date:20040824

Hi,
I have posted a draft release plan for HEAD, with a proposed version 
number of 5.5.
As with 5.0.x, features will of course continue being added after the 
initial 5.5.0 tag. Feel free to add stuff to the release plan (maybe I 
did forget stuff).

Yoav, will you do the releases for that branch ?
Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/util ServerInfo.java

2004-08-24 Thread funkman

funkman 2004/08/24 05:25:03

  Modified:catalina/src/share/org/apache/catalina/util Tag: TOMCAT_5_0
ServerInfo.java
  Log:
  Backport support for version.sh and version.bat to 5.0
  
  Revision  ChangesPath
  No   revision
  No   revision
  1.2.2.1   +7 -4  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/util/ServerInfo.java
  
  Index: ServerInfo.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/util/ServerInfo.java,v
  retrieving revision 1.2
  retrieving revision 1.2.2.1
  diff -u -r1.2 -r1.2.2.1
  --- ServerInfo.java   27 Feb 2004 14:58:50 -  1.2
  +++ ServerInfo.java   24 Aug 2004 12:25:03 -  1.2.2.1
  @@ -1,12 +1,12 @@
   /*
* Copyright 1999,2004 The Apache Software Foundation.
  - * 
  + *
* Licensed under the Apache License, Version 2.0 (the License);
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
  - * 
  + *
*  http://www.apache.org/licenses/LICENSE-2.0
  - * 
  + *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  @@ -71,5 +71,8 @@
   
   }
   
  +public static void main(String args[]) {
  +System.out.println(Version:  + getServerInfo());
  +}
   
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/webapps/docs changelog.xml

2004-08-24 Thread funkman

funkman 2004/08/24 05:30:03

  Modified:webapps/docs changelog.xml
  Log:
  add version.sh to changelog
  
  Revision  ChangesPath
  1.92  +389 -385  jakarta-tomcat-catalina/webapps/docs/changelog.xml
  
  
http://cvs.apache.org/viewcvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml.diff?r1=1.91r2=1.92
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/webapps/docs changelog.xml

2004-08-24 Thread funkman

funkman 2004/08/24 05:31:40

  Modified:webapps/docs Tag: TOMCAT_5_0 changelog.xml
  Log:
  add version.sh to changelog [backport]
  
  Revision  ChangesPath
  No   revision
  No   revision
  1.70.2.10 +389 -385  jakarta-tomcat-catalina/webapps/docs/changelog.xml
  
  
http://cvs.apache.org/viewcvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml.diff?r1=1.70.2.9r2=1.70.2.10
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [5.5] Release plan


Hola,
I'll gladly do the releases for the branch.  The release plan looks reasonable, I'd +1 
it.  We'll probably add some text on the goals (more on refactored deployer, enhanced 
i18n support in Admin, easier build because of refactored dependencies, JDK 1.5 vs. 
JDK 1.4, etc.), but we can do that later.

Yoav Shapira
Millennium Research Informatics


-Original Message-
From: Remy Maucherat [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 4:55 AM
To: [EMAIL PROTECTED]
Subject: [5.5] Release plan

Hi,

I have posted a draft release plan for HEAD, with a proposed version
number of 5.5.
As with 5.0.x, features will of course continue being added after the
initial 5.5.0 tag. Feel free to add stuff to the release plan (maybe I
did forget stuff).

Yoav, will you do the releases for that branch ?

Rémy


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-site/xdocs index.xml

2004-08-24 Thread yoavs

yoavs   2004/08/24 05:40:09

  Modified:docs index.html
   xdocsindex.xml
  Log:
  Site update to encourage users to upgrade.
  
  Revision  ChangesPath
  1.63  +14 -0 jakarta-tomcat-site/docs/index.html
  
  Index: index.html
  ===
  RCS file: /home/cvs/jakarta-tomcat-site/docs/index.html,v
  retrieving revision 1.62
  retrieving revision 1.63
  diff -u -r1.62 -r1.63
  --- index.html22 Jul 2004 13:47:15 -  1.62
  +++ index.html24 Aug 2004 12:40:09 -  1.63
  @@ -223,6 +223,14 @@
   pThe releases are described in 
more detail below to help you determine 
   which one is right for you.  More details about each release can be found in 
   the associated release notes./p
  +pPlease note that alhough we 
offer downloads and documentation of older
  +releases, such as Tomcat 3.x and 4.x, we strongly encourage users to use the
  +latest stable version of Tomcat whenever possible.  We recognize that upgrading
  +across major version may not be a trivial task, and some support is still
  +offered on the mailing list for users of old versions.  However, because of the
  +community-driven support approach, the older your version the less people would
  +be interested or able to support you.
  +/p
   table border=0 
cellspacing=0 cellpadding=2 width=100%
 trtd bgcolor=#828DA6
   font color=#ff face=arial,helvetica,sanserif
  @@ -268,6 +276,8 @@
   Catalina) that is based on completely new architecture.  The 4.x releases
   implement the strongServlet 2.3/strong and strongJSP 1.2/strong
   specifications./p
  +pstrongWe encourage all users 
to upgrade to Tomcat 5.x whenever
  +possible./strong/p
   pstrongTomcat 4.1.x/strong. 
Tomcat 4.1 is a refactoring 
   of Tomcat 4.0.x, and contains significant enhancements, including:
   ul
  @@ -289,6 +299,8 @@
   2.3 and JSP 1.2 specifications.  As required by the specifications, Tomcat 4.0
   also supports web applications built for the Servlet 2.2 and JSP 1.1
   specifications with no changes./p
  +pstrongWe encourage all users 
to upgrade to Tomcat 5.x whenever
  +possible./strong/p
   /blockquote
 /td/tr
 trtdbr//td/tr
  @@ -342,6 +354,8 @@
   strongly encouraged to migrate to the current production release, Tomcat 
   3.3./p
   pstrongTomcat 3.0.x/strong. 
Initial Tomcat release./p
  +pstrongWe encourage all users 
to upgrade to Tomcat 5.x whenever
  +possible./strong/p
   /blockquote
 /td/tr
 trtdbr//td/tr
  
  
  
  1.52  +18 -0 jakarta-tomcat-site/xdocs/index.xml
  
  Index: index.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-site/xdocs/index.xml,v
  retrieving revision 1.51
  retrieving revision 1.52
  diff -u -r1.51 -r1.52
  --- index.xml 22 Jul 2004 13:47:15 -  1.51
  +++ index.xml 24 Aug 2004 12:40:09 -  1.52
  @@ -60,6 +60,15 @@
   which one is right for you.  More details about each release can be found in 
   the associated release notes./p 
   
