Hi,
the nightly scriptm who starts from a clean workspace, fail with the
following:
downloadfile:
[mkdir] Created dir: /home/jfarcand/jakarta-tomcat/tyrex-1.0
[get] Getting: http://telia.dl.sourceforge.net/sourceforge/tyrex/tyrex-1.0.jar
init:
[mkdir] Created dir:
From your description, everything seems fine. Does the error occurs
only inside Tomcat or if you parse your file using the command line if
also choke?
-- Jeanfrancois
Bill Barker wrote:
I've been trying to set up a CLIENT-CERT authentication for MemoryRealm (one
of the few that handles it :).
ballot
[ ] Alpha
[ ] Beta
[X ] Stable (GA)
/ballot
-- Jeanfrancois
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi Remy,
the servlet doesn't compile with JDK 1.3.x :
StatusManagerServlet.java:274: cannot resolve symbol
[javac] symbol : method maxMemory ()
[javac] location: class java.lang.Runtime
[javac] writer.print(Runtime.getRuntime().maxMemory());
[javac]
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
Hi Remy,
the servlet doesn't compile with JDK 1.3.x :
StatusManagerServlet.java:274: cannot resolve symbol
[javac] symbol : method maxMemory ()
[javac] location: class java.lang.Runtime
[javac] writer.print
Because the xerces version bundled with 1.4 is an older one, doesn't
support XML schema properly, and contains bugs (and is not as performant
as the 2.x version)
-- Jeanfrancois
David Thielen wrote:
thanks - dave
-
To
Costin Manolache wrote:
Jean-Francois Arcand wrote:
Because the xerces version bundled with 1.4 is an older one, doesn't
support XML schema properly, and contains bugs (and is not as performant
as the 2.x version)
Isn't Crimson in JDK1.4 ? I remember we decided to disable XML schema
Costin Manolache wrote:
Remy Maucherat wrote:
Could I get some details on that filter/facade bug ?
Yes, Filter.init() is called with the Context object instead of the
facade. While Servlet.init() is called correctly.
This may allow access to the internals, and is just weird (
Remy Maucherat wrote:
Costin Manolache wrote:
Remy Maucherat wrote:
Could I get some details on that filter/facade bug ?
Yes, Filter.init() is called with the Context object instead of the
facade. While Servlet.init() is called correctly.
This may allow access to the internals, and is
Wait :-)
I still did not ran all the tests that I have, specially the lovely XML
schema one. It seems to work fine when validation is turned off, but I
would like to be sure...mayb we can start using it with Tomcat 5 and
change Tomcat 4.1.x once we are sure it work.
-- Jeanfrancois
Remy Maucherat wrote:
Remy Maucherat wrote:
- daemon: Home of Mladen's procrun, a very promising exe wrapper for
Java programs on Windows; this also contains a Unix wrapper for Java
programs; the Unix wrapper could be advertised as the recommended
solution to run Tomcat on 80 on Unix, and
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
OK, let's try to describe the problem. First, here is the stack trace
the application is throwing when running:
java.lang.NullPointerException
at
org.apache.coyote.tomcat5.CoyoteRequestFacade.getAttribute(CoyoteRequestFaca
de.java:271
Remy Maucherat wrote:
[EMAIL PROTECTED] wrote:
jfarcand2003/06/06 12:04:51
Modified:catalina/src/share/org/apache/coyote/tomcat5
CoyoteRequest.java
Log:
Revert the patch until I come with a better solution.
I'd like to be convinced there's a bug here ;-)
Remy Maucherat wrote:
[EMAIL PROTECTED] wrote:
jfarcand2003/05/28 21:13:24
Modified:catalina/src/share/org/apache/catalina/core
StandardContext.java
Log:
Revert back my latest changes since it did not fix the problem
completely.
