DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13583.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Jeff Tulley wrote:
When I uncomment the AJP13 Connector, I get the following exception on startup:
ServerLifecycleListener: createMBeans: MBeanException
java.lang.Exception: ManagedBean is not found with Ajp13Connector
at
As voted, I have packaged a first milestone of Tomcat 5.
http://jakarta.apache.org/builds/jakarta-tomcat/milestone/v5.0.0/
Note: I put it in the jakarta-tomcat folder. I don't see a point of
using the version number in the folder name (and I didn't have write
access to jakarta-tomcat-5
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13634.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
I'm using Tomcat 4.0 standalone on Windows 2000 and am having trouble
getting SSL client authentication working (getting SSL server auth working
was a snap). Here's what I've done so far:
* created a self-signed client cert using openSSL (key usage includes
digital signature)
* imported
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13606.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
mturk 2002/10/15 02:38:29
Modified:jk/native2/common jk_worker_ajp13.c
Log:
Fix group (lb) processing for channels, allowing the lb:name syntax.
This prevents making lb:lb:name for such situations.
Revision ChangesPath
1.40 +30 -11
Costin Manolache wrote:
I would like to propose a new mailing list.
The list will be closed to commiters only. The main purpose
will be discussions of security and other special issues.
This should avoid [Cc] threads.
The main target should be active commiters - so it should
start
I agree with the proposal
* ** *** ** * ** *** ** * ** *** ** *
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed.
Any views or opinions presented are solely those of the author, and do not
hgomez 2002/10/15 03:31:21
Modified:catalina/src/bin catalina.sh
Log:
Fix $CATALINA_TMPDIR in Cygwin, submitted by Peter Romianowski
Revision ChangesPath
1.32 +2 -1 jakarta-tomcat-4.0/catalina/src/bin/catalina.sh
Index: catalina.sh
[X] I agree with the proposal
[ ] I don't agree with the proposal
Fine for another non-committer.
PLS cont. to read the dev list too ;-)
Bob
Costin Manolache wrote:
I would like to propose a new mailing list.
The list will be closed to commiters only. The main purpose
will be discussions
-Original Message-
From: Costin Manolache [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 14, 2002 1:24 PM
To: [EMAIL PROTECTED]
Subject: [VOTE] tomcat-commiters list
I would like to propose a new mailing list.
The list will be closed to commiters only. The main purpose
mturk 2002/10/15 05:15:51
Modified:jk/native2/include jk_uriMap.h
Log:
Add host map cache.
Revision ChangesPath
1.17 +6 -1 jakarta-tomcat-connectors/jk/native2/include/jk_uriMap.h
Index: jk_uriMap.h
mturk 2002/10/15 05:18:35
Modified:jk/native2/common jk_uriMap.c
Log:
Add host map cache.
There is no need to map the host when already evaluated.
On first didtinctive hostMap the found hostEnv is stored to the cache.
Later it is accesed from the cache skipping lengthy
mturk 2002/10/15 05:23:23
Modified:jk/native2/common jk_uriMap.c
Log:
Ooops, the wrong repository (forgot the key)
Revision ChangesPath
1.54 +1 -0 jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c
Index: jk_uriMap.c
mturk 2002/10/15 05:27:56
Modified:jk/native2/common jk_uriMap.c
Log:
Not my day... (I'll need to clean some things localy ;)
Revision ChangesPath
1.55 +2 -2 jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c
Index: jk_uriMap.c
mturk 2002/10/15 06:00:49
Modified:jk/native2 CHANGES.txt
Log:
Feel free to add the non-listed changes
Revision ChangesPath
1.2 +11 -1 jakarta-tomcat-connectors/jk/native2/CHANGES.txt
Index: CHANGES.txt
Costin Manolache wrote:
I would like to propose a new mailing list.
The list will be closed to commiters only. The main purpose
will be discussions of security and other special issues.
This should avoid [Cc] threads.