  +pPlease note that alhough we offer downloads and documentation of older
  +releases, such as Tomcat 3.x and 4.x, we strongly encourage users to use the
  +latest stable version of Tomcat whenever possible.  We recognize that upgrading
  +across major version may not be a trivial task, and some support is still
  +offered on the mailing list for users of old versions.  However, because of the
  +community-driven support approach, the older your version the less people would
  +be interested or able to support you.
  +/p
  +
   subsection name=Tomcat 5.x
   
   pstrongTomcat 5.x/strong is the current release of Tomcat, and
  @@ -94,6 +103,9 @@
   implement the strongServlet 2.3/strong and strongJSP 1.2/strong
   specifications./p
   
  +pstrongWe encourage all users to upgrade to Tomcat 5.x whenever
  +possible./strong/p
  +
   pstrongTomcat 4.1.x/strong. Tomcat 4.1 is a refactoring 
   of Tomcat 4.0.x, and contains significant enhancements, including:
   ul
  @@ -117,6 +129,9 @@
   also supports web applications built for the Servlet 2.2 and JSP 1.1
   specifications with no changes./p
   
  +pstrongWe encourage all users to upgrade to Tomcat 5.x whenever
  +possible./strong/p
  +
   /subsection
   
   subsection name=Tomcat 3.x
  @@ -168,6 +183,9 @@
   3.3./p 
   
   pstrongTomcat 3.0.x/strong. Initial Tomcat release./p
  +
  +pstrongWe encourage all users to upgrade to Tomcat 5.x whenever
  +possible./strong/p

RE: [VOTE] 4.1.31 maintenance release


Hi,
You're absolutely right.  I've updated the site.  I had already updated
the STATUS and RELEASE-PLAN pages for the upcoming 5.0.28, so that will
show up soon as well.

Yoav Shapira
Millennium Research Informatics


-Original Message-
From: Rainer Jung [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 2:24 AM
To: Tomcat Developers List
Subject: Re: [VOTE] 4.1.31 maintenance release

I think there is no clear explanation of the TC4 support situation on
the tomcat web site. Maybe to be fair to users you should start by
adding statements, that TC 5 is the preferred version and TC 4 is soon
to be supported only for major bugs and security patches. Furthermore
you could expliciteley recommend an update to TC5 for all active TC4
users.

Rainer

Shapira, Yoav wrote:
 Hola,


I think we long ago agreed not to vote -1 just because you want

 somebody

to work on a different codebase :-)


 It must have been long enough ago that I wasn't here ;)  I don't
 remember it.  Anyways, since is a (non-lazy) majority vote so my -1
is
 not a veto, just an opinion.  We already had two -1's on the lazy
 majority vote, which is why this vote is needed.  Since there are
more
 than two more +1 than -1's, this vote will pass and 4.1.31 will
happen..

 I like to think that when we say something is maintained it doesn't
 just mean doing a release.  It also means we support it on the
mailing
 list and by checking Bugzilla periodically and addressing issues.
But I
 guess I'm fairly alone in this opinion, so too bad ;)

 I respect the voting system nonetheless, I have no issues with it.
The
 vote passes, the release will happen, no problem.  I will still
suggest
 users having problems with 4.x upgrade to 5.x, but the people who
want
 this release so much are of course welcome to support it actively on
the
 mailing list as well ;)

 Yoav



 This e-mail, including any attachments, is a confidential business
communication, and may contain information that is confidential,
proprietary and/or privileged.  This e-mail is intended only for the
individual(s) to whom it is addressed, and may not be saved, copied,
printed, disclosed or used by anyone else.  If you are not the(an)
intended
recipient, please immediately delete this e-mail from your computer
system
and notify the sender.  Thank you.


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [5.5] Release plan

Shapira, Yoav wrote:
Hola,
I'll gladly do the releases for the branch.  The release plan looks reasonable, I'd +1 it.  We'll probably add some text on the goals (more on refactored deployer, enhanced i18n support in Admin, easier build because of refactored dependencies, JDK 1.5 vs. JDK 1.4, etc.), but we can do that later.
 

Well, I don't know anything about the easier build ;) (IMO it's good 
enough right now)
The big news in terms of Java version support is that we can now support 
Tomcat on JREs, since a Java compiler is now bundled.

Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] - anyone wants a gmail invite

2004-08-24 Thread Peter Lin

I normally don't like to post off topic things, but I have a gmail
invite.  if any of the tomcat-developers want a gmail account, email
me directly.

peter

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30814] - Management of the principal in the function org.apache.catalina.security.SecurityUtil.execute()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30814.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30814

Management of the principal in the function 
org.apache.catalina.security.SecurityUtil.execute()

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||WORKSFORME



--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 13:35 ---
I think you missed that part of the code:

   1679 /**
   1680  * Set the Principal who has been authenticated for this Request.  This
   1681  * value is also used to calculate the value to be returned by the
   1682  * codegetRemoteUser()/code method.
   1683  *
   1684  * @param principal The user Principal
   1685  */
   1686 public void setUserPrincipal(Principal principal) {
   1687
   1688 if (System.getSecurityManager() != null){
   1689 HttpSession session = getSession(false);
   1690 if ( (subject != null) 
   1691  (!subject.getPrincipals().contains(principal)) ){
   1692 subject.getPrincipals().add(principal);
   1693 } else if (session != null 
   1694 session.getAttribute(Globals.SUBJECT_ATTR) ==
null) {
   1695 subject = new Subject();
   1696 subject.getPrincipals().add(principal);
   1697 }
   1698 if (session != null){
   1699 session.setAttribute(Globals.SUBJECT_ATTR, subject);
   1700 }
   1701 }
   1702
   1703 this.userPrincipal = principal;
   1704 }

This code snippet is from CoyoteRequest. Everytime the principal is discovered,
it is added to the Subject. 

I'm closing the bug, but fell free to re-open it with a test case if you have one .

Thanks

-- Jeanfrancois

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

AJP reorganizing sources

2004-08-24 Thread Mladen Turk

Hi,
I'd like to reorganize the source code in the j-t-c/ajp.
Something like ajp/src and ajp/include seems reasonable to me.
Also what to do with the proxy code?
It is in the httpd tree now, so we don't need them any more.
I was thinking to remove all the sources and make a note that
the files are in the httpd tree.
Q. How to copy the cvs log when moving files to another dir?
I'd like to keep them when moving from ajp/test to ajp/src.
Regards,
MT.


smime.p7s
Description: S/MIME Cryptographic Signature

Re: endorsed directory (WAS: 5.0.28 next week?)