Don't worry about that
Tim Funk wrote:
The dtd in
jakarta-servletapi-5\jsr154\examples\WEB-INF\web.xml
says:
!DOCTYPE web-app
PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN
http://java.sun.com/dtd/web-app_2_3.dtd;
Is this right?
Yes it is. The examples doesn't contains any new 2.4 features. Of
Remy Maucherat wrote:
Costin Manolache wrote:
Remy Maucherat wrote:
- modeler: Basis for Tomcat 5 JMX features, with a lot of new
impressively efficient functionality since release 1.0; again, a
critical component [Costin (do you have enough time to continue being
the RM of that component ?)]
OK, let's try to describe the problem. First, here is the stack trace
the application is throwing when running:
java.lang.NullPointerException
at
org.apache.coyote.tomcat5.CoyoteRequestFacade.getAttribute(CoyoteRequestFaca
de.java:271)
at
.
*
* @author Craig R. McClanahan
+ * @author Jean-Francois Arcand
* @version $Revision: 1.66 $ $Date: 2002/06/23 20:35:30 $
*/
@@ -224,7 +225,6 @@
* @param event The lifecycle event that has occurred
*/
public void lifecycleEvent(LifecycleEvent event) {
-
// Identify
Hi,
this minor change fixes a bug : when an appllication is undeployed
(removed), ContainerEvent with the value of REMOVE_EVENT are fired.
The bug is also in jakarta-tomcat-4. Should I send another patch?
Thanks,
-- Jeanfrancois
Index: StandardHostDeployer.java
Hi , attached is the remaining XML schema that need to be available locally.
src/share/dtd/j2ee_1_4.xsd
src/share/dtd/web-app_2_4.xsd
src/share/dtd/jsp_2_0.xsd
src/share/dtd/jsptaglibrary_2_0.xsd
Thanks,
-- Jeanfrancois
jakarta-servletapi- 5_localschema.zip
Description: Zip
Hi,
this include a modified version of xml.xsd (from W3c) were the DOCTYPE
element is removed (commented). Xerces 2.0.1 seems to have problem with
this entity when schema is used and the parser is running inside a
firewall, using a local copy of the xml.xsd.
Thanks,
-- Jeanfrancois
Hi,
this patch clean up the code and turn on automatically namespace
validation when using schema.
Thanks,
-- Jeanfrancois
Index: ContextConfig.java
===
RCS file:
HI,
I have completed the move of the authorization logic from the
o.a.c.authenticator.AuthenticatorBase to the o.a.c.realm.RealmBase. The
Realm class has now three new methods:
/**
* Return the SecurityConstraint configured to guard the request URI for
* this request, or
Hi,
minor change to include all *.xsd in the same directory
(javax/servlet/resources) since there is a Xerces limitation when
resolving systemId from multiple URIs (only 1 is supported).
Thanks,
-- Jeanfrancois
Index: build.xml
Hi,
this patch change the way local schema are stored - use the full URI
instead a the file name.
Thanks,
-- Jeanfrancois
Index: Constants.java
===
RCS file:
)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203)
Jean-francois Arcand wrote:
Hi,
this patch change the way local schema are stored - use the full URI
instead
Patrick Luby wrote:
Costin,
[EMAIL PROTECTED] wrote:
On Sun, 11 Aug 2002, Patrick Luby wrote:
commons-digester/logging, etc. I think that this would make the
build more reliable since Tomcat 5 is dependent on very specific
versions of Apache dependencies (e.g. Xerces 2.0.1 only).
Steve Downey wrote:
Thanks for pointing the tomcat5 task out. I'm trying to reimplement
with that, and have run into a couple of snags.
First is that o.a.c.startup.CatalinaService doesn't distinguish
between catalina.home and catalina.base. setHome() actually sets both
of them. Adding
Hi,
based on the mailling list feedback, I would like to propose the
following solution for the XML Parser DTD/Schema validation/namespace
aware problems:
- Add the following attributes in server.xml under the HOST element:
xmlValidation=false
xmlNamespaceAware=false
and set them equal to
This patch update the required version of the Digester.