The main target should be active commiters - so it should
start
mturk 2002/10/15 06:59:29
Modified:jk/native2/include jk_vm.h
Log:
Add the classpath option to the vm:
Revision ChangesPath
1.5 +8 -1 jakarta-tomcat-connectors/jk/native2/include/jk_vm.h
Index: jk_vm.h
mturk 2002/10/15 06:59:49
Modified:jk/native2/common jk_vm_default.c
Log:
Add the classpath option to the vm:
Revision ChangesPath
1.22 +35 -9 jakarta-tomcat-connectors/jk/native2/common/jk_vm_default.c
Index: jk_vm_default.c
mturk 2002/10/15 07:00:11
Modified:jk/xdocs/jk2 configwebcom.xml
Log:
Add the classpath option to the vm:
Revision ChangesPath
1.3 +6 -1 jakarta-tomcat-connectors/jk/xdocs/jk2/configwebcom.xml
Index: configwebcom.xml
mturk 2002/10/15 07:02:08
Modified:jk/conf workers2.properties
Log:
Add the classpath option to the vm:
Revision ChangesPath
1.18 +2 -1 jakarta-tomcat-connectors/jk/conf/workers2.properties
Index: workers2.properties
mturk 2002/10/15 07:04:16
Modified:jk/conf jk2.properties
Log:
Add the handler.list option example
Revision ChangesPath
1.11 +3 -0 jakarta-tomcat-connectors/jk/conf/jk2.properties
Index: jk2.properties
Steven Bradley wrote:
I'm using Tomcat 4.0 standalone on Windows 2000 and am having trouble
getting SSL client authentication working (getting SSL server auth
working was a snap). Here's what I've done so far:
* created a self-signed client cert using openSSL (key usage includes
Yes, I did it. It worked fine.
* First, let the clientAuth=false then try.
If it doesn't work, you might going wrong when generating the certificates
stuff.
Here are the steps:
keytool -genkey -keystore client.keystore -alias client1
keytool -keystore client.keystore -certreq -file
The list will be closed to commiters only. The main purpose
will be discussions of security and other special issues.
This should avoid [Cc] threads.
The main target should be active commiters - so it should
start empty.
This is a majority vote.
[X ] I agree with the proposal
So I'm barking up the wrong tree? I thought somebody had told me that the Coyote JK 2
connector only worked with mod_jk2. I'll go play around with the Coyote / mod_jk
combo on NetWare, and see how it works.
Thanks.
Jeff Tulley ([EMAIL PROTECTED])
(801)861-5322
Novell, Inc., the leading
Did there is a way to specify a context loading order.
ie :
ROOT, then app1, app2, zorg1, app3 ?
Regards
PS: It's the case in TC 3.3, and settings context in server.xml in
4.1.12 didn't seems to works, TC 4.1.x loading context in alphabetically
order
--
To unsubscribe, e-mail:
Hi,
One of my client is trying to use Tomcat Server (3.3.1) with their web
service products. One of the challenge we face is the memory/cpu usage on
Windows 2000 server. They currently have IBM Websphere to handle various
java servlet and JSP, and memory usage is little pretty high from their
Hi,
One of my client is trying to use Tomcat Server (3.3.1) with their web
service products. One of the challenge we face is the memory/cpu usage
on
Windows 2000 server. They currently have IBM Websphere to handle
various
java servlet and JSP, and memory usage is little pretty high from their
So I find that works on NetWare with our mod_jk, as you said. The only thing that
worries me is that the port value set in server.xml is not honored, on Windows or on
NetWare. Is there somewhere else it is pulling its configuration from? I cannot have
shifting ajp ports, since I might have
Jeff Tulley wrote:
So I find that works on NetWare with our mod_jk, as you said. The only
thing that worries me is that the port value set in server.xml is not
honored, on Windows or on NetWare. Is there somewhere else it is pulling
its configuration from? I cannot have shifting ajp
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13660.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
Thanks Costin. I can look into the patch for the port number in server.xml not being
honored. I'm not too JMX savvy, so I probably won't be much help with the MBeans
extension mechanism. I see the need though, after going through changing it myself.
Jeff Tulley ([EMAIL PROTECTED])
I have gotten clientAuth=true working with Tomcat 5.
It is important to get the trusted certificates properly defined.
I did this,
export
CATALINA_OPTS=-Djavax.net.ssl.trustStore=/home/bob/issues/ssl/cacerts.jks
-Djavax.net.ssl.trustStorePassword=changeit
And sometimes defined this to get
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13662.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
OptimizeIt seems to always get high recommendations. Just an unofficial
recommendation.
Bruce
-Original Message-
From: John Jang [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 15, 2002 11:53 AM
To: '[EMAIL PROTECTED]'
Subject: Memory Usage
Importance: High
Hi,
One of my client is
HI,
is somebody aware why package org.apache.coyote.* and
org.apache.tomcat.* are not protected againts package insertion/access
in Catalina.java. What is the reasons? Actually, classes are not
available to a Webapp (the Classloader is taking care of it) but when
Tomcat is embedded in an app
jfarcand2002/10/15 12:08:33
Modified:catalina/src/share/org/apache/catalina/mbeans
MBeanUtils.java
Log:
Security Audit. Since all methods should/are only used by o.a.c.mbean package,
protects them.
