[Bug 64182] 1.03s delay on every request via ajp
https://bz.apache.org/bugzilla/show_bug.cgi?id=64182 --- Comment #5 from Andreas --- Just wanted to confirm Zac Spizters findings that adding attribute address="::1" on server.xml host connector tag for AJP solved the delay on Windows Server 2012 R2 (6.3) 64bit Tomcat/8.5.51 |Java|1.8.0_242 (Azul Systems, Inc.) 64bit with IIS 8.5.96.00 using boncode AJP conncetor. The delay isn't present whit this attribute. Originally there wasn't any address attribute set on that config tag. Until now I couldn't reproduce the issue on my dev machine. Testing different tomcat versions to narrow down the issue on production servers is not an option at this moment. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63286] Inconsistencies between AccessLogValve and mod_log_config
https://bz.apache.org/bugzilla/show_bug.cgi?id=63286 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org --- Comment #10 from Michael Osipov --- Let me recheck this. I hope docs have been updated too. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Tagging 10.0.x, 9.0.x, 8.5.x
Just a heads up that I'm aiming to do this early next week. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63286] Inconsistencies between AccessLogValve and mod_log_config
https://bz.apache.org/bugzilla/show_bug.cgi?id=63286 --- Comment #9 from Remy Maucherat --- AccessLogValve was not doing anything related. The argument that used milliseconds was in AbstractALV, now it uses nanoseconds. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Update after kkolinko review of new PersistAuthentication attribute
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new b8ddc8c Update after kkolinko review of new PersistAuthentication attribute b8ddc8c is described below commit b8ddc8cc8df8fa9c85525a32973202401ad79345 Author: Mark Thomas AuthorDate: Fri Feb 28 19:28:53 2020 + Update after kkolinko review of new PersistAuthentication attribute --- .../apache/catalina/session/StandardSession.java| 4 ++-- webapps/docs/config/manager.xml | 21 ++--- webapps/docs/security-howto.xml | 4 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catalina/session/StandardSession.java index 0c87fea..a93d9fd 100644 --- a/java/org/apache/catalina/session/StandardSession.java +++ b/java/org/apache/catalina/session/StandardSession.java @@ -1709,7 +1709,7 @@ public class StandardSession implements HttpSession, Session, Serializable { // Gather authentication information (if configured) String sessionAuthType = null; Principal sessionPrincipal = null; -if (isPersistAuthentication()) { +if (getPersistAuthentication()) { sessionAuthType = getAuthType(); sessionPrincipal = getPrincipal(); if (!(sessionPrincipal instanceof Serializable)) { @@ -1768,7 +1768,7 @@ public class StandardSession implements HttpSession, Session, Serializable { * @return {@code true}, if authentication information shall be persisted; * {@code false} otherwise */ -private boolean isPersistAuthentication() { +private boolean getPersistAuthentication() { if (manager instanceof ManagerBase) { return ((ManagerBase) manager).getPersistAuthentication(); } diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml index 7f2d963..fc16389 100644 --- a/webapps/docs/config/manager.xml +++ b/webapps/docs/config/manager.xml @@ -161,23 +161,6 @@ filter pattern in order to be restored. - -Should authentication information be included when session state is -preserved across application restarts? If true, the session's -authentication is preserved so that the session remains authenticated -after the application has been restarted. If not specified, the default -value of false will be used.See -Persistence Across Restarts -for more information. - -Please note that the session's Principal class as well -as its descendant classes are all subject to the -sessionAttributeValueClassNameFilter. If such a filter -is specified or a SecurityManager is enabled, the names of -the Principal class and descendant classes must match that -filter pattern in order to be restored. - - Frequency of the session expiration, and related manager operations. Manager operations will be done once for the specified amount of @@ -234,7 +217,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. @@ -372,7 +355,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index 6f97025..d52fc01 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -444,6 +444,10 @@ The length of the session ID may be changed with the sessionIdLength attribute. + + The persistAuthentication controls whether the + authenticated Principal associated with the session (if any) is included + when the session is persisted during a restart or to a Store. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For
[tomcat] branch 9.0.x updated: Update after kkolinko review of new PersistAuthentication attribute