Thanks,
-- Jeanfrancois
Index: build.properties.default
===
RCS file: /home/cvspublic/jakarta-tomcat-5/build.properties.default,v
retrieving revision 1.27
diff -u -r1.27
Hi,
Xerces 2.0.1 contains a bug that produce the error Remy reports earlier
this week :-(
Xerces 2.0.2 contains a bug that produce a StackTraceOverflow :-(
In order to supports schema and dtd, Xerces nightly build is the only
version that parse properly DTD and schema when validation is
Thanks everybody! Now you can say you have a Quebecois as a commiter ;-)
-- Jeanfrancois
Patrick Luby wrote:
All,
Jean-François Arcand has received several +1's and no -1's. So,
Jean-François, congratulations!
Can someone create an account for Jean-François Arcand?
Thanks,
Patrick
implements a local SAX's codeEntityResolver/code. All
* DTDs and schemas used to validate the web.xml file will re-directed
* to a local file stored in the servlet-api.jar and jsp-api.jar.
*
* @author Jean-Francois Arcand
*/
public class SchemaResolver implements EntityResolver
[EMAIL PROTECTED] wrote:
There are several possible use cases, and I think we should try to
provide options to support each one.
Regardless of the startup timing, in all cases no request will
be served from an webapp until all initialization is done, including
load on startup servlets. There
@@
*
* @author Craig R. McClanahan
* @author Jean-Francois Arcand
- * @version $Revision: 1.9 $ $Date: 2002/08/20 03:26:36 $
+ * @version $Revision: 1.8 $ $Date: 2002/08/10 22:42:34 $
*/
public final class ContextConfig
@@ -186,15 +186,26 @@
* The codeDigester/code we will use
Hans Schmid wrote:
Hi,
as far as I understand, there are problems in Tomcat 5
with the XML Schema validation. A hack in Tomcat plus Xerces 2.0.1
are currentzly in the build system.
Has anyone tried the new Xerces release 2.1.0 yet ?
Yes, I have done some tesing and it works fine. It the
David Oxley wrote:
Also, you probably ought to include the XML parser (Xerces 2.1.0) with the
LE edition of TC5 (If it does fix it).
Does Sun JDK1.4 come with Xerces or Crimson? I thought I read that it was
supplied with a version of Xerces, but the source that comes with it has
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
Hans Schmid wrote:
Hi,
as far as I understand, there are problems in Tomcat 5 with the XML
Schema validation. A hack in Tomcat plus Xerces 2.0.1 are currentzly
in the build system.
Has anyone tried the new Xerces release 2.1.0
jean-frederic clere wrote:
Hi,
Each time I am replying a message of the list I am getting a message
from [EMAIL PROTECTED] (Advert or complain?).
Has any one received this kind of message?
I don't, but I suspect your mail server has been placed on a spam mail
list and now monitored by
Remy Maucherat wrote:
I think milestone 4.1.10 is of good quality and we can consider
releasing it as the first stable release in the 4.1.x line.
ballot
[ ] Alpha
[ ] Beta
[X ] Stable
/ballot
From the DTD validation point of view, the performance seems better
with Xerces 2.1
Remy Maucherat wrote:
A security vulnerability which affects all releases of Tomcat 4.x has
been discovered.
It is proposed that new Tomcat 4.0.x and 4.1.x releases are made, at
which time the exploit will be publicized. The security advisory will
also include an easy workaround to
lenn Nielsen
Re: [VOTE] commit new Tomcat 4 SecurityManager XML Policy code to CVS
Costin Manolache
Re: [VOTE] commit new Tomcat 4 SecurityManager XML Policy code toCVS
Glenn Nielsen
Re: [VOTE] commit new Tomcat 4 SecurityManager XML Policy code toCVS
Jean-Francois Arcand
Re: [VOTE]
Hi Glenn,
see below...