Revision ChangesPath
1.6 +67 -67
On Tue, 2002-10-15 at 03:12, Remy Maucherat wrote:
As voted, I have packaged a first milestone of Tomcat 5.
http://jakarta.apache.org/builds/jakarta-tomcat/milestone/v5.0.0/
Note: I put it in the jakarta-tomcat folder. I don't see a point of
using the version number in the folder name
I've built 5.0 on Solaris 8 (SPARC). I have installed Java 2 SDK 1.4.1,
Apache 2.0.40 (64-bit SPARC binary built using gcc-3.1).
Getting an error with the following jk2.properties file:
shm.file=${jkHome}/work/jk2.shm
handler.list=apr,request,channelUnix
channelJni.disabled = 0
IMO sealing is the best protection against insertion,
and using URLClassLoader ( or making sure all the checks from
URLClassLoader are reproduced ).
I agree, this is a potential risk - as untrusted code may access
package fields. So far I don't see any, but better to be sure.
Costin
I agree that both of those packages should be protected.
Why they are not included? org.apache.coyote is most likely missing
because it is a relatively new package. org.apache.util may just have
been missed.
The code below is in both startup/Catalina.java and startup/CatalinaService.java
I
glenn 2002/10/15 13:33:19
Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
Log:
Add two new package restrictions
Revision ChangesPath
1.49 +8 -6
jfarcand2002/10/15 13:44:45
Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
Log:
Security Audit. Add protection for org.apache.coyote and org.apache.tomcat package.
Revision ChangesPath
1.6 +6 -6
costin 2002/10/15 13:44:59
Modified:.build.xml
Log:
More 'fast-build' targets.
I intend to remove the compilation part of build2.xml, and move
the rest in other places ( ant-launcher.xml ? ). While it's very
fast, it is also too hard to maintain.
The current
Hi Glenn,
should it be org.apache.tomcat.util instead of org.apache.util ?
Thanks,
-- Jeanfrancois
[EMAIL PROTECTED] wrote:
glenn 2002/10/15 13:33:19
Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
Log:
Add
costin 2002/10/15 14:02:13
Modified:util build.xml
Log:
Allow configuration of the jar, jar only our files.
Revision ChangesPath
1.14 +8 -5 jakarta-tomcat-connectors/util/build.xml
Index: build.xml
costin 2002/10/15 14:03:26
Modified:jk build.xml
Log:
Allow configuration of the jar.
Revision ChangesPath
1.59 +11 -6 jakarta-tomcat-connectors/jk/build.xml
Index: build.xml
===
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13671.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
I found this extra bit of fluf, can someone (with jakarta-servletapi
Karma) commit this?
Cheers,
-bob
Index: jsr154/src/share/javax/servlet/http/HttpUtils.java
===
RCS file:
jfarcand2002/10/15 14:39:44
Modified:jsr154/src/share/javax/servlet/http HttpUtils.java
Log:
Security Audit. Remove possible security issue.
Submitted by: Bob Hermann
Revision ChangesPath
1.2 +1 -3
Hi,
In o.a.c.tomcat5.CoyoteRequest (same in tomcat4), there is a doPrivilege
block that grant the doGetSession method. This method delegate the logic
to the o.a.c.Manager instance. A Manager can (but it's not required)
uses a o.a.c.Store object . The Manager and the Store object may need
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13616.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13616.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
luehe 2002/10/15 15:34:47
Modified:jasper2/src/share/org/apache/jasper/compiler JspUtil.java
Log:
removed redundant code
Revision ChangesPath
1.19 +3 -61
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/JspUtil.java
Index: JspUtil.java
It seems the vote on a tomcat-commiter list got a majority -
unless all inactive commiters start voting -1.
Craig/Sam - please create the list or let me know who
can do it. The intention is to have all active commiters
in asap.
As soon as we get the list, I think we should move the
[Security
luehe 2002/10/15 17:03:10
Modified:jasper2/src/share/org/apache/jasper/compiler
ImplicitTagLibraryInfo.java
Log:
Fixed call to super() in constructor
Revision ChangesPath
1.11 +4 -4
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13673.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
glenn 2002/10/15 17:43:52
Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
Log:
Ooops, wrong package
Revision ChangesPath
1.50 +6 -6
Oops, thanks for catching that.
I changed org.apache.util. to org.apache.tomcat.,
that should cover it better.
Glenn
Jean-Francois Arcand wrote:
Hi Glenn,
should it be org.apache.tomcat.util instead of org.apache.util ?
Thanks,
-- Jeanfrancois
[EMAIL PROTECTED] wrote:
glenn
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11891.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11891.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
billbarker2002/10/15 23:03:40
Modified:src/share/org/apache/tomcat/modules/generators
ErrorHandler.java
Log:
Don't set the content-type on a 304 Not-Modified response.
Submitted by: Martin Algesten [EMAIL PROTECTED]
Revision ChangesPath
1.27
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13662.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13677.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13660.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
69 matches
Mail list logo
