It sounds like maybe there is some confusion between environment
variables and system properties.
java.io.tempdir is a system property which presumably means it can be
set on the Java command line using -Djava.io.tempdir="foo"
This is different then anything getenv() would return since those wo
en delete both it and
your reply. Thank you.
******
Paul Speed <[EMAIL PROTECTED]>
22/09/2004 02:15 PM
Please respond to
"Tomcat Developers List"
To
Tomcat Developers List <[EMAIL PROTECTED]&g
http://jakarta.apache.org/site/mail.html
See the first bulleted section.
-Paul
Prabhjot Sodhi wrote:
Hi:
I am new to Java and this forum, so my apologies for asking novice
queries (but u have to start one day)!!!
I am working on creating a database management site using JSDK and
Amy Roh wrote:
[EMAIL PROTECTED] wrote:
amyroh 2004/09/20 10:51:28
Modified:jasper2/src/share/org/apache/jasper/compiler SmapUtil.java
Log:
Remove verbose.
-if (verbose) {
-if (log.isDebugEnabled())
-log.debug("constant pool count: " +
Yay! My code is back. :)
-Paul
[EMAIL PROTECTED] wrote:
funkman 2004/09/01 11:33:34
Modified:catalina/src/share/org/apache/catalina Globals.java
catalina/src/share/org/apache/catalina/ssi
ByteArrayServletOutputStream.java
Res
To configure space tabs on Emacs... quoted from:
http://www.student.northpark.edu/pemente/emacs_tabs.htm
> For this session, force Emacs to indent with spaces, never with TABs:
>
> M-x set-variable indent-tabs-mode nil
>
> Permanently force Emacs to indent with spaces, never with TABs:
>
> (set
And give his auto-responder admin a big wedgie too.
-Paul
Mladen Turk wrote:
Can someone kill this guy?
-Original Message-
From: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-ma
I think this is a combination of a misconfigured mail server at
one800.net and a bad e-mail address subscribed to the list. The mail
server is badly configured because it replied to sender instead of the
reply-to address. If it had replied to the reply-to address you would
never have seen it and
Everyone on the list received these e-mails since they were sent to
the list. No harvesting was necessary.
As I understand it, the apache mailing lists are promiscuous in a way
and will easily/accidentally let any e-mail address subscribe as long
as it sends a reply to a subscribe confirmation e-m
David Rees wrote:
>
> Shapira, Yoav wrote:
> >> I wouldn't call the current situation as "moderated" so much as
> >> "managed". Is there a reason that the developers list allows posting
> >> from non-subscribers? Or are these troubled addresses actually fully
> >> subscribed?
> >
> > All these
"Shapira, Yoav" wrote:
>
> Hi,
>
> >It seemed to me that in the old days, posts were held until a moderator
> >let them through.
>
> That was true for some lists. Very few lists are so light in traffic
> that that's possible now.
Ah. The way I understood it before was that new subscribers w
It seemed to me that in the old days, posts were held until a moderator
let them through. You had to be put on an approved list to have direct
posting access. At least, that's how the posting delay for new
subscribers was explained. As I undertand it, none of these messages
would have made it t
I remember when these lists were moderated. Those were the days.
-Paul
Martin Gainty wrote:
>
> Personally I was thinking of something more politically correct.
> There is not much room for misinterpretation of your statement
> Is there a way to unsubscribe these people so we do not get spammed
It is a little strange that noone from the apache team has stepped
forward to clarify that these are fake... since they are being sent
to an apache mailing list after all.
The clues I had that it was a fake:
1) Sent to an apache/jakarta mailing list... by apache.org.
2) Really poor grammar in the m
Vano Beridze wrote:
jean-frederic clere wrote:
+++
--- Additional Comments From Remy Maucherat 2004-02-19 19:44 ---
Yes, but not doing so is too complex to implement overall (since you
would have
to parse the descriptor to know what to do).
+++
For me that is a good explaination as sev
I think the performance improvement was because the Strings were
converted to char[] arrays during servlet init, and not at every
request. It seems to me as if that would make a difference.