Glenn Nielsen wrote:
Hi Jean-Francois,
My comments are intermixed below.
Jean-Francois Arcand wrote:
Hi Glenn, here is a couple of questions regarding your
SecurityManager XML works:
(1) All permissions seems to be stored in class SecurityPolicyBase
ballot
[ X] +1 Yes, start releasing milestones
[ ] -1 No, because:
/ballot
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Hi Glenn,
your last addition seems, IMO, to open a security isssue with classes
located under the o.a.c.util directory. Actually, maybe not for Tomcat
4.1, but for 5.0, I have created a class called SecurityAudit.java that
contains some security check. If we port your latest changes, this
Tar the code and post it here...so we can look and enjoy :-)
-- Jeanfrancois
Ignacio J. Ortega wrote:
I have in my workspace working a litle refactoring of the o.a.t.u.net
package translating the JSSE* classes to his own package ( named of
course jsse) and the same for PureTLs* ones ( with a
Henri Gomez wrote:
Steve Downey wrote:
Actually, with the recent release of commons-logging, we should be
able to get rid of the explicit LogKit and Log4J. They're there so as
to get a complete build of commons-logging. Tomcat 5 itself doesn't
use either directly.
Xerces is a
ballot
+1 [X] Yes, remove the LE distribution
-1 [ ] No, keep both distributions
/ballot
But...The only problem I see is the Xerces version included in 1.3
doesn't support XML Schema. So if people turn on validation, the parser
will not work for Servlet 2.4/JSP 2.0I recommend we make it
Bill Barker wrote:
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Thursday, October 03, 2002 7:50 PM
Subject: Re: [5.0] [VOTE] Removal of the LE distribution
Costin Manolache wrote:
Remy Maucherat wrote:
I just spoke to a Xalan member and he told me they have the same problem
(exception) but this time with / instead of --. We should stick
with Xerces 2.1.0seems to have more that one bug in Xerces 2.2.0.
-- Jeanfrancois
Henri Gomez wrote:
I reported the error in xerces2 bugzilla
Costin Manolache wrote:
Remy Maucherat wrote:
If the EG prefers features over portability - then we need to find a
way to create a distribution without JSP ( is this possible ?) and maybe
compensate by including cocoon or velocity.
Personally, I would support 1.3 (and 1.2 assuming
Hi,
I'm looking to do a Security Audit on the current Tomcat 5.0 codebase. I
would like to collect as more as information as where you think I should
look at (code, security hole, etc.). I'm planning to do the audit using
the default SecurityManager. Rigth now, I have started looking at:
-
ballot
[ X ] Remove deprecated org.apache.catalina.connector components from
the j-t-catalina module
[ ] Leave them in
/ballot
-- Jeanfrancois
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Hi,
with Tomcat 4.1.12, Xerces 2.2 is throwing the following exception:
org.xml.sax.SAXParseException: The string -- is not permitted within
comments.
at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
This is a bug in the org.apache.struts.digester.Digester class. If
private stuff?)
Does anyone publish a security checklist list like this?
Blah Blah,
-bob
On Tue, 2002-10-08 at 16:36, Jean-Francois Arcand wrote:
Hi,
I'm looking to do a Security Audit on the current Tomcat 5.0 codebase. I
would like to collect as more as information as where
Hi Remy,
when you start with the SecurityManager, the following exception is thrown.
java.lang.ClassNotFoundException:
org.apache.catalina.connector.HttpRequestBase$Privilege
dGetSession
at
org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLoader.j
ava:890)
Costin Manolache wrote:
I would like to propose a new mailing list.
The list will be closed to commiters only. The main purpose
will be discussions of security and other special issues.
This should avoid [Cc] threads.
The main target should be active commiters - so it should
start empty.
