The fix in Tomcat 7.0.10 was incomplete. @SecurityAnnotations are still
ignored when there are no security constraints defined in web.xml (a
typical use case).
There will be a Tomcat 7.0.11 release shortly to address this. In the
meantime, the workaround of specifying at least one security
On 09/03/2011 10:48, Mark Thomas wrote:
The fix in Tomcat 7.0.10 was incomplete. @SecurityAnnotations are still
ignored when there are no security constraints defined in web.xml (a
typical use case).
This was missed by the unit tests due to the way I configured the
authenticator. I have a fix
Author: markt
Date: Wed Mar 9 10:56:40 2011
New Revision: 1079739
URL: http://svn.apache.org/viewvc?rev=1079739view=rev
Log:
This was only a partial fix.
Modified:
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
2011/3/9 Mark Thomas ma...@apache.org:
On 09/03/2011 10:48, Mark Thomas wrote:
The fix in Tomcat 7.0.10 was incomplete. @SecurityAnnotations are still
ignored when there are no security constraints defined in web.xml (a
typical use case).
This was missed by the unit tests due to the way I
https://issues.apache.org/bugzilla/show_bug.cgi?id=50883
--- Comment #3 from Ashish dashashishku...@gmail.com 2011-03-09 06:04:14 EST
---
Also one more observation is : We never got such error before we upgraded our
application from Tomcat 6.0.18 to Tomcat 6.0.29
--
Configure bugmail:
Author: markt
Date: Wed Mar 9 11:16:48 2011
New Revision: 1079752
URL: http://svn.apache.org/viewvc?rev=1079752view=rev
Log:
CVE-2011-1088
Complete the fix for this issue. The optimisation not to configure an
authenticator of there were no security constraints meant that in that case
Author: markt
Date: Wed Mar 9 11:38:38 2011
New Revision: 1079755
URL: http://svn.apache.org/viewvc?rev=1079755view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50854
Add additional permissions required by the Manager application when running
under a security Manager and
https://issues.apache.org/bugzilla/show_bug.cgi?id=50854
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Component|Manager |Manager application
Author: markt
Date: Wed Mar 9 12:20:58 2011
New Revision: 1079769
URL: http://svn.apache.org/viewvc?rev=1079769view=rev
Log:
CVE-2011-1088
Fix unit test failures
Modified:
tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java
https://issues.apache.org/bugzilla/show_bug.cgi?id=50900
Summary: EL converts NULL-values of wrapper-classes to the
default-value of their unboxed counterparts
Product: Tomcat 7
Version: 7.0.10
Platform: PC
OS/Version: Linux
https://issues.apache.org/bugzilla/show_bug.cgi?id=50900
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
Author: markt
Date: Wed Mar 9 13:05:05 2011
New Revision: 1079781
URL: http://svn.apache.org/viewvc?rev=1079781view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50893
Additional information for extras package
Modified:
tomcat/trunk/res/welcome.bin.html
https://issues.apache.org/bugzilla/show_bug.cgi?id=50893
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
https://issues.apache.org/bugzilla/show_bug.cgi?id=50883
--- Comment #4 from Ashish dashashishku...@gmail.com 2011-03-09 08:39:38 EST
---
Hi Mark sorry for sharing the information in multiple chunk.
From the org.apache.catalina.core.ApplicationDispatcher.java from the invoke
method is there any
On 09/03/2011 05:41, Rainer Jung wrote:
Hi all,
some things I noticed while implementing the new switch:
- o.a.c.connector.Request and Response hav methods finishRequest() resp.
finishResponse(). The mehod in the request seems not to be called.
Although that's not a big issue, because the
Author: markt
Date: Wed Mar 9 13:52:07 2011
New Revision: 1079801
URL: http://svn.apache.org/viewvc?rev=1079801view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50895
Don't initialize classes during compilation
Modified:
https://issues.apache.org/bugzilla/show_bug.cgi?id=50895
--- Comment #4 from Mark Thomas ma...@apache.org 2011-03-09 08:52:28 EST ---
Yep, that is a really ugly example but I take the point.
