Re: Adding CredentialHandler to ServletContext so applications can get to it
Konstantin, On 11/23/15 7:19 AM, Konstantin Kolinko wrote: > 2015-11-22 22:26 GMT+03:00 Christopher Schultz: >> Konstantin, >> >> On 11/21/15 10:07 AM, Konstantin Kolinko wrote: >>> 2015-11-20 15:47 GMT+03:00 Christopher Schultz >>> : All, I thought there was a BZ issue for this, but I didn't find one. It's been suggested (and I agree completely) that an application ought to be able to fetch the CredentialHandler for the context's realm so that it could mutate user credentials in the same way that the Realm expects to do. That allows applications to change user's passwords, for instance. >>> >>> In review of r1715434 >>> >>> 1. I think this has to be an opt-in feature. >>> >>> I do not see high risk though. In theory, if stored credentials are >>> known then CredentialHandler allows untrusted applications to test >>> potential passwords without triggering a lock-out timer. >> >> Hmm, I hadn't thought of that. I could pretty easily make this a setting >> for the context. >> >>> I am OK with this being a StandardContext feature, though there is an >>> alternative way: to implement publishing the attribute with a >>> Listener. >> >> But then if you don't trust the application, how do you trust the >> context's settings? >> > > 1) When SecurityManager is enabled then the value of "deployXML" > attribute of a StandatdHost by default is "false". > > It means that an administrator has to explicitly configure a > conf/Catalina/localhost/appname.xml context file for an application, > if it needs one. The META-INF/context.xml file in a web application > is not trusted. (Moreover, Tomcat will refuse to start an application > if META-INF/context.xml is present, but explicit context file in conf/ > is not configured). > > 2) In case of "user" applications deployed by > org.apache.catalina.startup.UserConfig listener: > > A Context is created programmatically, with default settings (the > value for StandardContext.configFile is null). The > META-INF/context.xml file in a web application is not read. Sounds good. Thanks for the clarification. >> What kind of listener do you think would be appropriate to use, here? >> > > I just say that it is another possible way to implement this feature. > A LifecycleListener that reacts on "after_start" or "configure_start" > event of a Context. I'm comfortable with a StandardContext feature for the moment. If others feel strongly about a different strategy, please speak up and I'll move this into a Listener. On the other hand, a Listener requires (arguably) less configuration and can be enabled either on a per-context basis or at the global level. I'll have to think about this a bit more. >>> 2. A web application is not allowed to access classes in >>> org.apache.catalina. >>> >>> Interfaces exposed to web applications (InstanceManager etc.) are in >>> org.apache.tomcat package >>> and access to them is granted with the following lines in catalina.policy: >>> >>> // All JSPs need to be able to read this package >>> permission java.lang.RuntimePermission >>> "accessClassInPackage.org.apache.tomcat"; >> >> Hmm... I didn't test with a SecurityManager enabled; didn't think about >> that. >> >> I think Mark committed the original work for CredentialHandler based >> upon my ideas... Mark, is there any objection to moving >> CredentialHandler to org.apache.tomcat? It would be an API change, but >> we could leave org.apache.catalina.CredentialHandler as a sub-interface >> of the new one in org.apache.tomcat. >> >> Another idea would be continue to use the existing CredentialHandler >> internally, and put the "SafeCredentialHandler" for access through the >> ServletContext into org.apache.tomcat. > > Your web application that uses CredentialHandler class, does it also > use other internal classes? No, not right now. > Do you need access to a Realm? Or you are accessing a database / LDAP > directory directly, behind a Realm's back? For writing new credentials (e.g. password-change, registration, etc.), I write directly to the database, as Tomcat has no facilities for this kind of thing. I have no need to access the Realm when its primary purpose is authentication and authorization. That can already be accomplished using HttpServletRequest.login if necessary. > E.g. LockOutRealm has a cache of locked-out users. You may want to > call LockOutRealm.unlock(username) if user's password is being reset > by an administrator. That exposes another opportunity to interact with Tomcat's authentication mechanisms. I wonder how most people are actually working with Tomcat's authentication due to it's non-portable nature. For $work, we use securityfilter which is somewhat more portable (though it binds us to sf, of course). The lack of standard interfaces for this kind of stuff makes this type of work awkward. I found myself writing code using reflection to make the calls to
svn commit: r1715765 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Author: markt Date: Mon Nov 23 11:16:10 2015 New Revision: 1715765 URL: http://svn.apache.org/viewvc?rev=1715765=rev Log: Checkstyle police Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715765=1715764=1715765=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon Nov 23 11:16:10 2015 @@ -61,37 +61,37 @@ public class OpenSSLUtil implements SSLU /* In fact we can use the JSSE one for the moment */ @Override public TrustManager[] getTrustManagers() throws Exception { - String storefile = System.getProperty("java.home") + "/lib/security/cacerts"; +String storefile = System.getProperty("java.home") + "/lib/security/cacerts"; String password = "changeit"; String type = "jks"; String provider = null; if (sslHostConfig.getTruststoreFile() != null) { - storefile = sslHostConfig.getTruststoreFile(); +storefile = sslHostConfig.getTruststoreFile(); } if (sslHostConfig.getTruststorePassword() != null) { - password = sslHostConfig.getTruststorePassword(); +password = sslHostConfig.getTruststorePassword(); } if (sslHostConfig.getTruststoreType() != null) { - type = sslHostConfig.getTruststoreType(); +type = sslHostConfig.getTruststoreType(); } if (sslHostConfig.getTruststoreProvider() != null) { - provider = sslHostConfig.getTruststoreProvider(); +provider = sslHostConfig.getTruststoreProvider(); } TrustManagerFactory factory; if (provider == null) - factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); +factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); else - factory = TrustManagerFactory.getInstance(provider); - - KeyStore keystore = KeyStore.getInstance(type); - InputStream stream = new FileInputStream(storefile); - keystore.load(stream, password.toCharArray()); - factory.init(keystore); - TrustManager[] managers = factory.getTrustManagers(); +factory = TrustManagerFactory.getInstance(provider); + +KeyStore keystore = KeyStore.getInstance(type); +InputStream stream = new FileInputStream(storefile); +keystore.load(stream, password.toCharArray()); +factory.init(keystore); +TrustManager[] managers = factory.getTrustManagers(); return managers; } - + @Override public void configureSessionContext(SSLSessionContext sslSessionContext) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/652 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1715765 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58638] New: tomcat looses asyn-supported when the configuration is split between web.xml and anntotations
https://bz.apache.org/bugzilla/show_bug.cgi?id=58638 Bug ID: 58638 Summary: tomcat looses asyn-supported when the configuration is split between web.xml and anntotations Product: Tomcat 8 Version: 8.0.26 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: i...@toshkov.org I have an async servlet annotated like this: @WebServlet(name = "streaming", urlPatterns = {"/streaming/*"}) And I'm trying to add CORS filter to it. Since it's third-party (I tried the one bundled with tomcat, as well as a couple external filters), I have to add it using web.xml: CorsFilter org.apache.catalina.filters.CorsFilter true CorsFilter /* But when I run this, I get the following exception: 23-Nov-2015 13:24:02.072 SEVERE [http-nio-8080-exec-2] org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [streaming] in context with path [/tuareg_1] threw exception java.lang.IllegalStateException: A filter or servlet of the current chain does not support asynchronous operations. at org.apache.catalina.connector.Request.startAsync(Request.java:1611) at org.apache.catalina.connector.Request.startAsync(Request.java:1604) at org.apache.catalina.connector.RequestFacade.startAsync(RequestFacade.java:1030) at ... (N.B. The startAsync call is from the same thread, so this is not the problem) I moved the servlet registration in the web.xml file (and removed the annotation) and the whole thing worked. I think that maybe tomcat doesn't merge the configration from web.xml and annotations properly. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Adding CredentialHandler to ServletContext so applications can get to it
