This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 6d6fe9365accacaca9d1906e5bec671356d13faa Author: Mark Thomas <ma...@apache.org> AuthorDate: Fri May 3 10:16:36 2024 +0100 Code clean-up - reformatting. No functional change. Re-applying formatting to previously formatted code. --- java/javax/security/auth/message/ServerAuth.java | 3 +- java/javax/servlet/http/HttpServletRequest.java | 3 +- java/javax/servlet/http/HttpServletResponse.java | 3 +- .../catalina/authenticator/AuthenticatorBase.java | 6 +- .../catalina/authenticator/FormAuthenticator.java | 6 +- .../authenticator/SpnegoAuthenticator.java | 3 +- .../org/apache/catalina/connector/InputBuffer.java | 4 +- java/org/apache/catalina/connector/Request.java | 6 +- .../catalina/core/ApplicationFilterChain.java | 3 +- .../core/PropertiesRoleMappingListener.java | 9 +- java/org/apache/catalina/core/StandardContext.java | 7 +- .../apache/catalina/core/StandardHostValve.java | 6 +- java/org/apache/catalina/core/StandardServer.java | 11 +-- .../catalina/filters/CsrfPreventionFilter.java | 107 ++++++++------------- java/org/apache/catalina/ha/CatalinaCluster.java | 1 + java/org/apache/catalina/ha/ClusterManager.java | 7 +- java/org/apache/catalina/ha/ClusterMessage.java | 2 + .../apache/catalina/ha/deploy/FarmWarDeployer.java | 1 + .../ha/session/ClusterSessionListener.java | 1 + .../apache/catalina/ha/session/DeltaSession.java | 2 + .../catalina/ha/session/SessionMessageImpl.java | 1 + .../apache/catalina/ha/tcp/ReplicationValve.java | 10 +- .../apache/catalina/manager/StatusTransformer.java | 70 +++++++++----- java/org/apache/catalina/realm/CombinedRealm.java | 3 +- java/org/apache/catalina/realm/RealmBase.java | 19 ++-- .../apache/catalina/security/SecurityListener.java | 19 ++-- java/org/apache/catalina/session/ManagerBase.java | 5 + .../startup/CatalinaBaseConfigurationSource.java | 3 +- 28 files changed, 168 insertions(+), 153 deletions(-) diff --git a/java/javax/security/auth/message/ServerAuth.java b/java/javax/security/auth/message/ServerAuth.java index 392bc5094b..f13e5bd7e9 100644 --- a/java/javax/security/auth/message/ServerAuth.java +++ b/java/javax/security/auth/message/ServerAuth.java @@ -31,7 +31,8 @@ public interface ServerAuth { * * @throws AuthException If the a failure occurred in a manner that prevented the failure from being communicated * via messageInfo - */ AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) + */ + AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException; /** diff --git a/java/javax/servlet/http/HttpServletRequest.java b/java/javax/servlet/http/HttpServletRequest.java index 557979f6f6..b1dfdc2e07 100644 --- a/java/javax/servlet/http/HttpServletRequest.java +++ b/java/javax/servlet/http/HttpServletRequest.java @@ -512,8 +512,7 @@ public interface HttpServletRequest extends ServletRequest { * * @since Servlet 3.1 */ - <T extends HttpUpgradeHandler> T upgrade(Class<T> httpUpgradeHandlerClass) - throws IOException, ServletException; + <T extends HttpUpgradeHandler> T upgrade(Class<T> httpUpgradeHandlerClass) throws IOException, ServletException; /** * Obtain a Map of the trailer fields that is not backed by the request object. diff --git a/java/javax/servlet/http/HttpServletResponse.java b/java/javax/servlet/http/HttpServletResponse.java index dfba4b682e..44c6b20499 100644 --- a/java/javax/servlet/http/HttpServletResponse.java +++ b/java/javax/servlet/http/HttpServletResponse.java @@ -140,7 +140,8 @@ public interface HttpServletResponse extends ServletResponse { * This method has no effect if called from an include. * <p> * This method accepts both relative and absolute URLs. Absolute URLs passed to this method are used as provided as - * the redirect location URL. Relative URLs are converted to absolute URLs. If converting a relative URL to an absolute URL then: + * the redirect location URL. Relative URLs are converted to absolute URLs. If converting a relative URL to an + * absolute URL then: * <ul> * <li>If the location is relative without a leading '/' the container interprets it as relative to the current * request URI.</li> diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java index 025c3b59ff..c92548c229 100644 --- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java +++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java @@ -974,7 +974,8 @@ public abstract class AuthenticatorBase extends ValveBase implements Authenticat associate(ssoId, request.getSessionInternal(true)); if (log.isDebugEnabled()) { - log.debug(sm.getString("authenticator.reauthentication", request.getUserPrincipal().getName(), request.getAuthType())); + log.debug(sm.getString("authenticator.reauthentication", request.getUserPrincipal().getName(), + request.getAuthType())); } } @@ -1076,8 +1077,7 @@ public abstract class AuthenticatorBase extends ValveBase implements Authenticat cookie.setDomain(ssoDomain); } - // Configure httpOnly on SSO cookie using same rules as session - // cookies + // Configure httpOnly on SSO cookie using same rules as session cookies if (request.getServletContext().getSessionCookieConfig().isHttpOnly() || request.getContext().getUseHttpOnly()) { cookie.setHttpOnly(true); diff --git a/java/org/apache/catalina/authenticator/FormAuthenticator.java b/java/org/apache/catalina/authenticator/FormAuthenticator.java index a5e2556710..eaeea5e102 100644 --- a/java/org/apache/catalina/authenticator/FormAuthenticator.java +++ b/java/org/apache/catalina/authenticator/FormAuthenticator.java @@ -726,9 +726,9 @@ public class FormAuthenticator extends AuthenticatorBase { } } else if (previousSavedRequest != null && previousSavedRequest.getOriginalMaxInactiveInterval() > 0) { /* - * The user may have refreshed the browser page during authentication. Transfer the original max inactive - * interval from previous saved request to current one else, once authentication is completed, the