Bug report for Tomcat Connectors [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |34526|Opn|Nor|2005-04-19|Truncated content in decompressed requests from mo| |35959|Opn|Enh|2005-08-01|mod_jk not independant of UseCanonicalName| |43303|New|Enh|2007-09-04|Versioning under Windows not reported by many conn| |43968|Inf|Enh|2007-11-26|[patch] support ipv6 with mod_jk | |44290|Inf|Nor|2008-01-24|mod_jk/1.2.26: retry is not useful for an importan| |44349|Inf|Maj|2008-02-04|mod_jk/1.2.26 module does not read worker.status.s| |44379|New|Enh|2008-02-07|convert the output of strftime into UTF-8 | |44454|New|Nor|2008-02-19|busy count reported in mod_jk inflated, causes inc| |44571|New|Enh|2008-03-10|Limits busy per worker to a threshold | |45063|New|Nor|2008-05-22|JK-1.2.26 IIS ISAPI filter issue when running diff| |45313|New|Nor|2008-06-30|mod_jk 1.2.26 & apache 2.2.9 static compiled on so| |46337|New|Nor|2008-12-04|real worker name is wrong | |46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca| |47327|New|Enh|2009-06-07|remote_user not logged in apache logfile | |47617|Inf|Enh|2009-07-31|include time spent doing ajp_get_endpoint() in err| |47678|New|Cri|2009-08-11|Unable to allocate shared memory when using isapi_| |47714|New|Cri|2009-08-20|Reponse mixed between users | |47750|New|Maj|2009-08-27|Loss of worker settings when changing via jkstatus| |47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit| |47840|Inf|Min|2009-09-14|A broken worker name is written in the log file. | |48191|New|Maj|2009-11-13|Problem with mod_jk 1.2.28 - Can not render up the| |48460|New|Nor|2009-12-30|mod_proxy_ajp document has three misleading portio| |48490|New|Nor|2010-01-05|Changing a node to stopped in uriworkermap.propert| |48513|New|Enh|2010-01-09|IIS Quick setup instructions | |48564|New|Nor|2010-01-18|Unable to turn off retries for LB worker | |48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv| |48891|Opn|Enh|2010-03-11|Missing EOL-style settings in tomcat/jk/trunk | |49035|New|Maj|2010-04-01|data lost when post a multipart/form-data form| |49063|New|Enh|2010-04-07|Please add JkStripSession status in jk-status work| |49135|New|Enh|2010-04-16|SPDY Connector for The Tomcat | |49469|New|Enh|2010-06-19|Workers status page has negative number of connect| |49732|Opn|Nor|2010-08-10|reply_timeout can't wait forever. | |49822|New|Enh|2010-08-25|Add hash lb worker method | |49903|New|Enh|2010-09-09|Make workers file reloadable | |50186|New|Nor|2010-10-31|Wrong documentation of connection_pool_timeout / c| |52334|New|Maj|2011-12-14|recover_time is not properly used | |52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus| |52651|New|Nor|2012-02-13|JKSHMFile size limitation | |53324|Opn|Nor|2012-05-30|Starting with mod_jk 1.2.35 I cannot modify worker| |53542|New|Min|2012-07-13|Spelling mistake on 503 service unavailable page | |53762|New|Nor|2012-08-22|JK status manager: mass nodes handling doesn't wor| |53883|New|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe on the p| |53977|New|Maj|2012-10-07|32bits isapi connector cannot work in wow64 mode | |54027|New|Cri|2012-10-18|isapi send request to outside address instead of i| |54112|Opn|Blk|2012-11-07|ISAPI redirector not working when IIS recycles| |54117|New|Maj|2012-11-08|access violation exception in isapi_redirect.dll | |54177|New|Nor|2012-11-20|jkmanager generates non-well-formed XML for certai| |54596|New|Nor|2013-02-22|Relative path functionality truncates last charact| |54621|New|Nor|2013-02-28|[PATCH] custom mod_jk availability checks | |54646|New|Trv|2013-03-06|socket_keepalive is sometimes 1 or true or True in| |54923|New|Nor|2013-05-03|nsapi_redirect.so does not work with iPlanet on So| |55094|