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 771c50b Update after kkolinko review of new PersistAuthentication attribute 771c50b is described below commit 771c50b1fd4eeefff07c8ec7bfc64f9318a6503b Author: Mark Thomas AuthorDate: Fri Feb 28 19:28:53 2020 + Update after kkolinko review of new PersistAuthentication attribute --- .../apache/catalina/session/StandardSession.java| 4 ++-- webapps/docs/config/manager.xml | 21 ++--- webapps/docs/security-howto.xml | 4 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catalina/session/StandardSession.java index d3b3799..9f34988 100644 --- a/java/org/apache/catalina/session/StandardSession.java +++ b/java/org/apache/catalina/session/StandardSession.java @@ -1668,7 +1668,7 @@ public class StandardSession implements HttpSession, Session, Serializable { // Gather authentication information (if configured) String sessionAuthType = null; Principal sessionPrincipal = null; -if (isPersistAuthentication()) { +if (getPersistAuthentication()) { sessionAuthType = getAuthType(); sessionPrincipal = getPrincipal(); if (!(sessionPrincipal instanceof Serializable)) { @@ -1727,7 +1727,7 @@ public class StandardSession implements HttpSession, Session, Serializable { * @return {@code true}, if authentication information shall be persisted; * {@code false} otherwise */ -private boolean isPersistAuthentication() { +private boolean getPersistAuthentication() { if (manager instanceof ManagerBase) { return ((ManagerBase) manager).getPersistAuthentication(); } diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml index adbd697..499262f 100644 --- a/webapps/docs/config/manager.xml +++ b/webapps/docs/config/manager.xml @@ -139,23 +139,6 @@ filter pattern in order to be restored. - -Should authentication information be included when session state is -preserved across application restarts? If true, the session's -authentication is preserved so that the session remains authenticated -after the application has been restarted. If not specified, the default -value of false will be used.See -Persistence Across Restarts -for more information. - -Please note that the session's Principal class as well -as its descendant classes are all subject to the -sessionAttributeValueClassNameFilter. If such a filter -is specified or a SecurityManager is enabled, the names of -the Principal class and descendant classes must match that -filter pattern in order to be restored. - - Frequency of the session expiration, and related manager operations. Manager operations will be done once for the specified amount of @@ -212,7 +195,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. @@ -350,7 +333,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index 3396e36..e929a8e 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -447,6 +447,10 @@ The length of the session ID may be changed with the sessionIdLength attribute. + + The persistAuthentication controls whether the + authenticated Principal associated with the session (if any) is included + when the session is persisted during a restart or to a Store. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For
[tomcat] branch 8.5.x updated: Update after kkolinko review of new PersistAuthentication attribute
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 956e00a Update after kkolinko review of new PersistAuthentication attribute 956e00a is described below commit 956e00a65ae7c0b4339a6306950d7bcccf9befca Author: Mark Thomas AuthorDate: Fri Feb 28 19:28:53 2020 + Update after kkolinko review of new PersistAuthentication attribute --- .../apache/catalina/session/StandardSession.java| 4 ++-- webapps/docs/config/manager.xml | 21 ++--- webapps/docs/security-howto.xml | 4 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catalina/session/StandardSession.java index 557787e..f4fd0cb 100644 --- a/java/org/apache/catalina/session/StandardSession.java +++ b/java/org/apache/catalina/session/StandardSession.java @@ -1673,7 +1673,7 @@ public class StandardSession implements HttpSession, Session, Serializable { // Gather authentication information (if configured) String sessionAuthType = null; Principal sessionPrincipal = null; -if (isPersistAuthentication()) { +if (getPersistAuthentication()) { sessionAuthType = getAuthType(); sessionPrincipal = getPrincipal(); if (!