2015-11-22 22:26 GMT+03:00 Christopher Schultz: > Konstantin, > > On 11/21/15 10:07 AM, Konstantin Kolinko wrote: >> 2015-11-20 15:47 GMT+03:00 Christopher Schultz >> : >>> All, >>> >>> I thought there was a BZ issue for this, but I didn't find one. It's >>> been suggested (and I agree completely) that an application ought to be >>> able to fetch the CredentialHandler for the context's realm so that it >>> could mutate user credentials in the same way that the Realm expects to >>> do. That allows applications to change user's passwords, for instance. >>> >> >> In review of r1715434 >> >> 1. I think this has to be an opt-in feature. >> >> I do not see high risk though. In theory, if stored credentials are >> known then CredentialHandler allows untrusted applications to test >> potential passwords without triggering a lock-out timer. > > Hmm, I hadn't thought of that. I could pretty easily make this a setting > for the context. > >> I am OK with this being a StandardContext feature, though there is an >> alternative way: to implement publishing the attribute with a >> Listener. > > But then if you don't trust the application, how do you trust the > context's settings? > 1) When SecurityManager is enabled then the value of "deployXML" attribute of a StandatdHost by default is "false". It means that an administrator has to explicitly configure a conf/Catalina/localhost/appname.xml context file for an application, if it needs one. The META-INF/context.xml file in a web application is not trusted. (Moreover, Tomcat will refuse to start an application if META-INF/context.xml is present, but explicit context file in conf/ is not configured). 2) In case of "user" applications deployed by org.apache.catalina.startup.UserConfig listener: A Context is created programmatically, with default settings (the value for StandardContext.configFile is null). The META-INF/context.xml file in a web application is not read. > What kind of listener do you think would be appropriate to use, here? > I just say that it is another possible way to implement this feature. A LifecycleListener that reacts on "after_start" or "configure_start" event of a Context. >> 2. A web application is not allowed to access classes in org.apache.catalina. >> >> Interfaces exposed to web applications (InstanceManager etc.) are in >> org.apache.tomcat package >> and access to them is granted with the following lines in catalina.policy: >> >> // All JSPs need to be able to read this package >> permission java.lang.RuntimePermission >> "accessClassInPackage.org.apache.tomcat"; > > Hmm... I didn't test with a SecurityManager enabled; didn't think about > that. > > I think Mark committed the original work for CredentialHandler based > upon my ideas... Mark, is there any objection to moving > CredentialHandler to org.apache.tomcat? It would be an API change, but > we could leave org.apache.catalina.CredentialHandler as a sub-interface > of the new one in org.apache.tomcat. > > Another idea would be continue to use the existing CredentialHandler > internally, and put the "SafeCredentialHandler" for access through the > ServletContext into org.apache.tomcat. Your web application that uses CredentialHandler class, does it also use other internal classes? Do you need access to a Realm? Or you are accessing a database / LDAP directory directly, behind a Realm's back? E.g. LockOutRealm has a cache of locked-out users. You may want to call LockOutRealm.unlock(username) if user's password is being reset by an administrator. If CredentialHandler is not the only class you need access to then moving it alone does not solve your issue. To allow access to other classes there has to be an explicit grant in catalina.policy file, like there is one for Tomcat Manager application. I think it is OK to leave CredentialHandler as is as long as it is not exposed by default. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715783 - in /tomcat/trunk/java/org/apache/coyote/http2: HpackEncoder.java Http2UpgradeHandler.java LocalStrings.properties Stream.java
Author: markt Date: Mon Nov 23 12:28:59 2015 New Revision: 1715783 URL: http://svn.apache.org/viewvc?rev=1715783=rev Log: HTTP/2 debug logging improvements for Server push Modified: tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties tomcat/trunk/java/org/apache/coyote/http2/Stream.java Modified: tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java?rev=1715783=1715782=1715783=diff == --- tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/HpackEncoder.java Mon Nov 23 12:28:59 2015 @@ -26,13 +26,19 @@ import java.util.List; import java.util.Locale; import java.util.Map; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.http.MimeHeaders; +import org.apache.tomcat.util.res.StringManager; /** * Encoder for HPACK frames. */ public class HpackEncoder { +private static final Log log = LogFactory.getLog(HpackEncoder.class); +private static final StringManager sm = StringManager.getManager(HpackEncoder.class); + public static final HpackHeaderFunction DEFAULT_HEADER_FUNCTION = new HpackHeaderFunction() { @Override public boolean shouldUseIndexing(String headerName, String value) { @@ -141,19 +147,24 @@ public class HpackEncoder { } } if (!skip) { - -int required = 11 + headerName.length(); //we use 11 to make sure we have enough room for the variable length integers - String val = headers.getValue(it).toString(); + +if (log.isDebugEnabled()) { +log.debug(sm.getString("hpackEncoder.encodeHeader", headerName, val)); +} TableEntry tableEntry = findInTable(headerName, val); -required += (1 + val.length()); +// We use 11 to make sure we have enough room for the +// variable length integers +int required = 11 + headerName.length() + 1 + val.length(); if (target.remaining() < required) { this.headersIterator = it; return State.UNDERFLOW; } -boolean canIndex = hpackHeaderFunction.shouldUseIndexing(headerName, val) && (headerName.length() + val.length() + 32) < maxTableSize; //only index if it will fit +// Only index if it will fit +boolean canIndex = hpackHeaderFunction.shouldUseIndexing(headerName, val) && +(headerName.length() + val.length() + 32) < maxTableSize; if (tableEntry == null && canIndex) { //add the entry to the dynamic table target.put((byte) (1 << 6)); Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java?rev=1715783=1715782=1715783=diff == --- tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Http2UpgradeHandler.java Mon Nov 23 12:28:59 2015 @@ -551,7 +551,7 @@ public class Http2UpgradeHandler extends throws IOException { if (log.isDebugEnabled()) { log.debug(sm.getString("upgradeHandler.writePushHeaders", connectionId, -stream.getIdentifier())); +stream.getIdentifier(), Integer.toString(pushedStreamId))); } // This ensures the Stream processing thread has control of the socket. synchronized (socketWrapper) { Modified: tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties?rev=1715783=1715782=1715783=diff == --- tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties Mon Nov 23 12:28:59 2015 @@ -35,6 +35,8 @@ hpack.integerEncodedOverTooManyOctets=HP hpackdecoder.zeroNotValidHeaderTableIndex=Zero is not a valid header table index +hpackEncoder.encodeHeader=Encoding header [{0}] with value [{1}] + hpackhuffman.huffmanEncodedHpackValueDidNotEndWithEOS=Huffman encoded value in HPACK headers did not end with EOS padding
[Bug 58638] tomcat looses asyn-supported when the configuration is split between web.xml and anntotations
https://bz.apache.org/bugzilla/show_bug.cgi?id=58638 --- Comment #2 from Ivan Toshkov--- Thank for the quick find and sorry for the noise. I accidentally removed the flag from the annotation during a "minor" refactoring. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58638] tomcat looses asyn-supported when the configuration is split between web.xml and anntotations
https://bz.apache.org/bugzilla/show_bug.cgi?id=58638 Mark Thomaschanged: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- Your annotation doesn't specify that async is supported. If required, further assistance is available from the users' mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