Bug report for Tomcat Native [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |46179|Opn|Maj|2008-11-10|apr ssl client authentication | |48655|Inf|Nor|2010-02-02|Active multipart downloads prevent tomcat shutdown| |49038|Inf|Nor|2010-04-02|Crash in tcnative | |52319|Inf|Maj|2011-12-12|Tomcat 6 crashes with [libapr-1.so.0+0x196da] sig| |52627|New|Min|2012-02-08|Segmentation fault in org.apache.tomcat.jni.File.i| |53605|Inf|Nor|2012-07-26|use tcnative-1.1.24 Tomcat shutdown still crash | |53847|Inf|Nor|2012-09-10|High CPU usage in tomcat native 1.22+ | |53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration| |53952|New|Nor|2012-10-02|Add support for TLS 1.1 and 1.2 | |54085|New|Nor|2012-11-01|ssl_socket_recv sometimes loops infinitely with no| |54664|New|Reg|2013-03-11|[1.1.27 branch] Poll.remove incorrectly reports AP| |55087|New|Cri|2013-06-10|tomcat crashes in tcnative-1.dll with OCSP when OC| |55113|Inf|Nor|2013-06-18|FIPS-compatible OpenSSL fails fingerprint test in | |55114|New|Nor|2013-06-18|BUILDING file in win32 source package contains UNI| |55706|New|Nor|2013-10-25|broken apr version check in native v1.1.29 build; | |55771|New|Maj|2013-11-12|Memory leak and then crash in org.apache.tomcat.jn| |55797|Inf|Nor|2013-11-19|Tomcat 7.0.47 crashes using server jvm.dll and APR| |55915|New|Nor|2013-12-20|Add EECDH support to tcnative-1.dll | |55938|New|Nor|2013-12-29|clang-analyzer report for 1.1.29 | |56027|New|Nor|2014-01-17|Unable to use TCN on RHEL6 boxes if box is booted | |56108|New|Nor|2014-02-04|Allow user-defined Diffie-Hellman parameters | +-+---+---+--+--+ | Total 21 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Taglibs [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field | |38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)| |42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements | |46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l| |48333|New|Enh|2009-12-02|TLD generator | |55609|New|Enh|2013-09-28|c:forEach loop on integer range consumes unnecessa| +-+---+---+--+--+ | Total6 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Modules [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |48240|New|Nor|2009-11-19|Tomcat-Lite missing @Override markers | |48268|New|Nor|2009-11-23|Patch to fix generics in tomcat-lite | |48861|New|Nor|2010-03-04|Files without AL headers | |49685|New|Nor|2010-08-02|Unsafe synchronization in class ManagedBean | |49686|New|Nor|2010-08-02|Using an instance lock to protect static shared da| |50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen| |51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho| |51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods | |52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o| |53088|Opn|Min|2012-04-17|Give PoolCleaner TimerTask a better name | |53198|New|Cri|2012-05-07|'driverClassName' Data Source Property Being Manda| |53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe| |53200|New|Enh|2012-05-07|Be able to use SlowQueryReport without reporting f| |53770|New|Enh|2012-08-23|tomcat-pool: always log validation query syntax er| |53853|New|Nor|2012-09-11|Can tomcat-jdbc consider Thread#getContextClassLoa| |54225|New|Nor|2012-11-30|if initSQL property is set to an empty string a Nu| |54227|New|Nor|2012-11-30|maxAge should be checked on borrow| |54235|New|Nor|2012-12-03|tomcat jdbc pool stackoverflow error used with spr| |54395|New|Nor|2013-01-09|JdbcInterceptor config parameter parsing errors | |54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int| |54537|New|Cri|2013-02-07|StatementFinalizer closeInvoked is too slow for la| |54929|New|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang| |54978|New|Nor|2013-05-15|Validate on Borrow should be tested on Reconnect i| |55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ| |55444|New|Nor|2013-08-18|Support JDBC Drivers outside of tomcat/lib/ | |56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p| |56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio| +-+---+---+--+--+ | Total 27 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 8 [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |51497|New|Enh|2011-07-11|Use canonical IPv6 text representation in logs| |53737|Opn|Enh|2012-08-18|Use ServletContext.getJspConfigDescriptor() in Jas| |53930|New|Enh|2012-09-24|allow capture of catalina stdout/stderr to a comma| |54503|New|Enh|2013-01-29|SAML2 based single sign on| |54700|New|Enh|2013-03-15|Improvement: Add support for system property to sp| |54741|New|Enh|2013-03-22|Add org.apache.catalina.startup.Tomcat#addWebapp(S| |55006|New|Enh|2013-05-22|Add http proxy support for ClientEndpoint using sy| |55243|New|Enh|2013-07-11|Add special search string for nested roles| |55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC | |55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages | |55479|New|Enh|2013-08-24|JSR 196 (JASPIC) support in