-Paul
Kin-Man Chung wrote:
>
> I took a look at o.a.j.runtime.JspWriterImpl and the methods
>
>
Clearly you guys make it way to easy to subscribe to the list. ;)
-Paul
Bill Barker wrote:
>
> Ok, I tried asking nice, and just got a machine-response. Could whoever is
> currently Moderator for this list helpfully allow minimalist to unsubscribe
> ;-).
>
> - Original Message -
> From:
Thanks Dan. Now I have my 15 milliseconds of fame back. ;)
I'll see if I can test the updates with my site soon.
-Paul Speed
[EMAIL PROTECTED] wrote:
>
> dsandberg2002/11/25 02:15:43
>
> Modified:catalina/src/share/org/apache/catalina/ss
"Craig R. McClanahan" wrote:
>
> On Sat, 23 Nov 2002, Paul Speed wrote:
>
> > Date: Sat, 23 Nov 2002 18:50:34 -0500
> > From: Paul Speed <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> > To: Tomcat Develop
The Java beans API requires getters. It does not require setters.
No setter means the property is read-only. There's no such thing as
write-only in the Java beans API.
A getter is the only way to determine what the type of the property
is since there can be only one getter with a particular name
These worked at one time. Then that entire version of SSI was
clobbered and replaced with a version that only supported a subset
of the commands. None of my clobbered rewrite has been ported
forward again and I haven't had the time (or motivation) to rewrite
my rewrite again and try to get a pa
Costin Manolache wrote:
>
> Paul Speed wrote:
>
> > Any "behind closed doors" discussions have the potential for alienating
> > the non-committer community. Determining what conversations are
> > appropriate for this other list is a very slippery slope. I
other" list must absolutely show up
here eventually, at some delay. Otherwise, there is no longer any
transparency. (This is also the biggest reason it's better than
CCed e-mails; because the messages will always be public at some
point.)
Anyway, just my non-binding $0.02,
-Paul
Sorry about the double post. It looked like the other one went out
with the original non-subscriber address.
-Paul
Paul Speed wrote:
>
> [reposting from my subscribed account]
>
[snip]
--
To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org>
For additio
yway, just my non-binding $0.02,
-Paul
"Ignacio J. Ortega" wrote:
>
> > From: Paul Speed [mailto:pspeed@;progeeks.com]
> > Sent: Thursday, October 17, 2002 4:15 PM
>
> > The nice thing about your current way of dicussing security issues
> > (CC e-mail threads
yway, just my non-binding $0.02,
-Paul
"Ignacio J. Ortega" wrote:
>
> > From: Paul Speed [mailto:pspeed@;progeeks.com]
> > Sent: Thursday, October 17, 2002 4:15 PM
>
> > The nice thing about your current way of dicussing security issues
> > (CC e-mail threads
Costin Manolache wrote:
>
> IAS wrote:
>
> > I got a little bit curious about why finding bugs relevant to security
> > and fixing them should be not open. I don't doubt that there are both
> > merit and demerit of discussing those critical issues with full
> > disclosure. Absolutely there may
Paul Speed wrote:
>
> > + return "java.net.URLEncoder.encode(\"\" + " + v + ")";
>
> I know I'm being pedantic, but it's a small pet peeve of mine. :)
> How about:
> return "java.net.URLEncoder.encode( S
thing without all the behind-the-scenes
StringBuffer stuff.
-Paul Speed
[EMAIL PROTECTED] wrote:
>
> remm2002/09/05 04:27:20
>
> Modified:jasper2/src/share/org/apache/jasper/compiler Generator.java
> Log:
> - Force the convesion of the value to a string.
> -
(resending from my progeeks.com address to avoid being filtered/delayed
by moderation.)
Dan Sandberg wrote:
>
> Ugh this is painful. I'll checkout your stuff within the next few days.
> If the architecture looks good and does have significantly greater
> functionality I will merge my changes
(resending from my progeeks.com address to avoid being filtered/delayed
by moderation.)