Fixed in 7.0.x and will be included in 7.0.11 onwards.
--
Configure bugmail:
On 09.03.2011 14:46, Mark Thomas wrote:
On 09/03/2011 05:41, Rainer Jung wrote:
Hi all,
some things I noticed while implementing the new switch:
- o.a.c.connector.Request and Response hav methods finishRequest() resp.
finishResponse(). The mehod in the request seems not to be called.
Although
Author: rjung
Date: Wed Mar 9 14:07:53 2011
New Revision: 1079806
URL: http://svn.apache.org/viewvc?rev=1079806view=rev
Log:
Add forgotten attribute sessionCookieName to context config docs.
Modified:
tomcat/trunk/webapps/docs/config/context.xml
Modified:
On 09/03/2011 11:00, Henri Gomez wrote:
2011/3/9 Mark Thomas ma...@apache.org:
On 09/03/2011 10:48, Mark Thomas wrote:
The fix in Tomcat 7.0.10 was incomplete. @SecurityAnnotations are still
ignored when there are no security constraints defined in web.xml (a
typical use case).
This was
Author: markt
Date: Wed Mar 9 14:48:29 2011
New Revision: 1079819
URL: http://svn.apache.org/viewvc?rev=1079819view=rev
Log:
Fix some test failures.
Don't use load() since that creates a whole bunch of edge cases that need to be
handled.
Modified:
https://issues.apache.org/bugzilla/show_bug.cgi?id=50700
Oliver oli...@vdb.de changed:
What|Removed |Added
CC||oli...@vdb.de
--
Configure
Author: markt
Date: Wed Mar 9 15:00:07 2011
New Revision: 1079822
URL: http://svn.apache.org/viewvc?rev=1079822view=rev
Log:
Fix TCK test failure under a security Manager
Modified:
tomcat/trunk/java/org/apache/catalina/security/SecurityClassLoad.java
Modified:
Author: markt
Date: Wed Mar 9 15:34:51 2011
New Revision: 1079839
URL: http://svn.apache.org/viewvc?rev=1079839view=rev
Log:
Better overriding support
Modified:
tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java
Modified:
Author: markt
Date: Wed Mar 9 15:35:18 2011
New Revision: 1079840
URL: http://svn.apache.org/viewvc?rev=1079840view=rev
Log:
Fix some unit test failures
Modified:
tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java
Modified: tomcat/trunk/java/org/apache/catalina/startup/Tomcat.java
On 03/05/2011 09:49 AM, Henri Gomez wrote:
And what about jdbc pool on Maven Central ?
I want to, but it needs to pass a release first
Filip
2011/3/4 Filip Hanik - Dev Listsdevli...@hanik.com:
Where do we stand with publishing Tomcat jars/artifacts to a Maven
repository.
I see that
Author: rjung
Date: Wed Mar 9 17:09:50 2011
New Revision: 1079891
URL: http://svn.apache.org/viewvc?rev=1079891view=rev
Log:
Session attributes were only partially changed from Hashtable to
ConcurrentHashMap.
Modified:
tomcat/trunk/java/org/apache/catalina/ha/session/DeltaSession.java
ping! jdbc-pool needs a bit vote tlc
On 03/03/2011 12:24 PM, Filip Hanik - Dev Lists wrote:
Source and Binary Packages
http://people.apache.org/~fhanik/jdbc-pool/v1.1.0.1/
Tag
http://svn.apache.org/repos/asf/tomcat/tags/JDBC_POOL_1_1_0_1/
Documentation
Author: markt
Date: Wed Mar 9 17:27:02 2011
New Revision: 1079903
URL: http://svn.apache.org/viewvc?rev=1079903view=rev
Log:
Speed up unit tests on Linux
Modified:
tomcat/trunk/test/org/apache/catalina/startup/TomcatBaseTest.java
Modified:
Author: markt
Date: Wed Mar 9 18:30:07 2011
New Revision: 1079917
URL: http://svn.apache.org/viewvc?rev=1079917view=rev
Log:
Try and make test pass more reliably. This works an 8-core Windows box and a
1-core Linux VM
Modified:
Author: markt
Date: Wed Mar 9 18:49:02 2011
New Revision: 1079930
URL: http://svn.apache.org/viewvc?rev=1079930view=rev
Log:
Fix exception destroying a stopped connector.