(sessionPrincipal instanceof Serializable)) { @@ -1732,7 +1732,7 @@ public class StandardSession implements HttpSession, Session, Serializable { * @return {@code true}, if authentication information shall be persisted; * {@code false} otherwise */ -private boolean isPersistAuthentication() { +private boolean getPersistAuthentication() { if (manager instanceof ManagerBase) { return ((ManagerBase) manager).getPersistAuthentication(); } diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml index 616c508..75833d9 100644 --- a/webapps/docs/config/manager.xml +++ b/webapps/docs/config/manager.xml @@ -122,23 +122,6 @@ filter pattern in order to be restored. - -Should authentication information be included when session state is -preserved across application restarts? If true, the session's -authentication is preserved so that the session remains authenticated -after the application has been restarted. If not specified, the default -value of false will be used.See -Persistence Across Restarts -for more information. - -Please note that the session's Principal class as well -as its descendant classes are all subject to the -sessionAttributeValueClassNameFilter. If such a filter -is specified or a SecurityManager is enabled, the names of -the Principal class and descendant classes must match that -filter pattern in order to be restored. - - Frequency of the session expiration, and related manager operations. Manager operations will be done once for the specified amount of @@ -195,7 +178,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. @@ -333,7 +316,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index 1c57f71..d0c53ed 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -447,6 +447,10 @@ The length of the session ID may be changed with the sessionIdLength attribute. + + The persistAuthentication controls whether the + authenticated Principal associated with the session (if any) is included + when the session is persisted during a restart or to a Store. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For
[tomcat] branch master updated: Update after kkolinko review of new PersistAuthentication attribute
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 86b5fc8 Update after kkolinko review of new PersistAuthentication attribute 86b5fc8 is described below commit 86b5fc8e892cc37a15b90eb8ae708962054d721c Author: Mark Thomas AuthorDate: Fri Feb 28 19:28:53 2020 + Update after kkolinko review of new PersistAuthentication attribute --- .../apache/catalina/session/StandardSession.java| 4 ++-- webapps/docs/config/manager.xml | 21 ++--- webapps/docs/security-howto.xml | 4 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catalina/session/StandardSession.java index eeec5ce..951f9ee 100644 --- a/java/org/apache/catalina/session/StandardSession.java +++ b/java/org/apache/catalina/session/StandardSession.java @@ -1668,7 +1668,7 @@ public class StandardSession implements HttpSession, Session, Serializable { // Gather authentication information (if configured) String sessionAuthType = null; Principal sessionPrincipal = null; -if (isPersistAuthentication()) { +if (getPersistAuthentication()) { sessionAuthType = getAuthType(); sessionPrincipal = getPrincipal(); if (!(sessionPrincipal instanceof Serializable)) { @@ -1727,7 +1727,7 @@ public class StandardSession implements HttpSession, Session, Serializable { * @return {@code true}, if authentication information shall be persisted; * {@code false} otherwise */ -private boolean isPersistAuthentication() { +private boolean getPersistAuthentication() { if (manager instanceof ManagerBase) { return ((ManagerBase) manager).getPersistAuthentication(); } diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml index 640e62d..8af3e20 100644 --- a/webapps/docs/config/manager.xml +++ b/webapps/docs/config/manager.xml @@ -139,23 +139,6 @@ filter pattern in order to be restored. - -Should authentication information be included when session state is -preserved across application restarts? If true, the session's -authentication is preserved so that the session remains authenticated -after the application has been restarted. If not specified, the default -value of false will be used.See -Persistence Across Restarts -for more information. - -Please note that the session's Principal class as well -as its descendant classes are all subject to the -sessionAttributeValueClassNameFilter. If such a filter -is specified or a SecurityManager is enabled, the names of -the Principal class and descendant classes must match that -filter pattern in order to be restored. - - Frequency of the session expiration, and related manager operations. Manager operations will be done once for the specified amount of @@ -212,7 +195,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. @@ -350,7 +333,7 @@ must fully match the pattern. If not specified, the default value of null will be used unless a SecurityManager is enabled in which case the default will be - java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. + java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index a42eb17..fbdb9d7 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -447,6 +447,10 @@ The length of the session ID may be changed with the sessionIdLength attribute. + + The persistAuthentication controls whether the + authenticated Principal associated with the session (if any) is included + when the session is persisted during a restart or to a Store. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org Fo