2015-11-23 9:43 GMT+03:00: > Author: jfclere > Date: Mon Nov 23 06:43:01 2015 > New Revision: 1715732 > > URL: http://svn.apache.org/viewvc?rev=1715732=rev > Log: > Add the JSSE one. > > Modified: > tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java > > Modified: > tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715732=1715731=1715732=diff > == > --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java > (original) > +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon > Nov 23 06:43:01 2015 > @@ -16,11 +16,15 @@ > */ > package org.apache.tomcat.util.net.openssl; > > +import java.io.FileInputStream; > +import java.io.InputStream; > +import java.security.KeyStore; > import java.util.List; > > import javax.net.ssl.KeyManager; > import javax.net.ssl.SSLSessionContext; > import javax.net.ssl.TrustManager; > +import javax.net.ssl.TrustManagerFactory; > > import org.apache.tomcat.util.net.SSLContext; > import org.apache.tomcat.util.net.SSLHostConfig; > @@ -54,10 +58,40 @@ public class OpenSSLUtil implements SSLU > return managers; > } > > +/* In fact we can use the JSSE one for the moment */ > @Override > public TrustManager[] getTrustManagers() throws Exception { > -return null; > + String storefile = System.getProperty("java.home") + > "/lib/security/cacerts"; > +String password = "changeit"; > +String type = "jks"; > +String provider = null; > +if (sslHostConfig.getTruststoreFile() != null) { > + storefile = sslHostConfig.getTruststoreFile(); > +} > +if (sslHostConfig.getTruststorePassword() != null) { > + password = sslHostConfig.getTruststorePassword(); > +} > +if (sslHostConfig.getTruststoreType() != null) { > + type = sslHostConfig.getTruststoreType(); > +} > +if (sslHostConfig.getTruststoreProvider() != null) { > + provider = sslHostConfig.getTruststoreProvider(); > +} > + > +TrustManagerFactory factory; > +if (provider == null) > + factory = > TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > +else > + factory = TrustManagerFactory.getInstance(provider); Why "provider" on the above line? I guess it should be sslHostConfig.getTruststoreAlgorithm() For example: JSSESocketFactory.getTrustManagers() > + KeyStore keystore = KeyStore.getInstance(type); > + InputStream stream = new FileInputStream(storefile); There is a new feature to allow random URLs as storefile. The code will be stream = ConfigFileLoader.getInputStream(storefile); For example: JSSESocketFactory.getStore(...) > + keystore.load(stream, password.toCharArray()); It also needs finally { if (stream != null) stream.close() }. > + factory.init(keystore); > + TrustManager[] managers = factory.getTrustManagers(); > +return managers; > } > + > > @Override > public void configureSessionContext(SSLSessionContext sslSessionContext) > { BTW, a changelog, documentation =? - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715809 - in /tomcat/trunk: java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java java/org/apache/tomcat/util/net/SSLHostConfig.java webapps/docs/changelog.xml
Author: remm Date: Mon Nov 23 13:46:38 2015 New Revision: 1715809 URL: http://svn.apache.org/viewvc?rev=1715809=rev Log: Allow the OpenSSL implementation to use either the OpenSSL or JSSE type without a warning. If trying to use both, it might work, but IMO a warning is needed. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1715809=1715808=1715809=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Mon Nov 23 13:46:38 2015 @@ -68,7 +68,7 @@ public abstract class AbstractJsseEndpoi // TODO: Add configuration to allow the OpenSSLImplementation to optionally use the JSSE configuration // (it should still default to OpenSSL style since it is the most logical and straightforward) if (OpenSSLImplementation.IMPLEMENTATION_NAME.equals(sslImplementationName)) { -return SSLHostConfig.Type.OPENSSL; +return SSLHostConfig.Type.EITHER; } else { return SSLHostConfig.Type.JSSE; } Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java?rev=1715809=1715808=1715809=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java Mon Nov 23 13:46:38 2015 @@ -58,6 +58,7 @@ public class SSLHostConfig { } private Type configType = null; +private Type currentConfigType = null; private MapconfiguredProperties = new HashMap<>(); private String hostName = DEFAULT_SSL_HOST_NAME; @@ -119,7 +120,13 @@ public class SSLHostConfig { public void setConfigType(Type configType) { this.configType = configType; -configuredProperties.remove(configType); +if (configType == Type.EITHER) { +if (configuredProperties.remove(Type.JSSE) == null) { +configuredProperties.remove(Type.OPENSSL); +} +} else { +configuredProperties.remove(configType); +} for (Map.Entry entry : configuredProperties.entrySet()) { for (String property : entry.getValue()) { log.warn(sm.getString("sslHostConfig.mismatch", @@ -137,6 +144,13 @@ public class SSLHostConfig { configuredProperties.put(configType, properties); } properties.add(name); +} else if (this.configType == Type.EITHER) { +if (currentConfigType == null) { +currentConfigType = configType; +} else if (currentConfigType != configType) { +log.warn(sm.getString("sslHostConfig.mismatch", +name, getHostName(), configType, currentConfigType)); +} } else { if (configType != this.configType) { log.warn(sm.getString("sslHostConfig.mismatch", @@ -635,7 +649,8 @@ public class SSLHostConfig { public static enum Type { JSSE, -OPENSSL +OPENSSL, +EITHER } Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1715809=1715808=1715809=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Nov 23 13:46:38 2015 @@ -93,6 +93,11 @@ 58621: The certificate chain cannot be set using the main certificate attribute, so restore the certificate chain property. (remm) + +Allow a new SSL config type where a connector can use either JSSE or +OpenSSL. Both could be allowed, but it would likely create support +issues. This type is used by the OpenSSL implementation for NIOx. (remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715822 - /tomcat/trunk/java/org/apache/coyote/http2/Stream.java
Author: markt Date: Mon Nov 23 13:59:37 2015 New Revision: 1715822 URL: http://svn.apache.org/viewvc?rev=1715822=rev Log: Fix an HTTP/2 TODO Only include port in :authority header for HTTP/2 push if non-standard ports are being used Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1715822=1715821=1715822=diff == --- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Mon Nov 23 13:59:37 2015 @@ -388,9 +388,17 @@ public class Stream extends AbstractStre request.getMimeHeaders().addValue(":scheme").duplicate(request.scheme()); // TODO: Query string request.getMimeHeaders().addValue(":path").duplicate(request.decodedURI()); -// TODO: Handle default ports -request.getMimeHeaders().addValue(":authority").setString( -request.serverName().getString() + ":" + request.getServerPort()); + +// Authority needs to include the port only if a non-standard port is +// being used. +if (!(request.scheme().equals("http") && request.getServerPort() == 80) && +!(request.scheme().equals("https") && request.getServerPort() == 443)) { +request.getMimeHeaders().addValue(":authority").setString( +request.serverName().getString() + ":" + request.getServerPort()); +} else { + request.getMimeHeaders().addValue(":authority").duplicate(request.serverName()); +} + push(handler, request, this); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
On 11/23/2015 01:56 PM, Konstantin Kolinko wrote: > TW, a changelog, documentation =? Here I have a small question. In fact it possible to mix open pem and jsse keystore, is it something we want to support? I try it but removed it because I found it very confusing. Thanks for the review I will fix the code later today. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
2015-11-23 15:31 GMT+01:00 jean-frederic clere: > On 11/23/2015 01:56 PM, Konstantin Kolinko wrote: > > TW, a changelog, documentation =? > > Here I have a small question. In fact it possible to mix open pem and > jsse keystore, is it something we want to support? > > I try it but removed it because I found it very confusing. > > Thanks for the review I will fix the code later today. > IMO you don't need to actively break it if it happens to work, but I would keep the configuration warning. Rémy
Re: svn commit: r1715732 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
On 11/23/2015 03:35 PM, Rémy Maucherat wrote: > 2015-11-23 15:31 GMT+01:00 jean-frederic clere: > >> On 11/23/2015 01:56 PM, Konstantin Kolinko wrote: >>> TW, a changelog, documentation =? >> >> Here I have a small question. In fact it possible to mix open pem and >> jsse keystore, is it something we want to support? >> >> I try it but removed it because I found it very confusing. >> >> Thanks for the review I will fix the code later today. >> > > IMO you don't need to actively break it if it happens to work, but I would > keep the configuration warning. OK I will add some tests to check the mix to prevent nasty things. Cheers Jean-Frederic - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715978 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/tomcat/websocket/ test/org/apache/tomcat/websocket/ webapps/docs/
