Bug report #760 has just been filed.
You can view the report at the following URL:
http://znutar.cortexity.com/BugRatViewer/ShowReport/760
REPORT #760 Details.
Project: Tomcat
Category: Bug Report
SubCategory: New Bug Report
Class: swbug
State: received
Priority: high
Severity: serious
Craig R. McClanahan typed the following on 09:06 PM 1/13/2001 -0800
The information that is presented in the Server Configuration section is all up
to date AFAIKT, but several sections are not yet written. With this, as with
the rest of the docs (and the code, of course :-), feel free to suggest
Here is my proposal for implementing the Java SecurityManager in Tocmat 4.
Work on implementing this proposal is in progress. Comments please?
Tomcat 4 Java SecurityManager Proposal
Tomcat 4 will require the Java SecurityManager, use of the
SecurityManager will be optional
remm01/01/14 11:51:01
Modified:catalina/src/share/org/apache/naming/resources
FileDirContext.java ProxyDirContext.java
Log:
- Added some extra checks to prevent exceptions when trying to list contents
of unreadable directories.
- Fix bug with type
remm01/01/14 11:53:47
Modified:catalina/src/share/org/apache/catalina/loader
StandardLoader.java
Log:
- Fix Jasper classpath generation.
Revision ChangesPath
1.16 +10 -7
remm01/01/14 11:58:30
Modified:catalina/src/share/org/apache/catalina/core
ApplicationContext.java StandardContext.java
Log:
- Fix the binding of the resources in the servlet context.
- Fix ServletContext.getRealPath().
- The AppContext cannot
larryi 01/01/14 12:18:04
Modified:src/doc Tag: tomcat_32 faq
Log:
Add information about "classdebuginfo" init paramter added to Jasper.
Update other information as well.
Revision ChangesPath
No revision
No revision
larryi 01/01/14 12:23:08
Modified:src/share/org/apache/tomcat/core Request.java
Log:
Bug Report #757
User Principal incorrectly Maintained
Submitted by: David Winterfeldt ([EMAIL PROTECTED])
Revision ChangesPath
1.87 +1 -0
larryi 01/01/14 12:39:12
Modified:src/share/org/apache/tomcat/util PrefixMapper.java
Log:
getLongestPrefixMatch() would enter a tight loop if the request URI didn't
map into a context. Now, if a match can't be found it returns null and
a 404 error page will be sent back to the
larryi 01/01/14 12:45:41
Modified:src/share/org/apache/jasper EmbededServletOptions.java
JspC.java Options.java
src/share/org/apache/jasper/compiler Compiler.java
JavaCompiler.java JikesJavaCompiler.java
Glenn Nielsen wrote:
Here is my proposal for implementing the Java SecurityManager in Tocmat 4.
Work on implementing this proposal is in progress. Comments please?
Tomcat 4 Java SecurityManager Proposal
Tomcat 4 will require the Java SecurityManager, use of the
Tomcat would be a great tool to provide catalogs and presentations on
CD - with additional advantages if there are already web versions of
such applications. I know of a lot of people (me included) that would
like to use Tomcat this way.
I already implemented a proof of concept where a Delphi
Bug report #761 has just been filed.
You can view the report at the following URL:
http://znutar.cortexity.com/BugRatViewer/ShowReport/761
REPORT #761 Details.
Project: Tomcat
Category: Bug Report
SubCategory: New Bug Report
Class: swbug
State: received
Priority: high
Severity: critical
"Jon Stevens" [EMAIL PROTECTED] wrote:
on 1/11/01 8:30 PM, "Geoff Soutter" [EMAIL PROTECTED] wrote:
[snip]
Let me also state that at this point in time, I see Velocity+Turbine as
being one of the best solutions out there.
I agree it has benefits over JSP, but I do think it's still too hard
I was pleased to see that a connection timeout has been added to Tomcat
4.0 in the HttpConnector class. A timeout was missing in Sun's JSDK
through version 2.0 and in earlier versions of Tomcat. Without a
timeout, the servlet runner process accumulates dead connections on the
Internet and, with
"Christopher K. St. John" wrote:
"Craig R. McClanahan" wrote:
If your server implements session swapping or distribution (as we are currently
developing in the 4.1 repository), it is pretty much guaranteed that different
session object instances may be used during the lifetime of the
Nick Bauman wrote:
Have you gotten the new Bugzilla system ready?
Please let me know when / if I should close down the report page for
bugrat.
Almost ... personally, I want to do just a bit more testing first ...
Thanks
-Nick (The guy running bugrat for Jakarta)
Craig
John Neffenger wrote:
I was pleased to see that a connection timeout has been added to Tomcat
4.0 in the HttpConnector class. A timeout was missing in Sun's JSDK
through version 2.0 and in earlier versions of Tomcat. Without a
timeout, the servlet runner process accumulates dead
Remy Maucherat wrote:
I have an issue with 4.1 code (fresh from CVS) at the moment -- the JSP
examples
do not run correctly. That is, any JSP page that references a bean class
that
is loaded from WEB-INF/classes or WEB-INF/lib fails to find that class.