Don't know... have you tried an absolute date or is "4 months ago"
just an example for the list's benefit. Any date in feb/april should
be sufficiently late enough.
Hope it works,
-Paul
Dan Sandberg wrote:
though.
My original rewrite did something similar. Only in my case, it
was only a small bug fix that was reverted. Still a little
disconcerting from my point of view. Probably my own fault for
taking a two-month break from the lists.
And I had no idea I could have parlayed those patches into
nce we can nicely merge the two good versions into
one more good version?
-Paul Speed
Dan Sandberg wrote:
>
> Hi everyone.
>
> Here are more changes to the SSI code.
>
> I have a test case ( comparing SSI behavior to Apache by using .shtml
> files in different tomcat webap
te: The older SSI can only serve one request at a time or
it will possibly mix output to the different clients. This was
actually my original reasons for fixing the SSI servlet in Catalina
since it messes up nested includes too. The other reason was that I
needed conditionals.
-Paul Speed
>
Sorry to comment, but I see this one again and again on all kinds of
projects. :)
> -if (servletRequest.getMethod().equals("HEAD"))
> +if ((servletRequest.getMethod() != null)
> +&& (servletRequest.getMethod().equals("HEAD"))) {
Almost always better to go ahead
Comments below...
Pier Fumagalli wrote:
>
> "Patrick Luby" <[EMAIL PROTECTED]> wrote:
>
> > Maybe I should clarify what I am trying to do. I am trying to enable the use
> > of setuid() within the existing Tomcat startup process (i.e. shell scripts). I
> > definitely like your native launcher an
Heh,
I bet a whole bunch of people on this list just double checked that
they don't have the virus, though. I know I did even though I don't
use Outlook. Seeing your own e-mail address in the From: line is
a little disconcerting.
-Paul
jean-frederic clere wrote:
>
> Bernd Koecke wrote:
> >
>
Kevin Jones wrote:
>
> Why not implement your own JSP base class that imports the
> classes/packages you need and have all your pages extend that new class.
> This would also be portable across implementations!
It would also not work. "import" statements are only for the compiler.
They have not
[EMAIL PROTECTED] wrote:
>
> On Thu, 20 Dec 2001, Kevin Seguin wrote:
>
> > perhaps now is the time to do some rethinking of where the connectors for
> > each serlvet container live.
> >
> > today, in j-t-c, there is the framework (for lack of a better word) for
> > connectors plus the individ
Kevin Seguin wrote:
>
> >
> > Catch me if I'm wrong, but currently j-t-c is dependent on tomcat
> > code, right? I make this statement without having actually looked at
> > the code for the connectors. I'm going by recent discussions about
> > how an API change in Catalina broke the build for
Kevin Seguin wrote:
>
> >
> > If we move more and more logic and code in j-t-c, we may need
> > to have soon a specific jakarta-tomcat-connectors dev-list ?
> >
> > There is today low java in jtc, mainly native code.
> > If all the 'ORB' java code is moved to j-t-c, for jk,
> > next maybe warp,
Brian Zhou wrote:
>
> Hi tomcat-developers,
>
> Is there a prefered way to set the initial env for an SSI page? I'm working
> on a simple template servlet using SSI to allow something like:
>
>
>
>
>
> Most of the support are there, but how does one set the initial env
> programatically f
Hello,
In my playing around with security, I've been attempting to break-out
the AllPermission for the $(catalina.home}/server classes into
something more granular to allow more refined tweaking. Here's what I
have so far:
grant codeBase "file:${catalina.home}/server/-" {
permission java.
Glenn Nielsen wrote:
[snip]
>
> Glad to hear you had success using Tomcat with the Java SecurityManager.
> Where I work we have several different installs of Tomcat. All of them
> use a much more restrictive policy file than the default catalina.policy.
> At one point the Tomcat 4 Security Man
or. Currently, unknown commands can be
ignored with the correct option. In an ideal world, all of the
directives would be configurable but that seemed like overkill.
Anyway, I'm going to try and setup your proposal here locally
and see if I find any problems.
