I wanted to use tyrex to pool JNDI-acquired JDBC connections. I have
attached a file called diary that explains how I ultimately got this
working. Unfortunately, this required several undesirable things. First,
I had to specify a tomcat-specific class (tyrex.jdbc.ServerDataSource)
in my
Remy,
I posted that _OLD_ proposal from 3/13/01 as an example of how I
documented the behaviour of tomcat for managing web apps. It was
not meant as a current proposal. Just as a place to start a discussion.
Well, I didn't like it so far.
Could either you or Craig fully document what
On Thu, 28 Feb 2002, Remy Maucherat wrote:
The request is slightly different at the moment, but that's because I
don't
know what I need (so sorry, I'm not using your BaseRequest for the first
version). The Catalina adapter will be a full reimplementation of the
o.a.c.connector package
Remy Maucherat wrote:
Since there are apparently diverging opinions on the subject (and also since
I didn't get any +1s for a possible 4.0.3 b1, or a 4.0.2a release), here's a
formal request for vote.
On the security problem reported yesterday, affecting the security manager
sandboxing.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6761.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
There is no response to my previous mail about ajpid
for start/stop of Tomcat 3.3.
-
Henri Gomez ___[_]
EMAIL : [EMAIL PROTECTED](. .)
PGP KEY : 697ECEDD...oOOo..(_)..oOOo...
PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6
Since there are apparently diverging opinions on the subject
(and also since
I didn't get any +1s for a possible 4.0.3 b1, or a 4.0.2a
release), here's a
formal request for vote.
On the security problem reported yesterday, affecting the
security manager
sandboxing. We should:
ballot
A [ ]
There is no ajp12 support in TC 4.0.2.
You need to use ajp13
-
Henri Gomez ___[_]
EMAIL : [EMAIL PROTECTED](. .)
PGP KEY : 697ECEDD...oOOo..(_)..oOOo...
PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6
-Original Message-
In fact i am using ajp13. When ajp13 failed i tried ajp12.
The other news is that this combo works fine on SUn Solaris using solaris6
so
library.
-- Swamy
-Original Message-
From: GOMEZ Henri [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 01, 2002 6:24 AM
To: Tomcat Developers List
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6784.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4961.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
In fact i am using ajp13. When ajp13 failed i tried ajp12.
The other news is that this combo works fine on SUn Solaris
using solaris6
so
library.
iplanet + ajp13 + tomcat 4 works fine with Sun Solaris6 SO LIB ?
JF, it's something for you
--
To unsubscribe, e-mail: mailto:[EMAIL
Hi Henri,
Since the connector writes the ajp??.id file, it makes
sense to me to allow an attribute to specify it's
location. However, agree that we should provide a
way to override the location from the command line on
startup. I'll see what I can do for Tomcat 3.3.1 Final.
Cheers,
Larry
Since the connector writes the ajp??.id file, it makes
sense to me to allow an attribute to specify it's
location. However, agree that we should provide a
way to override the location from the command line on
startup. I'll see what I can do for Tomcat 3.3.1 Final.
Related is since we
GOMEZ Henri [EMAIL PROTECTED] wrote:
4.0.2a + 4.0.3b1 :)
Just to be a pain in the ass I don't really like the concept of an A
version (never happened in httpd land)... So, I would call them 4.0.3 and
4.0.4b1
My $ 0.02
Pier
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For
GOMEZ Henri wrote:
In fact i am using ajp13. When ajp13 failed i tried ajp12.
The other news is that this combo works fine on SUn Solaris
using solaris6
so
library.
iplanet + ajp13 + tomcat 4 works fine with Sun Solaris6 SO LIB ?
JF, it's something for you
I am using Apache and
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6761.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6761.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
We can look at reading server.xml in 3.3.2, but
I think it would be too complicated to attempt in
3.3.1. We would need a new limited startup parameter
like jkconf or an alternate set of XMLMapper rules for
reading server.xml.
Cheers,
Larry
-Original Message-
From: GOMEZ Henri
I'm stuck, and not sure how to proceed. MinimalTomcat really
needs AuthenticatorBase to be core-clean.