2004-08-24 Thread Jess Holle

Agreed.  Isn't the issue that the JAXP in Tomcat's endorsed is 
incompatible with 1.5?

Joseph Shraibman wrote:
I don't know why you want to get rid of endorsed.  Sure java 5.0 will 
have an up to date xerces, but it will get out of date in the future, 
so you might as well keep the endorsed directory.

Amy Roh wrote:
+1
I'd like to add startup scripts that don't use endorsed so that tomcat
5.0.28 can be run on JDK 5.0 if needed to be.  People can test it out by
switching the scripts.  I'm running TCKs to see if there're any 
problems but
will commit soon.

Let me know if anyone has issues with this.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30813] - HTTP POST does not translate URI but GET does

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30813.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30813

HTTP POST does not translate URI but GET does





--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 14:20 ---
Rather than letting Tomcat UTF-8-decode the request parameters, I suggest that 
you UTF-decode any String received from getParameter() yourself. Than you have 
a solution that a) works for GET and POST and b) is portable across other 
servlet containers.

Michael

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

startup/Bootstrap.java not loading catalina.properties on shutdown

2004-08-24 Thread Tim Funk

In startup/Bootstrap.java there is: (line 110 in createClassLoader(..))
String value = CatalinaProperties.getProperty(name + .loader);
CatalinaProperties is only initialized once, but isn't used on shutdown. This 
would be a problem, if I try:
Server port=${shutdown.port} shutdown=SHUTDOWN debug=0

Which leads me to the questions:
1) Is it ok to add my own properties to catalina.properties for my own 
installation or might this be bad/discouraged?
2) Should I add a method call in main() to Bootstrap that will force 
CatalinaProperties.loadProperties() to be called?
3) Or is worth it to add an option on startup to allow a user to specify 
there own properties file to load in as System properties. 
(CATALINA_PROPERTIES=conf/myprop.properties)

The use case is I have the same server.xml for many of my configurations. I 
don't want to use JAVA_OPTS='-Dprop1=val ...' since I have a lot of 
properties to set.

-Tim
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-servletapi-5/jsr154/src/share/dtd web-app_2_4.xsd

2004-08-24 Thread jfarcand

jfarcand2004/08/24 10:01:34

  Modified:jsr154/src/share/dtd web-app_2_4.xsd
  Log:
  Update the web-app_2_4.xsd according
  to the JSR154 maintenance release.
  
o The restriction facet of mime-typeType should be updated
  from:-
  xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
  to:-
  xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+
  
  submitted by: Yutaka Yoshida at sun dot com
  
  Revision  ChangesPath
  1.14  +2 -2  jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd
  
  Index: web-app_2_4.xsd
  ===
  RCS file: /home/cvs/jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- web-app_2_4.xsd   18 Mar 2004 16:40:34 -  1.13
  +++ web-app_2_4.xsd   24 Aug 2004 17:01:34 -  1.14
  @@ -30,7 +30,7 @@
 xsd:annotation
   xsd:documentation
   
  -  Copyright 2002 Sun Microsystems, Inc., 901 San Antonio
  +  Copyright 2004 Sun Microsystems, Inc., 901 San Antonio
 Road, Palo Alto, California 94303, U.S.A. All rights
 reserved.
   
  @@ -804,7 +804,7 @@
   
   xsd:simpleContent
 xsd:restriction base=j2ee:string
  - xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
  +  xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+/
 /xsd:restriction
   /xsd:simpleContent
 /xsd:complexType
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-servletapi-5/jsr154/src/share/dtd web-app_2_4.xsd

2004-08-24 Thread Petr Jiricka

Hi,
I remember there was an issue that the default DD in conf/web.xml was 
not valid by the schema - is this change related to that issue?

Thanks
Petr
[EMAIL PROTECTED] wrote:
jfarcand2004/08/24 10:01:34
 Modified:jsr154/src/share/dtd web-app_2_4.xsd
 Log:
 Update the web-app_2_4.xsd according
 to the JSR154 maintenance release.
 
   o The restriction facet of mime-typeType should be updated
 from:-
 xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
 to:-
 xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+
 
 submitted by: Yutaka Yoshida at sun dot com
 
 Revision  ChangesPath
 1.14  +2 -2  jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd
 
 Index: web-app_2_4.xsd
 ===
 RCS file: /home/cvs/jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd,v
 retrieving revision 1.13
 retrieving revision 1.14
 diff -u -r1.13 -r1.14
 --- web-app_2_4.xsd	18 Mar 2004 16:40:34 -	1.13
 +++ web-app_2_4.xsd	24 Aug 2004 17:01:34 -	1.14
 @@ -30,7 +30,7 @@
xsd:annotation
  xsd:documentation
  
 -  Copyright 2002 Sun Microsystems, Inc., 901 San Antonio
 +  Copyright 2004 Sun Microsystems, Inc., 901 San Antonio
Road, Palo Alto, California 94303, U.S.A. All rights
reserved.
  
 @@ -804,7 +804,7 @@
  
  xsd:simpleContent
xsd:restriction base=j2ee:string
 -	xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
 +  xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+/
/xsd:restriction
  /xsd:simpleContent
/xsd:complexType
 
 
 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30832] New: - Loading resources from a .jar-file requires file-write permission if SecurityManager is installed

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30832.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30832

Loading resources from a .jar-file requires file-write permission if SecurityManager 
is installed

   Summary: Loading resources from a .jar-file requires file-write
permission if SecurityManager is installed
   Product: Tomcat 5
   Version: 5.0.27
  Platform: PC
OS/Version: Windows XP
Status: NEW
  Severity: Major
  Priority: Other
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


When requesting a resource by calling Class.getResourceAsStream(...), and 
the requested resource is stored in a .jar file, the 
org.apache.catalina.loader.WebappClassLoader extracts it into the working-
directory (see method findResourceInternal) and returns the extracted resource.

This is OK, but:
If this is done when Tomcat is running under a SecurityManager, an 
AccessControlException is thrown, if the web-application has no permission to 
write into the working-directory!

