DO NOT REPLY [Bug 15672] - DBCP doesn't work on Tomcat 4.1.18 with Oracle JDBC driver

2003-01-03 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15672.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15672

DBCP doesn't work on Tomcat 4.1.18 with Oracle JDBC driver





--- Additional Comments From [EMAIL PROTECTED]  2003-01-03 08:42 
---
Hello!
I receive the same errore using Informix.
Trying to resolve the problems I've modified the classes BasicDataSource and 
BasicDataSourceFactory and I've seen a strange thing:
On startup, Tomcat creates a DataSource correctly according to server.xml.
When I execute the ctx.lookup()/getConnection() for my DS, I see 
BasicDataSourceFactory creates a new BasicDataSource that contains only 
description, scope and auth (according to my web.xml) while driverClassName, 
maxWait and the other params doesnt't exist. WHen I do ds.getConnection I 
receive the error:
java.sql.SQLException: Cannot load JDBC driver class 'null'
at org.apache.commons.dbcp.BasicDataSource.createDataSource 
BasicDataSource.java:289)
at org.apache.commons.dbcp.BasicDataSource.getConnection
(BasicDataSource.java:162)
This is normal because createDataSource is called on the patial empty 
DataSource (that doesn't contain driverClassName etc...)

I hope I give you some idea to solve the problem.

Bye

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Use JAXP 1.2 Parser with Tomcat 4.1.18

2003-01-03 Thread Saurabh Arora
I have posted the same question to Tomcat-user but can't solve my
problem.


I would like to know that can we use JAXP 1.2 XML parser with tomcat
4.1.18 (by replacing TOMCAT_HOME\common\endorsed). The release notes
point out use JAXP 1.1 parser.

Note: I am using java 1.4.1

  More importantly, the critical question is when would tomcat bundle 
JAXP 1.2 XML parser .


saurabh 


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit: jakarta-tomcat-connectors/jk/xdocs/jkworkershowto.xml

2003-01-03 Thread Lacoste (Frisurf)
 const char *wname) {
   +int rc = JK_TRUE;
   +char buf[1024];
   +if (m  wname) {
   +int value;
   +sprintf(buf, %s.%s.%s, PREFIX_OF_WORKER, wname, STICKY_SESSION);

Seeing that checkin I got curious and I had a look at the code. 
I saw that this sprintf is used a lot in that way. Was wondering if
there was a way to pass some parameters to overflow the buffer.
Especially if the name comes from a property read from a file. I didn't
see any special protection checking the length of the parameters, wname
in that case.

Am I wrong?

J.




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




First version of JK2 Domino connector and more questions about JNI-mode

2003-01-03 Thread olaf . hahnl

I am leaving for a one week holiday and wanted to share the first
beta-version of the JK2 Domino connector with you.

I am not familiar with the Apache coding guidlines etc., it is just for you
who are interested in this and are more experienced than I am, to have a
look at the code, and to comment on it. There are some parts where I am not
sure about the function which I marked with a comment and some ???. Most of
it I mentioned in my first mail to this list.

To compile it without having the Domino C-API, one have to define the
symbol NO_CAPI.


I just tested it with JNI mode, which I need for my own projects and
discoverd a few things/problems I like to mention here. I am not sure if
these are specific to flaws in my code or to misconfiguration of the
config-file (see below) or to the way the JNI-mode works. First of all, all
the servlet and JSP examples provided with TC worked quite well. Because of
the problems with JNI-mode and Domino 6 (see my last few mails) I solely
worked with Domino 5.0.11 on Windows, but in the future the filter should
also work under Linux etc.

Then I tested one of my own web-apps and got astonishing results, nothings
works! I was able to reduce the problem to the following configuration: In
a simple servlet I tried to set up commons-logging 1.0.2 to work together
with log4j 1.2.7. I could not achive this in JNI mode and always got this
error

java.lang.NoClassDefFoundError: org/apache/log4j/Layout
  at
org.apache.commons.logging.impl.Log4jFactory.getInstance(Log4jFactory.java:153)
  at
org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:285)
  at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:409)
  at TestServlet.clinit(TestServlet.java:23)

Commons-logging and log4j are only in the web-app's lib-directory. To make
it worse the same thing is working as expected without any modifications
when TC is started as a seperate process using the startup batch file and
accessed using HTTP1.1 connector. Log4j alone work quite a nice as well and
using the old JK connector it also works quite well.

My thought is that it has something to do with classloaders and/or the VM
is intialized with different options. As I looked for the system-properties
I saw that they are quite dfferent in the two situations. Any thoughts
regarding this problem?

My workers2.properties lookes like this for the VM initialization

[vm:]
info=Parameters used to load a JVM in the server process
OPT=-Djava.class.path=${CATALINA_HOME}/bin/tomcat-jni.jar;
OPT=-Djava.io.tmpdir=${CATALINA_HOME}/temp
OPT=-Dcatalina.home=${CATALINA_HOME}
OPT=-Duser.dir=${CATALINA_HOME}/bin
OPT=-Xmx128M

Comments on both issues are welcome!

Olaf

(See attached file: dsapi2.zip)



dsapi2.zip
Description: Zip archive
--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]


DO NOT REPLY [Bug 15776] New: - cannot use non default channel port in jk2

2003-01-03 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15776.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15776

cannot use non default channel port in jk2

   Summary: cannot use non default channel port in jk2
   Product: Tomcat 4
   Version: 4.1.18
  Platform: PC
OS/Version: Linux
Status: UNCONFIRMED
  Severity: Normal
  Priority: Other
 Component: Connector:Coyote JK 2
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


I was trying to use a non-default channel port (8019) in my
tomcat 4.1.18 - apache 2.0.43 with jk2 configuration, following a working
worklog of someone that had been happily using tomcat 4.1.12.

I couldn't manage to set it up (see errors below). Using default port works
perfecly. I believe there is a problem with non default port number.
I would like somebody to test using a non default port with tomcat 4.1.18 and
apache 2.0.43 

Problem described in my emails titled:
tomcat/apache connector startup failure: NCDFE fpr
org/apache/commons/logging/LogFactory

sent both to the tomcat-user and tomcat-dev list between the 30th of December
and 3rd of Januray 2003.

 Tomcat fails connecting initializing with the following error:
 
 SEVERE: Can't create apr
 java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory
 
 As a consequence of this problem (I think it is related), I cannot
 access the dynamic pages from apache. Tomcat works great
 (http://localhost:8080/examples/) while http://localhost/examples/
 returns a 500 Error (Connection refused on port 8019 - errno 111).
 
 (nb: I modified the default port to be 8019 instead of 8009).
 
 I've tried several variations of the jk2.properties and
 workers2.properties without success. Spent a lot of time on the mailing
 lists archives without success neither.
 
 I moved the commons-logging.jar from $TOMCAT/server/lib/ to
 $TOMCAT/common/lib as advised in some mails. This didn't work.
 Even if if had worked, it seems it would have been  inapropriate:
 see http://issues.apache.org/bugzilla/show_bug.cgi?id=13689
 
 I also used the attached jsp deployed in $TOMCAT/webapps/ROOT to see the
 CLASSPATH which is outputed as 
   /usr/local/java/lib/tools.jar:/opt/tomcat/bin/bootstrap.jar
 which seems normal to me.
 
 I didn't try to modify the CLASSPATH in catalina.sh as it doesn't seem
 like the correct thing to do neither. 
 
 It seems like this is a ClassLoader problem. If there is a way to enable
 debugging for the class loader, I am also interested. I found this: 
 http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/loader.html
 But didn't find yet how to use it.
 
 It seems that I am not the only one to have had this problem. I spent
 already too much time on it so I will accept any idea/hints on how to
 make this work. 
 