HI,
is somebody aware why package org.apache.coyote.* and
org.apache.tomcat.* are not protected againts package insertion/access
in Catalina.java. What is the reasons? Actually, classes are not
available to a Webapp (the Classloader is taking care of it) but when
Tomcat is embedded in an app
Hi Glenn,
should it be org.apache.tomcat.util instead of org.apache.util ?
Thanks,
-- Jeanfrancois
[EMAIL PROTECTED] wrote:
glenn 2002/10/15 13:33:19
Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
Log:
Add
Hi,
In o.a.c.tomcat5.CoyoteRequest (same in tomcat4), there is a doPrivilege
block that grant the doGetSession method. This method delegate the logic
to the o.a.c.Manager instance. A Manager can (but it's not required)
uses a o.a.c.Store object . The Manager and the Store object may need
?
-1 for changing/removing the doPrivileged()
Other voices?
Regards,
Glenn
Thanks,
-- Jeanfrancois
Jean-Francois Arcand wrote:
Hi,
In o.a.c.tomcat5.CoyoteRequest (same in tomcat4), there is a
doPrivilege block that grant the doGetSession method. This method
delegate
including security policy permissions required
for managing/persisting those sessions.
Costin
Jean-Francois Arcand wrote:
Glenn Nielsen wrote:
The doPrivileged() for getting a session is in the CoyoteRequest
public getSession()
method which is implemented as required by ServletRequest
Hi,
I've re-factored Catalina.java and CatalinaService.java and merge the
security code into a single class: o.a.c.security.SecurityConfig. This
class will manage all the package access/definition security properties.
Actually, the list of package access/definition are harcoded in that
Glenn Nielsen wrote:
Jean-Francois Arcand wrote:
Hi,
I've re-factored Catalina.java and CatalinaService.java and merge the
security code into a single class: o.a.c.security.SecurityConfig.
This class will manage all the package access/definition security
properties.
Works for me
The appropriate forum for that type of questions will be first under
tomcat-user mailling list :-)
I've just rename one of my war
wiponline.war
file without any problems. So it is not related to Tomcat. Maybe you JDK
have a bug?
-- Jeanfrancois
Markus Zänglein wrote:
HI
I was faced
Hi,
In StandardClassLoader, starting line 815, the SecurityManager is invoked:
// (.5) Permission to access this class when using a SecurityManager
if (securityManager != null) {
int i = name.lastIndexOf('.');
if (i = 0) {
try {
Foget that email. The problem is in front of the computer, not in the
class ;-)
-- Jeanfrancois
Jean-Francois Arcand wrote:
Hi,
In StandardClassLoader, starting line 815, the SecurityManager is
invoked:
// (.5) Permission to access this class when using a
SecurityManager
+1
He is quite impressive on tomcat-users list
-- Jeanfrancois
Bob Herrmann wrote:
Mladen's word is enough for me.
+1 for John Turner
Cheers,
-bob
On Fri, 2002-10-18 at 15:11, Mladen Turk wrote:
Hi,
I'd like to propose John Turner [Jturner at AAS.com]
as a new Tomcat committer.
He
Hi,
I got the following error when I start Tomcat with the
o.a.c.session.PersistentManager manager:
ServerLifecycleListener: createMBeans: MBeanException
java.lang.Exception: ManagedBean is not found with PersistentManager
at
Hi,
I got the following error when I start Tomcat with the
o.a.c.session.PersistentManager manager:
ServerLifecycleListener: createMBeans: MBeanException
java.lang.Exception: ManagedBean is not found with PersistentManager
at
Sorry for the second postmy mail server is having problems
Jean-Francois Arcand wrote:
Hi,
I got the following error when I start Tomcat with the
o.a.c.session.PersistentManager manager:
ServerLifecycleListener: createMBeans: MBeanException
java.lang.Exception: ManagedBean
OK, I have committed the change, do testing, and try to hack the code I
just wrote. Of course, more testing will be appreciated :-)
-- Jeanfrancois
Glenn Nielsen wrote:
Jean-Francois Arcand wrote:
Glenn Nielsen wrote:
Costin Manolache wrote:
I'm in the middle on this one - but I
HI,
just a quick update with Xerces 2.2. Two weeks ago, I tough I've found
the problem Tomcat was having with Xerces 2,2 (by replacing struts.jar
file with the 1.1 beta version, the bug did not show up again). I did
some tests last week and the bug starts to re-appear, but not all the
time
Hi,
is method o.a.c.http11.Http11Processor.addFilter used by Tomcat 3.x? The
method is not used in 4.1.X and 5, and I would like to remove it. The
method gives direct access to Class.forName, and this is a lightweight
security issue.