Suggestion: Run the critical part as privileged action.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-servletapi-5/jsr154/src/share/dtd web-app_2_4.xsd

2004-08-24 Thread Jeanfrancois Arcand


Petr Jiricka wrote:
Hi,
I remember there was an issue that the default DD in conf/web.xml was 
not valid by the schema - is this change related to that issue?
Yes, this should fix the issue.
-- Jeanfrancois
Thanks
Petr
[EMAIL PROTECTED] wrote:
jfarcand2004/08/24 10:01:34
 Modified:jsr154/src/share/dtd web-app_2_4.xsd
 Log:
 Update the web-app_2_4.xsd according
 to the JSR154 maintenance release.
 
   o The restriction facet of mime-typeType should be updated
 from:-
 xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
 to:-
 xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+
 
 submitted by: Yutaka Yoshida at sun dot com
 
 Revision  ChangesPath
 1.14  +2 -2  
jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd
 
 Index: web-app_2_4.xsd
 ===
 RCS file: 
/home/cvs/jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd,v
 retrieving revision 1.13
 retrieving revision 1.14
 diff -u -r1.13 -r1.14
 --- web-app_2_4.xsd18 Mar 2004 16:40:34 -1.13
 +++ web-app_2_4.xsd24 Aug 2004 17:01:34 -1.14
 @@ -30,7 +30,7 @@
xsd:annotation
  xsd:documentation
   -  Copyright 2002 Sun Microsystems, Inc., 901 San Antonio
 +  Copyright 2004 Sun Microsystems, Inc., 901 San Antonio
Road, Palo Alto, California 94303, U.S.A. All rights
reserved.
   @@ -804,7 +804,7 @@
xsd:simpleContent
xsd:restriction base=j2ee:string
 -xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
 +  xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+/
/xsd:restriction
  /xsd:simpleContent
/xsd:complexType
 
 
 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup ClassLoaderFactory.java

2004-08-24 Thread amyroh

amyroh  2004/08/24 10:53:52

  Modified:catalina/src/share/org/apache/catalina/startup Tag:
TOMCAT_5_0 ClassLoaderFactory.java
  Log:
  Do not load outdated xml-apis.jar  xercesImpl.jar from endorsed if JDK 5.0 is used.
  
  Revision  ChangesPath
  No   revision
  No   revision
  1.6.2.1   +20 -2 
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/ClassLoaderFactory.java
  
  Index: ClassLoaderFactory.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/ClassLoaderFactory.java,v
  retrieving revision 1.6
  retrieving revision 1.6.2.1
  diff -u -r1.6 -r1.6.2.1
  --- ClassLoaderFactory.java   27 Feb 2004 14:58:48 -  1.6
  +++ ClassLoaderFactory.java   24 Aug 2004 17:53:52 -  1.6.2.1
  @@ -23,6 +23,7 @@
   import java.util.ArrayList;
   
   import org.apache.catalina.loader.StandardClassLoader;
  +import org.apache.tomcat.util.compat.JdkCompat;
   
   
   /**
  @@ -56,6 +57,12 @@
   private static int debug = 0;
   
   
  +/**
  + * JDK compatibility support
  + */
  +private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();
  +
  +
   // -- Static Properties
   
   
  @@ -170,7 +177,18 @@
   log(  Including jar file  + file.getAbsolutePath());
   URL url = new URL(file, null,
 file.getCanonicalPath());
  -list.add(url.toString());
  +
  +if (ClassLoaderFactory.jdkCompat.isJava15()) {
  +if (url.toString().endsWith(xml-apis.jar) ||
  +url.toString().endsWith(xercesImpl.jar)) {
  +// Do not load xml-apis.jar  xercesImpl.jar
  +// if JDK 5.0 is used
  +} else {
  +list.add(url.toString());
  +}
  +} else {
  +list.add(url.toString());
  +}
   }
   }
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup ClassLoaderFactory.java

[EMAIL PROTECTED] wrote:
amyroh  2004/08/24 10:53:52
 Modified:catalina/src/share/org/apache/catalina/startup Tag:
   TOMCAT_5_0 ClassLoaderFactory.java
 Log:
 Do not load outdated xml-apis.jar  xercesImpl.jar from endorsed if JDK 5.0 is used.
 

I doubt you can use the JDK compat class from there (you're in the 
bootstrap.jar).

Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/bin catalina.50.bat catalina.50.sh

2004-08-24 Thread amyroh

amyroh  2004/08/24 10:57:58

  Added:   catalina/src/bin Tag: TOMCAT_5_0 catalina.50.bat
catalina.50.sh
  Log:
  Add optional startup scripts to Tomcat_5_0 branch for not loading from endorsed on 
JDK 5.0.
  
  Revision  ChangesPath
  No   revision
  No   revision
  1.1.2.1   +192 -0jakarta-tomcat-catalina/catalina/src/bin/Attic/catalina.50.bat
  
  
  
  
  1.1.2.1   +287 -0jakarta-tomcat-catalina/catalina/src/bin/Attic/catalina.50.sh
  
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup ClassLoaderFactory.java

2004-08-24 Thread Amy Roh

 [EMAIL PROTECTED] wrote:

 amyroh  2004/08/24 10:53:52
 
   Modified:catalina/src/share/org/apache/catalina/startup Tag:
 TOMCAT_5_0 ClassLoaderFactory.java
   Log:
   Do not load outdated xml-apis.jar  xercesImpl.jar from endorsed if JDK
5.0 is used.
 
 
 I doubt you can use the JDK compat class from there (you're in the
 bootstrap.jar).

Hmm.  Really?  I checked to see if the classLoader loads the jars.  They get
loaded if I run on JDK 1.4 and not on JDK 5.0.

Amy


 Rémy


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[5.5] Packaging

I'm planning to do the following changes to packaging:
- removing commons-launcher from the final distribution (I see little 
use of it, since we have good scripts and native wrappers available); it 
will stay as a dependency to launch stuff during the build process
- new release archives based on the contents of the compat folder, for 
JRE 1.4 users (the default distributions will be for JRE 5.0)
- new release archives for the admin webapp (= not in the main archive; 
not everyone uses it, and it's quite large)
- the Windows installer will remain the same for now (= an offline 
installer), as I don't see how to make it an online installer and still 
respect the mirror scheme we use

Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [5.5] Packaging


Hola,

I'm planning to do the following changes to packaging:
- removing commons-launcher from the final distribution (I see little
use of it, since we have good scripts and native wrappers available);
it
will stay as a dependency to launch stuff during the build process
- new release archives based on the contents of the compat folder,
for
JRE 1.4 users (the default distributions will be for JRE 5.0)
- new release archives for the admin webapp (= not in the main archive;
not everyone uses it, and it's quite large)
- the Windows installer will remain the same for now (= an offline
installer), as I don't see how to make it an online installer and still
respect the mirror scheme we use

What does that leave us with in terms of distros?  Let me try:

[Source distros, same as today]
- jakarta-tomcat-5.5.0-src.zip
- jakarta-tomcat-5.5.0-src.tar.gz

[Binary distros]
- jakarta-tomcat-5.5.0.zip - for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.tar.gz -  for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.exe - for Windows, JRE 5.0, no Admin
- jakarta-tomcat-5.5.0-jre14.zip - for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-jre14.tar.gz - for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-jre14.exe - for Windows JRE 1.4, no Admin
+ another one for each of the above with Admin?