 I am using 
 - linux OS (Mandrake 9.0)
 - JDK 1.4.1_01-b01
 - tomcat-4.1.18-LE-jdk14.jar
 - jakarta-tomcat-connectors-4.1.18-src.tar.gz
 - Apache 2.0.43 
 
 Error details:
 
 INFO: Starting Coyote HTTP/1.1 on port 8080
 Dec 30, 2002 8:58:03 PM org.apache.jk.server.JkMain newHandler
 SEVERE: Can't create apr
 java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory
   at org.apache.jk.apr.AprImpl.clinit(AprImpl.java:340)
   at java.lang.Class.forName0(Native Method)
   at java.lang.Class.forName(Class.java:140)
   at org.apache.jk.server.JkMain.newHandler(JkMain.java:556)
   at org.apache.jk.server.JkMain.start(JkMain.java:341)
   at org.apache.jk.server.JkCoyoteHandler.start(JkCoyoteHandler.java:169)
   at
 org.apache.coyote.tomcat4.CoyoteConnector.start(CoyoteConnector.java:1056)
   at
 org.apache.catalina.core.StandardService.start(StandardService.java:506)
   at
 org.apache.catalina.core.StandardServer.start(StandardServer.java:2189)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:512)
   at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)
   at org.apache.catalina.startup.Catalina.process(Catalina.java:180)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:324)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203)
 Dec 30, 2002 8:58:03 PM org.apache.jk.common.ChannelSocket init
 INFO: JK2: ajp13 listening on /0.0.0.0:8009
 Dec 30, 2002 8:58:03 PM org.apache.jk.server.JkMain start
 INFO: Jk running ID=0 time=2/239  config=/opt/tomcat/conf/jk2.properties

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: 

Re: cvs commit: jakarta-tomcat-connectors/jk/xdocs/jk workershowto.xml

2003-01-03 Thread Tim Funk
wname is the worker name. This name is the name of the worker as defined 
in the JK property config file. Eg:

worker.tomcat1.host=localhost
   ^^^

For example above: tomcat1 is the worker name.

If someone were to attempt a buffer overflow, they would need write 
access to the Jk config file. (Then have enough permission/patience 
until apache is restarted).

I do not think this is a problem (except for the admin of the box).

-Tim


Jerome Lacoste (Frisurf) wrote:
   const char *wname) {
 +int rc = JK_TRUE;
 +char buf[1024];
 +if (m  wname) {
 +int value;
 +sprintf(buf, %s.%s.%s, PREFIX_OF_WORKER, wname, STICKY_SESSION);



Seeing that checkin I got curious and I had a look at the code. 
I saw that this sprintf is used a lot in that way. Was wondering if
there was a way to pass some parameters to overflow the buffer.
Especially if the name comes from a property read from a file. I didn't
see any special protection checking the length of the parameters, wname
in that case.

Am I wrong?

J.




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]





--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: First version of JK2 Domino connector and more questions about JNI-mode

2003-01-03 Thread Mladen Turk
 -Original Message-
 From: [EMAIL PROTECTED] 

Great news!

 
 My workers2.properties lookes like this for the VM initialization
 
 [vm:]
 info=Parameters used to load a JVM in the server process 
 OPT=-Djava.class.path=${CATALINA_HOME}/bin/tomcat-jni.jar;

Try using the folwing instead OPT=-Djava.class.path=

classpath=${TOMCAT_HOME}/bin/tomcat-jni.jar
classpath=${TOMCAT_HOME}/server/lib/commons-logging.jar 


 
 (See attached file: dsapi2.zip)


Can DSAPI be tested with Domino 6 trial version?

MT.
 


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core StandardServer.java

2003-01-03 Thread Christoph Seibert
Hi there,

I think there is a problem with the following fix:


amyroh  2003/01/02 17:59:09

  Modified:catalina/src/share/org/apache/catalina/core
StandardServer.java
  Log:
  Fix for bugzilla 15762.

[...]

  diff -u -r1.32 -r1.33
  --- StandardServer.java	11 Sep 2002 14:19:33 -	1.32
  +++ StandardServer.java	3 Jan 2003 01:59:08 -	1.33
  @@ -824,7 +824,15 @@
   } else if (c == '') {
   filtered.append(quot;);
   } else if (c == '') {
  -filtered.append(amp;);
  +char s1 = input.charAt(i+3);
  +char s2 = input.charAt(i+4);
  +char s3 = input.charAt(i+5);
  +if (((s1 == ';') || (s2 == ';')) || (s3 == ';')) {
  +// do not convert if it's already in converted 
form
  +filtered.append(c);
  +} else {
  +filtered.append(amp;);
  +}
   } else {
   filtered.append(c);
   }

(Note: I haven't had a look at the surrounding code yet, so I have to
assume that 'i' is the position of 'c', that is the '' character.)

This code assumes that character or entity references will not be
shorter than 4 characters (including the delimiters '' and ';')
and no longer than 6. However, the XML specification does not in
any way define restrictions like that. For example, 'd;' is a
valid entity reference (assuming it was defined in the DTD). Worse,
character or entity references can have arbitrary length. For example,
'#x00020' is a valid character reference to the ' ' (space)
character.

I'm sorry I don't have a better fix right now, but I assume one
would have to iterate through the characters following the ''
until either a ';' is found or a character occurs that is not a legal
part of an entity reference name (or in the case of a character
reference, not one of [0-9] for decimal or [0-9a-fA-F] for
hexadecimal).

(Actually, I believe this wheel must already have been invented,
but with only looking at this code snippet, I don't really know.)

Ciao,
Christoph

--
--- Christoph Seibert   [EMAIL PROTECTED] ---
-- Farlon Dragon -==(UDIC)==-http://home.pages.de/~seibert/ --
- Who can possibly rule if no one-
- who wants to can be allowed to? - D. Adams, HHGTTG -


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




DO NOT REPLY [Bug 15778] New: - DBCP ClassCastException / postgresql's PGConnection / getLargeObjectAPI

2003-01-03 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15778.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15778

DBCP ClassCastException / postgresql's PGConnection / getLargeObjectAPI

   Summary: DBCP ClassCastException / postgresql's PGConnection /
getLargeObjectAPI
   Product: Tomcat 4
   Version: 4.1.12
  Platform: PC
OS/Version: Linux
Status: NEW
  Severity: Major
  Priority: Other
 Component: Unknown
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


I have tomcat 4.1.12 configured with JNDI DataSource with PostgreSQL 7.2.3 
connection pool configured like the documentation (tried it with pgjdbc2.jar 
and also the 7.3 jar from jdbc.postgresql.org that claims to work with PG 7.2 
and even a compiled jar from the PG 7.3 source). The connection pool works fine 
with the normal SQL interface (not LargeObject), but when reach this line I 
get a ClassCastException:

LargeObjectManager lobj = ((org.postgresql.PGConnection)db).getLargeObjectAPI();

Before trying to use the DBCP, I never got a ClassCastException here.

Is this a new bug or just something that is not supported by the DBCP/JDBC?

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasperEmbededServletOptions.java

2003-01-03 Thread Remy Maucherat
Glenn Nielsen wrote:

Will this be ported to the tomcat_4_branch of jasper and Tomcat 4.1?


It changes existing behavior, so the answer is I don't know.