Author: markt Date: Mon Nov 23 22:09:35 2015 New Revision: 1715978 URL: http://svn.apache.org/viewvc?rev=1715978=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55006 Add ProxySelector support to the WebSocket client Based on a patch by Niki Dokovski. Added: tomcat/tc8.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java - copied unchanged from r1715965, tomcat/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java tomcat/tc8.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainer.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Nov 23 22:09:35 2015 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892 ,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657 609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1
svn commit: r1715983 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/websocket/ test/org/apache/tomcat/websocket/ webapps/docs/
Author: markt Date: Mon Nov 23 22:20:30 2015 New Revision: 1715983 URL: http://svn.apache.org/viewvc?rev=1715983=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55006 Add ProxySelector support to the WebSocket client Based on a patch by Niki Dokovski. Added: tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java - copied unchanged from r1715978, tomcat/tc8.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties tomcat/tc7.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java tomcat/tc7.0.x/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainer.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Nov 23 22:20:30 2015 @@ -1,2 +1,2 @@ -/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712899,1712903,1712906,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683 -/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,1239258-1239485,1239785-1240046,1240101,1240106,1240109,1240112,1240114
svn commit: r1715976 - /tomcat/trunk/java/org/apache/tomcat/ContextBind.java
Author: markt Date: Mon Nov 23 22:04:18 2015 New Revision: 1715976 URL: http://svn.apache.org/viewvc?rev=1715976=rev Log: Fix Javadoc errors Trivial clean-up Modified: tomcat/trunk/java/org/apache/tomcat/ContextBind.java Modified: tomcat/trunk/java/org/apache/tomcat/ContextBind.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/ContextBind.java?rev=1715976=1715975=1715976=diff == --- tomcat/trunk/java/org/apache/tomcat/ContextBind.java (original) +++ tomcat/trunk/java/org/apache/tomcat/ContextBind.java Mon Nov 23 22:04:18 2015 @@ -23,9 +23,9 @@ public interface ContextBind { * class loader. If no web application class loader is defined, or if the * current thread is already using the web application class loader then no * change will be made. If the class loader is changed and a - * {@link ThreadBindingListener} is configured then - * {@link ThreadBindingListener#bind()} will be called after the change has - * been made. + * {@link org.apache.catalina.ThreadBindingListener} is configured then + * {@link org.apache.catalina.ThreadBindingListener#bind()} will be called + * after the change has been made. * * @param usePrivilegedAction * Should a {@link java.security.PrivilegedAction} be used when @@ -39,14 +39,15 @@ public interface ContextBind { * the thread context class loader in use when the method was * called. If no change was made then this method returns null. */ -public ClassLoader bind(boolean usePrivilegedAction, ClassLoader originalClassLoader); +ClassLoader bind(boolean usePrivilegedAction, ClassLoader originalClassLoader); /** * Restore the current thread context class loader to the original class * loader in used before {@link #bind(boolean, ClassLoader)} was called. If * no original class loader is passed to this method then no change will be - * made. If the class loader is changed and a {@link ThreadBindingListener} - * is configured then {@link ThreadBindingListener#unbind()} will be called + * made. If the class loader is changed and a + * {@link org.apache.catalina.ThreadBindingListener} is configured then + * {@link org.apache.catalina.ThreadBindingListener#unbind()} will be called * before the change is made. * * @param usePrivilegedAction @@ -55,6 +56,5 @@ public interface ContextBind { * @param originalClassLoader * The class loader to restore as the thread context class loader */ -public void unbind(boolean usePrivilegedAction, ClassLoader originalClassLoader); - +void unbind(boolean usePrivilegedAction, ClassLoader originalClassLoader); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715980 - /tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
Author: markt Date: Mon Nov 23 22:18:22 2015 New Revision: 1715980 URL: http://svn.apache.org/viewvc?rev=1715980=rev Log: Fix warnings Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1715980=1715979=1715980=diff == --- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java (original) +++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Mon Nov 23 22:18:22 2015 @@ -186,6 +186,7 @@ public class WsWebSocketContainer implem } +@SuppressWarnings("resource") // socketChannel is closed @Override public Session connectToServer(Endpoint endpoint, ClientEndpointConfig clientEndpointConfiguration, URI path) @@ -310,7 +311,9 @@ public class WsWebSocketContainer implem } } catch (TimeoutException | InterruptedException | ExecutionException | EOFException e) { -channel.close(); +if (channel != null) { +channel.close(); +} throw new DeploymentException( sm.getString("wsWebSocketContainer.httpRequestFailed"), e); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715981 - /tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
Author: markt Date: Mon Nov 23 22:19:30 2015 New Revision: 1715981 URL: http://svn.apache.org/viewvc?rev=1715981=rev Log: Fix warnings Modified: tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Modified: tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1715981=1715980=1715981=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Mon Nov 23 22:19:30 2015 @@ -342,7 +342,9 @@ public class WsWebSocketContainer } } catch (TimeoutException | InterruptedException | ExecutionException | EOFException e) { -channel.close(); +if (channel != null) { +channel.close(); +} throw new DeploymentException( sm.getString("wsWebSocketContainer.httpRequestFailed"), e); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55006] Add http proxy support for ClientEndpoint using system properties [PATCH]
https://bz.apache.org/bugzilla/show_bug.cgi?id=55006 Mark Thomaschanged: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #5 from Mark Thomas --- Thanks for the patch. I used it as a basis for the fix that has been applied to 9.0.x (for 9.0.0.M2 onwards), 8.0.x (for 8.0.30 onwards) and 7.0.x (for 7.0.66 onwards). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715984 - /tomcat/tc7.0.x/trunk/build.xml
Author: markt Date: Mon Nov 23 22:39:06 2015 New Revision: 1715984 URL: http://svn.apache.org/viewvc?rev=1715984=rev Log: Classes that require Java 7 can use Java 7 features. Modified: tomcat/tc7.0.x/trunk/build.xml Modified: tomcat/tc7.0.x/trunk/build.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/build.xml?rev=1715984=1715983=1715984=diff == --- tomcat/tc7.0.x/trunk/build.xml (original) +++ tomcat/tc7.0.x/trunk/build.xml Mon Nov 23 22:39:06 2015 @@ -675,8 +675,8 @@
buildbot failure in ASF Buildbot on tomcat-7-trunk
The Buildbot has detected a new failure on builder tomcat-7-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-7-trunk/builds/185 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' triggered this build Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1715983 Blamelist: markt BUILD FAILED: failed compile Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715975 - /tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java
Author: markt Date: Mon Nov 23 22:02:56 2015 New Revision: 1715975 URL: http://svn.apache.org/viewvc?rev=1715975=rev Log: Fix Javadoc errors Modified: tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java Modified: tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java?rev=1715975=1715974=1715975=diff == --- tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java (original) +++ tomcat/trunk/java/org/apache/catalina/session/PersistentManagerBase.java Mon Nov 23 22:02:56 2015 @@ -14,8 +14,6 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - - package org.apache.catalina.session; import java.io.IOException; @@ -42,8 +40,8 @@ import org.apache.juli.logging.LogFactor * persistence, even if only for restarts. * * IMPLEMENTATION NOTE: Correct behavior of session storing and - * reloading depends upon external calls to the {@link LifecycleBase#start() start()} - * and {@link LifecycleBase#stop() stop()} methods of this class + * reloading depends upon external calls to the {@link Lifecycle#start() start()} + * and {@link Lifecycle#stop() stop()} methods of this class * at the correct times. * * @author Craig R. McClanahan @@ -281,7 +279,7 @@ public abstract class PersistentManagerB * it can be swapped out of memory due to maxActiveSession. Set it to {@code -1} * if it can be swapped out at any time. * - * @param int time in seconds before a possible swap out + * @param min time in seconds before a possible swap out */ public void setMinIdleSwap(int min) { @@ -352,7 +350,7 @@ public abstract class PersistentManagerB /** * Indicates whether sessions are saved when the Manager is shut down - * properly. This requires the {@link Manager#unload() unload()} method to be called. + * properly. This requires the {@link #unload()} method to be called. * * @return {@code true}, when sessions should be saved on restart, * {code false} otherwise - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.29