Maybe we should have admin separately, i.e.
jakarta-tomcat-5.5.0-admin.war (complete with META-INF/context.xml),
that users can just drop into their webapps directory?  I'd rather have
that than 6 more binary distributions.

What about dropping .tar.gz distros?  I realize its files are smaller
than zip, but every platform has zip support and I doubt many of our
users (who are mostly developers for companies or open-source
afficionadoes) are on dialup connections.  Alternatively (this is what
JonAS has done for example) we could just have .tgz files which the
Windows Winzip can handle.  This saves the release manager work and
reduces user confusion slightly, as they are faced with less download
choices.  I see the latter (user confusion) increasing when we have
JRE1.4 and JRE5.0 distros.

Yoav



This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30814] - Management of the principal in the function org.apache.catalina.security.SecurityUtil.execute()

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30814.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30814

Management of the principal in the function 
org.apache.catalina.security.SecurityUtil.execute()

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|WORKSFORME  |



--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 18:20 ---
Hi,

Maybe I do not understand my problem, but this is what’s happening, I think:
-   One application is protected with the Form authentication,
-   When user accessing to the login form, the session is created (without 
the subject) and the application’s filters are invoked,
-   If the filter is not last in the chain, hi will call 
SecurityUtil.execute without the principal,
-   The function SecurityUtil.execute will create the subject (error!), but 
will not add the principal to the subject (principal is null),
-   The newly created subject is added to the session (error!),
-   After the authentication, the user access to the application,
-   The application is executed (SecurityUtil.execute ) with good 
principal, but the subject is already in the session and the function execute 
will not add the parameter principal to the subject in the session.

I’m sorry for my English and I’m little confused with Tomcat, too.

P.S.: I’m not sure if it is good idea to add the principal passed as argument 
to the subject in the session if that principal is not already in the subject!

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Someone with karma for JSR154...


... please commit
http://issues.apache.org/bugzilla/show_bug.cgi?id=29923.  It's just a
resources file for the examples, a trivial commit, and I'd like to have
it on the TOMCAT_5_0 branch (as well as CVS HEAD) for inclusion in
5.0.28.  Thanks,

Yoav Shapira
Millennium Research Informatics





This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [5.5] Packaging

Shapira, Yoav wrote:
Hola,
 

I'm planning to do the following changes to packaging:
- removing commons-launcher from the final distribution (I see little
use of it, since we have good scripts and native wrappers available);
   

it
 

will stay as a dependency to launch stuff during the build process
- new release archives based on the contents of the compat folder,
   

for
 

JRE 1.4 users (the default distributions will be for JRE 5.0)
- new release archives for the admin webapp (= not in the main archive;
not everyone uses it, and it's quite large)
- the Windows installer will remain the same for now (= an offline
installer), as I don't see how to make it an online installer and still
respect the mirror scheme we use
   

What does that leave us with in terms of distros?  Let me try:
[Source distros, same as today]
- jakarta-tomcat-5.5.0-src.zip
- jakarta-tomcat-5.5.0-src.tar.gz
[Binary distros]
- jakarta-tomcat-5.5.0.zip - for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.tar.gz -  for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.exe - for Windows, JRE 5.0, no Admin
- jakarta-tomcat-5.5.0-jre14.zip - for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-jre14.tar.gz - for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-jre14.exe - for Windows JRE 1.4, no Admin
+ another one for each of the above with Admin?
 

No, you misunderstood.
- jakarta-tomcat-5.5.0.zip - for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.tar.gz -  for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.exe - for Windows, everything
- jakarta-tomcat-5.5.0-compat.zip - for JRE 1.4 (a few additional JARs, not the whole 
thing)
- jakarta-tomcat-5.5.0-compat.tar.gz -  for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-admin.zip - admin WAR + the XML file
- jakarta-tomcat-5.5.0-admin.tar.gz - admin WAR + the XML file
Maybe we should have admin separately, i.e.
jakarta-tomcat-5.5.0-admin.war (complete with META-INF/context.xml),
that users can just drop into their webapps directory?  I'd rather have
that than 6 more binary distributions.
 

IMO, the admin webapp is better located in the special folder we're 
using right now. It helps with catalina_base.

What about dropping .tar.gz distros?  I realize its files are smaller
than zip, but every platform has zip support and I doubt many of our
users (who are mostly developers for companies or open-source
afficionadoes) are on dialup connections.  Alternatively (this is what
JonAS has done for example) we could just have .tgz files which the
Windows Winzip can handle.  This saves the release manager work and
reduces user confusion slightly, as they are faced with less download
choices.  I see the latter (user confusion) increasing when we have
JRE1.4 and JRE5.0 distros.
This is a bad idea.
- Windaube XP only supports .zip
- tgz allows setting Unix execute flag
Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-servletapi-5/jsr154/examples/WEB-INF/classes LocalStrings_pt.properties

2004-08-24 Thread jfarcand

jfarcand2004/08/24 11:38:35

  Added:   jsr154/examples/WEB-INF/classes LocalStrings_pt.properties
  Log:
  Fix for 29923 (added a localized Portuguese version)
  
  Submitted by Joao Medeiros (jmedeiros at freenet.co.uk)
  
  Revision  ChangesPath
  1.1  
jakarta-servletapi-5/jsr154/examples/WEB-INF/classes/LocalStrings_pt.properties
  
  Index: LocalStrings_pt.properties
  ===
  # Copyright 2004 The Apache Software Foundation
  #
  # Licensed under the Apache License, Version 2.0 (the License);
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  # http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an AS IS BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  # $Id: LocalStrings_pt.properties,v 1.1 2004/08/24 18:38:35 jfarcand Exp $
  
  # Default localized resources for example servlets
  # This locale is pt_PT
  
  helloworld.title=Ola Mundo!
  