Remy


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper EmbededServletOptions.java

2003-01-03 Thread glenn
glenn   2003/01/03 05:24:59

  Modified:jasper2/src/share/org/apache/jasper Tag: tomcat_4_branch
EmbededServletOptions.java
  Log:
  Make Ant javac fork the default
  
  Revision  ChangesPath
  No   revision
  
  
  No   revision
  
  
  1.8.2.3   +4 -4  
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/EmbededServletOptions.java
  
  Index: EmbededServletOptions.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/EmbededServletOptions.java,v
  retrieving revision 1.8.2.2
  retrieving revision 1.8.2.3
  diff -u -r1.8.2.2 -r1.8.2.3
  --- EmbededServletOptions.java31 Dec 2002 14:00:36 -  1.8.2.2
  +++ EmbededServletOptions.java3 Jan 2003 13:24:59 -   1.8.2.3
  @@ -91,7 +91,7 @@
   /**
* Should Ant fork its java compiles of JSP pages.
*/
  -public boolean fork = false;
  +public boolean fork = true;
   
   /**
* Do you want to keep the generated Java files around?
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-4.0/webapps/tomcat-docs jasper-howto.xml

2003-01-03 Thread glenn
glenn   2003/01/03 05:26:01

  Modified:catalina/src/conf web.xml
   webapps/tomcat-docs jasper-howto.xml
  Log:
  Make Ant javac fork the default
  
  Revision  ChangesPath
  1.48  +1 -1  jakarta-tomcat-4.0/catalina/src/conf/web.xml
  
  Index: web.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/conf/web.xml,v
  retrieving revision 1.47
  retrieving revision 1.48
  diff -u -r1.47 -r1.48
  --- web.xml   31 Dec 2002 14:12:05 -  1.47
  +++ web.xml   3 Jan 2003 13:26:01 -   1.48
  @@ -117,7 +117,7 @@
 !--  --
 !--   forkTell Ant to fork compiles of JSP pages so that --
 !--   a separate JVM is used for JSP page compiles   --
  -  !--   from the one Tomcat is running in. [false] --
  +  !--   from the one Tomcat is running in. [true]  --
 !--  --
 !--   javaEncodingJava file encoding to use for generating java  --
 !--   source files. [UTF8]   --
  
  
  
  1.5   +1 -1  jakarta-tomcat-4.0/webapps/tomcat-docs/jasper-howto.xml
  
  Index: jasper-howto.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/jasper-howto.xml,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- jasper-howto.xml  31 Dec 2002 14:12:05 -  1.4
  +++ jasper-howto.xml  3 Jan 2003 13:26:01 -   1.5
  @@ -116,7 +116,7 @@
   
   listrongfork/strong - Have Ant fork JSP page compiles so they are
   performed in a seperate JVM from Tomcat? codetrue/code or
  -codefalse/code, default codefalse/code./li
  +codefalse/code, default codetrue/code./li
   
   listrongjavaEncoding/strong - Java file encoding to use for generating
   java source files. Default codeUTF8/code./li
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources messages.properties

2003-01-03 Thread glenn
glenn   2003/01/03 05:26:28

  Modified:jasper2/src/share/org/apache/jasper/resources Tag:
tomcat_4_branch messages.properties
  Log:
  Add message for fork init param
  
  Revision  ChangesPath
  No   revision
  
  
  No   revision
  
  
  1.9.2.6   +2 -1  
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources/messages.properties
  
  Index: messages.properties
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources/messages.properties,v
  retrieving revision 1.9.2.5
  retrieving revision 1.9.2.6
  diff -u -r1.9.2.5 -r1.9.2.6
  --- messages.properties   6 Nov 2002 23:00:40 -   1.9.2.5
  +++ messages.properties   3 Jan 2003 13:26:28 -   1.9.2.6
  @@ -119,6 +119,7 @@
   jsp.warning.classDebugInfo=Warning: Invalid value for the initParam classdebuginfo. 
Will use the default value of \false\
   jsp.warning.checkInterval=Warning: Invalid value for the initParam checkInterval. 
Will use the default value of \300\ seconds
   jsp.warning.development=Warning: Invalid value for the initParam development. Will 
use the default value of \true\
  +jsp.warning.fork=Warning: Invalid value for the initParam fork. Will use the 
default value of \true\
   jsp.warning.reloading=Warning: Invalid value for the initParam reloading. Will use 
the default value of \true\
   jsp.error.badtaglib=Unable to open taglibrary {0} : {1}
   jsp.error.badGetReader=Cannot create a reader when the stream is not buffered
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources messages.properties

2003-01-03 Thread glenn
glenn   2003/01/03 05:26:44

  Modified:jasper2/src/share/org/apache/jasper/resources
messages.properties
  Log:
  Add message for fork init param
  
  Revision  ChangesPath
  1.76  +2 -1  
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources/messages.properties
  
  Index: messages.properties
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/resources/messages.properties,v
  retrieving revision 1.75
  retrieving revision 1.76
  diff -u -r1.75 -r1.76
  --- messages.properties   18 Dec 2002 17:37:50 -  1.75
  +++ messages.properties   3 Jan 2003 13:26:44 -   1.76
  @@ -133,6 +133,7 @@
   jsp.warning.classDebugInfo=Warning: Invalid value for the initParam classdebuginfo. 
Will use the default value of \false\
   jsp.warning.checkInterval=Warning: Invalid value for the initParam checkInterval. 
Will use the default value of \300\ seconds
   jsp.warning.development=Warning: Invalid value for the initParam development. Will 
use the default value of \true\
  +jsp.warning.fork=Warning: Invalid value for the initParam fork. Will use the 
default value of \true\
   jsp.warning.reloading=Warning: Invalid value for the initParam reloading. Will use 
the default value of \true\
   jsp.error.badtaglib=Unable to open taglibrary {0} : {1}
   jsp.error.badGetReader=Cannot create a reader when the stream is not buffered
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-connectors/jk/native2 CHANGES.txt

2003-01-03 Thread glenn
glenn   2003/01/03 05:52:38

  Modified:jk/xdocs/jk2 configwebcom.xml
   jk/native2/common jk_worker_lb.c
   jk/native2 CHANGES.txt
  Log:
  Port stickySession lb flag to jk2
  
  Revision  ChangesPath
  1.6   +7 -1  jakarta-tomcat-connectors/jk/xdocs/jk2/configwebcom.xml
  
  Index: configwebcom.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/xdocs/jk2/configwebcom.xml,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- configwebcom.xml  13 Nov 2002 00:22:12 -  1.5
  +++ configwebcom.xml  3 Jan 2003 13:52:38 -   1.6
  @@ -499,6 +499,12 @@
   of the error state.
   /td
   /tr
  +tr
  +tdstickySession/td
  +td1 (true)/td
  +tdSessions stick to the same worker, 1=true 0=false
  +/td
  +/tr
   /table
   /p
   /subsection
  
  
  
  1.29  +10 -2 jakarta-tomcat-connectors/jk/native2/common/jk_worker_lb.c
  
  Index: jk_worker_lb.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_worker_lb.c,v
  retrieving revision 1.28
  retrieving revision 1.29
  diff -u -r1.28 -r1.29
  --- jk_worker_lb.c21 Nov 2002 09:03:17 -  1.28
  +++ jk_worker_lb.c3 Jan 2003 13:52:38 -   1.29
  @@ -83,11 +83,14 @@
   
   #define NO_WORKER_MSG The servlet container is temporary unavailable or being 
upgraded\n;
   
  +#define STICKY_SESSION 1
  +
   typedef struct {
   struct  jk_mutex *cs;
   int attempts;
   int recovery;
   int timeout;
  +int sticky_session;  
   time_t  error_time;
   
   } jk_worker_lb_private_t;
  @@ -110,11 +113,13 @@
   int j;
   int level;
   int currentLevel=JK_LB_LEVELS - 1;
  -char *session_route;
  +char *session_route = NULL;
   time_t now = 0;
   jk_worker_lb_private_t *lb_priv = lb-worker_private;
   