2015-11-20 19:00 GMT+09:00 Mark Thomas: > The proposed Apache Tomcat 8.0.29 release is now available for voting. > > The main changes since 8.0.28 are: > > - Add an option to control (per context) quoting of EL expressions in > JSP attributes > > - Correct a regression in the fix for 56777 that added support for > URIs in config file locations > > - Add a new RestCsrfPreventionFilter that provides basic CSRF > protection for REST APIs > > - Use instance manager for WebSocket server endpoint instances > > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1055/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/ > > The proposed 8.0.29 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.0.29 > > +1 Tested on sample apps (enable DeltaManager ). Works fine. > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > -- > Keiichi.Fujino >
svn commit: r1716037 - /tomcat/trunk/webapps/docs/changelog.xml
Author: kfujino Date: Tue Nov 24 06:12:17 2015 New Revision: 1716037 URL: http://svn.apache.org/viewvc?rev=1716037=rev Log: Add changelog entry of r1714919 and r1714920. Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716037=1716036=1716037=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 24 06:12:17 2015 @@ -107,6 +107,10 @@ +Enable an explicit configuration of local member in the static cluster +membership. (kfujino) + + Fix potential integer overflow in DeltaSession. Reported by coverity scan. (fschumacher) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1716038 - in /tomcat/trunk: java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java webapps/docs/changelog.xml
Author: kfujino Date: Tue Nov 24 06:16:54 2015 New Revision: 1716038 URL: http://svn.apache.org/viewvc?rev=1716038=rev Log: Ensure that the static member is registered to the add suspect list even If the static member that is registered to the remove suspect list has disappeared. Modified: tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java?rev=1716038=1716037=1716038=diff == --- tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java (original) +++ tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java Tue Nov 24 06:16:54 2015 @@ -277,6 +277,9 @@ public class TcpFailureDetector extends Member m = keys[i]; if (membership.getMember(m) != null && (!memberAlive(m))) { membership.removeMember(m); +if (m instanceof StaticMember) { +addSuspects.put(m, Long.valueOf(System.currentTimeMillis())); +} super.memberDisappeared(m); removeSuspects.remove(m); if(log.isInfoEnabled()) Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716038=1716037=1716038=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 24 06:16:54 2015 @@ -126,6 +126,15 @@ + + + +Ensure that the static member is registered to the add suspect list even +if the static member that is registered to the remove suspect list has +disappeared. (kfujino) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1716039 - in /tomcat/trunk: java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties webapps/docs/changelog.xml
Author: kfujino Date: Tue Nov 24 06:19:37 2015 New Revision: 1716039 URL: http://svn.apache.org/viewvc?rev=1716039=rev Log: Correct the warnnig log of when the member that is not registered in the membership is detected. Modified: tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties?rev=1716039=1716038=1716039=diff == --- tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties Tue Nov 24 06:19:37 2015 @@ -39,7 +39,7 @@ tcpFailureDetector.already.disappeared=V tcpFailureDetector.member.disappeared=Verification complete. Member disappeared[{0}] tcpFailureDetector.still.alive=Verification complete. Member still alive[{0}] tcpFailureDetector.heartbeat.failed=Unable to perform heartbeat on the TcpFailureDetector. -tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we werent notified:{0} +tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we weren''t notified:{0} tcpFailureDetector.suspectMember.dead=Suspect member, confirmed dead.[{0}] tcpFailureDetector.suspectMember.alive=Suspect member, confirmed alive.[{0}] tcpFailureDetector.failureDetection.failed=Unable to perform failure detection check, assuming member down. Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716039=1716038=1716039=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Tue Nov 24 06:19:37 2015 @@ -133,6 +133,10 @@ if the static member that is registered to the remove suspect list has disappeared. (kfujino) + +Correct the warnnig log of when the member that is not registered in the +membership is detected. (kfujino) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1716040 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java w
Author: kfujino Date: Tue Nov 24 06:23:31 2015 New Revision: 1716040 URL: http://svn.apache.org/viewvc?rev=1716040=rev Log: -Ensure that the static member is registered to the add suspect list even If the static member that is registered to the remove suspect list has disappeared. -Correct the warnnig log of when the member that is not registered in the membership is detected. Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties?rev=1716040=1716039=1716040=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/LocalStrings.properties Tue Nov 24 06:23:31 2015 @@ -39,7 +39,7 @@ tcpFailureDetector.already.disappeared=V tcpFailureDetector.member.disappeared=Verification complete. Member disappeared[{0}] tcpFailureDetector.still.alive=Verification complete. Member still alive[{0}] tcpFailureDetector.heartbeat.failed=Unable to perform heartbeat on the TcpFailureDetector. -tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we werent notified:{0} +tcpFailureDetector.performBasicCheck.memberAdded=Member added, even though we weren''t notified:{0} tcpFailureDetector.suspectMember.dead=Suspect member, confirmed dead.[{0}] tcpFailureDetector.suspectMember.alive=Suspect member, confirmed alive.[{0}] tcpFailureDetector.failureDetection.failed=Unable to perform failure detection check, assuming member down. Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java?rev=1716040=1716039=1716040=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java Tue Nov 24 06:23:31 2015 @@ -278,6 +278,9 @@ public class TcpFailureDetector extends Member m = keys[i]; if (membership.getMember(m) != null && (!memberAlive(m))) { membership.removeMember(m); +if (m instanceof StaticMember) { +addSuspects.put(m, Long.valueOf(System.currentTimeMillis())); +} super.memberDisappeared(m); removeSuspects.remove(m); if(log.isInfoEnabled()) Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1716040=1716039=1716040=diff == --- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Tue Nov 24 06:23:31 2015 @@ -84,6 +84,19 @@ + + + +Ensure that the static member is registered to the add suspect list even +if the static member that is registered to the remove suspect list has +disappeared. (kfujino) + + +Correct the warnnig log of when the member that is not registered in the +membership is detected. (kfujino) + + + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1716041 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java webapps/docs/changelog.xml