session - * will retain the the shorter authentication session timeout + * The user may have refreshed the browser page during authentication. Transfer the original max + * inactive interval from previous saved request to current one else, once authentication is completed, + * the session will retain the the shorter authentication session timeout */ saved.setOriginalMaxInactiveInterval(previousSavedRequest.getOriginalMaxInactiveInterval()); } diff --git a/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java b/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java index 7f7656dae4..6dc6d5d499 100644 --- a/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java +++ b/java/org/apache/catalina/authenticator/SpnegoAuthenticator.java @@ -264,7 +264,8 @@ public class SpnegoAuthenticator extends AuthenticatorBase { } // Send response token on success and failure - response.setHeader(AUTH_HEADER_NAME, AUTH_HEADER_VALUE_NEGOTIATE + " " + Base64.getEncoder().encodeToString(outToken)); + response.setHeader(AUTH_HEADER_NAME, + AUTH_HEADER_VALUE_NEGOTIATE + " " + Base64.getEncoder().encodeToString(outToken)); if (principal != null) { register(request, response, principal, Constants.SPNEGO_METHOD, principal.getName(), null); diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index f0ced8875e..daa84f4a97 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -325,7 +325,7 @@ public class InputBuffer extends Reader implements ByteChunk.ByteInputChannel, A if (e instanceof SocketTimeoutException) { try { response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT); - } catch(IllegalStateException ex) { + } catch (IllegalStateException ex) { // Response already committed response.setStatus(HttpServletResponse.SC_REQUEST_TIMEOUT); response.setError(); @@ -333,7 +333,7 @@ public class InputBuffer extends Reader implements ByteChunk.ByteInputChannel, A } else { try { response.sendError(HttpServletResponse.SC_BAD_REQUEST); - } catch(IllegalStateException ex) { + } catch (IllegalStateException ex) { // Response already committed response.setStatus(HttpServletResponse.SC_BAD_REQUEST); response.setError(); diff --git a/java/org/apache/catalina/connector/Request.java b/java/org/apache/catalina/connector/Request.java index 19fb94f889..ed83c9a214 100644 --- a/java/org/apache/catalina/connector/Request.java +++ b/java/org/apache/catalina/connector/Request.java @@ -927,9 +927,9 @@ public class Request implements HttpServletRequest { /** * {@inheritDoc} * <p> - * The attribute names returned will only be those for the attributes set via - * {@link #setAttribute(String, Object)}. Tomcat internal attributes will not be included although they are - * accessible via {@link #getAttribute(String)}. The Tomcat internal attributes include: + * The attribute names returned will only be those for the attributes set via {@link #setAttribute(String, Object)}. + * Tomcat internal attributes will not be included although they are accessible via {@link #getAttribute(String)}. + * The Tomcat internal attributes include: * <ul> * <li>{@link Globals#DISPATCHER_TYPE_ATTR}</li> * <li>{@link Globals#DISPATCHER_REQUEST_PATH_ATTR}</li> diff --git a/java/org/apache/catalina/core/ApplicationFilterChain.java b/java/org/apache/catalina/core/ApplicationFilterChain.java index 50f7c3ee98..74119cbb69 100644 --- a/java/org/apache/catalina/core/ApplicationFilterChain.java +++ b/java/org/apache/catalina/core/ApplicationFilterChain.java @@ -154,8 +154,7 @@ public final class ApplicationFilterChain implements FilterChain { try { Filter filter = filterConfig.getFilter(); - if (request.isAsyncSupported() && - !(filterConfig.getFilterDef().getAsyncSupportedBoolean())) { + if (request.isAsyncSupported() && !(filterConfig.getFilterDef().getAsyncSupportedBoolean())) { request.setAttribute(Globals.ASYNC_SUPPORTED_ATTR, Boolean.FALSE); } if (Globals.IS_SECURITY_ENABLED) { diff --git a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java index 00ddc5b4af..ead567886e 100644 --- a/java/org/apache/catalina/core/PropertiesRoleMappingListener.java +++ b/java/org/apache/catalina/core/PropertiesRoleMappingListener.java @@ -37,8 +37,8 @@ import org.apache.tomcat.util.res.StringManager; * This listener must only be nested within {@link Context} elements. * <p> * The keys represent application roles (e.g., admin, user, uservisor, etc.) while the values represent technical roles - * (e.g., DNs, SIDs, UUIDs, etc.). A key can also be prefixed if, e.g., the properties file contains generic - * application configuration as well: {@code app-roles.}. + * (e.g., DNs, SIDs, UUIDs, etc.). A key can also be prefixed if, e.g., the properties file contains generic application + * configuration as well: {@code app-roles.}. * <p> * Note: The default value for the {@code roleMappingFile} is {@code webapp:/WEB-INF/role-mapping.properties}. */ @@ -60,7 +60,8 @@ public class PropertiesRoleMappingListener implements LifecycleListener { * {@link ConfigFileLoader} supports. * * @param roleMappingFile the role mapping properties file to load from - * @throws NullPointerException if roleMappingFile is null + * + * @throws NullPointerException if roleMappingFile is null * @throws IllegalArgumentException if roleMappingFile is empty */ public void setRoleMappingFile(String roleMappingFile) { @@ -116,7 +117,7 @@ public class PropertiesRoleMappingListener implements LifecycleListener { } int linkCount = 0; - for (Entry<Object, Object> prop : props.entrySet()) { + for (Entry<Object,Object> prop : props.entrySet()) { String role = (String) prop.getKey(); if (keyPrefix != null) { diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index 46523229fd..96c2368234 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -2067,8 +2067,8 @@ public class StandardContext extends ContainerBase implements Context, Notificat @Override public ServletContext getServletContext() { /* - * This