  requestinfo.title=Exemplo da Informacao do Pedido
  requestinfo.label.method=Metodo:
  requestinfo.label.requesturi=URI do Pedido:
  requestinfo.label.protocol=Protocolo:
  requestinfo.label.pathinfo=Informacao do Caminho:
  requestinfo.label.remoteaddr=Endereco Remoto:
  
  requestheader.title=Exemplo da Cebeceira do Pedido
  
  requestparams.title=Examplo de Parametros do Pedido
  requestparams.params-in-req=Parametros neste pedido:
  requestparams.no-params=Sem Parametros, Por favor entre alguns
  requestparams.firstname=Primeiro Nome:
  requestparams.lastname=Apelido:
  
  cookies.title=CExamplo de Cookies
  cookies.cookies=O se browser esta a enviar os seguintes cookies:
  cookies.no-cookies=O seu browser nao esta a enviar nenhuns cookies
  cookies.make-cookie=Crie um cookie para enviar para o seu browser
  cookies.name=Nome:
  cookies.value=Valor:
  cookies.set=Acabou de enviar o seguinte cookie para o seu browser:
  
  sessions.title=Examplo de sessoes
  sessions.id=Identificador da Sessao:
  sessions.created=Criada:
  sessions.lastaccessed=Ultima vez acedida:
  sessions.data=Os seguintes dados fazem parte da sua sessao:
  sessions.adddata=Adicione data a sua sessao
  sessions.dataname=Nome do atributo da sessao:
  sessions.datavalue=Valor do atributo da Sessao:
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 29923] - localized resources for example servlets in Portuguese

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=29923.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=29923

localized resources for example servlets in Portuguese

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED



--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 18:46 ---
Commited. Thanks Yoav for the push ;-)

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [5.5] Packaging

2004-08-24 Thread Mladen Turk

Shapira, Yoav wrote:
What about dropping .tar.gz distros?  I realize its files are smaller
than zip, but every platform has zip support and I doubt many of our
users (who are mostly developers for companies or open-source
afficionadoes) are on dialup connections.  Alternatively (this is what
JonAS has done for example) we could just have .tgz files which the
Windows Winzip can handle.  This saves the release manager work and
reduces user confusion slightly, as they are faced with less download
choices.  I see the latter (user confusion) increasing when we have
JRE1.4 and JRE5.0 distros.
The major difference between the tar.gz and zip distros should be in 
line endings. Both sources, jsp's, readme's etc... in
zip distro should have the CRLF line endings,
OTOH the tar.gz needs only LF line endings.
Also the tar.gz should have 'rwx' attribs for scripts inside bin.

Think that users know that for nixes they should use tar.gz, and for
windows .zip. We can also mark what is the actual difference between
them (CRLF issue), and for what platforms they are meant to be used.
OTOH we can make a agreement what the line endings would be and keep
only those. Only then we can drop particular distro.
Regards,
MT.


smime.p7s
Description: S/MIME Cryptographic Signature

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup ClassLoaderFactory.java

Amy Roh wrote:
[EMAIL PROTECTED] wrote:
   

amyroh  2004/08/24 10:53:52
Modified:catalina/src/share/org/apache/catalina/startup Tag:
  TOMCAT_5_0 ClassLoaderFactory.java
Log:
Do not load outdated xml-apis.jar  xercesImpl.jar from endorsed if JDK
 

5.0 is used.
 

 

I doubt you can use the JDK compat class from there (you're in the
bootstrap.jar).
   

Hmm.  Really?  I checked to see if the classLoader loads the jars.  They get
loaded if I run on JDK 1.4 and not on JDK 5.0.
You got lucky: JdkCompat is actually included in bootstrap.jar. So it works.
Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30833] New: - response.sendRedirect() does not include port

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30833.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30833

response.sendRedirect() does not include port

   Summary: response.sendRedirect() does not include port
   Product: Tomcat 5
   Version: 5.0.27
  Platform: All
   URL: http://jakarta.apache.org/tomcat/tomcat-5.0-
doc/servletapi/javax/servlet/http/HttpServletResponse.ht
ml#sendRedirect(java.lang.String)
OS/Version: Other
Status: NEW
  Severity: Normal
  Priority: Other
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


From the spec:
the servlet container must convert the relative URL to an absolute URL before
sending the response to the client.

The problem is that the port is not preserved in the redirect.  For example take
the simply jsp:

%
response.sendRedirect(snoop.jsp);
%

When in a web browser (mozilla 1.7.2) the port is preserved (for this test case,
not all the time).  But telneting to apache/tomcat myself resulted in:

$ telnet login.d1segs.selectacast.net 81
Trying 199.107.233.211...
Connected to login.d1segs.selectacast.net.
Escape character is '^]'.
POST /redirect-test.jsp HTTP/1.1   
HOST: login.d1segs.selectacast.net

HTTP/1.1 302 Moved Temporarily
Date: Tue, 24 Aug 2004 18:46:13 GMT
Server: Apache/2.0.50 (Unix) mod_ssl/2.0.50 OpenSSL/0.9.7a mod_jk/1.2.5
Set-Cookie: JSESSIONID=8E18AD6D77E3D1337DA9FDF1BC7C0F4B; Path=/
Location: http://login.d1segs.selectacast.net/snoop.jsp
    See, no port.
Content-Length: 0
Content-Type: text/html; charset=ISO-8859-1

Like I said in a web browser in this test case the port was preserved, but the
reason I was poking around in this is that in my real jsp the port was not being
preserved.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [RESULT] 4.1.31 maintenance release

2004-08-24 Thread Mark Thomas

As I see it there are two largish tasks to be performed before the tag can be
added:

1. Convert to the Apache 2 license
2. Update the change log

I haven't looked at 1 but there are scripts available so that should be OK.
I have played a little with CVS to generate lists of commit comments since a
particular date (in this case the date of the 4.1.30 tag) and have something
that seems to work. This should help with the generating the change log.

Also I would suggest we wait until 5.0.28 is released and then use the same
version of the connectors for 4.1.31. In particular I would like to see the fix
for bug 30152 in the release.

I will start looking at 1  2 above unless you particularly want to tackle
either of them. I should be able to get something done the end of the month.

Mark

 -Original Message-
 From: Keith Wannamaker [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, August 24, 2004 1:04 AM
 To: Tomcat Developers List
 Subject: [RESULT] 4.1.31 maintenance release
 
 The vote carried.  I am aiming for the end of the month for
 tagging and building a RC for 4.1.31.
 