  -session_route = jk2_requtil_getSessionRoute(env, s);
  +if(lb_priv-sticky_session) {
  +session_route = jk2_requtil_getSessionRoute(env, s);
  +}
  
   if(session_route) {
   for( level=0; levelJK_LB_LEVELS; level++ ) {
  @@ -504,6 +509,8 @@
   lb_priv-timeout=atoi( value );
   } else if( strcmp( name, recovery) == 0 ) {
   lb_priv-recovery=atoi( value );
  +} else if( strcmp( name, stickySession) == 0 ) {
  +lb_priv-sticky_session=atoi( value );
   } else if( strcmp( name, attempts) == 0 ) {
   lb_priv-attempts=atoi( value );
   }
  @@ -580,6 +587,7 @@
   }
   worker_private-attempts = MAX_ATTEMPTS;
   worker_private-recovery = WAIT_BEFORE_RECOVER;
  +worker_private-sticky_session = STICKY_SESSION;
   w-worker_private = worker_private;
   w-service= jk2_lb_service;
   
  
  
  
  1.8   +6 -1  jakarta-tomcat-connectors/jk/native2/CHANGES.txt
  
  Index: CHANGES.txt
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/CHANGES.txt,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- CHANGES.txt   9 Dec 2002 13:27:20 -   1.7
  +++ CHANGES.txt   3 Jan 2003 13:52:38 -   1.8
  @@ -1,6 +1,11 @@
   JAKARTA TOMCAT CONNECTORS 2 (JK2) CHANGELOG: -*-text-*-
   Last modified at [$Date$]
   
  +Changes with JK2 2.0.4:
  +* Added the load balancer stickySession property. If set to 0
  +  requests with servlet SESSION ID's can be routed to any Tomcat
  +  worker. Default is 1, sessions are sticky.
  +
   Changes with JK2 2.0.3:
   * jk2 set correctly the content-type in Apache 2.0,
 making it ready to works with mod_deflate and AddOutputFilterByType 
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasperEmbededServletOptions.java

2003-01-03 Thread Glenn Nielsen
Since it fixes a bug on windows, I went ahead and made it the default for Tomcat 4.1.x.

Remy Maucherat wrote:

Glenn Nielsen wrote:


Will this be ported to the tomcat_4_branch of jasper and Tomcat 4.1?



It changes existing behavior, so the answer is I don't know.

Remy


--
To unsubscribe, e-mail:   
mailto:[EMAIL PROTECTED]
For additional commands, e-mail: 
mailto:[EMAIL PROTECTED]




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit:jakarta-tomcat-connectors/jk/xdocs/jk workershowto.xml

2003-01-03 Thread Lacoste (Frisurf)
On Fri, 2003-01-03 at 12:52, Tim Funk wrote:
 wname is the worker name. This name is the name of the worker as defined 
 in the JK property config file. Eg:
 
 worker.tomcat1.host=localhost
 ^^^
 
 For example above: tomcat1 is the worker name.
 
 If someone were to attempt a buffer overflow, they would need write 
 access to the Jk config file. (Then have enough permission/patience 
 until apache is restarted).

That's what I was thinking of. Bad permissions on the file can create a
risk. It is not likely, but that is one way of getting bigger
privileges. Of course that would mean the admin runs tomcat as root in
order to be exploitable.

 I do not think this is a problem (except for the admin of the box).

OK.


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup Bootstrap.java

2003-01-03 Thread remm
remm2003/01/03 07:39:14

  Modified:catalina/src/share/org/apache/catalina/startup
Bootstrap.java
  Log:
  - Add support for catalina.base in loader configuration.
  
  Revision  ChangesPath
  1.10  +8 -4  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/Bootstrap.java
  
  Index: Bootstrap.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/Bootstrap.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- Bootstrap.java2 Dec 2002 21:33:12 -   1.9
  +++ Bootstrap.java3 Jan 2003 15:39:13 -   1.10
  @@ -92,7 +92,8 @@
   // -- Constants
   
   
  -protected static final String CATALINA_TOKEN = ${catalina.home};
  +protected static final String CATALINA_HOME_TOKEN = ${catalina.home};
  +protected static final String CATALINA_BASE_TOKEN = ${catalina.base};
   protected static final String HTTP_TOKEN = http://;;
   
   
  @@ -162,9 +163,12 @@
   }
   // Local repository
   boolean packed = false;
  -if (repository.startsWith(CATALINA_TOKEN)) {
  +if (repository.startsWith(CATALINA_HOME_TOKEN)) {
   repository = getCatalinaHome() 
  -+ repository.substring(CATALINA_TOKEN.length());
  ++ repository.substring(CATALINA_HOME_TOKEN.length());
  +} else if (repository.startsWith(CATALINA_BASE_TOKEN)) {
  +repository = getCatalinaBase() 
  ++ repository.substring(CATALINA_BASE_TOKEN.length());
   }
   if (repository.endsWith(*.jar)) {
   packed = true;
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-catalina/catalina/src/conf catalina.properties

2003-01-03 Thread remm
remm2003/01/03 07:39:53

  Modified:catalina/src/conf catalina.properties
  Log:
  - Shared is based on catalina.base by default.
  
  Revision  ChangesPath
  1.7   +1 -1  jakarta-tomcat-catalina/catalina/src/conf/catalina.properties
  
  Index: catalina.properties
  ===
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.properties,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- catalina.properties   13 Dec 2002 21:57:26 -  1.6
  +++ catalina.properties   3 Jan 2003 15:39:53 -   1.7
  @@ -52,4 +52,4 @@
   # foo/*.jar: Add all the JARs of the specified folder as class 
   #  repositories
   # foo/bar.jar: Add bar.jar as a class repository 
  -shared.loader=${catalina.home}/shared/classes,${catalina.home}/shared/lib/*.jar
  +shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: Use JAXP 1.2 Parser with Tomcat 4.1.18

2003-01-03 Thread Jeanfrancois Arcand
Xerces 2.2.1 and Xerces 2.2.2 (that supports JAXP 1.2) contain a bug 
that prevent Tomcat to work properly (see 
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13282). If you 
download the current nightly build of Xerces, you will be able to use a 
JAXP 1.2 parser.

-- Jeanfrancois

Saurabh Arora wrote:

I have posted the same question to Tomcat-user but can't solve my
problem.


I would like to know that can we use JAXP 1.2 XML parser with tomcat
4.1.18 (by replacing TOMCAT_HOME\common\endorsed). The release notes
point out use JAXP 1.1 parser.

Note: I am using java 1.4.1

 More importantly, the critical question is when would tomcat bundle 
JAXP 1.2 XML parser .


saurabh 


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]


 



--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_uriMap.c

2003-01-03 Thread jfclere
jfclere 2003/01/03 08:35:45

  Modified:jk/native2/common jk_uriMap.c
  Log:
  Otherwise it cores (on Solaris for example) in vsnprintf when not using APR.
  
  Revision  ChangesPath
  1.59  +6 -3  jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c
  
  Index: jk_uriMap.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c,v
  retrieving revision 1.58
  retrieving revision 1.59
  diff -u -r1.58 -r1.59
  --- jk_uriMap.c   15 Nov 2002 08:10:19 -  1.58
  +++ jk_uriMap.c   3 Jan 2003 16:35:44 -   1.59
  @@ -460,10 +460,13 @@
   char *context= uriEnv-contextPath;
   jk_uriEnv_t *hostEnv = jk2_uriMap_hostMap(env, uriMap, vhost, port);
   jk_uriEnv_t *ctxEnv;
  -
  +   
   env-l-jkLog(env, env-l, JK_LOG_DEBUG,
  -  uriMap: fix uri %s context %s host %s\n, 
uriEnv-uri, 
  -  uriEnv-contextPath, hostEnv-virtual);
  +  uriMap: fix uri %s context %s host %s\n,
  +   uriEnv-uri==NULL ? null:uriEnv-uri,
  +   uriEnv-contextPath==NULL ? null:uriEnv-contextPath,
  +   hostEnv-virtual);
  +
   if (context == NULL) {
   if (  uriMap-mbean-debug  5) 
   env-l-jkLog(env, env-l, JK_LOG_DEBUG,
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core StandardEngine.java

2003-01-03 Thread jfclere
jfclere 2003/01/03 08:59:08

  Modified:catalina/src/share/org/apache/catalina/core
StandardEngine.java
  Log:
  Allow to use the system property to set the JvmRoute.
  