method is called (multiple times) during context start which is single threaded so there is concurrency - * issue here. + * This method is called (multiple times) during context start which is single threaded so there is concurrency + * issue here. */ if (context == null) { context = new ApplicationContext(this); @@ -5813,8 +5813,7 @@ public class StandardContext extends ContainerBase implements Context, Notificat } @Override - public FilterRegistration.Dynamic addFilter(String filterName, - Class<? extends Filter> filterClass) { + public FilterRegistration.Dynamic addFilter(String filterName, Class<? extends Filter> filterClass) { throw new UnsupportedOperationException(sm.getString("noPluggabilityServletContext.notAllowed")); } diff --git a/java/org/apache/catalina/core/StandardHostValve.java b/java/org/apache/catalina/core/StandardHostValve.java index da1826793f..af4f9b0aa0 100644 --- a/java/org/apache/catalina/core/StandardHostValve.java +++ b/java/org/apache/catalina/core/StandardHostValve.java @@ -310,9 +310,9 @@ final class StandardHostValve extends ValveBase { } } else { /* - * A custom error-page has not been defined for the exception that was thrown during request processing. - * Set the status to 500 if an error status has not already been set and check for custom error-page for - * the status. + * A custom error-page has not been defined for the exception that was thrown during request processing. Set + * the status to 500 if an error status has not already been set and check for custom error-page for the + * status. */ if (response.getStatus() < HttpServletResponse.SC_BAD_REQUEST) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); diff --git a/java/org/apache/catalina/core/StandardServer.java b/java/org/apache/catalina/core/StandardServer.java index 629a683d4c..b3575d909d 100644 --- a/java/org/apache/catalina/core/StandardServer.java +++ b/java/org/apache/catalina/core/StandardServer.java @@ -939,8 +939,7 @@ public final class StandardServer extends LifecycleMBeanBase implements Server { /** * {@inheritDoc} * <p> - * This is used to allow connectors to bind to restricted ports under Unix - * operating environments. + * This is used to allow connectors to bind to restricted ports under Unix operating environments. */ @Override protected void initInternal() throws LifecycleException { @@ -1032,10 +1031,10 @@ public final class StandardServer extends LifecycleMBeanBase implements Server { /** * @return the MBean domain for this server. The domain is obtained using the following search order: - * <ol> - * <li>Name of first {@link org.apache.catalina.Engine}.</li> - * <li>Name of first {@link Service}.</li> - * </ol> + * <ol> + * <li>Name of first {@link org.apache.catalina.Engine}.</li> + * <li>Name of first {@link Service}.</li> + * </ol> */ @Override protected String getDomainInternal() { diff --git a/java/org/apache/catalina/filters/CsrfPreventionFilter.java b/java/org/apache/catalina/filters/CsrfPreventionFilter.java index c6488ebec2..cbebf8158e 100644 --- a/java/org/apache/catalina/filters/CsrfPreventionFilter.java +++ b/java/org/apache/catalina/filters/CsrfPreventionFilter.java @@ -49,33 +49,26 @@ import org.apache.juli.logging.LogFactory; * <li>{@link HttpServletResponse#encodeRedirectURL(String)} and {@link HttpServletResponse#encodeURL(String)} are used * to encode all URLs returned to the client * </ul> - * * <p> - * CSRF protection is enabled by generating random nonce values which are - * stored in the client's HTTP session. Each URL encoded using - * {@link HttpServletResponse#encodeURL(String)} has a URL parameter added - * which, when sent to the server in a future request, will be checked - * against this stored set of nonces for validity. + * CSRF protection is enabled by generating random nonce values which are stored in the client's HTTP session. Each URL + * encoded using {@link HttpServletResponse#encodeURL(String)} has a URL parameter added which, when sent to the server + * in a future request, will be checked against this stored set of nonces for validity. * </p> - * * <p> - * Some URLs should be accessible even without a valid nonce parameter value. - * These URLs are known as "entry points" because clients should be able to - * "enter" the application without first establishing any valid tokens. These - * are configured with the <code>entryPoints</code> filter - * <code>init-param</code>. + * Some URLs should be accessible even without a valid nonce parameter value. These URLs are known as "entry points" + * because clients should be able to "enter" the application without first establishing any valid tokens. These are + * configured with the <code>entryPoints</code> filter <code>init-param</code>. * </p> - * * <p> - * Some URLs should not have nonce parameters added to them at all + * Some URLs should not have nonce parameters added to them at all */ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { /** * The default set of URL patterns for which nonces will not be appended. */ - private static final String DEFAULT_NO_NONCE_URL_PATTERNS - = "*.css, *.js, *.gif, *.png, *.jpg, *.svg, *.ico, *.jpeg, *.mjs"; + private static final String DEFAULT_NO_NONCE_URL_PATTERNS = + "*.css, *.js, *.gif, *.png, *.jpg, *.svg, *.ico, *.jpeg, *.mjs"; /** * The servlet context in which this Filter is operating. @@ -91,14 +84,12 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { private String nonceRequestParameterName = Constants.CSRF_NONCE_REQUEST_PARAM; /** - * Flag which determines whether this Filter is in "enforcement" mode - * (the default) or in "reporting" mode. + * Flag which determines whether this Filter is in "enforcement" mode (the default) or in "reporting" mode. */ private boolean enforce = true; /** - * A set of comma-separated URL patterns which will have no nonce - * parameters added to them. + * A set of