 Keith
 
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30813] - HTTP POST does not translate URI but GET does

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30813.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30813

HTTP POST does not translate URI but GET does





--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 19:20 ---
Alright.  Once I call 

httpRequest.setCharacterEncoding(UTF-8);

in my Servlet filter, request parameters from HTTP POST are properly decoded. 
Sorry about mis-reporting the problem.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30833] - request.getServerPort() returns wrong port (WAS: response.sendRedirect() does not include port)

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30833.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30833

request.getServerPort() returns wrong port (WAS: response.sendRedirect() does not 
include port)

[EMAIL PROTECTED] changed:

   What|Removed |Added

Summary|response.sendRedirect() does|request.getServerPort()
   |not include port|returns wrong port (WAS:
   ||response.sendRedirect() does
   ||not include port)



--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 19:46 ---
upon further investigation request.getServerPort() is returning 80 instead of
81.  I don't know why sometimes it works and sometimes it doesn't.

To test put this in a jsp:
%= request.getServerPort() %

$ telnet login.d1segs.selectacast.net 81
Trying 199.107.233.211...
Connected to login.d1segs.selectacast.net.
Escape character is '^]'.
GET /server-port.jsp HTTP/1.1
HOST: login.d1segs.selectacast.net

HTTP/1.1 200 OK
Date: Tue, 24 Aug 2004 19:43:22 GMT
Server: Apache/2.0.50 (Unix) mod_ssl/2.0.50 OpenSSL/0.9.7a mod_jk/1.2.5
Set-Cookie: JSESSIONID=1E19BDEFF3713F319A41AFEF78ACB799; Path=/
Content-Length: 3
Content-Type: text/html; charset=ISO-8859-1
X-Pad: avoid browser bug

80

... but again in the web browser it does show the correct port:
http://login.d1segs.selectacast.net:81/server-port.jsp

note: that url is subject to be taken down at any time so it would be best to
run the test on your local machine

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30833] - request.getServerPort() returns wrong port (WAS: response.sendRedirect() does not include port)

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30833.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30833

request.getServerPort() returns wrong port (WAS: response.sendRedirect() does not 
include port)

[EMAIL PROTECTED] changed:

   What|Removed |Added

  Component|Catalina|Connector:Coyote



--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 19:56 ---
I'm changing component to Connector:Coyote even through this problem happens if
I use the HTTP connector.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30833] - request.getServerPort() returns wrong port (WAS: response.sendRedirect() does not include port)

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30833.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30833

request.getServerPort() returns wrong port (WAS: response.sendRedirect() does not 
include port)





--- Additional Comments From [EMAIL PROTECTED]  2004-08-24 19:57 ---
I should clarify: it *also* happens if I use the HTTP connector.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [5.5] Packaging

2004-08-24 Thread Costin Manolache

Remy Maucherat wrote:
I'm planning to do the following changes to packaging:
- removing commons-launcher from the final distribution (I see little 
use of it, since we have good scripts and native wrappers available); it 
will stay as a dependency to launch stuff during the build process
- new release archives based on the contents of the compat folder, for 
JRE 1.4 users (the default distributions will be for JRE 5.0)
Is JRE1.5 final available ? Last I checked it was still beta.
I think it's a good idea to keep 1.4 as default target at least until 
1.5 is out of beta.

Are you going to include xerces or just leave it out and tell 1.3 users 
to download an xml parser and install it in common/lib ?

- new release archives for the admin webapp (= not in the main archive; 
not everyone uses it, and it's quite large)
Not sure what that means :-).
- the Windows installer will remain the same for now (= an offline 
installer), as I don't see how to make it an online installer and still 
respect the mirror scheme we use

Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

What does that leave us with in terms of distros? Let me try:
[Source distros, same as today]
- jakarta-tomcat-5.5.0-src.zip
- jakarta-tomcat-5.5.0-src.tar.gz
[Binary distros]
- jakarta-tomcat-5.5.0.zip - for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.tar.gz - for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.exe - for Windows, JRE 5.0, no Admin
- jakarta-tomcat-5.5.0-jre14.zip - for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-jre14.tar.gz - for JRE 1.4, no Admin
- jakarta-tomcat-5.5.0-jre14.exe - for Windows JRE 1.4, no Admin
+ another one for each of the above with Admin?
Why ? We can distribute admin.war as a separate binary, who needs it can
install it separately.
What is the difference between JRE1.4 and JRE5.0 distribution ? I'm
building with 1.4 and 1.5 and it works fine with 1.5, 1.5 and 1.3, do we
need separate builds ?

BTW - I don't know how hard it would be to have admin.war also
distributed as a .exe with installer ( just need to extract the war
in the tomcat dir ).

Maybe we should have admin separately, i.e.
jakarta-tomcat-5.5.0-admin.war (complete with META-INF/context.xml),
that users can just drop into their webapps directory? I'd rather have
that than 6 more binary distributions.
+1

What about dropping .tar.gz distros? I realize its files are smaller
than zip, but every platform has zip support and I doubt many of our
users (who are mostly developers for companies or open-source
afficionadoes) are on dialup connections. Alternatively (this is what
JonAS has done for example) we could just have .tgz files which the
Windows Winzip can handle. This saves the release manager work and
reduces user confusion slightly, as they are faced with less download
choices. I see the latter (user confusion) increasing when we have
JRE1.4 and JRE5.0 distros.
Do we do any line ending processing for tgz and zip ? The expectation is
that .tgz distributions use unix LF, and zip files use CRFL.

If tgz and zip are identical ( and I assume it's CRLF since the build is
on windows ) - then it's a good idea to have only zip ( tgz with CRLF is
confusing )

Costin

Yoav

This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [5.5] Packaging

2004-08-24 Thread Costin Manolache

Remy Maucherat wrote:
No, you misunderstood.
- jakarta-tomcat-5.5.0.zip - for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.tar.gz -  for JRE 5.0, no Admin
- jakarta-tomcat-5.5.0.exe - for Windows, everything

- jakarta-tomcat-5.5.0-compat.zip - for JRE 1.4 (a few additional JARs, 
not the whole thing)
- jakarta-tomcat-5.5.0-compat.tar.gz -  for JRE 1.4, no Admin
You mean mx4j ? I'm not sure about having the main target be a JRE beta,
but I understand your point, it's cleaner this way. The alternative 
would be to have a 1.4 distro, with mx4j jars included, and detect at
runtime if it's 1.5 and skip them from the loader.

I suspect people will keep using 1.4 and 1.5 for a while, as usual there 
are incompatibilities - so it's better to be able to use the same tomcat 
with both.

Please make sure target=1.3 is present in all javac tasks :-)

- jakarta-tomcat-5.5.0-admin.zip - admin WAR + the XML file
- jakarta-tomcat-5.5.0-admin.tar.gz - admin WAR + the XML file
Good.
Costin


Maybe we should have admin separately, i.e.
jakarta-tomcat-5.5.0-admin.war (complete with META-INF/context.xml),
that users can just drop into their webapps directory?  I'd rather have
that than 6 more binary distributions.
 