-Paul
>
> Regards,
>
&
ispatcher.java 2001/11/29 03:41:26
1.2
+++ share/org/apache/catalina/util/ssi/SsiDispatcher.java 2001/11/29 08:05:06
@@ -76,7 +76,7 @@
* @version $Revision: 1.2 $, $Date: 2001/11/29 03:41:26 $
* @authorPaul Speed
*/
-public class SsiDispatcher {
+public final cla
on
change to get the "exec" directive to work.
-Paul Speed
P.S.: I'd be curious to know of anyone actually using the "exec"
directive. Looking at the code, I'm not sure I see how it works
for non-CGI stuff.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
;d like to propose at some
point but I don't want to make my patch set any larger than
it already is. :) Specifically, I want to lock down the
"exec" directive so that SSI can be safely/securely deployed by
default.
If someone looks at this stuff and finds something wr
"Craig R. McClanahan" wrote:
>
> On Thu, 15 Nov 2001, Paul Speed wrote:
>
> > Date: Thu, 15 Nov 2001 14:40:35 -0500
> > From: Paul Speed <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> > To: Tomcat Developer
The only problem with including the tests right in the same package
is that they can be hard to remove for a test-free distribution. Also,
since they are in the same package, they have access to some non-public
methods and properties... this can make them a security risk in some
cases (especially
There are several reasons to use pooling, including (but not limited
to):
-Eliminating object creation time
-Managing expensive resources (really same as first)
-Keeping memory usage constant (popular in embedded environments)
-Reducing garbage collection
Only the last one is addressed by the quo
Eric Rescorla wrote:
>
[snip]
> >
> > To be consistant with 2.3 containers, I'd go with individually named
> > attributes.
> Fine with me. Anyone object to this?
>
> -Ekr
I'm confused. Is this for Tomcat 3.x or Tomcat 4.x? I thought it
was the former, but all of the servlet 2.3 comments rec
[EMAIL PROTECTED] wrote:
>
> On Tue, 13 Nov 2001, Mika Goeckel wrote:
>
> > I completely agree, that the API lacks proactive support for things in the
> > background that may fail.
> > But given the fact, that we support a reference implementation which has
> > managed to provide really profes
Mika Goeckel wrote:
>
[ snip ]
> >
> > I'm not saying this is necessarily a "good" idea, but you can byte
> > compare the resulting session serialization to see if the session
> > objects have changed. All you have to do is keep a local copy of
> > the original session during the request. Not
Tom Drake wrote:
>
> - Original Message -
> From: "Craig R. McClanahan" <[EMAIL PROTECTED]>
> To: "Tomcat Developers List" <[EMAIL PROTECTED]>; "Tom Drake"
> <[EMAIL PROTECTED]>
> Sent: Tuesday, November 13, 2001 1:25 PM
> Subject: Re: Tomcat: Distributed Session Management revisited
>
:)
At least the lag was shorter this time.
-Paul
"Craig R. McClanahan" wrote:
>
> On Sat, 27 Oct 2001, Paul Speed wrote:
>
> > Date: Sat, 27 Oct 2001 11:34:58 -0400
> > From: Paul Speed <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Developers Mail
the new tester pages which
> generate identical output to Apache 1.3.22.
>
> So after these patches, the only tags that are missing that
> mod_include has are "printenv" and "perl" (which is conditionally
> included anyway). Also, the "encoding" par
d. I just need to make the
> SsiCommands for "if", "else", etc..
So, with the above changes, SSI should be safe to use from multiple
clients. Locally, I've also finished coding the conditional
directives and some other fixes to SsiInvokerServlet. I'll post
thos
ve any more problems.
-Paul Speed
[EMAIL PROTECTED] wrote:
>
> craigmcc01/10/26 17:50:05
>
> Modified:catalina build.xml
> Log:
> Add a kludge to avoid compiling the SSI servlet (and associated utilities)
> because the build is currently broken, and I haven'
Craig,
It looks like this might be due to Bip committing a set of patches
that I sent him. So I might be able to help figure out why it's
broken. What exactly does it complain about?