comma-separated URL patterns which will have no nonce parameters added to them. */ private String noNoncePatterns = DEFAULT_NO_NONCE_URL_PATTERNS; @@ -139,43 +130,34 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { } /** - * Sets the flag to enforce CSRF protection or just log failures as DEBUG - * messages. + * Sets the flag to enforce CSRF protection or just log failures as DEBUG messages. * - * @param enforce <code>true</code> to enforce CSRF protection or - * <code>false</code> to log DEBUG messages and allow - * all requests. + * @param enforce <code>true</code> to enforce CSRF protection or <code>false</code> to log DEBUG messages and allow + * all requests. */ public void setEnforce(boolean enforce) { this.enforce = enforce; } /** - * Gets the flag to enforce CSRF protection or just log failures as DEBUG - * messages. + * Gets the flag to enforce CSRF protection or just log failures as DEBUG messages. * - * @return <code>true</code> if CSRF protection will be enforced or - * <code>false</code> if all requests will be allowed and - * failures will be logged as DEBUG messages. + * @return <code>true</code> if CSRF protection will be enforced or <code>false</code> if all requests will be + * allowed and failures will be logged as DEBUG messages. */ public boolean isEnforce() { return this.enforce; } /** - * Sets the list of URL patterns to suppress nonce-addition for. + * Sets the list of URL patterns to suppress nonce-addition for. Some URLs do not need nonces added to them such as + * static resources. By <i>not</i> adding nonces to those URLs, HTTP caches can be more effective because the CSRF + * prevention filter won't generate what look like unique URLs for those commonly-reused resources. * - * Some URLs do not need nonces added to them such as static resources. - * By <i>not</i> adding nonces to those URLs, HTTP caches can be more - * effective because the CSRF prevention filter won't generate what - * look like unique URLs for those commonly-reused resources. - * - * @param patterns A comma-separated list of URL patterns that will not - * have nonces added to them. Patterns may begin or end with a - * <code>*</code> character to denote a suffix-match or - * prefix-match. Any matched URL will not have a CSRF nonce - * added to it when passed through - * {@link HttpServletResponse#encodeURL(String)}. + * @param patterns A comma-separated list of URL patterns that will not have nonces added to them. Patterns may + * begin or end with a <code>*</code> character to denote a suffix-match or prefix-match. Any + * matched URL will not have a CSRF nonce added to it when passed through + * {@link HttpServletResponse#encodeURL(String)}. */ public void setNoNonceURLPatterns(String patterns) { this.noNoncePatterns = patterns; @@ -188,7 +170,7 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { /** * Creates a collection of matchers from a comma-separated string of patterns. * - * @param context the Servlet context + * @param context the Servlet context * @param patterns A comma-separated string of URL matching patterns. * * @return A collection of predicates representing the URL patterns. @@ -222,11 +204,9 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { * Creates a predicate that can match the specified type of pattern. * * @param context the Servlet context - * @param pattern The pattern to match e.g. <code>*.foo</code> or - * <code>/bar/*</code>. + * @param pattern The pattern to match e.g. <code>*.foo</code> or <code>/bar/*</code>. * - * @return A Predicate which can match the specified pattern, or - * <code>null</code> if the pattern is null or blank. + * @return A Predicate which can match the specified pattern, or <code>null</code> if the pattern is null or blank. */ protected static Predicate<String> createNoNoncePredicate(ServletContext context, String pattern) { if (null == pattern || 0 == pattern.trim().length()) { @@ -246,10 +226,8 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { } /** - * A no-nonce Predicate that evaluates a MIME type instead of a URL. - * - * It can be used with any other Predicate for matching - * the actual value of the MIME type. + * A no-nonce Predicate that evaluates a MIME type instead of a URL. It can be used with any other Predicate for + * matching the actual value of the MIME type. */ protected static class MimePredicate implements Predicate<String> { private final ServletContext context; @@ -277,6 +255,7 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { */ protected static class PrefixPredicate implements Predicate<String> { private final String prefix; + public PrefixPredicate(String prefix) { this.prefix = prefix; } @@ -292,6 +271,7 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { */ protected static class SuffixPredicate implements Predicate<String> { private final String suffix; + public SuffixPredicate(String suffix) { this.suffix = suffix; } @@ -381,7 +361,8 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { } else { if (log.isTraceEnabled()) { log.trace("Would have rejecting request for " + getRequestedPath(req) + ", session " + - (null == session ? "(null)" : session.getId()) + " due to empty / missing nonce cache"); + (null == session ? "(null)" : session.getId()) + + " due to empty / missing nonce cache"); } } } else if (!nonceCache.contains(previousNonce)) { @@ -402,8 +383,8 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { } } else { if (log.isTraceEnabled()) { - log.trace( - "Allowing request to " + getRequestedPath(req) + " with valid CSRF nonce " + previousNonce); + log.trace("Allowing request to " + getRequestedPath(req) + " with valid CSRF nonce " + + previousNonce); } } } @@ -448,19 +429,15 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { } /** - * Check to see if the request and path should be enforced or only - * observed and reported. - * - * Note that the <code>requestedPath</code> parameter is purely - * a performance optimization to avoid calling + * Check to see if the request and path should be enforced or only observed and reported. Note that the + * <code>requestedPath</code> parameter is purely a performance optimization to avoid calling * {@link #getRequestedPath(HttpServletRequest)} multiple times. * - * @param req The request. + * @param req The request. * @param requestedPath The path of the request being evaluated. * - * @return <code>true</code> if the CSRF prevention should be enforced, - * <code>false</code> if the CSRF prevention should only be - * logged in DEBUG mode. + * @return <code>true</code> if the CSRF prevention should be enforced, <code>false</code> if the CSRF prevention + * should only be logged in DEBUG mode. */ protected boolean enforce(HttpServletRequest req, String requestedPath) { return isEnforce(); @@ -556,8 +533,8 @@ public class CsrfPreventionFilter extends CsrfPreventionFilterBase { private final String nonce; private final Collection<Predicate<String>> noNoncePatterns; - public CsrfResponseWrapper(HttpServletResponse response, String nonceRequestParameterName, - String nonce, Collection<Predicate<String>> noNoncePatterns) { + public CsrfResponseWrapper(HttpServletResponse response, String nonceRequestParameterName, String nonce, + Collection<Predicate<String>> noNoncePatterns) { super(response); this.nonceRequestParameterName = nonceRequestParameterName; this.nonce = nonce; diff --git a/java/org/apache/catalina/ha/CatalinaCluster.java b/java/org/apache/catalina/ha/CatalinaCluster.java index 11fd69996a..1c0a2a2dc5 100644 --- a/java/org/apache/catalina/ha/CatalinaCluster.java +++ b/java/org/apache/catalina/ha/CatalinaCluster.java @@ -133,6 +133,7 @@ public interface CatalinaCluster extends Cluster { /** * Set the channel associated with the cluster. + * * @param channel the channel */ void setChannel(Channel channel); diff --git a/java/org/apache/catalina/ha/ClusterManager.java b/java/org/apache/catalina/ha/ClusterManager.java index c8bb510aa3..586f2c9bae 100644 --- a/java/org/apache/catalina/ha/ClusterManager.java +++ b/java/org/apache/catalina/ha/ClusterManager.java @@ -83,6 +83,7 @@ public interface ClusterManager extends Manager { /** * Set the cluster associated with this manager. + * * @param cluster the cluster */ void setCluster(CatalinaCluster cluster); @@ -91,7 +92,9 @@ public interface ClusterManager extends Manager { * Open stream and use correct ClassLoader (Container), switching thread context class loader. * * @param data the data + * * @return the object input stream + * * @throws IOException An error occurred */ ReplicationStream getReplicationStream(byte[] data) throws IOException; @@ -99,10 +102,12 @@ public interface ClusterManager extends Manager { /** * Open stream and use correct ClassLoader (Container), switching thread context class loader. * - * @param data the data + * @param data the data * @param offset the offset in the data array * @param length the data length + * * @return the object input stream + * * @throws IOException An error occurred */ ReplicationStream getReplicationStream(byte[] data, int offset, int length) throws IOException; diff --git a/java/org/apache/catalina/ha/ClusterMessage.java b/java/org/apache/catalina/ha/ClusterMessage.java index 34aed3b286..14bf5e3e43 100644 --- a/java/org/apache/catalina/ha/ClusterMessage.java +++ b/java/org/apache/catalina/ha/ClusterMessage.java @@ -28,6 +28,7 @@ public interface ClusterMessage extends Serializable { /** * Set the member associated with the message. + * * @param member the member */ void setAddress(Member member); @@ -44,6 +45,7 @@ public interface ClusterMessage extends Serializable { /** * Set the timestamp for this message. + * * @param timestamp the timestamp */ void setTimestamp(long timestamp); diff --git a/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java b/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java index b68f0bb06e..24c2425020 100644 --- a/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java +++ b/java/org/apache/catalina/ha/deploy/FarmWarDeployer.java @@ -304,6 +304,7 @@ public class FarmWarDeployer extends ClusterListener implements ClusterDeployer, /** * {@inheritDoc} + * <p> * This listener accepts only FileMessage or UndeployMessage. */ @Override diff --git a/java/org/apache/catalina/ha/session/ClusterSessionListener.java b/java/org/apache/catalina/ha/session/ClusterSessionListener.java index e4a7a3e2f4..eb85f88f13 100644 --- a/java/org/apache/catalina/ha/session/ClusterSessionListener.java +++ b/java/org/apache/catalina/ha/session/ClusterSessionListener.java @@ -87,6 +87,7 @@ public class ClusterSessionListener extends ClusterListener { /** * {@inheritDoc} + * <p> * This listener accepts only SessionMessage. */ @Override diff --git a/java/org/apache/catalina/ha/session/DeltaSession.java b/java/org/apache/catalina/ha/session/DeltaSession.java index 8bbb99a818..b4a57cd26a 100644 --- a/java/org/apache/catalina/ha/session/DeltaSession.java +++ b/java/org/apache/catalina/ha/session/DeltaSession.java @@ -546,7 +546,9 @@ public class DeltaSession extends StandardSession implements Externalizable, Clu /** * Get the request. + * * @return the request + * * @deprecated Unused. This method will be removed in Tomcat 12. */ @Deprecated diff --git a/java/org/apache/catalina/ha/session/SessionMessageImpl.java b/java/org/apache/catalina/ha/session/SessionMessageImpl.java index 70f8e01e44..c3b8d2713f 100644 --- a/java/org/apache/catalina/ha/session/SessionMessageImpl.java +++ b/java/org/apache/catalina/ha/session/SessionMessageImpl.java @@ -101,6 +101,7 @@ public class SessionMessageImpl extends ClusterMessageBase implements SessionMes /** * Set message send time but only the first setting works (one shot) + * * @param time the timestamp */ @Override diff --git