Author: kfujino Date: Tue Nov 24 06:25:37 2015 New Revision: 1716041 URL: http://svn.apache.org/viewvc?rev=1716041=rev Log: -Ensure that the static member is registered to the add suspect list even If the static member that is registered to the remove suspect list has disappeared. -Correct the warnnig log of when the member that is not registered in the membership is detected. Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java?rev=1716041=1716040=1716041=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/group/interceptors/TcpFailureDetector.java Tue Nov 24 06:25:37 2015 @@ -265,7 +265,7 @@ public class TcpFailureDetector extends if (membership.memberAlive( (MemberImpl) members[i])) { //we don't have this one in our membership, check to see if he/she is alive if (memberAlive(members[i])) { -log.warn("Member added, even though we werent notified:" + members[i]); +log.warn("Member added, even though we weren't notified:" + members[i]); super.memberAdded(members[i]); } else { membership.removeMember( (MemberImpl) members[i]); @@ -280,6 +280,9 @@ public class TcpFailureDetector extends MemberImpl m = keys[i]; if (membership.getMember(m) != null && (!memberAlive(m))) { membership.removeMember(m); +if (m instanceof StaticMember) { +addSuspects.put(m, Long.valueOf(System.currentTimeMillis())); +} super.memberDisappeared(m); removeSuspects.remove(m); if(log.isInfoEnabled()) Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1716041=1716040=1716041=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Tue Nov 24 06:25:37 2015 @@ -217,6 +217,15 @@ Interceptors. If the required Interceptor does not exist, it issues warning logs. (kfujino) + +Ensure that the static member is registered to the add suspect list even +if the static member that is registered to the remove suspect list has +disappeared. (kfujino) + + +Correct the warnnig log of when the member that is not registered in the +membership is detected. (kfujino) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-trunk-validate (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-validate has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 30 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-validate : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on checkstyle exists, no need to add for property checkstyle.jar. -INFO- Failed with reason build failed The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/gump_work/build_tomcat-trunk_tomcat-trunk-validate.html Work Name: build_tomcat-trunk_tomcat-trunk-validate (Type: Build) Work ended in a state of : Failed Elapsed: 1 min 9 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dcheckstyle.jar=/srv/gump/public/workspace/checkstyle/target/checkstyle-6.13-SNAPSHOT.jar -Dexecute.validate=true validate [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/checkstyle/target/checkstyle-6.13-SNAPSHOT.jar:/srv/gump/packages/antlr/antlr-3.1.3.jar:/srv/gump/public/workspace/apache-commons/beanutils/dist/commons-beanutils-20151124.jar:/srv/gump/packages/commons-collections3/commons-collections-3.2.1.jar:/srv/gump/public/workspace/apache-commons/cli/target/commons-cli-1.4-SNAPSHOT.jar:/srv/gump/public/workspace/commons-lang-trunk/target/commons-lang3-3.5-SNAPSHOT.ja r:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-20151124.jar:/srv/gump/public/workspace/apache-commons/logging/target/commons-logging-api-20151124.jar:/srv/gump/packages/guava/guava-18.0.jar - Buildfile: /srv/gump/public/workspace/tomcat-trunk/build.xml build-prepare: [delete] Deleting directory /srv/gump/public/workspace/tomcat-trunk/output/build/temp [mkdir] Created dir: /srv/gump/public/workspace/tomcat-trunk/output/build/temp compile-prepare: download-validate: testexist: [echo] Testing for /srv/gump/public/workspace/checkstyle/target/checkstyle-6.13-SNAPSHOT.jar setproxy: downloadfile: validate: [mkdir] Created dir: /srv/gump/public/workspace/tomcat-trunk/output/res/checkstyle [checkstyle] Running Checkstyle 6.13-SNAPSHOT on 3072 files [checkstyle] /srv/gump/public/workspace/tomcat-trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java:79:9: error: File contains tab characters (this is the first instance). [checkstyle] /srv/gump/public/workspace/tomcat-trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java:104: error: Line matches the illegal pattern '\s+$'. BUILD FAILED /srv/gump/public/workspace/tomcat-trunk/build.xml:554: Got 2 errors and 0 warnings. Total time: 1 minute 9 seconds - To subscribe to this information via syndicated feeds: - RSS: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/rss.xml - Atom: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-validate/atom.xml == Gump Tracking Only === Produced by Apache Gump(TM) version 2.3. Gump Run 2015112409, vmgump.apache.org:vmgump:2015112409 Gump E-mail Identifier (unique within run) #2. -- Apache Gump http://gump.apache.org/ [Instance: vmgump] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-7-trunk
The Buildbot has detected a restored build on builder tomcat-7-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-7-trunk/builds/187 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-7-commit' triggered this build Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1716041 Blamelist: kfujino Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[jira] [Commented] (MTOMCAT-234) Tomcat8 Maven Plugin
[ https://issues.apache.org/jira/browse/MTOMCAT-234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15023938#comment-15023938 ] Girish Mahajan commented on MTOMCAT-234: Can anyone please answer with what will be the ETA of tomcat8-maven-plugin GA release tentatively ? thanks in advance > Tomcat8 Maven Plugin > > > Key: MTOMCAT-234 > URL: https://issues.apache.org/jira/browse/MTOMCAT-234 > Project: Apache Tomcat Maven Plugin > Issue Type: Dependency upgrade >Affects Versions: 2.0, 2.1, 2.2 > Environment: Maven 3.1, Tomcat8.0RC1, Oracle JDK7u25 >Reporter: Petr Novak >Assignee: Olivier Lamy (*$^¨%`£) >Priority: Blocker > Fix For: 3.0 > > > Please provide initial version of Tomcat8 Maven Plugin. > I tried the recommendations in > http://tomcat.10.x6.nabble.com/Tomcat-8-Tomcat-Maven-Plugin-2-2-Tomcat8-Maven-Plugin-td4995858.html#none > but the guideline > http://tomcat.apache.org/maven-plugin-trunk/tomcat7-maven-plugin/adjust-embedded-tomcat-version.html > does not work for Tomcat8 . > The problem is in changed Tomcat 8 API, the maven throws folloving exception: > at > org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:142) > ... 20 more > by: java.lang.NoSuchMethodError: > org.apache.catalina.startup.Tomcat.setDefaultRealm(Lorg/apache/catalina/Realm;)V > at > org.apache.tomcat.maven.plugin.tomcat7.run.AbstractRunMojo.startContainer(AbstractRunMojo.java:999) > at > org.apache.tomcat.maven.plugin.tomcat7.run.AbstractRunMojo.execute(AbstractRunMojo.java:514) > at > org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:106) > ... 20 more > The method setDefaultRealm is deprecated in Tomcat7 and was removed in > Tomcat8 as described in documentation: > http://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/startup/Tomcat.html#setDefaultRealm(org.apache.catalina.Realm) -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.29
On 20/11/2015 10:00, Mark Thomas wrote: > The proposed Apache Tomcat 8.0.29 release is now available for voting. > > The main changes since 8.0.28 are: > > - Add an option to control (per context) quoting of EL expressions in > JSP attributes > > - Correct a regression in the fix for 56777 that added support for > URIs in config file locations > > - Add a new RestCsrfPreventionFilter that provides basic CSRF > protection for REST APIs > > - Use instance manager for WebSocket server endpoint instances > > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1055/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/ > > The proposed 8.0.29 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.0.29 Unit tests pass for BIO, NIO, NIO2 and APR on Windows, OSX and Linux. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 8.0.29
2015-11-20 11:00 GMT+01:00 Mark Thomas: > The proposed 8.0.29 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.0.29 > > Rémy
svn commit: r1715897 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/ java/org/apache/catalina/connector/ java/org/apache/coyote/ java/org/apache/tomcat/ webapps/docs/
Author: remm Date: Mon Nov 23 17:23:59 2015 New Revision: 1715897 URL: http://svn.apache.org/viewvc?rev=1715897=rev Log: Extract Context.bind and unbind to an interface to make the CL bind cleaner for the upgrade code (including using a PA if needed). Added: tomcat/tc8.0.x/trunk/java/org/apache/tomcat/ContextBind.java - copied unchanged from r1715866, tomcat/trunk/java/org/apache/tomcat/ContextBind.java Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java tomcat/tc8.0.x/trunk/java/org/apache/coyote/AbstractProtocol.java tomcat/tc8.0.x/trunk/java/org/apache/coyote/UpgradeToken.