Tomcat| |9|New|Enh|2013-09-14|UserDatabaseRealm enhacement: may use local JNDI | |55675|New|Enh|2013-10-18|Checking and handling invalid configuration option| |55770|New|Enh|2013-11-12|Allow the crlFile to be reloaded | |55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp| |55884|Ver|Maj|2013-12-14|JSPs no longer compile in Java 8 | |55917|New|Nor|2013-12-20|Cookie parsing fails hard with ISO-8859-1 values | |55918|New|Nor|2013-12-21|CTL characters may appear in quoted values for RFC| |55920|New|Enh|2013-12-22|Quotes should not be removed from quoted cookie va| |55921|New|Nor|2013-12-22|Cookie values in JSON format are not skipped corre| |55951|New|Enh|2014-01-04|HTML5 specifies UTF-8 encoding for cookie values | |55969|New|Enh|2014-01-07|Security-related enhancements to the Windows Insta| |55975|New|Nor|2014-01-08|Inconsistent escaping applied to V0 cookie values | |55984|New|Nor|2014-01-10|Invalid V1 cookie generated if value contains sepa| |55988|New|Enh|2014-01-11|Add parameter useCipherSuitesOrder to JSSE (BIO an| |56079|New|Nor|2014-01-28|Digitally sign the Windows binaries | +-+---+---+--+--+ | Total 26 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 7 [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |18500|New|Enh|2003-03-30|Host aliases to match by regular expression | |28039|Opn|Enh|2004-03-30|Cluster Support for SingleSignOn | |40881|Opn|Enh|2006-11-02|Unable to receive message through TCP channel -> | |41007|Opn|Enh|2006-11-20|Can't define customized 503 error page| |43866|New|Enh|2007-11-14|add support for session attribute propagation with| |43925|Opn|Enh|2007-11-21|org.apache.jasper.runtime.BodyContentImpl causing | |44216|New|Enh|2008-01-11|Don't reuse session ID even if emptySessionPath=tr| |49395|New|Enh|2010-06-06|manager.findLeaks : display the date when the leak| |49589|New|Enh|2010-07-12|Tag handlers with constant attribute values are al| |49785|New|Enh|2010-08-19|Enabling TLS for JNDIRealm| |49821|New|Enh|2010-08-25|Tomcat CLI| |50019|New|Enh|2010-09-28|Adding JNDI "lookup-name" support In XML and Resou| |50175|New|Enh|2010-10-28|Enhance memory leak detection by selectively apply| |50234|New|Enh|2010-11-08|JspC use servlet 3.0 features | |50504|New|Enh|2010-12-21|Allow setting query string character set trough re| |50670|New|Enh|2011-01-27|Tribes | RpcChannel | Add option to specify extern| |50944|Ver|Blk|2011-03-18|JSF: java.lang.NullPointerException at com.sun.fac| |51195|New|Enh|2011-05-13|"Find leaks" reports a false positive memory/class| |51423|Inf|Enh|2011-06-23|[Patch] to add a path and a version parameters to | |51463|New|Enh|2011-07-01|Tomcat.setBaseDir (package org.apache.catalina.st| |51496|New|Enh|2011-07-11|NSIS - Warn that duplicate service name will resul| |51587|New|Enh|2011-07-29|Implement status and uptime commands | |51953|New|Enh|2011-10-04|Proposal: netmask filtering valve and filter | |52235|New|Enh|2011-11-23|Please do a bit of SEO tuning for the web site| |52381|New|Enh|2011-12-22|Please add OSGi metadata | |52448|New|Enh|2012-01-11|Cache jar indexes in WebappClassLoader to speed up| |52489|New|Enh|2012-01-19|Enhancement request for code signing of war files | |52688|New|Enh|2012-02-16|Add ability to remove old access log files| |52751|Opn|Enh|2012-02-23|Optimized configuration of the system info display| |52952|New|Enh|2012-03-20|Improve ExtensionValidator handling for embedded s| |53085|New|Enh|2012-04-16|[perf] [concurrency] DefaultInstanceManager.annota| |53387|New|Enh|2012-06-08|SSI: Allow to use $1 to get result of regular expr| |53411|Opn|Enh|2012-06-13|NullPointerException in org.apache.tomcat.util.buf| |53492|New|Enh|2012-07-01|Make JspC shell multithreaded | |53553|New|Enh|2012-07-16|[PATCH] Deploy uploaded WAR with context.xml from | |53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l| |54330|New|Enh|2012-12-19|Patch with some refactoring of Member.java| |54499|New|Enh|2013-01-29|Implementation of Extensible EL Interpreter | |54618|New|Enh|2013-02-28|Add filter implementing HTTP Strict Transport Secu| |54802|New|Enh|2013-04-04|Provide location information for exceptions thrown| |55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae| |55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star| |55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security | |55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di| |56051|Inf|Nor|2014-01-22|FarmWarDeployer sporadically fails with "applicati| |56093|New|Enh|2014-01-30|org.apache.catalina.valves.SSLValve is not documen| |56115|New|Enh|2014-02-06|Need to provide parameters to Ant's get task to re| +-+---+---+--+--+ | Total 47 bugs | +---+ - To unsubscribe