Thanks.
-Paul Speed
[EMAIL PROTECTED] wrote:
>
> craigmcc01/10/26 17:50:05
>
> Modi
Ok, I'm going to try again with the attachments. Seems like only
the SSIInclude03.txt file came through before.
-Paul Speed
Paul Speed wrote:
>
> I couldn't find alot of info on testing. I also couldn't find any
> tests that included multiple files... so I may be look
ed every SSI related file in a very significant
way... in addition to removing a few of them. What is the preferred
way to submit such a large patch?
Thanks,
-Paul Speed
Bip Thelin wrote:
>
> > -----Original Message-
> > From: Paul Speed [mailto:[EMAIL PROTECTED]]
> >
> >
Bip Thelin wrote:
>
> > -Original Message-
> > From: Paul Speed [mailto:[EMAIL PROTECTED]]
> >
> > For the curious reader, after looking into this code at some length
> > it seems clear why the set command was not added. All SSI requests
> > sha
It will include the set command though since that's what
I'm going to use to test it. :)
If noone else beats me to it, I'll post it when I'm done.
-Paul Speed
[EMAIL PROTECTED] wrote:
>
> DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
> RELATED COMMENTS TH
o generated output instead of code? Or am I being
pedantic and what you really meant was:
System.out.println(); // Hello out.print( "Some template text" );
or somesuch?
-Paul Speed
"Craig R. McClanahan" wrote:
>
> On Mon, 22 Oct 2001, Paul Speed wrote:
>
> > D
Java
syntax?
Thanks,
-Paul Speed
[EMAIL PROTECTED] wrote:
>
> DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
> RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
> <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4339>.
> ANY REPLY MADE TO THIS MESSAGE WILL NOT B
aring of static data
or security permissions or any of that.
-Paul Speed
Rick Mann wrote:
>
> on 8/30/01 11:36 PM, Paul Speed at [EMAIL PROTECTED] wrote:
>
> > Just clarifying, you basically want the exact same functionality
> > you'd get by copying the jars
Just clarifying, you basically want the exact same functionality
you'd get by copying the jars into the individual webapp lib
directories, but you just don't want to have to copy them. Right?
-Paul Speed
Rick Mann wrote:
>
> on 8/30/01 4:22 AM, Glenn Nielsen at [EMAIL
Why not have three different downloads? src, bin, and src + bin.
(ie: can't we all just get along? ;) )
-Paul Speed
"Rob S." wrote:
>
> So what we have here is a minority of developers who look through the Tomcat
> source, versus the majority of people who have no
s. Some people
want a binary only distribution, some want a binary+source
distribution. Why not provide both? (Easy for me to say as a
lurker.)
For what it's worth, I would only download the bin+src distro, ie:
the same one that's misnamed now.
-Paul Speed
lot of
bright engineers have come up with some very cool stuff. However,
this "feature" is one of the most boneheaded things I've ever heard. ;)
-Paul Speed
>
> An additional note of interest to Ant developers - there is evidence that
> running the compiler (either old
dn't spend days
criticizing each others' choices in editors and could instead
write code.
That could be the reason so many people gravitate towards arguing
for no tab characters. It's not like the file space they save is
as critical as it used to be 15 years ago. :)
I personally don't care. I've learned to read it with tabs right or
wrong. It looks just as cryptic to me as K&R style bracing and I
can read that just fine. ;)
-Paul Speed
"Pier P. Fumagalli" wrote:
>
> Paul Speed at [EMAIL PROTECTED] wrote:
>
> > In another thread on this subject it was mentioned that someone was
> > looking for a replacement to these tools. I, too, poked around a
> > little but it occurred to me tha
rrent tools have
their problems.
-Paul Speed
"Pier P. Fumagalli" wrote:
>
> Even though DOXYGEN is used by APR right now to build their API docs, today,
> when I asked Ben about it he replied that "It's written in bloody C++ and
> you need always the later version o
at test!=0 is setting spinlock 1 and the else
branch is setting spinlock 2. So, whenever you test the synchronized
version you are going to get a deadlock since your locking has no
thread identity... a thread can block itself by checking the lock
after setting it.