It may be that this is an unrealistic requirement, and it's
impossible to make any use of o.a.c.Authenticator package
outside of o.a.c.core.*. That would be a shame, but, as they
say, you
On Fri, 1 Mar 2002, Pier Fumagalli wrote:
GOMEZ Henri [EMAIL PROTECTED] wrote:
4.0.2a + 4.0.3b1 :)
Just to be a pain in the ass I don't really like the concept of an A
version (never happened in httpd land)... So, I would call them 4.0.3 and
4.0.4b1
He's right...
However a small
On Fri, 1 Mar 2002, GOMEZ Henri wrote:
location. However, agree that we should provide a
way to override the location from the command line on
startup. I'll see what I can do for Tomcat 3.3.1 Final.
Related is since we read server.xml at startup where
ajpid is specified, we should
On Fri, 1 Mar 2002, Pier Fumagalli wrote:
GOMEZ Henri [EMAIL PROTECTED] wrote:
4.0.2a + 4.0.3b1 :)
Just to be a pain in the ass I don't really like the
concept of an A
version (never happened in httpd land)... So, I would call
them 4.0.3 and
4.0.4b1
Ok let's do 'a la HTTPd', 4.0.3
Hi,
I implemented the changes we discussed, now mod_jk2 supports only
2 spache specific directives - JkSet ( fully equivalent with
workers.properties ), and JkUriSet for per/location settings.
The big problem is urimap.properties. The file is used for IIS,
and is equivalent with JkMount.
glenn 02/03/01 08:44:32
Modified:catalina/src/share/org/apache/catalina/core
StandardHostDeployer.java
Log:
Remove code to get workDir which wasn't used
Revision ChangesPath
1.6 +4 -6
:-)
On 1 Mar 2002, Christopher K.St.John wrote:
Here are my etiquette questions: (1) What's the deal with
request for enhancement? I read this as blackhole, but
I'm honestly not sure.
Close enough :-) Unless you implement it yourself, or some
commiter will have the same itch.
(2) Can I
On 1 Mar 2002, Christopher K.St.John wrote:
Date: 1 Mar 2002 08:26:02 -0800
From: Christopher K.St.John [EMAIL PROTECTED]
Reply-To: Tomcat Developers List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Etiquette, MinimalTomcat, Bug 6670
I'm stuck, and not sure how to proceed.
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Enviado el: viernes 1 de marzo de 2002 17:39
JkMount /uri worker
is
/uri=worker
I like to point out, that just now isapi_redirector ( 3.3 and j-t-c)
uses a slightly more complex form of the former syntax, to allow a
limited vhost mapping
On Fri, 1 Mar 2002, Ignacio J. Ortega wrote:
JkMount /uri worker
is
/uri=worker
I like to point out, that just now isapi_redirector ( 3.3 and j-t-c)
uses a slightly more complex form of the former syntax, to allow a
limited vhost mapping capabilty in isapi_redirector,
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6796.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6796.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6796.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
- Original Message -
From: GOMEZ Henri [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Friday, March 01, 2002 6:38 AM
Subject: RE: Start/StopTomcat and ajpid
Since the connector writes the ajp??.id file, it makes
sense to me to allow an attribute to specify it's
Related is since we read serverxml at startup where
ajpid is specified, we should reread serverxml at stop time
-0 since it's quite common to want to stop Tomcat from the
machine where
Apache is running, rather than from where Tomcat is running Keeping
serverxml files in sync is much
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6796.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
On Fri, 1 Mar 2002, Glenn Nielsen wrote:
Date: Fri, 01 Mar 2002 13:23:49 -0600
From: Glenn Nielsen [EMAIL PROTECTED]
Reply-To: Tomcat Developers List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Tomcat 4.1-dev HEAD catalina/docs
Are all the docs in catalina/docs superceded by the
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6797.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6797.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
craigmcc02/03/01 12:13:52
Removed: catalina/docs JDBCRealm-howto.html index.html manager.html
singlesignon.html tomcat-security.html
catalina/docs/appdev build.xml.txt contents.html
deployment.html footer.html header.html
Also, to use the transaction manager, you need to get the OTS classes.