Bug report for Tomcat 6 [2014/02/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |41679|New|Enh|2007-02-22|SemaphoreValve should be able to filter on url pat| |43001|New|Enh|2007-07-30|JspC lacks setMappedFile and setDie for use in Ant| |43400|New|Enh|2007-09-14|enum support for tag libs | |43548|Opn|Enh|2007-10-04|xml schema for tomcat-users.xml | |43682|New|Enh|2007-10-23|JULI: web-inf/classes/logging.properties to suppor| |43742|New|Enh|2007-10-30|.tag compiles performed one at a time -- extremel| |43979|New|Enh|2007-11-27|Add abstraction for Java and Classfile output | |44199|New|Enh|2008-01-10|expose current backlog queue size | |44225|New|Enh|2008-01-14|SSL connector tries to load the private keystore f| |44294|New|Enh|2008-01-25|Support for EL functions with varargs | |44645|New|Enh|2008-03-20|[Patch] JNDIRealm - Doesn't support JNDI "java.nam| |44787|New|Enh|2008-04-09|provide more error context on "java.lang.IllegalSt| |45014|New|Enh|2008-05-15|Request and Response classes should have wrappers | |45282|New|Enh|2008-06-25|NioReceiver doesn't close cleanly, leaving sockets| |45832|New|Enh|2008-09-18|add DIGEST authentication support to Ant tasks| |45878|New|Enh|2008-09-24|Generated jars do not contain proper manifests or | |45879|Opn|Enh|2008-09-24|Windows installer fails to install NOTICE and RELE| |45931|Opn|Enh|2008-10-01|trimSpaces incorrectly modifies output| |46173|New|Enh|2008-11-09|Small patch for manager app: Setting an optional c| |46263|Opn|Enh|2008-11-21|Tomcat reloading of context.xml does not update do| |46284|New|Enh|2008-11-24|Add flag to DeltaManager that blocks processing cl| |46350|New|Enh|2008-12-05|Maven repository should contain source bundles| |46558|Opn|Enh|2009-01-19|Shutdown port with address binding| |46902|New|Enh|2009-03-24|LoginValve to bypass restrictions of j_security_ch| |47214|New|Enh|2009-05-17|Inner classes that are explicitly referenced - sho| |47242|New|Enh|2009-05-22|request for AJP command line client | |47281|New|Enh|2009-05-28|Efficiency of the JDBCStore | |47407|New|Enh|2009-06-23|HttpSessionListener doesn't operate in the session| |47467|New|Enh|2009-07-02|Deployment of the war file by URL when contextpath| |47834|New|Enh|2009-09-14|TldConfig throws Exception when exploring unpacked| |47919|New|Enh|2009-09-30|Log Tomcat & Java environment variables in additio| |48358|Opn|Enh|2009-12-09|JSP-unloading reloaded| |48543|New|Enh|2010-01-14|[Patch] More flexibility in specifying -Dcatalina.| |48672|New|Enh|2010-02-03|Tomcat Virtual Host Manager (/host-manager) have b| |48674|New|Enh|2010-02-03|Tomcat Virtual Host Manager application doesn't pe| |48743|New|Enh|2010-02-15|Make the SLEEP variable in catalina.sh settable fr| |48899|New|Enh|2010-03-12|Guess URI charset should solve lot of problems| |48922|New|Enh|2010-03-16|org.apache.catalina.connector.Request clone static| |48928|New|Enh|2010-03-17|An alternative solution to preloading classes when| |49161|New|Enh|2010-04-21|Unknown Publisher when installing tomcat 6.0.26 | |49176|Opn|Enh|2010-04-23|Jasper in Dev Mode Is Memory Inefficient | |49464|New|Enh|2010-06-18|DefaultServlet and CharacterEncoding | |49531|New|Enh|2010-06-30|singlesignon failover not working on DeltaManager/| |49804|New|Enh|2010-08-23|Allow Embedded.redirectStreams value to be configu| |49939|New|Enh|2010-09-16|Expose a method via JMX which empties the webapp f| |49943|New|Enh|2010-09-16|Logging (via juli) does not reread configuration c| |50285|New|Enh|2010-11-17|Standard HTTP and AJP connectors silently ignore a| |50288|New|Enh|2010-11-17|Uploading a war file that already exists should au| |50677|Opn|Enh|2011-01-27|Allow system property variables in catalina.proper| |50692|New|Enh|2011-01-31|Improve log message in ThreadPool.logFull | |51142|New|Enh|2011-05-03|Offer possible resolution of StringIndexOutOfBound| |51513|
Re: [VOTE] Release Apache Tomcat 8.0.3
Mark,
On 8.2.2014 12:19, Mark Thomas wrote:
- Tested with several webapps that are in active development (Linux).