-Paul Speed
> }
>
Just a thought,
But might you not also just save your query results in some
intermediate format (serialization might work) that your JSP pages
could then use? It may not fit in well with your system, but it would
save from having to recompile pages.
At the other end of the spectrum, you could
Paulo Gaspar wrote:
>
> Earl,
>
> If you think one should not discuss the merits of JSP here, you should
> not take part on it even if to defend JSP.
>
> If you agree we should talk about the pros and cons of JSPs, it is hard
> to talk about the cons of JSP in a constructive way without point
Tom Reilly wrote:
>
> +1
>
> There's no reason going from .java to a Class object should be any
> harder than going from .class to a Class object. If the compiler used
> ClassLoader's instead of manually reading .class files in through the
> file system, fast in-memory compilation becomes a p
der you will find that it requires
> all classes to be in a package, the only class that does not have to
> be in a package is the JSP page itself.
>
> Regards,
>
> Glenn
>
So, you can't load unpackaged classes from a JSP page?
Even if they are specifically imported?
-Paul Speed
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
luous to compare a boolean with true or false
> (apart from the fact that in other programming languages this might even be
> dangerous, just think of C...)
>
Check out the article that is referenced in other mail in
this thread or hit JavaWorld and see the references section on the
article about singletons.
-Paul Speed
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
.
-Paul
>
> > -Original Message-----
> > From: Paul Speed [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, January 26, 2001 2:12 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Thread-safety
> >
> >
> >
> >
> > Marc Saegesser wrote:
> >
inlining
virtual methods... I'm pretty sure that _jspx_init() is only a
candidate for inlining through runtime compilation by Hotspot. But
I'm not even sure of that.
Otherwise, if it can never be inlined then you
d = true;
> }
> }
> }
BTW, is the _jspx_init() method private and/or final?
Otherwise, can compilers really get away with inlining virtual
methods? Or is this just a Hotspot runtime compilation issue?
-Paul Speed
>
> The inner synchronized block sh
Jon Stevens wrote:
>
> on 1/25/01 11:42 AM, "Paul Speed" <[EMAIL PROTECTED]> wrote:
>
> > Just thought that I would point out that:
> > "My " + "dog " + "has " + "fleas." will be compiled as one String:
> > &
runtime penalties. In the case
of literals it can be more efficient than StringBuffer as long as
they are grouped together as above. Since I haven't looked at the
code directly, I don't know how or if this affects your point.
-Paul Speed
>
> Just some thoughts on the imple
"Craig R. McClanahan" wrote:
>
> Paul Speed wrote:
>
> > [EMAIL PROTECTED] wrote:
> > >
> > > Can you argue about how Valve's single chain of command ( where
> > > authentication, generation, etc are done in a single invoke() ) can
&
with this kind of stuff... it harkens back to
my old graphics programming days. It's almost always surprising
what this stuff will turn up.
-Paul Speed
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
Geoff Soutter wrote:
>
> "Paul Speed" <[EMAIL PROTECTED]> wrote:
>
> [snip]
>
> > For what it's worth, I think that custom tags are the thing
> > that really saves JSP. On my last project, we were able to
> > encapsulate all logic into a
"Craig R. McClanahan" wrote:
>
[ snip ]
>
> * My personal preference for the presentation layer is JSP (and has
> been since long before I adopted a "sun.com" email address :-), for
> several reasons:
[ snip ]
>
> * Custom tags - can be used to encapsulate sophisticated
> fu
,
ie: /cygdrive/c/
The make files I use for some of my projects use pwd
quite frequently to build paths, etc. and cygwin broke these.
I had to make special provisions for a cygwin environment.
-Paul Speed
for files inside of it. The worst you will see is a
"? build" when its parent directory is checked.
I routinely set up my own projects this way and I never see
?'s for .class files.
That doesn't make any of your other points less valid. I
just wanted to clear that up.
-Paul Speed
91 matches
Mail list logo