The classpath generation for Jasper
on 1/14/01 3:11 PM, "Geoff Soutter" [EMAIL PROTECTED] wrote:
"Jon Stevens" [EMAIL PROTECTED] wrote:
on 1/11/01 8:30 PM, "Geoff Soutter" [EMAIL PROTECTED] wrote:
[snip]
Let me also state that at this point in time, I see Velocity+Turbine as
being one of the best solutions out there.
I
At 12:46 14/1/01 -0600, Glenn Nielsen wrote:
Tomcat 4 Java SecurityManager Proposal
Tomcat 4 will require the Java SecurityManager, use of the
SecurityManager will be optional when Tomcat is embedded in
another application.
Why not always have it optional possibly determined
Insofar as any of us can predict the future, I would say the answer to
this is
definitely yes. Among other things, the lack of a timeout creates a
pretty easy
DOS attack against a Tomcat server -- simply open enough socket
connections to
exhaust the configured pool size, and just sit there.
-0. Why not make it optional for standard use as well? If I use Tomcat
for development only, I'm not concerned with security and don't
want to mess with policy files.
Same here. There's a switch for the naming features, and I think it should
be the same with the security manager.
Remy
"Jon Stevens" [EMAIL PROTECTED] wrote:
on 1/14/01 3:11 PM, "Geoff Soutter" [EMAIL PROTECTED] wrote:
"Jon Stevens" [EMAIL PROTECTED] wrote:
on 1/11/01 8:30 PM, "Geoff Soutter" [EMAIL PROTECTED] wrote:
[snip]
Let me also state that at this point in time, I see Velocity+Turbine as
on 1/14/01 5:00 PM, "Peter Donald" [EMAIL PROTECTED] wrote:
At 05:43 13/1/01 -0800, Hans Bergsten wrote:
If you have any interest in the future of the Jakarta project, I think you
should come.
I know it's out of context but this neatly summarizes it doesn't it ;) What
you may ask - well
Bug report #765 has just been filed.
You can view the report at the following URL:
http://znutar.cortexity.com/BugRatViewer/ShowReport/765
REPORT #765 Details.
Project: Tomcat
Category: Bug Report
SubCategory: New Bug Report
Class: swbug
State: received
Priority: high
Severity: critical
on 1/14/01 5:34 PM, "Geoff Soutter" [EMAIL PROTECTED] wrote:
Seems to me that your argument rests on the assumption that there exists
such a beast as a "template engineer" - someone who is skilled in HTML and
who understands coding without ever having had formal programming training.
on 1/14/01 6:42 PM, "Peter Donald" [EMAIL PROTECTED] wrote:
At 05:48 14/1/01 -0800, Jon Stevens wrote:
I know it's out of context but this neatly summarizes it doesn't it ;) What
you may ask - well let me elaborate. When I first started working with
Apache peeps it was great - I never heard
remm01/01/14 20:26:40
Modified:catalina/src/conf web.xml
Log:
- Add some sound and video MIME types.
Revision ChangesPath
1.12 +24 -0 jakarta-tomcat-4.1/catalina/src/conf/web.xml
Index: web.xml
Hans Bergsten wrote: [...] The spec may not be explicit
enough about this, but the session object you get back from the
getSession() object is a container-managed object that the application
is not supposed/allowed to keep long-lived references to. It's
the same as with all other
remm01/01/14 21:12:31
Modified:catalina/src/share/org/apache/naming/factory Constants.java
EjbFactory.java ResourceEnvFactory.java
ResourceFactory.java TransactionFactory.java
Log:
- Make the object factories easily pluggable.
-
remm01/01/14 21:51:27
Modified:catalina/src/share/org/apache/catalina/servlets
DefaultServlet.java
Log:
- Fix a bug where a directory browse page wouldn't be served if the request
included a rage header. That fixes compatibility with the HTTP browser
Peter Donald wrote:
At 12:46 14/1/01 -0600, Glenn Nielsen wrote:
Tomcat 4 Java SecurityManager Proposal
Tomcat 4 will require the Java SecurityManager, use of the
SecurityManager will be optional when Tomcat is embedded in
another application.
Why not always have it
Gokul Singh wrote:
Hans Bergsten wrote:
[...]
The spec may not be explicit enough about this, but the session
object
you get back from the getSession() object is a container-managed
object
that the application is not supposed/allowed to keep long-lived
references
to. It's the
Well, I think I have to clear few things up.
I already announced ( probably not clearly enough ) my intention to give
up and spend my free time in better ways. This is a form of vote, BTW.
The only thing that keeps me subscribed to this list is the fact that I
wanted to finish my work on
Delivery failure: javax.mail.MessagingException: 452 Filesystem error - message not
accepted
Delivery failure: javax.mail.MessagingException: 452 Filesystem error - message not
accepted
Hi Im writing my first little program that will welcome a user once she enters and submits her details
- Original Message -
From: "Hans Bergsten" [EMAIL PROTECTED]
Gokul Singh wrote:
Hans Bergsten wrote:
[...]
I am trying to disallow a single user to have multiple login sessions
valid at any given time. I have to enforce this even if the user tried
to login from two
on 1/15/01 12:02 AM, "[EMAIL PROTECTED]" [EMAIL PROTECTED] wrote:
Well, I think I have to clear few things up.
I already announced ( probably not clearly enough ) my intention to give
up and spend my free time in better ways. This is a form of vote, BTW.
The only thing that keeps me
38 matches
Mail list logo