Modified:
tomcat/trunk/java/org/apache/catalina/core/StandardService.java
tomcat/trunk/webapps/docs/changelog.xml
Author: markt
Date: Wed Mar 9 19:01:08 2011
New Revision: 1079934
URL: http://svn.apache.org/viewvc?rev=1079934view=rev
Log:
Fix typo
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
Modified: tomcat/trunk/test/org/apache/tomcat/util/net/TestXxxEndpoint.java
URL:
https://issues.apache.org/bugzilla/show_bug.cgi?id=50903
Summary: Current keep-alive request processed after
connector.stop()
Product: Tomcat 7
Version: trunk
Platform: All
OS/Version: All
Status: NEW
https://issues.apache.org/bugzilla/show_bug.cgi?id=50903
--- Comment #1 from Mark Thomas ma...@apache.org 2011-03-09 14:36:33 EST ---
Created an attachment (id=26755)
-- (https://issues.apache.org/bugzilla/attachment.cgi?id=26755)
Basic patch - needs work
This patch provides an idea of how this
https://issues.apache.org/bugzilla/show_bug.cgi?id=50904
Summary: cannot configure manager as per documentation
Product: Tomcat 6
Version: 6.0.32
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
https://issues.apache.org/bugzilla/show_bug.cgi?id=50895
--- Comment #5 from Andy Wang do...@moonteeth.com 2011-03-09 14:53:44 EST ---
Thanks. Any plans to put this into 6.0? We're patching 6.0.32 to deal with
this, so not a huge deal. Just want to know if we should expect to continue
https://issues.apache.org/bugzilla/show_bug.cgi?id=50895
--- Comment #6 from Mark Thomas ma...@apache.org 2011-03-09 15:18:26 EST ---
It will go into 6. I have my hands full with 7 at the moment but someone (maybe
me, maybe someone else) will propose this for backport.
--
Configure bugmail:
https://issues.apache.org/bugzilla/show_bug.cgi?id=50904
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
Dear Wiki user,
You have subscribed to a wiki page or wiki category on Tomcat Wiki for change
notification.
The PoweredBy page has been changed by Rimuhosting.
The comment on this change is: adding RImuhosting.
http://wiki.apache.org/tomcat/PoweredBy?action=diffrev1=322rev2=323
https://issues.apache.org/bugzilla/show_bug.cgi?id=50906
Summary: Chunked encoding not terminated with native library
Product: Tomcat 7
Version: 7.0.8
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Author: markt
Date: Wed Mar 9 22:36:55 2011
New Revision: 1080040
URL: http://svn.apache.org/viewvc?rev=1080040view=rev
Log:
Fix Async with APR and TCP_DEFER_ACCEPT
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/webapps/docs/changelog.xml
Modified:
On 09/03/2011 22:36, ma...@apache.org wrote:
Author: markt
Date: Wed Mar 9 22:36:55 2011
New Revision: 1080040
URL: http://svn.apache.org/viewvc?rev=1080040view=rev
Log:
Fix Async with APR and TCP_DEFER_ACCEPT
Who ever it was that reported async unit test failures (Rainer?) that I
blamed
2011/3/4 Filip Hanik - Dev Lists devli...@hanik.com:
Source and Binary Packages
http://people.apache.org/~fhanik/jdbc-pool/v1.1.0.1/
Tag
http://svn.apache.org/repos/asf/tomcat/tags/JDBC_POOL_1_1_0_1/
Documentation
http://people.apache.org/~fhanik/jdbc-pool/jdbc-pool.html
The proposed
Hi developers.
I encountered the same issue, too.
I got following exception.
-
java.lang.NullPointerException
at
org.apache.tomcat.jdbc.pool.interceptor.StatementCache$CachedStatement.closeInvoked(StatementCache.java:224)
at
44 matches
Mail list logo