I don't use the transaction manager, just the pooling code, and I still
get NoClassDefFoundError's looking for org.omg.CosTransactions.Inactive,
which lives in ots.jar. Since this seems to be a requirement for using
any
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6799.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6797.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
remm02/03/01 14:20:58
Modified:catalina/src/share/org/apache/catalina Tag: tomcat_40_branch
Globals.java
Log:
- Update revision number.
Revision ChangesPath
No revision
No revision
1.39.2.13
remm02/03/01 14:21:19
Modified:webapps/ROOT Tag: tomcat_40_branch index.html
Log:
- Update revision number.
Revision ChangesPath
No revision
No revision
1.29.2.12 +1 -1
remm02/03/01 14:27:37
Modified:webapps/ROOT Tag: tomcat_40_branch index.html
Log:
- Update revision number.
Revision ChangesPath
No revision
No revision
1.29.2.13 +1 -1
remm02/03/01 14:27:47
Modified:catalina/src/share/org/apache/catalina Tag: tomcat_40_branch
Globals.java
Log:
- Update revision number.
Revision ChangesPath
No revision
No revision
1.39.2.14
remm02/03/01 14:35:31
Modified:catalina/src/share/org/apache/catalina Tag: tomcat_40_branch
Globals.java
Log:
- Revert revision number.
Revision ChangesPath
No revision
No revision
1.39.2.15
remm02/03/01 14:36:20
Modified:webapps/ROOT Tag: tomcat_40_branch index.html
Log:
- Revert revision number.
Revision ChangesPath
No revision
No revision
1.29.2.14 +1 -1
Just to be a pain in the ass I don't really like the
concept of an A
version (never happened in httpd land)... So, I would call
them 4.0.3 and
4.0.4b1
Ok let's do 'a la HTTPd', 4.0.3 (fix security problems in 4.0.2)
and 4.0.4b1
Thanks for the feedback.
It will then be 4.0.3 + 4.0.4b1 +
On Fri, 1 Mar 2002, Remy Maucherat wrote:
Just to be a pain in the ass I don't really like the
concept of an A
version (never happened in httpd land)... So, I would call
them 4.0.3 and
4.0.4b1
Ok let's do 'a la HTTPd', 4.0.3 (fix security problems in 4.0.2)
and 4.0.4b1
Thanks
Hi John,
I'm glad to see that you have come up with a patch for JNDIRealm which
allows users to be authenticated by a bind instead of having to query for a
password.
One thing that I'm wondering about though, with regard to your
implementation, do you have to use groups? Or, can you specify a
remm02/03/01 16:12:42
Modified:lib Tag: tomcat_40_branch tomcat-ajp.jar
tomcat-util.jar
Log:
- Update JK and webapp.
Revision ChangesPath
No revision
No revision
1.1.2.7 +132 -127
remm02/03/01 16:13:01
Modified:catalina/src/share/org/apache/catalina/connector/warp Tag:
tomcat_40_branch WarpEngine.java
Log:
- Update JK and webapp.
Revision ChangesPath
No revision
No revision
This patch makes 2 minor changes to the wrapper.cmd_line
1) removes extra equals sign from the security policy assignment
2) adds quotes around wrapper.javabin so that JDK paths with spaces
will work. For example c:\Program
Files\Javasoft\JRE\1.3.1_02\bin\java.exe
-David
jGuru maintains FAQs and Forums on Servlets, JSP, and Tomcat (as well as
many other Java topics). Here is an automated update on recent postings to
Tomcat-related FAQs. Please direct flames and feedback to [EMAIL PROTECTED] .
- Alex
++ JavaServer Pages (JSP) FAQ:
I'm in the process of implementing the last proposal ( regarding uri
configuration ).
I started with doing another round of cleanup/refactoring on the
initialization code - making it closer to what we use on the
java side.