a/java/org/apache/catalina/ha/tcp/ReplicationValve.java b/java/org/apache/catalina/ha/tcp/ReplicationValve.java index 54288dda15..361a2fdd50 100644 --- a/java/org/apache/catalina/ha/tcp/ReplicationValve.java +++ b/java/org/apache/catalina/ha/tcp/ReplicationValve.java @@ -537,7 +537,7 @@ public class ReplicationValve extends ValveBase implements ClusterValve { * * @param requestTime Request time * @param clusterTime Cluster time - * @param isAsync if the request was in async mode + * @param isAsync if the request was in async mode */ protected void updateStats(long requestTime, long clusterTime, boolean isAsync) { long currentTime = System.currentTimeMillis(); @@ -550,9 +550,11 @@ public class ReplicationValve extends ValveBase implements ClusterValve { if ((nrOfRequests.longValue() % 100) == 0) { log.debug(sm.getString("ReplicationValve.stats", new Object[] { Long.valueOf(totalRequestTime.longValue() / nrOfRequests.longValue()), - Long.valueOf(totalSendTime.longValue() / nrOfRequests.longValue()), Long.valueOf(nrOfRequests.longValue()), - Long.valueOf(nrOfSendRequests.longValue()), Long.valueOf(nrOfCrossContextSendRequests.longValue()), - Long.valueOf(nrOfFilterRequests.longValue()), Long.valueOf(totalRequestTime.longValue()), + Long.valueOf(totalSendTime.longValue() / nrOfRequests.longValue()), + Long.valueOf(nrOfRequests.longValue()), Long.valueOf(nrOfSendRequests.longValue()), + Long.valueOf(nrOfCrossContextSendRequests.longValue()), + Long.valueOf(nrOfFilterRequests.longValue()), + Long.valueOf(totalRequestTime.longValue()), Long.valueOf(totalSendTime.longValue()) })); } } diff --git a/java/org/apache/catalina/manager/StatusTransformer.java b/java/org/apache/catalina/manager/StatusTransformer.java index 4a0b156dac..b968e1dced 100644 --- a/java/org/apache/catalina/manager/StatusTransformer.java +++ b/java/org/apache/catalina/manager/StatusTransformer.java @@ -339,8 +339,7 @@ public class StatusTransformer { * * @throws Exception Propagated JMX error */ - public static void writeConnectorsState(PrintWriter writer, MBeanServer mBeanServer, - Vector<ObjectName> threadPools, + public static void writeConnectorsState(PrintWriter writer, MBeanServer mBeanServer, Vector<ObjectName> threadPools, Vector<ObjectName> globalRequestProcessors, Vector<ObjectName> requestProcessors, int mode, Object[] args) throws Exception { if (mode == 2) { @@ -358,8 +357,8 @@ public class StatusTransformer { } String name = objectName.getKeyProperty("name"); // use StatusTransformer to output status - writeConnectorState( - writer, objectName, name, mBeanServer, globalRequestProcessors, requestProcessors, mode, args); + writeConnectorState(writer, objectName, name, mBeanServer, globalRequestProcessors, requestProcessors, mode, + args); } if (mode == 2) { writer.append(']'); @@ -513,9 +512,12 @@ public class StatusTransformer { } appendJSonValue(writer, "name", jsonName).append(',').println(); indent(writer, 3).append('"').append("threadInfo").append('"').append(':').append('{'); - appendJSonValue(writer, "maxThreads", mBeanServer.getAttribute(tpName, "maxThreads").toString()).append(','); - appendJSonValue(writer, "currentThreadCount", mBeanServer.getAttribute(tpName, "currentThreadCount").toString()).append(','); - appendJSonValue(writer, "currentThreadsBusy", mBeanServer.getAttribute(tpName, "currentThreadsBusy").toString()); + appendJSonValue(writer, "maxThreads", mBeanServer.getAttribute(tpName, "maxThreads").toString()) + .append(','); + appendJSonValue(writer, "currentThreadCount", + mBeanServer.getAttribute(tpName, "currentThreadCount").toString()).append(','); + appendJSonValue(writer, "currentThreadsBusy", + mBeanServer.getAttribute(tpName, "currentThreadsBusy").toString()); writer.append('}'); ObjectName grpName = null; @@ -530,10 +532,14 @@ public class StatusTransformer { writer.append(',').println(); indent(writer, 3).append('"').append("requestInfo").append('"').append(':').append('{'); appendJSonValue(writer, "maxTime", mBeanServer.getAttribute(grpName, "maxTime").toString()).append(','); - appendJSonValue(writer, "processingTime", mBeanServer.getAttribute(grpName, "processingTime").toString()).append(','); - appendJSonValue(writer, "requestCount", mBeanServer.getAttribute(grpName, "requestCount").toString()).append(','); - appendJSonValue(writer, "errorCount", mBeanServer.getAttribute(grpName, "errorCount").toString()).append(','); - appendJSonValue(writer, "bytesReceived", mBeanServer.getAttribute(grpName, "bytesReceived").toString()).append(','); + appendJSonValue(writer, "processingTime", + mBeanServer.getAttribute(grpName, "processingTime").toString()).append(','); + appendJSonValue(writer, "requestCount", mBeanServer.getAttribute(grpName, "requestCount").toString()) + .append(','); + appendJSonValue(writer, "errorCount", mBeanServer.getAttribute(grpName, "errorCount").toString()) + .append(','); + appendJSonValue(writer, "bytesReceived", mBeanServer.getAttribute(grpName, "bytesReceived").toString()) + .append(','); appendJSonValue(writer, "bytesSent", mBeanServer.getAttribute(grpName, "bytesSent").toString()); writer.append('}').println(); // Note: No detailed per processor info @@ -876,8 +882,10 @@ public class StatusTransformer { indent(writer, 2).append('{').println(); appendJSonValue(indent(writer, 3), "name", JSONFilter.escape(JSONFilter.escape(name))).append(','); appendJSonValue(writer, "startTime", - new Date(((Long) mBeanServer.getAttribute(objectName, "startTime")).longValue()).toString()).append(','); - appendJSonValue(writer, "startupTime", mBeanServer.getAttribute(objectName, "startupTime").toString()).append(','); + new Date(((Long) mBeanServer.getAttribute(objectName, "startTime")).longValue()).toString()) + .append(','); + appendJSonValue(writer, "startupTime", mBeanServer.getAttribute(objectName, "startupTime").toString()) + .append(','); appendJSonValue(writer, "tldScanTime", mBeanServer.getAttribute(objectName, "tldScanTime").toString()); if (managerON != null) { writeManager(writer, managerON, mBeanServer, mode); @@ -943,14 +951,22 @@ public class StatusTransformer { } else if (mode == 2) { writer.append(',').println(); indent(writer, 3).append('"').append("manager").append('"').append(':').append('{'); - appendJSonValue(writer, "activeSessions", mBeanServer.getAttribute(objectName, "activeSessions").toString()).append(','); - appendJSonValue(writer, "sessionCounter", mBeanServer.getAttribute(objectName, "sessionCounter").toString()).append(','); - appendJSonValue(writer, "maxActive", mBeanServer.getAttribute(objectName, "maxActive").toString()).append(','); - appendJSonValue(writer, "rejectedSessions", mBeanServer.getAttribute(objectName, "rejectedSessions").toString()).append(','); - appendJSonValue(writer, "expiredSessions", mBeanServer.getAttribute(objectName, "expiredSessions").toString()).append(','); - appendJSonValue(writer, "sessionMaxAliveTime", mBeanServer.getAttribute(objectName, "sessionMaxAliveTime").toString()).append(','); - appendJSonValue(writer, "sessionAverageAliveTime", mBeanServer.getAttribute(objectName, "sessionAverageAliveTime").toString()).append(','); - appendJSonValue(writer, "processingTime", mBeanServer.getAttribute(objectName, "processingTime").toString()); + appendJSonValue(writer, "activeSessions", mBeanServer.getAttribute(objectName, "activeSessions").toString()) + .append(','); + appendJSonValue(writer, "sessionCounter", mBeanServer.getAttribute(objectName, "sessionCounter").toString()) + .append(','); + appendJSonValue(writer, "maxActive", mBeanServer.getAttribute(objectName, "maxActive").toString()) + .append(','); + appendJSonValue(writer, "rejectedSessions", + mBeanServer.getAttribute(objectName, "rejectedSessions").toString()).append(','); + appendJSonValue(writer, "expiredSessions", + mBeanServer.getAttribute(objectName, "expiredSessions").toString()).append(','); + appendJSonValue(writer, "sessionMaxAliveTime", + mBeanServer.getAttribute(objectName, "sessionMaxAliveTime").toString()).append(','); + appendJSonValue(writer, "sessionAverageAliveTime", + mBeanServer.getAttribute(objectName, "sessionAverageAliveTime").toString()).append(','); + appendJSonValue(writer, "processingTime", + mBeanServer.getAttribute(objectName, "processingTime").toString()); writer.append('}'); } @@ -1049,11 +1065,15 @@ public class StatusTransformer { } else if (mode == 2) { indent(writer, 4).append('{'); appendJSonValue(writer, "servletName", JSONFilter.escape(servletName)).append(','); - appendJSonValue(writer, "processingTime", mBeanServer.getAttribute(objectName, "processingTime").toString()).append(','); + appendJSonValue(writer, "processingTime", mBeanServer.getAttribute(objectName, "processingTime").toString()) + .append(','); appendJSonValue(writer, "maxTime", mBeanServer.getAttribute(objectName, "maxTime").toString()).append(','); - appendJSonValue(writer, "requestCount", mBeanServer.getAttribute(objectName, "requestCount").toString()).append(','); - appendJSonValue(writer, "errorCount", mBeanServer.getAttribute(objectName, "errorCount").toString()).append(','); - appendJSonValue(writer, "loadTime", mBeanServer.getAttribute(objectName, "loadTime").toString()).append(','); + appendJSonValue(writer, "requestCount", mBeanServer.getAttribute(objectName, "requestCount").toString()) + .append(','); + appendJSonValue(writer, "errorCount", mBeanServer.getAttribute(objectName, "errorCount").toString()) + .append(','); + appendJSonValue(writer, "loadTime", mBeanServer.getAttribute(objectName, "loadTime").toString()) + .append(','); appendJSonValue(writer, "classLoadTime", mBeanServer.getAttribute(objectName, "classLoadTime").toString()); writer.append('}'); } diff --git a/java/org/apache/catalina/realm/CombinedRealm.java b/java/org/apache/catalina/realm/CombinedRealm.java index 0a97c340f2..902173a122 100644 --- a/java/org/apache/catalina/realm/CombinedRealm.java +++ b/java/org/apache/catalina/realm/CombinedRealm.java @@ -60,7 +60,8 @@ public class CombinedRealm extends RealmBase { realms.add(theRealm); if (log.isDebugEnabled()) { - log.debug(sm.getString("combinedRealm.addRealm", theRealm.getClass().getName(), Integer.toString(realms.size()))); + log.debug(sm.getString("combinedRealm.addRealm", theRealm.getClass().getName(), + Integer.toString(realms.size()))); } } diff --git a/java/org/apache/catalina/realm/RealmBase.java b/java/org/apache/catalina/realm/RealmBase.java index 7959c3ea0b..45082831ab 100644 --- a/java/org/apache/catalina/realm/RealmBase.java +++ b/java/org/apache/catalina/realm/RealmBase.java @@ -1320,9 +1320,8 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { * specified, the default for the CredentialHandler will be used.</li> * <li><b>-h</b> - The fully qualified class name of the CredentialHandler to use. If not specified, the built-in * handlers will be tested in turn and the first one to accept the specified algorithm will be used.</li> - * <li><b>-f</b> - The name of the file that contains passwords to encode. Each - * line in the file should contain only one password. Using this - * option ignores other password input.</li> + * <li><b>-f</b> - The name of the file that contains passwords to encode. Each line in the file should contain only + * one password. Using this option ignores other password input.