  Revision  ChangesPath
  1.2   +9 -4  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardEngine.java
  
  Index: StandardEngine.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardEngine.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- StandardEngine.java   18 Jul 2002 16:48:12 -  1.1
  +++ StandardEngine.java   3 Jan 2003 16:59:08 -   1.2
  @@ -104,6 +104,11 @@
   
   super();
   pipeline.setBasic(new StandardEngineValve());
  +/* Set the jmvRoute using the system property jvmRoute */
  +try {
  +setJvmRoute(System.getProperty(jvmRoute));
  +} catch(Exception ex) {
  +}
   
   }
   
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: First version of JK2 Domino connector and more questions about JNI-mode

2003-01-03 Thread olaf . hahnl

Mladen Turk [EMAIL PROTECTED] wrote on 03.01.2003 13:00:15:


 Great news!

 
  My workers2.properties lookes like this for the VM initialization
 
  [vm:]
  info=Parameters used to load a JVM in the server process
  OPT=-Djava.class.path=${CATALINA_HOME}/bin/tomcat-jni.jar;

 Try using the folwing instead OPT=-Djava.class.path=

 classpath=${TOMCAT_HOME}/bin/tomcat-jni.jar
 classpath=${TOMCAT_HOME}/server/lib/commons-logging.jar

Do you mean in the workers2.properties like this

[vm:]
info=Parameters used to load a JVM in the server process
classpath=${TOMCAT_HOME}/bin/tomcat-jni.jar
classpath=${TOMCAT_HOME}/server/lib/commons-logging.jar

or in the system-environment? I will try this when I am back.

 Can DSAPI be tested with Domino 6 trial version?


As far as I know, there should be no problem with this, but I am not sure
what the limitation of the trial version is or if there is a technical
limitation at all or just a license issue.

But be reminded to the jvm problem I have with Domino 6, but perhaps you
are able to include the suggested fix/code to attach to an already running
jvm or test other connection methods.

If there are questions fell free to ask. I like to hear news when I am back
from the short holiday.

 MT.

Olaf



--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/http FastHttpDateFormat.java

2003-01-03 Thread remm
remm2003/01/03 11:31:00

  Modified:util/java/org/apache/tomcat/util/http
FastHttpDateFormat.java
  Log:
  - Major update to the cache (also handles parsing now).
  
  Revision  ChangesPath
  1.2   +117 -9
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/http/FastHttpDateFormat.java
  
  Index: FastHttpDateFormat.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/http/FastHttpDateFormat.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- FastHttpDateFormat.java   9 Jan 2002 23:23:24 -   1.1
  +++ FastHttpDateFormat.java   3 Jan 2003 19:31:00 -   1.2
  @@ -63,6 +63,8 @@
   import java.util.HashMap;
   import java.util.Locale;
   import java.util.TimeZone;
  +import java.text.DateFormat;
  +import java.text.ParseException;
   import java.text.SimpleDateFormat;
   
   /**
  @@ -79,10 +81,20 @@
   /**
* HTTP date format.
*/
  -protected static SimpleDateFormat format = 
  +protected static final SimpleDateFormat format = 
   new SimpleDateFormat(EEE, dd MMM  HH:mm:ss zzz, Locale.US);
   
   
  +/**
  + * The set of SimpleDateFormat formats to use in getDateHeader().
  + */
  +protected static final SimpleDateFormat formats[] = {
  +new SimpleDateFormat(EEE, dd MMM  HH:mm:ss zzz, Locale.US),
  +new SimpleDateFormat(EE, dd-MMM-yy HH:mm:ss zzz, Locale.US),
  +new SimpleDateFormat(EEE  d HH:mm:ss , Locale.US)
  +};
  +
  +
   protected final static TimeZone gmtZone = TimeZone.getTimeZone(GMT);
   
   
  @@ -90,7 +102,13 @@
* GMT timezone - all HTTP dates are on GMT
*/
   static {
  +
   format.setTimeZone(gmtZone);
  +
  +formats[0].setTimeZone(gmtZone);
  +formats[1].setTimeZone(gmtZone);
  +formats[2].setTimeZone(gmtZone);
  +
   }
   
   
  @@ -107,9 +125,15 @@
   
   
   /**
  - * Date cache.
  + * Formatter cache.
  + */
  +protected static final HashMap formatCache = new HashMap();
  +
  +
  +/**
  + * Parser cache.
*/
  -protected static HashMap dateCache = new HashMap();
  +protected static final HashMap parseCache = new HashMap();
   
   
   // - Public Methods
  @@ -118,7 +142,7 @@
   /**
* Get the current date in HTTP format.
*/
  -public static String getCurrentDate() {
  +public static final String getCurrentDate() {
   
   long now = System.currentTimeMillis();
   if ((now - currentDateGenerated)  1000) {
  @@ -137,19 +161,103 @@
   /**
* Get the HTTP format of the specified date.
*/
  -public static String getDate(Date date) {
  +public static final String formatDate
  +(long value, DateFormat threadLocalformat) {
   
  -String cachedDate = (String) dateCache.get(date);
  +String cachedDate = null;
  +Long longValue = new Long(value);
  +try {
  +cachedDate = (String) formatCache.get(longValue);
  +} catch (Exception e) {
  +}
   if (cachedDate != null)
   return cachedDate;
   
   String newDate = null;
  -synchronized (format) {
  -newDate = format.format(date);
  -dateCache.put(date, newDate);
  +Date dateValue = new Date(value);
  +if (threadLocalformat != null) {
  +newDate = threadLocalformat.format(dateValue);
  +synchronized (formatCache) {
  +updateCache(formatCache, longValue, newDate);
  +}
  +} else {
  +synchronized (formatCache) {
  +newDate = format.format(dateValue);
  +updateCache(formatCache, longValue, newDate);
  +}
   }
   return newDate;
   
  +}
  +
  +
  +/**
  + * Try to parse the given date as a HTTP date.
  + */
  +public static final long parseDate(String value, 
  +   DateFormat[] threadLocalformats) {
  +
  +Long cachedDate = null;
  +try {
  +cachedDate = (Long) formatCache.get(value);
  +} catch (Exception e) {
  +}
  +if (cachedDate != null)
  +return cachedDate.longValue();
  +
  +Long date = null;
  +if (threadLocalformats != null) {
  +date = internalParseDate(value, threadLocalformats);
  +synchronized (parseCache) {
  +updateCache(parseCache, value, date);
  +}
  +} else {
  +synchronized (parseCache) {
  +date = internalParseDate(value, formats);
  +updateCache(parseCache, value, date);
  +}
  +

cvs commit: jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat5 CoyoteRequest.java CoyoteResponse.java

2003-01-03 Thread remm
remm2003/01/03 11:31:54

  Modified:coyote/src/java/org/apache/coyote/tomcat5 CoyoteRequest.java
CoyoteResponse.java
  Log:
  - Implement getDateHeader and setDateHeader using FastHttpDateFormat.
  