The major change is the (almost complete) deprecation of validate()
and
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6704.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
costin 02/03/01 21:42:12
Modified:jk/native2/include jk_worker.h
Log:
Finally remove validate().
Initialization is done using setProperty() followed by an init().
The worker should be independent of the way it is configured -
and 'smart' workers can change some settings
costin 02/03/01 21:43:28
Modified:jk/native2/include jk_channel.h jk_workerEnv.h
Log:
Create worker takes the type of the worker to be created.
Exposed some of the properties that were used internally
in init, the setProperty() will set them.
Revision ChangesPath
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4615.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Remy Maucherat wrote:
A security vulnerability affecting the sandboxing provided by the Java
Security Manager has been discovered. The request dipatcher
functionality of
the Servlet API could be used by a malicious servlet or JSP page to get
access to any resource located on the
costin 02/03/01 22:06:54
Modified:jk/native2/common jk_ajp14_worker.c
Log:
setProperty style for configuration.
Revision ChangesPath
1.17 +52 -77jakarta-tomcat-connectors/jk/native2/common/jk_ajp14_worker.c
Index: jk_ajp14_worker.c
costin 02/03/01 22:07:48
Modified:jk/native2/common jk_channel_apr_socket.c jk_channel_jni.c
jk_channel_socket.c
Log:
setProperty() style for configuration
Revision ChangesPath
1.3 +14 -33
costin 02/03/01 22:09:51
Modified:jk/native2/common jk_lb_worker.c
Log:
setProperty() configuration.
Note that we no longer create new workers in lb_worker - all workers
are created by workerEnv, as they are declared.
lb will just register the names, and get the worker
costin 02/03/01 22:10:21
Modified:jk/native2/common jk_requtil.c
Log:
Another small fix. I still have to add the WIN32 #ifdefs.
Revision ChangesPath
1.9 +6 -1 jakarta-tomcat-connectors/jk/native2/common/jk_requtil.c
Index: jk_requtil.c
costin 02/03/01 22:10:49
Modified:jk/native2/common jk_serialize_ajp.c
Log:
Reduce debugging, the header marshaling seems to work now.
Revision ChangesPath
1.8 +11 -11jakarta-tomcat-connectors/jk/native2/common/jk_serialize_ajp.c
Index:
costin 02/03/01 22:12:05
Modified:jk/native2/common jk_uriMap.c
Log:
setProperty(), initial code to support setting various properties per
uri.
Need to finish it up and make sure the /vhost/path format that
Nacho mentioned works in jk2 the same as before.
Revision
costin 02/03/01 22:13:09
Modified:jk/native2/common jk_workerEnv.c
Log:
That's a big change - most of the configuration is here.
It'll move in its own module, for now this is the right
place since it controls the whole thing.
Revision ChangesPath
1.18 +297
costin 02/03/01 22:13:42
Modified:jk/native2/common jk_registry.c jk_worker_jni.c
jk_worker_run.c jk_worker_status.c
Log:
More updates for setProperty()
Revision ChangesPath
1.13 +2 -2
costin 02/03/01 22:14:25
Modified:jk/native2/include jk_uriMap.h
Log:
Forgot to update the init() method here.
init() is consistent in all objects - it takes no params
(except the env and _this, of course )
Revision ChangesPath
1.9 +4 -3
costin 02/03/01 22:35:41
Modified:jk/native2/server/apache2 jk_service_apache2.c
Log:
There is something wrong with using APRTABLES, I suspect we're reusing
a buffer too much.
Reverted to jk maps until the rest is working, then I'll try again.
Revision ChangesPath
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, March 01, 2002 9:42 PM
Subject: cvs commit: jakarta-tomcat-connectors/jk/native2/include
jk_worker.h
costin 02/03/01 21:42:12
Modified:jk/native2/include jk_worker.h
Log:
Finally remove
A security vulnerability affecting the sandboxing provided by the Java
Security Manager has been discovered. The request dipatcher functionality of
the Servlet API could be used by a malicious servlet or JSP page to get
access to any resource located on the server's filesystem, bypassing the
73 matches
Mail list logo