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java?rev=1715897=1715896=1715897=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/Context.java Mon Nov 23 17:23:59 2015 @@ -29,6 +29,7 @@ import javax.servlet.ServletSecurityElem import javax.servlet.descriptor.JspConfigDescriptor; import org.apache.catalina.deploy.NamingResourcesImpl; +import org.apache.tomcat.ContextBind; import org.apache.tomcat.InstanceManager; import org.apache.tomcat.JarScanner; import org.apache.tomcat.util.descriptor.web.ApplicationParameter; @@ -57,7 +58,7 @@ import org.apache.tomcat.util.http.Cooki * * @author Craig R. McClanahan */ -public interface Context extends Container { +public interface Context extends Container, ContextBind { // - Manifest Constants @@ -1610,45 +1611,6 @@ public interface Context extends Contain public MapfindPreDestroyMethods(); /** - * Change the current thread context class loader to the web application - * class loader. If no web application class loader is defined, or if the - * current thread is already using the web application class loader then no - * change will be made. If the class loader is changed and a - * {@link ThreadBindingListener} is configured then - * {@link ThreadBindingListener#bind()} will be called after the change has - * been made. - * - * @param usePrivilegedAction - * Should a {@link java.security.PrivilegedAction} be used when - * obtaining the current thread context class loader and setting - * the new one? - * @param originalClassLoader - * The current class loader if known to save this method having to - * look it up - * - * @return If the class loader has been changed by the method it will return - * the thread context class loader in use when the method was - * called. If no change was made then this method returns null. - */ -public ClassLoader bind(boolean usePrivilegedAction, ClassLoader originalClassLoader); - -/** - * Restore the current thread context class loader to the original class - * loader in used before {@link #bind(boolean, ClassLoader)} was called. If - * no original class loader is passed to this method then no change will be - * made. If the class loader is changed and a {@link ThreadBindingListener} - * is configured then {@link ThreadBindingListener#unbind()} will be called - * before the change is made. - * - * @param usePrivilegedAction - * Should a {@link java.security.PrivilegedAction} be used when - * setting the current thread context class loader? - * @param originalClassLoader - * The class loader to restore as the thread context class loader - */ -public void unbind(boolean usePrivilegedAction, ClassLoader originalClassLoader); - -/** * Obtain the token necessary for operations on the associated JNDI naming * context. */ Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java?rev=1715897=1715896=1715897=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/connector/Request.java Mon Nov 23 17:23:59 2015 @@ -1892,7 +1892,7 @@ public class Request throw new ServletException(e); } UpgradeToken upgradeToken = new UpgradeToken(handler, -getContext().getLoader().getClassLoader(), instanceManager); +getContext(), instanceManager); coyoteRequest.action(ActionCode.UPGRADE, upgradeToken); Modified:
[GUMP@vmgump]: Project tomcat-trunk-test-nio (in module tomcat-trunk) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-trunk-test-nio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-trunk-test-nio : Tomcat 9.x, a web server implementing the Java Servlet 4.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/logs-NIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-trunk/output/test-tmp-NIO/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-trunk/tomcat-trunk-test-nio/gump_work/build_tomcat-trunk_tomcat-trunk-test-nio.html Work Name: build_tomcat-trunk_tomcat-trunk-test-nio (Type: Build) Work ended in a state of : Failed Elapsed: 45 mins 53 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-NIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20151123-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dtest.relaxTiming=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20151123.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20151123-native-src.tar.gz -Dtest.temp=output/test-tmp-NIO -Dtest.accesslog=true -Dexecute.test.nio=true -Dtest.openssl.path=/srv/gump/public/workspace/openssl-ma ster/dest-20151123/bin/openssl -Dexecute.test.apr=false -Dtest.excludePerformance=true -Dexecute.test.nio2=false -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-trunk] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-trunk/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jaspic-api.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-trunk/output/build/lib/tomcat-api.jar:/srv
Re: [VOTE] Release Apache Tomcat 8.0.29
Am 20.11.2015 um 11:00 schrieb Mark Thomas: The proposed Apache Tomcat 8.0.29 release is now available for voting. The main changes since 8.0.28 are: - Add an option to control (per context) quoting of EL expressions in JSP attributes - Correct a regression in the fix for 56777 that added support for URIs in config file locations - Add a new RestCsrfPreventionFilter that provides basic CSRF protection for REST APIs - Use instance manager for WebSocket server endpoint instances It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1055/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/ The proposed 8.0.29 release is: [ ] Broken - do not release [x] Stable - go ahead and release as 8.0.29 Tested on ubuntu 14.04.3 with OpenJDK Runtime Environment (IcedTea 2.6.1) (7u85-2.6.1-5ubuntu0.14.04.1). Reported broken tests with ssl, since ubuntu has an old version of openssl. The other broken tests, can be explained with a quite new jre and are really broken tests, rather than broken code. sha1, md5 and pgp sums are valid. Regards, Felix - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1715866 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/connector/ java/org/apache/coyote/ java/org/apache/coyote/http11/ java/org/apache/coyote/http11/upgrade/ jav
Author: remm Date: Mon Nov 23 16:19:33 2015 New Revision: 1715866 URL: http://svn.apache.org/viewvc?rev=1715866=rev Log: Extract Context.bind and unbind to an interface to make the CL bind cleaner for the upgrade code (including using a PA if needed). Added: tomcat/trunk/java/org/apache/tomcat/ContextBind.java (with props) Modified: tomcat/trunk/java/org/apache/catalina/Context.java tomcat/trunk/java/org/apache/catalina/connector/Request.java tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java tomcat/trunk/java/org/apache/coyote/UpgradeToken.java tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletInputStream.java tomcat/trunk/java/org/apache/coyote/http11/upgrade/UpgradeServletOutputStream.java tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/Context.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Context.java?rev=1715866=1715865=1715866=diff == --- tomcat/trunk/java/org/apache/catalina/Context.java (original) +++ tomcat/trunk/java/org/apache/catalina/Context.java Mon Nov 23 16:19:33 2015 @@ -29,6 +29,7 @@ import javax.servlet.ServletSecurityElem import javax.servlet.descriptor.JspConfigDescriptor; import org.apache.catalina.deploy.NamingResourcesImpl; +import org.apache.tomcat.ContextBind; import org.apache.tomcat.InstanceManager; import org.apache.tomcat.JarScanner; import org.apache.tomcat.util.descriptor.web.ApplicationParameter; @@ -57,7 +58,7 @@ import org.apache.tomcat.util.http.Cooki * * @author Craig R. McClanahan */ -public interface Context extends Container { +public interface Context extends Container, ContextBind { // - Manifest Constants @@ -1626,45 +1627,6 @@ public interface Context extends Contain public MapfindPreDestroyMethods(); /** - * Change the current thread context class loader to the web application - * class loader. If no web application class loader is defined, or if the - * current thread is already using the web application class loader then no - * change will be made. If the class loader is changed and a - * {@link ThreadBindingListener} is configured then - * {@link ThreadBindingListener#bind()} will be called after the change has - * been made. - * - * @param usePrivilegedAction - * Should a {@link java.security.PrivilegedAction} be used when - * obtaining the current thread context class loader and setting - * the new one? - * @param originalClassLoader - * The current class loader if known to save this method having to - * look it up - * - * @return If the class loader has been changed by the method it will return - * the thread context class loader in use when the method was - * called. If no change was made then this method returns null. - */ -public ClassLoader bind(boolean usePrivilegedAction, ClassLoader originalClassLoader); - -/** - * Restore the current thread context class loader to the original class - * loader in used before {@link #bind(boolean, ClassLoader)} was called. If - * no original class loader is passed to this method then no change will be - * made. If the class loader is changed and a {@link ThreadBindingListener} - * is configured then {@link ThreadBindingListener#unbind()} will be called - * before the change is made. - * - * @param usePrivilegedAction - * Should a {@link java.security.PrivilegedAction} be used when - * setting the current thread context class loader? - * @param originalClassLoader - * The class loader to restore as the thread context class loader - */ -public void unbind(boolean usePrivilegedAction, ClassLoader originalClassLoader); - -/** * Obtain the token necessary for operations on the associated JNDI naming * context. */ Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1715866=1715865=1715866=diff == --- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original) +++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Mon Nov 23 16:19:33 2015 @@ -1865,7 +1865,7 @@ public class Request implements HttpServ throw new ServletException(e); } UpgradeToken upgradeToken = new UpgradeToken(handler, -getContext().getLoader().getClassLoader(), instanceManager); +