  Revision  ChangesPath
  1.13  +22 -15
jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat5/CoyoteRequest.java
  
  Index: CoyoteRequest.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat5/CoyoteRequest.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- CoyoteRequest.java17 Dec 2002 20:07:38 -  1.12
  +++ CoyoteRequest.java3 Jan 2003 19:31:54 -   1.13
  @@ -82,6 +82,7 @@
   import java.util.Iterator;
   import java.util.Locale;
   import java.util.Map;
  +import java.util.TimeZone;
   import java.util.TreeMap;
   
   import javax.servlet.FilterChain;
  @@ -99,6 +100,7 @@
   import javax.servlet.http.HttpServletResponse;
   import javax.servlet.http.HttpSession;
   
  +import org.apache.tomcat.util.http.FastHttpDateFormat;
   import org.apache.tomcat.util.http.Parameters;
   
   import org.apache.coyote.ActionCode;
  @@ -134,6 +136,19 @@
   public class CoyoteRequest
   implements HttpRequest, HttpServletRequest {
   
  +
  +// --- Constructors
  +
  +
  +public CoyoteRequest() {
  +
  +formats[0].setTimeZone(TimeZone.getTimeZone(GMT));
  +formats[1].setTimeZone(TimeZone.getTimeZone(GMT));
  +formats[2].setTimeZone(TimeZone.getTimeZone(GMT));
  +
  +}
  +
  +
   // - Properties
   
   
  @@ -1618,18 +1633,10 @@
   if (value == null)
   return (-1L);
   
  -// Work around a bug in SimpleDateFormat in pre-JDK1.2b4
  -// (Bug Parade bug #4106807)
  -value +=  ;
  -
   // Attempt to convert the date header in a variety of formats
  -for (int i = 0; i  formats.length; i++) {
  -try {
  -Date date = formats[i].parse(value);
  -return (date.getTime());
  -} catch (ParseException e) {
  -;
  -}
  +long result = FastHttpDateFormat.parseDate(value, formats);
  +if (result != (-1L)) {
  +return result;
   }
   throw new IllegalArgumentException(value);
   
  
  
  
  1.17  +7 -6  
jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat5/CoyoteResponse.java
  
  Index: CoyoteResponse.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/coyote/src/java/org/apache/coyote/tomcat5/CoyoteResponse.java,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- CoyoteResponse.java   19 Dec 2002 09:08:50 -  1.16
  +++ CoyoteResponse.java   3 Jan 2003 19:31:54 -   1.17
  @@ -92,6 +92,7 @@
   
   import org.apache.tomcat.util.buf.CharChunk;
   import org.apache.tomcat.util.buf.UEncoder;
  +import org.apache.tomcat.util.http.FastHttpDateFormat;
   import org.apache.tomcat.util.http.MimeHeaders;
   import org.apache.tomcat.util.http.ServerCookie;
   import org.apache.tomcat.util.net.URL;
  @@ -941,7 +942,7 @@
   if (included)
   return;
   
  -addHeader(name, format.format(new Date(value)));
  +addHeader(name, FastHttpDateFormat.formatDate(value, format));
   
   }
   
  @@ -1192,7 +1193,7 @@
   if (included)
   return;
   
  -setHeader(name, format.format(new Date(value)));
  +setHeader(name, FastHttpDateFormat.formatDate(value, format));
   
   }
   
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/servlets DefaultServlet.java WebdavServlet.java

2003-01-03 Thread remm
remm2003/01/03 11:32:53

  Modified:catalina/src/share/org/apache/catalina/servlets
DefaultServlet.java WebdavServlet.java
  Log:
  - Use the new FastHttpDateFormat.
  - Remove the remaining formatters.
  
  Revision  ChangesPath
  1.4   +22 -35
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java
  
  Index: DefaultServlet.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- DefaultServlet.java   17 Dec 2002 20:06:49 -  1.3
  +++ DefaultServlet.java   3 Jan 2003 19:32:52 -   1.4
  @@ -92,6 +92,7 @@
   import java.text.SimpleDateFormat;
   import java.security.MessageDigest;
   import java.security.NoSuchAlgorithmException;
  +
   import javax.servlet.RequestDispatcher;
   import javax.servlet.ServletException;
   import javax.servlet.ServletContext;
  @@ -99,6 +100,7 @@
   import javax.servlet.http.HttpServlet;
   import javax.servlet.http.HttpServletRequest;
   import javax.servlet.http.HttpServletResponse;
  +
   import javax.naming.NamingException;
   import javax.naming.InitialContext;
   import javax.naming.Context;
  @@ -107,10 +109,13 @@
   import javax.naming.directory.DirContext;
   import javax.naming.directory.Attribute;
   import javax.naming.directory.Attributes;
  +
  +import org.apache.tomcat.util.http.FastHttpDateFormat;
  +
   import org.apache.naming.resources.Resource;
   import org.apache.naming.resources.ResourceAttributes;
  +
   import org.apache.catalina.Globals;
  -import org.apache.catalina.util.FastHttpDateFormat;
   import org.apache.catalina.util.MD5Encoder;
   import org.apache.catalina.util.RequestUtil;
   import org.apache.catalina.util.ServerInfo;
  @@ -183,18 +188,6 @@
   
   
   /**
  - * The set of SimpleDateFormat formats to use in getDateHeader().
  - */
  -protected static final SimpleDateFormat formats[] = {
  -new SimpleDateFormat(EEE, dd MMM  HH:mm:ss zzz, Locale.US),
  -new SimpleDateFormat(EE, dd-MMM-yy HH:mm:ss zzz, Locale.US),
  -new SimpleDateFormat(EEE  d HH:mm:ss , Locale.US)
  -};
  -
  -
  -protected final static TimeZone gmtZone = TimeZone.getTimeZone(GMT);
  -
  -/**
* Array containing the safe characters set.
*/
   protected static URLEncoder urlEncoder;
  @@ -205,10 +198,6 @@
*/
   // - Static Initializer
   static {
  -formats[0].setTimeZone(gmtZone);
  -formats[1].setTimeZone(gmtZone);
  -formats[2].setTimeZone(gmtZone);
  -
   urlEncoder = new URLEncoder();
   urlEncoder.addSafeCharacter('-');
   urlEncoder.addSafeCharacter('_');
  @@ -1216,23 +1205,20 @@
   
   // Checking If-Range
   String headerValue = request.getHeader(If-Range);
  +
   if (headerValue != null) {
   
  +long headerValueTime = (-1L);
  +try {
  +headerValueTime = request.getDateHeader(If-Range);
  +} catch (Exception e) {
  +;
  +}
  +
   String eTag = getETag(resourceInfo);
   long lastModified = resourceInfo.date;
   
  -Date date = null;
  -
  -// Parsing the HTTP Date
  -for (int i = 0; (date == null)  (i  formats.length); i++) {
  -try {
  -date = formats[i].parse(headerValue);
  -} catch (ParseException e) {
  -;
  -}
  -}
  -
  -if (date == null) {
  +if (headerValueTime == (-1L)) {
   
   // If the ETag the client gave does not match the entity
   // etag, then the entire entity is returned.
  @@ -1244,7 +1230,7 @@
   // If the timestamp of the entity the client got is older than
   // the last modification date of the entity, the entire entity
   // is returned.
  -if (lastModified  (date.getTime() + 1000))
  +if (lastModified  (headerValueTime + 1000))
   return null;
   
   }
  @@ -2289,8 +2275,9 @@
   creationDate = tempDate.getTime();
   tempDate = tempAttrs.getLastModifiedDate();
   if (tempDate != null) {
  -httpDate = FastHttpDateFormat.getDate(tempDate);
   date = tempDate.getTime();
  +httpDate = 
  +FastHttpDateFormat.formatDate(date, null);
   } else {
   httpDate = 

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/util FastHttpDateFormat.java

2003-01-03 Thread remm
remm2003/01/03 11:34:55

  Removed: catalina/src/share/org/apache/catalina/util
FastHttpDateFormat.java
  Log:
  - Remove unused class.

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core StandardServer.java

2003-01-03 Thread amyroh
amyroh  2003/01/03 11:47:01

  Modified:catalina/src/share/org/apache/catalina/core
StandardServer.java
  Log:
  More error-prone approach.
  