IMO, the admin webapp is better located in the special folder we're 
using right now. It helps with catalina_base.

What about dropping .tar.gz distros?  I realize its files are smaller
than zip, but every platform has zip support and I doubt many of our
users (who are mostly developers for companies or open-source
afficionadoes) are on dialup connections.  Alternatively (this is what
JonAS has done for example) we could just have .tgz files which the
Windows Winzip can handle.  This saves the release manager work and
reduces user confusion slightly, as they are faced with less download
choices.  I see the latter (user confusion) increasing when we have
JRE1.4 and JRE5.0 distros.
This is a bad idea.
- Windaube XP only supports .zip
- tgz allows setting Unix execute flag
Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/conf web.xml

2004-08-24 Thread luehe

luehe   2004/08/24 15:59:28

  Modified:catalina/src/conf web.xml
  Log:
  Upgrade to Servlet 2.4 schema
  
  Revision  ChangesPath
  1.42  +4 -4  jakarta-tomcat-catalina/catalina/src/conf/web.xml
  
  Index: web.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/web.xml,v
  retrieving revision 1.41
  retrieving revision 1.42
  diff -u -r1.41 -r1.42
  --- web.xml   17 Aug 2004 21:54:20 -  1.41
  +++ web.xml   24 Aug 2004 22:59:28 -  1.42
  @@ -1,8 +1,8 @@
   ?xml version=1.0 encoding=ISO-8859-1?
  -!DOCTYPE web-app
  - PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN
  -http://java.sun.com/dtd/web-app_2_3.dtd;
  -web-app
  +web-app xmlns=http://java.sun.com/xml/ns/j2ee;
  +xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
  +xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee 
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd;
  +version=2.4
   
 !--  Introduction == --
 !-- This document defines default values for *all* web applications  --
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Thomas Kaeslin/Cementia-Trading/Ch/Cement/Lafarge is out of the office.

2004-08-24 Thread thomas . kaeslin

I will be out of the office starting  19.08.2004 and will not return until 30.08.2004.


This e-mail is confidential and may contain legally privileged information.  If you 
are not the intended recipient, you should not copy, distribute,
disclose or use the information it contains.  Please e-mail the sender immediately and 
delete this message from your system.  E-mails are susceptible
to corruption, interception and unauthorised amendment; we do not accept liability for 
any such changes, or for their consequences. You should be
aware, that the company  may monitor your emails and their content



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-servletapi-5/jsr154/src/share/dtd web-app_2_4.xsd

2004-08-24 Thread Jan Luehe

Jeanfrancois Arcand wrote:

Petr Jiricka wrote:
Hi,
I remember there was an issue that the default DD in conf/web.xml was 
not valid by the schema - is this change related to that issue?

Yes, this should fix the issue.
Also, with the updated schema, it is now possible to upgrade the
default web.xml to Servlet 2.4, which I just did.
Will commit the same change to TOMCAT_5.
Jan
-- Jeanfrancois
Thanks
Petr
[EMAIL PROTECTED] wrote:
jfarcand2004/08/24 10:01:34
 Modified:jsr154/src/share/dtd web-app_2_4.xsd
 Log:
 Update the web-app_2_4.xsd according
 to the JSR154 maintenance release.
 
   o The restriction facet of mime-typeType should be updated
 from:-
 xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
 to:-
 xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+
 
 submitted by: Yutaka Yoshida at sun dot com
 
 Revision  ChangesPath
 1.14  +2 -2  
jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd
 
 Index: web-app_2_4.xsd
 ===
 RCS file: 
/home/cvs/jakarta-servletapi-5/jsr154/src/share/dtd/web-app_2_4.xsd,v
 retrieving revision 1.13
 retrieving revision 1.14
 diff -u -r1.13 -r1.14
 --- web-app_2_4.xsd18 Mar 2004 16:40:34 -1.13
 +++ web-app_2_4.xsd24 Aug 2004 17:01:34 -1.14
 @@ -30,7 +30,7 @@
xsd:annotation
  xsd:documentation
   -  Copyright 2002 Sun Microsystems, Inc., 901 San Antonio
 +  Copyright 2004 Sun Microsystems, Inc., 901 San Antonio
Road, Palo Alto, California 94303, U.S.A. All rights
reserved.
   @@ -804,7 +804,7 @@
xsd:simpleContent
xsd:restriction base=j2ee:string
 -xsd:pattern value=[\p{L}\-\p{Nd}]+/[\p{L}\-\p{Nd}\.]+/
 +  xsd:pattern value=[^\p{Cc}^\s]+/[^\p{Cc}^\s]+/
/xsd:restriction
  /xsd:simpleContent
/xsd:complexType
 
 
 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/conf web.xml

2004-08-24 Thread luehe

luehe   2004/08/24 16:14:51

  Modified:catalina/src/conf Tag: TOMCAT_5_0 web.xml
  Log:
  Upgrade to Servlet 2.4 schema
  
  Revision  ChangesPath
  No   revision
  No   revision
  1.39.2.1  +4 -4  jakarta-tomcat-catalina/catalina/src/conf/web.xml
  
  Index: web.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/web.xml,v
  retrieving revision 1.39
  retrieving revision 1.39.2.1
  diff -u -r1.39 -r1.39.2.1
  --- web.xml   20 Apr 2004 22:22:04 -  1.39
  +++ web.xml   24 Aug 2004 23:14:51 -  1.39.2.1
  @@ -1,8 +1,8 @@
   ?xml version=1.0 encoding=ISO-8859-1?
  -!DOCTYPE web-app
  - PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN
  -http://java.sun.com/dtd/web-app_2_3.dtd;
  -web-app
  +web-app xmlns=http://java.sun.com/xml/ns/j2ee;
  +xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
  +xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee 
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd;
  +version=2.4
   
 !--  Introduction == --
 !-- This document defines default values for *all* web applications  --
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Important

2004-08-24 Thread hgomez

--  Virus Warning Message (on uusnwa0p)  --

Found virus WORM_NETSKY.Z in file Notice.txt   
   
   .exe (in Notice.zip)
The uncleanable file is deleted.

-
Important notice!


--  Virus Warning Message (on uusnwa0p)  --

Notice.zip is removed from here because it contains a virus.

-
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 30684] - jasper2(org.apache.jasper.JspC) requires commos-logging.jar