Re: [VOTE] Release Apache Tomcat 8.0.29
On Fri, Nov 20, 2015 at 11:00 AM, Mark Thomaswrote: > The proposed Apache Tomcat 8.0.29 release is now available for voting. > > The main changes since 8.0.28 are: > > - Add an option to control (per context) quoting of EL expressions in > JSP attributes > > - Correct a regression in the fix for 56777 that added support for > URIs in config file locations > > - Add a new RestCsrfPreventionFilter that provides basic CSRF > protection for REST APIs > > - Use instance manager for WebSocket server endpoint instances > > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1055/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/ > > The proposed 8.0.29 release is: > [ ] Broken - do not release > [ X ] Stable - go ahead and release as 8.0.29 > Tested our main application and Apache Wicket's examples app > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
Re: [VOTE] Release Apache Tomcat 8.0.29
Hi, 2015-11-20 12:00 GMT+02:00 Mark Thomas: > > The proposed Apache Tomcat 8.0.29 release is now available for voting. > > The main changes since 8.0.28 are: > > - Add an option to control (per context) quoting of EL expressions in > JSP attributes > > - Correct a regression in the fix for 56777 that added support for > URIs in config file locations > > - Add a new RestCsrfPreventionFilter that provides basic CSRF > protection for REST APIs > > - Use instance manager for WebSocket server endpoint instances > > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-8/v8.0.29/ > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1055/ > The svn tag is: > http://svn.apache.org/repos/asf/tomcat/tc8.0.x/tags/TOMCAT_8_0_29/ > > The proposed 8.0.29 release is: > [ ] Broken - do not release > [X] Stable - go ahead and release as 8.0.29 Checked with applications that use the new specifications features - successful. Tested Tomcat in OSGi environment - successful. Regards, Violeta > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org >
svn commit: r1715965 - in /tomcat/trunk: java/org/apache/tomcat/websocket/ test/org/apache/tomcat/websocket/ webapps/docs/
Author: markt Date: Mon Nov 23 21:34:06 2015 New Revision: 1715965 URL: http://svn.apache.org/viewvc?rev=1715965=rev Log: Add ProxySelector support to the WebSocket client Based on a patch by Niki Dokovski. Added: tomcat/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainerWithProxy.java (with props) Modified: tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java tomcat/trunk/test/org/apache/tomcat/websocket/TestWsWebSocketContainer.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties?rev=1715965=1715964=1715965=diff == --- tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties Mon Nov 23 21:34:06 2015 @@ -114,12 +114,12 @@ wsWebSocketContainer.endpointCreateFail= wsWebSocketContainer.httpRequestFailed=The HTTP request to initiate the WebSocket connection failed wsWebSocketContainer.invalidExtensionParameters=The server responded with extension parameters the client is unable to support wsWebSocketContainer.invalidHeader=Unable to parse HTTP header as no colon is present to delimit header name and header value in [{0}]. The header has been skipped. -wsWebSocketContainer.invalidScheme=The requested scheme, [{0}], is not supported. The supported schemes are ws and wss wsWebSocketContainer.invalidStatus=The HTTP response from the server [{0}] did not permit the HTTP upgrade to WebSocket wsWebSocketContainer.invalidSubProtocol=The WebSocket server returned multiple values for the Sec-WebSocket-Protocol header wsWebSocketContainer.maxBuffer=This implementation limits the maximum size of a buffer to Integer.MAX_VALUE wsWebSocketContainer.missingAnnotation=Cannot use POJO class [{0}] as it is not annotated with @ClientEndpoint wsWebSocketContainer.pathNoHost=No host was specified in URI -wsWebSocketContainer.pathWrongScheme=The scheme [{0}] is not supported +wsWebSocketContainer.pathWrongScheme=The scheme [{0}] is not supported. The supported schemes are ws and wss +wsWebSocketContainer.proxyConnectFail=Failed to connect to the configured Proxy [{0}]. The HTTP response code was [{1}] wsWebSocketContainer.sessionCloseFail=Session with ID [{0}] did not close cleanly wsWebSocketContainer.sslEngineFail=Unable to create SSLEngine to support SSL/TLS connections Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1715965=1715964=1715965=diff == --- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java (original) +++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Mon Nov 23 21:34:06 2015 @@ -22,6 +22,8 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.InetSocketAddress; +import java.net.Proxy; +import java.net.ProxySelector; import java.net.SocketAddress; import java.net.URI; import java.nio.ByteBuffer; @@ -190,51 +192,80 @@ public class WsWebSocketContainer implem throws DeploymentException { boolean secure = false; +ByteBuffer proxyConnect = null; +URI proxyPath; +// Validate scheme (and build proxyPath) String scheme = path.getScheme(); -if (!("ws".equalsIgnoreCase(scheme) || -"wss".equalsIgnoreCase(scheme))) { +if ("ws".equalsIgnoreCase(scheme)) { +proxyPath = URI.create("http" + path.toString().substring(2)); +} else if ("wss".equalsIgnoreCase(scheme)) { +proxyPath = URI.create("https" + path.toString().substring(3)); +} else { throw new DeploymentException(sm.getString( "wsWebSocketContainer.pathWrongScheme", scheme)); } + +// Validate host String host = path.getHost(); if (host == null) { throw new DeploymentException( sm.getString("wsWebSocketContainer.pathNoHost")); } int port = path.getPort(); -MapreqHeaders = createRequestHeaders(host, port, -clientEndpointConfiguration.getPreferredSubprotocols(), -clientEndpointConfiguration.getExtensions()); -clientEndpointConfiguration.getConfigurator(). -beforeRequest(reqHeaders); -SocketAddress sa; -if (port == -1) { -if ("ws".equalsIgnoreCase(scheme)) { -sa = new InetSocketAddress(host,
svn commit: r1715967 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Author: jfclere Date: Mon Nov 23 21:34:37 2015 New Revision: 1715967 URL: http://svn.apache.org/viewvc?rev=1715967=rev Log: Arrange provider to algorithm. make sure the file is closed. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715967=1715966=1715967=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon Nov 23 21:34:37 2015 @@ -16,7 +16,7 @@ */ package org.apache.tomcat.util.net.openssl; -import java.io.FileInputStream; +import java.io.IOException; import java.io.InputStream; import java.security.KeyStore; import java.util.List; @@ -26,6 +26,7 @@ import javax.net.ssl.SSLSessionContext; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; +import org.apache.tomcat.util.file.ConfigFileLoader; import org.apache.tomcat.util.net.SSLContext; import org.apache.tomcat.util.net.SSLHostConfig; import org.apache.tomcat.util.net.SSLHostConfigCertificate; @@ -64,7 +65,7 @@ public class OpenSSLUtil implements SSLU String storefile = System.getProperty("java.home") + "/lib/security/cacerts"; String password = "changeit"; String type = "jks"; -String provider = null; +String algorithm = null; if (sslHostConfig.getTruststoreFile() != null) { storefile = sslHostConfig.getTruststoreFile(); } @@ -74,19 +75,33 @@ public class OpenSSLUtil implements SSLU if (sslHostConfig.getTruststoreType() != null) { type = sslHostConfig.getTruststoreType(); } -if (sslHostConfig.getTruststoreProvider() != null) { -provider = sslHostConfig.getTruststoreProvider(); +if (sslHostConfig.getTruststoreAlgorithm() != null) { + algorithm = sslHostConfig.getTruststoreAlgorithm(); } TrustManagerFactory factory; -if (provider == null) +if (algorithm == null) factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); else -factory = TrustManagerFactory.getInstance(provider); +factory = TrustManagerFactory.getInstance(algorithm); KeyStore keystore = KeyStore.getInstance(type); -InputStream stream = new FileInputStream(storefile); -keystore.load(stream, password.toCharArray()); +InputStream stream = null; +try { + stream = ConfigFileLoader.getInputStream(storefile); + keystore.load(stream, password.toCharArray()); +} catch (Exception ex) { + throw ex; +} finally { +if (stream != null) { +try { +stream.close(); +} catch (IOException ioe) { +// Do nothing +} +} +} + factory.init(keystore); TrustManager[] managers = factory.getTrustManagers(); return managers; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org