</li> * </ul> * <p> * This generation process currently supports the following CredentialHandlers, the correct one being selected based @@ -1363,7 +1362,8 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { // Note: Reducing args.length requirement to argIndex+1 so that -f works and ignores // trailing words - while (args.length > argIndex + 1 && args[argIndex].length() == 2 && args[argIndex].charAt(0) == '-' && !endOfList) { + while (args.length > argIndex + 1 && args[argIndex].length() == 2 && args[argIndex].charAt(0) == '-' && + !endOfList) { switch (args[argIndex].charAt(1)) { case 'a': { algorithm = args[argIndex + 1]; @@ -1394,7 +1394,7 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { break; } case '-': { - // When encountering -- option don't parse anything else as an option + // When encountering -- option don't parse anything else as an option endOfList = true; // The -- opt doesn't take an argument, decrement the argIndex so that it parses // all remaining args @@ -1482,8 +1482,7 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { // A FileNotFound is the likely exception here and self-explanatory. Softly // reporting it and exit 1 so that you can tell it failed from the command line. if (e instanceof java.io.FileNotFoundException) { - System.err.println("cannot stat '" + passwordFile + - "': No such file or directory"); + System.err.println("cannot stat '" + passwordFile + "': No such file or directory"); // Not sure if using an exit here is OK, but I wanted to return a code that // showed failure. System.exit(1); @@ -1503,9 +1502,9 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { } private static void usage() { - System.out.println("Usage: RealmBase [-a <algorithm>] [-e <encoding>]" - + " [-i <iterations>] [-s <salt-length>] [-k <key-length>]" - + " [-h <handler-class-name>] | <XX credentials>"); + System.out.println("Usage: RealmBase [-a <algorithm>] [-e <encoding>]" + + " [-i <iterations>] [-s <salt-length>] [-k <key-length>]" + + " [-h <handler-class-name>] | <XX credentials>"); } diff --git a/java/org/apache/catalina/security/SecurityListener.java b/java/org/apache/catalina/security/SecurityListener.java index 7917b9a6a4..8873b77a10 100644 --- a/java/org/apache/catalina/security/SecurityListener.java +++ b/java/org/apache/catalina/security/SecurityListener.java @@ -139,28 +139,24 @@ public class SecurityListener implements LifecycleListener { } /** - * Sets the number of days that may pass between the build-date of this - * Tomcat instance before warnings are printed. + * Sets the number of days that may pass between the build-date of this Tomcat instance before warnings are printed. * - * @param ageDays The number of days a Tomcat build is allowed to age - * before logging warnings. + * @param ageDays The number of days a Tomcat build is allowed to age before logging warnings. */ public void setBuildDateWarningAgeDays(String ageDays) { try { buildDateWarningAgeDays = Integer.parseInt(ageDays); } catch (NumberFormatException nfe) { // Just use the default and warn the user - log.warn(sm.getString("SecurityListener.buildDateAgeUnreadable", - ageDays, String.valueOf(DEFAULT_BUILD_DATE_WARNING_AGE_DAYS))); + log.warn(sm.getString("SecurityListener.buildDateAgeUnreadable", ageDays, + String.valueOf(DEFAULT_BUILD_DATE_WARNING_AGE_DAYS))); } } /** - * Gets the number of days that may pass between the build-date of this - * Tomcat instance before warnings are printed. + * Gets the number of days that may pass between the build-date of this Tomcat instance before warnings are printed. * - * @return The number of days a Tomcat build is allowed to age - * before logging warnings. + * @return The number of days a Tomcat build is allowed to age before logging warnings. */ public int getBuildDateWarningAgeDays() { return buildDateWarningAgeDays; @@ -226,7 +222,8 @@ public class SecurityListener implements LifecycleListener { if (allowedAgeDays >= 0) { String buildDateString = ServerInfo.getServerBuiltISO(); - if (null == buildDateString || buildDateString.length() < 1 || !Character.isDigit(buildDateString.charAt(0))) { + if (null == buildDateString || buildDateString.length() < 1 || + !Character.isDigit(buildDateString.charAt(0))) { log.warn(sm.getString("SecurityListener.buildDateUnreadable", buildDateString)); } else { try { diff --git a/java/org/apache/catalina/session/ManagerBase.java b/java/org/apache/catalina/session/ManagerBase.java index bd31322f79..f176bf6fae 100644 --- a/java/org/apache/catalina/session/ManagerBase.java +++ b/java/org/apache/catalina/session/ManagerBase.java @@ -129,6 +129,7 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager /** * Number of sessions created by this manager. + * * @deprecated This will be removed in Tomcat 11 */ @Deprecated @@ -150,6 +151,7 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager /** * Number of duplicated session ids, anything > 0 means we have problems. + * * @deprecated This will be removed in Tomcat 11 */ @Deprecated @@ -937,6 +939,7 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager * Number of duplicated session IDs generated by the random source. Anything bigger than 0 means problems. * * @return The count of duplicates + * * @deprecated This will be removed in Tomcat 11 */ @Deprecated @@ -947,7 +950,9 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager /** * Set duplicates count. + * * @param duplicates the new duplicates count + * * @deprecated This will be removed in Tomcat 11 */ @Deprecated diff --git a/java/org/apache/catalina/startup/CatalinaBaseConfigurationSource.java b/java/org/apache/catalina/startup/CatalinaBaseConfigurationSource.java index cd31f0fd1e..5f600d6b01 100644 --- a/java/org/apache/catalina/startup/CatalinaBaseConfigurationSource.java +++ b/java/org/apache/catalina/startup/CatalinaBaseConfigurationSource.java @@ -63,7 +63,8 @@ public class CatalinaBaseConfigurationSource implements ConfigurationSource { InputStream stream = getClass().getClassLoader().getResourceAsStream(LEGACY_SERVER_EMBED_XML); if (stream != null) { try { - result = new Resource(stream, getClass().getClassLoader().getResource(LEGACY_SERVER_EMBED_XML).toURI()); + result = new Resource(stream, + getClass().getClassLoader().getResource(LEGACY_SERVER_EMBED_XML).toURI()); } catch (URISyntaxException e) { stream.close(); } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org