Thanks,
-- Jeanfrancois
--
To unsubscribe, e-mail:
Aditya wrote:
Glenn,
On Thu, Oct 24, 2002 at 10:03:47AM -, [EMAIL PROTECTED] wrote:
This must be a problem in your local system configuration.
Check the unix file ownerhsip and permissions for test2.new.
I've done that and the fact is that it works fine without the security
Hi,
testing package protection, I have come to the following conclusion:
Packages that we can protect against access
--
o.a.catalina
o.a.jasper
o.a.jsp
o.a.jk
Packages that we can protect against definition
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
Hi,
testing package protection, I have come to the following conclusion:
Packages that we can protect against access
--
o.a.catalina
o.a.jasper
o.a.jsp
o.a.jk
Packages that we can protect against
Bob Herrmann wrote:
On Mon, 2002-10-28 at 05:07, Remy Maucherat wrote:
New Tomcat 5.0 docs online (linked from the main Tomcat page):
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/index.html
New building documentation:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/BUILDING.txt
Renato wrote:
Hi all,
( sorry to post here... in users list nobody answered )
One of my users is asking for the following permission in his context
java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.realm)
He is using
are available under
http://javaweb.sfbay.sun.com/~ja120114/security-audit/SecurityAudit.html
Let me know if something is missing.
Thanks,
-- jeanfrancois
--
To unsubscribe, e-mail: mailto:tomcat-dev-unsubscribe;jakarta.apache.org
For additional commands, e-mail:
Oups..wrong list...sorry.
-- Jeanfrancois
Jean-Francois Arcand wrote:
are available under
http://javaweb.sfbay.sun.com/~ja120114/security-audit/SecurityAudit.html
Let me know if something is missing.
Thanks,
-- jeanfrancois
--
To unsubscribe, e-mail:
mailto:tomcat-dev-unsubscribe
Hi Henry, a couple of comment about your translation :-)
[EMAIL PROTECTED] wrote:
hgomez 2002/10/31 01:34:44
Added: catalina/src/share/org/apache/naming
LocalStrings_fr.properties
catalina/src/share/org/apache/naming/resources
Hi Henry,
more translation recommendations ;-)
[EMAIL PROTECTED] wrote:
hgomez 2002/10/31 01:34:29
Added: catalina/src/share/org/apache/catalina/users
LocalStrings_fr.properties
catalina/src/share/org/apache/catalina/valves
Craig R. McClanahan wrote:
On Thu, 31 Oct 2002, Jean-Francois Arcand wrote:
De toute petite corrections ;-) ... ah ces Quebbecois!
Is this going to be as bad as American versus British English speakers?
:-)
Mostly...but I'm in minority againts all the French peoples on the list
Remy Maucherat wrote:
[EMAIL PROTECTED] wrote:
jfarcand2003/07/22 21:02:29
Modified:catalina/src/share/org/apache/coyote/tomcat5
MapperListener.java
Log:
When using the embedded interface (or jmx directly), context are
never removed because of this
Bill Barker wrote:
Tomcat doesn't adhere to the (new) requirements in the 2.4 Servlet-Spec for
handling the case of Overlapping Constraints:
spec-quote version=2.4 pfd3 section=12.8.1
When a url-pattern and http-method pair occurs in multiple security
constraints, the
applicable constraints (on
+1
Remy Maucherat wrote:
To be able to reach beta quality around the end of this month, a new
milestone will need to be released at the end of this week (and more
generally, I think a one milestone per week schedule can't hurt when
trying to go to beta - even if we end up missing the deadline
Hi,
I'm currently doing a very basic test:
[EMAIL PROTECTED] jfarcand]$ wget http://localhost:8080/
--20:59:22-- http://localhost:8080/
= `index.html'
Resolving localhost... done.