  Revision  ChangesPath
  1.34  +6 -9  
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardServer.java
  
  Index: StandardServer.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardServer.java,v
  retrieving revision 1.33
  retrieving revision 1.34
  diff -u -r1.33 -r1.34
  --- StandardServer.java   3 Jan 2003 01:59:08 -   1.33
  +++ StandardServer.java   3 Jan 2003 19:47:01 -   1.34
  @@ -824,11 +824,8 @@
   } else if (c == '') {
   filtered.append(quot;);
   } else if (c == '') {
  -char s1 = input.charAt(i+3);
  -char s2 = input.charAt(i+4);
  -char s3 = input.charAt(i+5);
  -if (((s1 == ';') || (s2 == ';')) || (s3 == ';')) {
  -// do not convert if it's already in converted form
  +int j = input.indexOf(;, i);
  +if (j  0) {
   filtered.append(c);
   } else {
   filtered.append(amp;);
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core StandardServer.java

2003-01-03 Thread amyroh
amyroh  2003/01/03 11:47:46

  Modified:catalina/src/share/org/apache/catalina/core
StandardServer.java
  Log:
  Port change.
  
  Revision  ChangesPath
  1.9   +6 -9  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardServer.java
  
  Index: StandardServer.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardServer.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- StandardServer.java   3 Jan 2003 02:10:56 -   1.8
  +++ StandardServer.java   3 Jan 2003 19:47:46 -   1.9
  @@ -883,11 +883,8 @@
   } else if (c == '') {
   filtered.append(quot;);
   } else if (c == '') {
  -char s1 = input.charAt(i+3);
  -char s2 = input.charAt(i+4);
  -char s3 = input.charAt(i+5);
  -if (((s1 == ';') || (s2 == ';')) || (s3 == ';')) {
  -// do not convert if it's already in converted form
  +int j = input.indexOf(;, i);
  +if (j  0) {
   filtered.append(c);
   } else {
   filtered.append(amp;);
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/coreStandardEngine.java

2003-01-03 Thread Glenn Nielsen
Please create property names which are in a package,
i.e. org.apache.ajp.jvmRoute instead of jvmRoute.  Then it is easier
to grant or prevent access to the property using the SecurityManager
PropertyPermission.

Thanks,

Glenn

[EMAIL PROTECTED] wrote:

jfclere 2003/01/03 08:59:08

  Modified:catalina/src/share/org/apache/catalina/core
StandardEngine.java
  Log:
  Allow to use the system property to set the JvmRoute.
  
  Revision  ChangesPath
  1.2   +9 -4  jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardEngine.java
  
  Index: StandardEngine.java
  ===
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardEngine.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- StandardEngine.java	18 Jul 2002 16:48:12 -	1.1
  +++ StandardEngine.java	3 Jan 2003 16:59:08 -	1.2
  @@ -104,6 +104,11 @@
   
   super();
   pipeline.setBasic(new StandardEngineValve());
  +/* Set the jmvRoute using the system property jvmRoute */
  +try {
  +setJvmRoute(System.getProperty(jvmRoute));
  +} catch(Exception ex) {
  +}
   
   }
   
  
  
  

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]


--
--
Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder|
MOREnet System Programming   |  * if iz ina coment.  |
Missouri Research and Education Network  |  */   |
--


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/coreStandardServer.java

2003-01-03 Thread Amy Roh
Christoph Seibert wrote:

Hi there,

I think there is a problem with the following fix:


amyroh  2003/01/02 17:59:09

  Modified:catalina/src/share/org/apache/catalina/core
StandardServer.java
  Log:
  Fix for bugzilla 15762.


[...]


  diff -u -r1.32 -r1.33
  --- StandardServer.java11 Sep 2002 14:19:33 -1.32
  +++ StandardServer.java3 Jan 2003 01:59:08 -1.33
  @@ -824,7 +824,15 @@
   } else if (c == '') {
   filtered.append(quot;);
   } else if (c == '') {
  -filtered.append(amp;);
  +char s1 = input.charAt(i+3);
  +char s2 = input.charAt(i+4);
  +char s3 = input.charAt(i+5);
  +if (((s1 == ';') || (s2 == ';')) || (s3 == ';')) {
  +// do not convert if it's already in converted 
form
  +filtered.append(c);
  +} else {
  +filtered.append(amp;);
  +}
   } else {
   filtered.append(c);
   }


(Note: I haven't had a look at the surrounding code yet, so I have to
assume that 'i' is the position of 'c', that is the '' character.)

This code assumes that character or entity references will not be
shorter than 4 characters (including the delimiters '' and ';')
and no longer than 6. However, the XML specification does not in
any way define restrictions like that. For example, 'd;' is a
valid entity reference (assuming it was defined in the DTD). Worse,
character or entity references can have arbitrary length. For example,
'#x00020' is a valid character reference to the ' ' (space)
character.

I'm sorry I don't have a better fix right now, but I assume one
would have to iterate through the characters following the ''
until either a ';' is found or a character occurs that is not a legal
part of an entity reference name (or in the case of a character
reference, not one of [0-9] for decimal or [0-9a-fA-F] for
hexadecimal).

(Actually, I believe this wheel must already have been invented,
but with only looking at this code snippet, I don't really know.)


I believe iterating through the characters following the '' to look for 
';' is found will fix the problem.  A character such as 
'#x00020' without following ';' will result in parsing error 
where as '#x00020;' will be written as a space(' ').

Thanks,
Amy


Ciao,
Christoph






--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




RE: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core StandardServer.java

2003-01-03 Thread Roberto Casanova

I see another problem with this code.

Suppose for some reason we have an attribute or resource parameter value
like the following (without the quotes):
gt; corresponds to 
The correct XML for this string is:
amp;gt; corresponds to gt;
However this code would write to server.xml:
gt; corresponds to gt;
The next time the server.xml file is read in, we end up with:
 corresponds to 
which is different than the original string.

In my opinion this portion of the code should be left as it was in
revision 1.32:

Roberto

 -Original Message-
 From: Amy Roh [mailto:[EMAIL PROTECTED]] 
 Sent: Friday, January 03, 2003 20:55
 To: Tomcat Developers List
 Subject: Re: cvs commit: 
 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core
  StandardServer.java
 
 
 Christoph Seibert wrote:
  Hi there,
  
  I think there is a problem with the following fix:
  
  amyroh  2003/01/02 17:59:09
 
Modified:catalina/src/share/org/apache/catalina/core
  StandardServer.java
Log:
Fix for bugzilla 15762.
  
  [...]
  
diff -u -r1.32 -r1.33
--- StandardServer.java11 Sep 2002 14:19:33 -1.32
+++ StandardServer.java3 Jan 2003 01:59:08 -1.33
@@ -824,7 +824,15 @@
 } else if (c == '') {
 filtered.append(quot;);
 } else if (c == '') {
-filtered.append(amp;);
+char s1 = input.charAt(i+3);
+char s2 = input.charAt(i+4);
+char s3 = input.charAt(i+5);
+if (((s1 == ';') || (s2 == ';')) || (s3 
 == ';')) {
+// do not convert if it's already 
 in converted 
  form
+filtered.append(c);
+} else {
+filtered.append(amp;);
+}
 } else {
 filtered.append(c);
 }
  
  
  (Note: I haven't had a look at the surrounding code yet, so 
 I have to 
  assume that 'i' is the position of 'c', that is the '' character.)
  
  This code assumes that character or entity references will not be 
  shorter than 4 characters (including the delimiters '' and 
 ';') and 
  no longer than 6. However, the XML specification does not 
 in any way 
  define restrictions like that. For example, 'd;' is a valid entity 
  reference (assuming it was defined in the DTD). Worse, character or 
  entity references can have arbitrary length. For example, 
  '#x00020' is a valid character reference to the ' 
 ' (space) 
  character.
  