You mentioned in the 8.0.2 vote that some of these used Tomcat's
packaged renamed DBCP. I've added support for using that with a security
manager in 8.0.3 (with apps not needing extra permissions to connect to
the database).
It works with my simple database app. Any chance you could try it with
your apps and see if I missed any classes that need to be pre-loaded or
methods that need PrivilegedActions? I appreciate that enabling the
security manage may cause all sorts of things to break but if you can
provide any feedback on DBCP and the security manager that would be great.
I can only confirm what you already know.
In order to isolate the problem with 8.0.2 I created a simple webapp
that uses JNDI lookup to get data source from DBCP2 pool defined in
context.xml.
With that simple webapp, when I enable security manager:
1. with 8.0.1, it throws:
java.security.AccessControlException: access denied
("java.lang.RuntimePermission"
"accessClassInPackage.org.apache.tomcat.dbcp.dbcp2")
2. with 8.0.3, it works Ok.
I also tried to test my production webapps, which also use DBCP2.
However I get a lot of AccessControlExceptions, which I resolved one by
one. Now I am stucked with particularly stubborn FilePermission problem.
If I resolve that one, and other following exceptions I will report the
results of testing here.
-Ognjen
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "SSLWithFORMFallback7" by GaryBriggs
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change
notification.
The "SSLWithFORMFallback7" page has been changed by GaryBriggs:
https://wiki.apache.org/tomcat/SSLWithFORMFallback7?action=diff&rev1=1&rev2=2
Comment:
printf debug spam
} else {
retval = formAuthenticator.authenticate(rqst, resp, lc);
}
- System.out.println("Retval: " + retval + ", certAuth: " + certAuth);
+ // System.out.println("Retval: " + retval + ", certAuth: " +
certAuth);
return retval;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "SSLWithFORMFallback" by GaryBriggs
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "SSLWithFORMFallback" page has been changed by GaryBriggs: https://wiki.apache.org/tomcat/SSLWithFORMFallback?action=diff&rev1=13&rev2=14 See also: + * [[SSLWithFORMFallback7]] * [[SSLWithFORMFallback6]] * [[SSLWithFormFallbackAuthenticator]] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "SSLWithFORMFallback7" by GaryBriggs
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change
notification.
The "SSLWithFORMFallback7" page has been changed by GaryBriggs:
https://wiki.apache.org/tomcat/SSLWithFORMFallback7
Comment:
Adding an SSLWithFORMFallback alternative that works with Tomcat7
New page:
This is another SSLWithFORMFallback class, this time for Tomcat 7. This is
heavily reappropriated from the Tomcat 6 version by Vegar Neshaug
Gary
{{{
import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.Container;
import org.apache.catalina.Globals;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.authenticator.AuthenticatorBase;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.authenticator.SSLAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.coyote.ActionCode;
/** Mostly borrowed from: http://wiki.apache.org/tomcat/SSLWithFORMFallback6
*
* @author Vegar Neshaug, minor edits for Tomcat7 by Gary Briggs
*/
public class SSLWithFORMFallback7 extends AuthenticatorBase {
FormAuthenticator formAuthenticator = new FormAuthenticator();
SSLAuthenticator sslAuthenticator = new SSLAuthenticator();
@Override
public boolean authenticate(Request rqst,
javax.servlet.http.HttpServletResponse resp, LoginConfig lc) throws IOException
{
// Have we already authenticated someone?)