Connecting to localhost[127.0.0.1]:8080... connected.
HTTP request sent, awaiting response... 400 No
Finaly...
Remy Maucherat wrote:
[ ] Alpha
[ ] Beta
[X] Stable
-- Jeanfrancois
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi Jean-Frederic,
the current source have:
int dot = name.lastIndexOf('.');
if (securityManager != null) {
if (dot = 0) {
try {
// Do not call the security manager since by
default, we grant that package.
if
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
+1. There is 1 bug in bugtraq currently open about *.jsp url mapping
that I need to investigate (I'm not sure yet it's a bug) but I hope to
have a fix before Sunday.
And what would the bug be ?
(I think I know the mapper code far better than
+1. There is 1 bug in bugtraq currently open about *.jsp url mapping
that I need to investigate (I'm not sure yet it's a bug) but I hope to
have a fix before Sunday.
-- Jeanfrancois
Remy Maucherat wrote:
Hi,
I plan to make a new build available by Sunday. Comments ? Any issues
which would
Remy Maucherat wrote:
ballot
[X ] Alpha
[ ] Beta
/ballot
pleaPlease vote :)/plea
Add comments if needed.
(1) Xerces validation doesn't work (seems the way we load the DTD is
incorrect, producing the current error...but wait, we never know with
Xerces ;-) ). Since validation was by default
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
Hi,
I've just realized that when you install Tomcat 5 from a fresh
workspace, Xerces is not copied under common/endorsed. I don't
remember what was the decision regarding Xerces. Have we decide to
completely remove it? If yes, then we shoud
Oups I've missed the discussion . There is a 1.4.2 bug found by Remy
(and reported in bugtraq as 4895132. I'm not sure you can access the
bug). The workaround is to add the following property when starting Tomcat:
-Dsun.io.useCanonCaches=false
Can you try it and see if that fixe the problem (I
+1.
If he like Xerces, he can jump on that side too ;-)
-- Jeanfrancois
Remy Maucherat wrote:
I'd like to nominate Eric Carmichael as a committer on the Tomcat
project. Eric has been steadily supplying quality patches to the new
Jasper which will implement the JSP 2.0 specification, and has
Remy Maucherat wrote:
Jean-Francois Arcand wrote:
Remy Maucherat wrote:
ballot
[X ] Alpha
[ ] Beta
/ballot
pleaPlease vote :)/plea
Add comments if needed.
(1) Xerces validation doesn't work (seems the way we load the DTD is
incorrect, producing the current error...but wait, we never know
Hi,
I've just realized that when you install Tomcat 5 from a fresh
workspace, Xerces is not copied under common/endorsed. I don't remember
what was the decision regarding Xerces. Have we decide to completely
remove it? If yes, then we shoud remove the dependency in
build.properties and
Remy Maucherat wrote:
ballot
[ ] Alpha
[X ] Beta
/ballot
Except for validation (which I'm still investigating (try to create
smaller test case for the Xerces folks)
-- Jeanfrancois
-
To unsubscribe, e-mail: [EMAIL
Bill Barker wrote:
- Original Message -
From: Remy Maucherat [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Monday, August 25, 2003 12:32 AM
Subject: Re: [VOTE] 5.0.9 stability rating
Bill Barker wrote:
Tim Funk wrote:
Installed 5.0.9 from exe
1 - 100 of 133 matches
Mail list logo