  I'm sorry I don't have a better fix right now, but I assume 
 one would 
  have to iterate through the characters following the '' 
 until either 
  a ';' is found or a character occurs that is not a legal part of an 
  entity reference name (or in the case of a character reference, not 
  one of [0-9] for decimal or [0-9a-fA-F] for hexadecimal).
  
  (Actually, I believe this wheel must already have been 
 invented, but 
  with only looking at this code snippet, I don't really know.)
 
 I believe iterating through the characters following the '' 
 to look for 
 ';' is found will fix the problem.  A character such as 
 '#x00020' without following ';' will result in parsing error 
 where as '#x00020;' will be written as a space(' ').
 
 Thanks,
 Amy
 
  
  Ciao,
  Christoph
  
 


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




DO NOT REPLY [Bug 15790] New: - JkCoyoteHandler Unable to process X509 Certificate from Apache 2.0.43/mod_jk

2003-01-03 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790

JkCoyoteHandler Unable to process X509 Certificate from Apache 2.0.43/mod_jk

   Summary: JkCoyoteHandler Unable to process X509 Certificate from
Apache 2.0.43/mod_jk
   Product: Tomcat 4
   Version: 4.1.18
  Platform: PC
OS/Version: Other
Status: NEW
  Severity: Normal
  Priority: Other
 Component: Connector:Coyote JK 2
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Connecting Tomcat 4.1.18 and Apache 2.0.43 with mod_jk-2.0.43.dll, I receive 
exception on Tomcat when using Apache/mod_ssl with client(mutual) 
authentication. X509CertificateFactory fails to generate the certificate.  This 
problems does not occur on Tomcat 4.0.6.  But everything else seems to work as 
normal and Tomcat/Apache continues to function.  

**
[ERROR] JkCoyoteHandler - -Certificate convertion failed java.security.cert.Cer
tificateException: Unable to initialize, java.io.IOException: insufficient data

at sun.security.x509.X509CertImpl.init(X509CertImpl.java:147)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Facto
ry.java:84)
at java.security.cert.CertificateFactory.generateCertificate(Certificate
Factory.java:281)
at org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:395)
at org.apache.coyote.Response.action(Response.java:222)
at org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapte
r.java:310)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22
1)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:632)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.ja
va:590)
at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:707)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:530)
at java.lang.Thread.run(Thread.java:479)



I am using Windows 2000 SP3.  J2SDK 1.3.1_06.  Apache was recompiled using 
OpenSSL 0.9.6g with MSVC 6.0

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




[PATCH] forward instead of redirect for welcome files

2003-01-03 Thread Matt Parker
I'd like to suggest that catalina perform a forward, rather than a
redirect, for requests that end with '/'. With a redirect, special
configuration is necessary for proxy servers to work correctly. Also, a
forward doesn't require an additional round trip to the client--a
redirect must get back to the client and the client then issues a new
request. I've tested this under Linux. Thanks!

Matt


--- DefaultServlet.java 2003-01-03 16:20:23.0 -0700
+++ DefaultServlet.java.new 2003-01-03 16:20:18.0 -0700
@@ -942,26 +942,18 @@
 
 if (!request.getRequestURI().endsWith(/)) {
 String redirectPath = path;
-String contextPath = request.getContextPath();
-if ((contextPath != null)  (!contextPath.equals(/))) {
-redirectPath = contextPath + redirectPath;
-}
 if (!(redirectPath.endsWith(/)))
 redirectPath = redirectPath + /;
 redirectPath = appendParameters(request, redirectPath);
-response.sendRedirect(redirectPath);
+request.getRequestDispatcher(redirectPath).forward(request, response);
 return;
 }
 
 ResourceInfo welcomeFileInfo = checkWelcomeFiles(path, resources);
 if (welcomeFileInfo != null) {
 String redirectPath = welcomeFileInfo.path;
-String contextPath = request.getContextPath();
-if ((contextPath != null)  (!contextPath.equals(/))) {
-redirectPath = contextPath + redirectPath;
-}
 redirectPath = appendParameters(request, redirectPath);
-response.sendRedirect(redirectPath);
+request.getRequestDispatcher(redirectPath).forward(request, response);
 return;
 }




--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: [PATCH] forward instead of redirect for welcome files

2003-01-03 Thread Jon Scott Stevens
on 2003/1/3 4:03 PM, Matt Parker [EMAIL PROTECTED] wrote:

 I'd like to suggest that catalina perform a forward, rather than a
 redirect, for requests that end with '/'. With a redirect, special
 configuration is necessary for proxy servers to work correctly. Also, a
 forward doesn't require an additional round trip to the client--a
 redirect must get back to the client and the client then issues a new
 request. I've tested this under Linux. Thanks!
 
 Matt

That goes against the behavior of most HTTP servers, including Apache HTTPd.

-jon


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Re: [PATCH] forward instead of redirect for welcome files

2003-01-03 Thread Matt Parker
On Fri, 2003-01-03 at 17:14, Jon Scott Stevens wrote:
 on 2003/1/3 4:03 PM, Matt Parker [EMAIL PROTECTED] wrote:
 
  I'd like to suggest that catalina perform a forward, rather than a
  redirect, for requests that end with '/'. With a redirect, special
  configuration is necessary for proxy servers to work correctly. Also, a
  forward doesn't require an additional round trip to the client--a
  redirect must get back to the client and the client then issues a new
  request. I've tested this under Linux. Thanks!
  
  Matt
 
 That goes against the behavior of most HTTP servers, including Apache HTTPd.
 
 -jon
 

It appears that Apache returns 301 only when there isn't a trailing
slash. When there is a trailing slash, it returns a 200.

Matt



--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]




Digest Authentication bug in org.apache.catalina.realm.RealmBase

2003-01-03 Thread Peter Costello
I apologize in advance if I am sending this bug report/fix to the
wrong group or if the fix has already been implemented.

Using JDK1.3.01 and Tomcat 4.1.12, and sun.net.HttpURLConnection,
Digest Authentication does not work.  The sun.net.HttpURLConnection
class responds to WWW-Authenticate challenge with a Http Authorization
header that contains no 'nc', 'nonce' or 'qop' parameters. Although this
may not be very efficient, as best as I can tell from the spec, this is
a legal response.

org.apache.catalina.realm.RealmBase (line 373) calculates:
   String serverDigestValue = md5a1 + : + nOnce + : + nc + :
+ cnonce + : + qop + : + md5a2;

These null parameters get added to the string as :null and the MD5
encoded result 'serverDigest' does not match the 'clientDigest' and
authentication fails.

Replacing the 'serverDigestValue' with the following fixes the problem:
String serverDigestValue = md5a1 + : + nOnce;
if (nc!=null) serverDigestValue += : + nc;
if (cnonce!=null) serverDigestValue += : + cnonce;
if (qop!=null) serverDigestValue += : + qop;
serverDigestValue += : + md5a2;


==
To reproduce the problem:
1) Start with a Tomcat 4.1.12 site with some pages requiring digest
authentication.
   Assume username,password = myName,myPassword

2) Define authenticator
public class AuthImpl extends Authenticator {
// Authentication Method
protected PasswordAuthentication getPasswordAuthentication() {
return new 
PasswordAuthentication(myName,myPassword.toCharArray());
}
}

3) Access the pages with the following
Authenticator.setDefault(new AuthImpl());
URL url = new URL(http://localhost/foo.html;);
HttpURLConnection uc = url.openConnection();
InputStream in = uc.getInputStream();
byte buf[] = new byte[4096];
int readNum;
while ((readNum=in.read(buf,0,4096))0) {
// if (out!=null) out.write(buf,0,readNum);
}
int status = ((HttpURLConnection)uc).getResponseCode();

Authentication will fail until corrected as described above.


--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]