Principal principal = rqst.getUserPrincipal();
//String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
if (principal != null) {
// Associate the session with any existing SSO session in order
// to get coordinated session invalidation at logout
String ssoId = (String) rqst.getNote(Constants.REQ_SSOID_NOTE);
if (ssoId != null) {
associate(ssoId, rqst.getSessionInternal(true));
}
return (true);
}
// Get certificates from the request
boolean certAuth = true;
X509Certificate certs[] = (X509Certificate[])
rqst.getAttribute(Globals.CERTIFICATES_ATTR);
if ((certs == null) || (certs.length < 1)) {
rqst.getCoyoteRequest().action(ActionCode.REQ_SSL_CERTIFICATE,
null);
certs = (X509Certificate[])
rqst.getAttribute(Globals.CERTIFICATES_ATTR);
}
if ((certs == null) || (certs.length < 1)) {
// No certificates
certAuth = false;
}
// Delegate authentication request
boolean retval;
if (certAuth) {
retval = sslAuthenticator.authenticate(rqst, resp, lc);
} else {
retval = formAuthenticator.authenticate(rqst, resp, lc);
}
System.out.println("Retval: " + retval + ", certAuth: " + certAuth);
return retval;
}
private String infoStr = null;
@Override
public String getInfo() {
if(null == infoStr) {
infoStr = this.getClass().getName();
}
return infoStr;
}
@Override
protected String getAuthMethod() {
return HttpServletRequest.CLIENT_CERT_AUTH;
//return HttpServletRequest.FORM_AUTH;
}
@Override
public void setContainer(Container container) {
try {
super.setContainer(container);
sslAuthenticator.setContainer(container);
formAuthenticator.setContainer(container);
/* At time of writing, it appears .setContainer is the only
thing necessary ahead of time to call .start() */
formAuthenticator.start();
sslAuthenticator.start();
} catch (LifecycleException ex) {
Logger.getLogger(SSLWithFORMFallback7.class.getName()).log(Level.SEVERE, null,
ex);
}
}
}
}}}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "ContributorsGroup" by markt
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "ContributorsGroup" page has been changed by markt: https://wiki.apache.org/tomcat/ContributorsGroup?action=diff&rev1=17&rev2=18 Comment: += GaryBriggs * JonLucas * StevenHeckler * PierreJean + * GaryBriggs - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.3
On 7.2.2014 19:16, Mark Thomas wrote: The proposed Apache Tomcat 8.0.3 release is now available for voting. ... The proposed 8.0.3 release is: [ ] Broken - do not release [ ] Alpha - go ahead and release as 8.0.3 (alpha) [ ] Beta - go ahead and release as 8.0.3 (beta) [X] Stable - go ahead and release as 8.0.3 (stable) Ubuntu 13.04 32-bit, java version "1.7.0_51" OpenJDK Runtime Environment (IcedTea 2.4.4) (7u51-2.4.4-0ubuntu0.13.10.1) OpenJDK Server VM (build 24.45-b08, mixed mode) All tests run successfully with NIO and BIO. Congratulations! Brian - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.3
On 07/02/2014 22:05, Ognjen Blagojevic wrote: > Mark, > > On 7.2.2014 19:16, Mark Thomas wrote: >> The proposed Apache Tomcat 8.0.3 release is now available for voting. > ... >> The proposed 8.0.3 release is: >> [ ] Broken - do not release >> [ ] Alpha - go ahead and release as 8.0.3 (alpha) >> [ ] Beta - go ahead and release as 8.0.3 (beta) >> [X] Stable - go ahead and release as 8.0.3 (stable) > > Tested .zip distribution on Windows 7 64-bit, and .tar.gz on CentOS 5 > 64-bit: > > - Tested TLS/SSL connectivity for BIO, NIO and APR connectors (Windows). > > - Crawled all links (except /manager, /host-manager and > /examples/async*). No broken links found, except links to JavaDocs > (Windows). > > - Smoke tests of BIO, NIO and APR, with and without TLS, all passed > (Windows). > > - Tested with several webapps that are in active development (Linux). You mentioned in the 8.0.2 vote that some of these used Tomcat's packaged renamed DBCP. I've added support for using that with a security manager in 8.0.3 (with apps not needing extra permissions to connect to the database). It works with my simple database app. Any chance you could try it with your apps and see if I missed any classes that need to be pre-loaded or methods that need PrivilegedActions? I appreciate that enabling the security manage may cause all sorts of things to break but if you can provide any feedback on DBCP and the security manager that would be great. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
