a resource defined in the global JNDI context./li /ul pAny number of these elements may be nested inside a @@ -109,6 +111,12 @@ strongonly/strong if allowed by the corresponding codelt;Environmentgt;/code element (by setting the codeoverride/code attribute to true)./p + +pGlobal resources can be defined in the server-wide JNDI context, by adding +the resource elements described above to the +a href=config/globalresources.htmllt;GlobalNamingResourcesgt;/a +child element of the a href=config/server.htmllt;Servergt;/a +element./p /section -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
cvs commit: jakarta-tomcat-4.0/webapps/tomcat-docs/config ajp.xml project.xml
remm01/11/29 23:03:04 Modified:webapps/tomcat-docs/config Tag: tomcat_40_branch project.xml Added: webapps/tomcat-docs/config Tag: tomcat_40_branch ajp.xml Log: - Port the AJP documentation to the 4.0 branch. Revision ChangesPath No revision No revision 1.4.2.1 +1 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/config/project.xml Index: project.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/project.xml,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- project.xml 2001/08/25 20:06:30 1.4 +++ project.xml 2001/11/30 07:03:04 1.4.2.1 @@ -24,6 +24,7 @@ menu name=Connectors item name=HTTP/1.1 href=http11.html/ item name=Warp href=warp.html/ +item name=AJP href=ajp.html/ /menu menu name=Containers No revision No revision 1.2.2.1 +0 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/config/ajp.xml Index: ajp.xml === RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/ajp.xml,v retrieving revision 1.2 retrieving revision 1.2.2.1 diff -u -r1.2 -r1.2.2.1 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Emulating JServ's session.topleveldomain with Catalina
Craig R. McClanahan [EMAIL PROTECTED] writes: On Sat, 24 Nov 2001, Daniel Rall wrote: Craig R. McClanahan [EMAIL PROTECTED] writes: On Wed, 21 Nov 2001, Daniel Rall wrote: Using Tomcat 4.0.1, is there any way to emulate JServ's session.topleveldomain context configuration? # Set the domain= header that gets sent with the cookie. This is # entirely optional # Default: null # this is needed when we vhost to avoid multiple login session.topleveldomain=.foo.com I would like all requests to the set of virtual hosts represented by the glob *.foo.com to share the same session ID. Unfortunately, implementing this functionality would violate the Servlet spec's requirements about sessions being scoped to a single ServletContext. Even if you were willing to do this, you're going to run into lots of technical problems due to the fact that each webapp is loaded by it's own classloader -- trying to access a session attribute loaded from a different webapp will throw ClassNotFoundException errors at you. I wasn't clear enough in my original query -- I don't want to scope one session to multiple contexts, but to a single context accessed by multiple host names which correspond to the same physical host (the default host in server.xml). This is still illegal based on the same rule - each virtual host has its own set of webapps. Tomcat 4 is built on this assumption. Using the distinction you mention below, the host name used in the request is merely a host alias (rather than a virtual host). One way to work around it (with Tomcat 4) would be to use the host aliasing capability, where you say that a set of host names really refer to the same virtual host. This was primarily intended to deal with cases like company.com and www.company.com resolving to the same app, but could actually be used for more than that. Check out the Alias directive (in server.xml). Thanks for suggesting a work around, Craig (I'm only concerned with Tomcat 4 ATM =). Reviewing the implementation of the Alias directive in StandardEngineMapper and FastEngineMapper, it appears that only literal mappings are provided for (i.e. wildcards are not allowed supported). I have a requirement of supporting addition of host alias mappings at run-time, but neither see a way to reload server.xml nor have much of a desire to modify it from servlet code. Is there another way to handle this situation? If not, would the Catalina developers be amenable to a patch which adds wildcard capability to the host alias feature? Would regex or file system-style globs be preferred (I lean towards the latter)? If this is undesirable, what are my options (i.e. can I configure my Engine entry in server.xml to use a custom Mapper)? Thanks, Daniel -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]