Re: [tomcat] branch master updated: Add an option to persist authentication information with the session
On 28/02/2020 14:51, Konstantin Kolinko wrote: > 1). The diff block above - the same attribute is documented twice? Not sure how I missed that. I'll get the duplicate removed. > 2). I think that this attribute should be mentioned in security-howto. I'll add something. > 3). Why force a here? I think this will make documentation less > readable. I was neutral on it so I left it. Happy to remove it. > 4). The same question here. And the same answer :) > 5). In one of source files: (copy-pasting a previous fragment from the diff): > > +/** > + * Return whether authentication information shall be persisted or not. > + * > + * @return {@code true}, if authentication information shall be > persisted; > + * {@code false} otherwise > + */ > +private boolean isPersistAuthentication() { > +if (manager instanceof ManagerBase) { > +return ((ManagerBase) manager).getPersistAuthentication(); > +} > +return false; > +} > > 5). Why the getter names are inconsistent? > > Here "isPersistAuthentication()" is implemented as a call to > "getPersistAuthentication()". I'll make them consistent (get) Thanks for the review. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4977 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] 9b10d7b8baddaebaacf5573beac3958b99481829 Blamelist: remm Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix use of log valve API
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new a08f15a Fix use of log valve API a08f15a is described below commit a08f15a979021fd39b85d7882d6fe3b323466bdb Author: remm AuthorDate: Fri Feb 28 18:29:33 2020 +0100 Fix use of log valve API --- test/org/apache/catalina/valves/TesterAccessLogValve.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/org/apache/catalina/valves/TesterAccessLogValve.java b/test/org/apache/catalina/valves/TesterAccessLogValve.java index 6a40ee2..b09a99e 100644 --- a/test/org/apache/catalina/valves/TesterAccessLogValve.java +++ b/test/org/apache/catalina/valves/TesterAccessLogValve.java @@ -19,6 +19,7 @@ package org.apache.catalina.valves; import java.io.IOException; import java.util.Queue; import java.util.concurrent.ConcurrentLinkedQueue; +import java.util.concurrent.TimeUnit; import jakarta.servlet.ServletException; @@ -45,7 +46,7 @@ public class TesterAccessLogValve extends ValveBase implements AccessLog { @Override public void log(Request request, Response response, long time) { entries.add(new Entry(request.getRequestURI(), response.getStatus(), -time)); +TimeUnit.NANOSECONDS.toMillis(time))); } @Override - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Ws
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 9b10d7b Ws 9b10d7b is described below commit 9b10d7b8baddaebaacf5573beac3958b99481829 Author: remm AuthorDate: Fri Feb 28 18:29:50 2020 +0100 Ws --- webapps/docs/config/manager.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml index 7bcb4df..640e62d 100644 --- a/webapps/docs/config/manager.xml +++ b/webapps/docs/config/manager.xml @@ -287,7 +287,7 @@ Should authentication information be included when sessions are swapped out to persistent storage? If true, the session's authentication is preserved so that the session remains authenticated -after being reloaded (swapped in) from persistent storage. If not +after being reloaded (swapped in) from persistent storage. If not specified, the default value of false will be used. Please note that the session's Principal class as well - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63286] Inconsistencies between AccessLogValve and mod_log_config
https://bz.apache.org/bugzilla/show_bug.cgi?id=63286 --- Comment #8 from Michael Osipov --- (In reply to Remy Maucherat from comment #7) > This should be fixed in 10.0.0-M2. I fail to find this commit in https://github.com/apache/tomcat/commits/master/java/org/apache/catalina/valves/AccessLogValve.java and https://github.com/apache/tomcat/commits/master/java/org/apache/catalina/valves/AbstractAccessLogValve.java. Where is it? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new c93475d Missing string c93475d is described below commit c93475d321adcfb3ed8e28e1ab225e35f5471e36 Author: remm AuthorDate: Fri Feb 28 17:11:32 2020 +0100 Missing string --- java/org/apache/coyote/http11/InternalNioInputBuffer.java | 2 +- java/org/apache/coyote/http11/LocalStrings.properties | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/java/org/apache/coyote/http11/InternalNioInputBuffer.java b/java/org/apache/coyote/http11/InternalNioInputBuffer.java index fba00a1..9cf0dd0 100644 --- a/java/org/apache/coyote/http11/InternalNioInputBuffer.java +++ b/java/org/apache/coyote/http11/InternalNioInputBuffer.java @@ -394,7 +394,7 @@ public class InternalNioInputBuffer extends AbstractInputBuffer { parsingRequestLineStart = 0; return true; } -throw new IllegalStateException("Invalid request line parse phase:"+parsingRequestLinePhase); +throw new IllegalStateException(sm.getString("iib.invalidPhase", Integer.valueOf(parsingRequestLinePhase))); } private void expand(int newsize) { diff --git a/java/org/apache/coyote/http11/LocalStrings.properties b/java/org/apache/coyote/http11/LocalStrings.properties index b12dd2e..d31f697 100644 --- a/java/org/apache/coyote/http11/LocalStrings.properties +++ b/java/org/apache/coyote/http11/LocalStrings.properties @@ -54,6 +54,7 @@ http11protocol.start=Starting Coyote HTTP/1.1 on [{0}] iib.apr.sslGeneralError=An APR general error was returned by the SSL read operation on APR/native socket [{0}] with wrapper [{1}]. It will be treated as EAGAIN and the socket returned to the poller. iib.eof.error=Unexpected EOF read on the socket iib.invalidHttpProtocol=Invalid character found in the HTTP protocol +iib.invalidPhase=Invalid request line parse phase [{0}] iib.invalidRequestTarget=Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 iib.invalidheader=The HTTP header line [{0}] does not conform to RFC 7230 and has been ignored. iib.invalidmethod=Invalid character found in method name. HTTP method names must be tokens - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new deaf4b9 Missing string deaf4b9 is described below commit deaf4b9475d74b5c99e6b8f6886d4019412bb029 Author: remm AuthorDate: Fri Feb 28 17:11:32 2020 +0100 Missing string --- java/org/apache/coyote/http11/Http11InputBuffer.java | 3 +-- java/org/apache/coyote/http11/LocalStrings.properties | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java b/java/org/apache/coyote/http11/Http11InputBuffer.java index daecc72..3074593 100644 --- a/java/org/apache/coyote/http11/Http11InputBuffer.java +++ b/java/org/apache/coyote/http11/Http11InputBuffer.java @@ -560,8 +560,7 @@ public class Http11InputBuffer implements InputBuffer, ApplicationBufferHandler parsingRequestLineStart = 0; return true; } -throw new IllegalStateException( -"Invalid request line parse phase:" + parsingRequestLinePhase); +throw new IllegalStateException(sm.getString("iib.invalidPhase", Integer.valueOf(parsingRequestLinePhase))); } diff --git a/java/org/apache/coyote/http11/LocalStrings.properties b/java/org/apache/coyote/http11/LocalStrings.properties index e375b27..987907a 100644 --- a/java/org/apache/coyote/http11/LocalStrings.properties +++ b/java/org/apache/coyote/http11/LocalStrings.properties @@ -43,6 +43,7 @@ iib.eof.error=Unexpected EOF read on the socket iib.failedread.apr=Read failed with APR/native error code [{0}] iib.filter.npe=You may not add a null filter iib.invalidHttpProtocol=Invalid character found in the HTTP protocol +iib.invalidPhase=Invalid request line parse phase [{0}] iib.invalidRequestTarget=Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 iib.invalidheader=The HTTP header line [{0}] does not conform to RFC 7230 and has been ignored. iib.invalidmethod=Invalid character found in method name. HTTP method names must be tokens - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new f9ec834 Missing string f9ec834 is described below commit f9ec83488cbbc33dfa629e41647225c6a454776b Author: remm AuthorDate: Fri Feb 28 17:11:32 2020 +0100 Missing string --- java/org/apache/coyote/http11/Http11InputBuffer.java | 3 +-- java/org/apache/coyote/http11/LocalStrings.properties | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java b/java/org/apache/coyote/http11/Http11InputBuffer.java index 04543ef..166835e 100644 --- a/java/org/apache/coyote/http11/Http11InputBuffer.java +++ b/java/org/apache/coyote/http11/Http11InputBuffer.java @@ -546,8 +546,7 @@ public class Http11InputBuffer implements InputBuffer, ApplicationBufferHandler parsingRequestLineStart = 0; return true; } -throw new IllegalStateException( -"Invalid request line parse phase:" + parsingRequestLinePhase); +throw new IllegalStateException(sm.getString("iib.invalidPhase", Integer.valueOf(parsingRequestLinePhase))); } diff --git a/java/org/apache/coyote/http11/LocalStrings.properties b/java/org/apache/coyote/http11/LocalStrings.properties index 6765b87..d744815 100644 --- a/java/org/apache/coyote/http11/LocalStrings.properties +++ b/java/org/apache/coyote/http11/LocalStrings.properties @@ -41,6 +41,7 @@ iib.eof.error=Unexpected EOF read on the socket iib.failedread.apr=Read failed with APR/native error code [{0}] iib.filter.npe=You may not add a null filter iib.invalidHttpProtocol=Invalid character found in the HTTP protocol +iib.invalidPhase=Invalid request line parse phase [{0}] iib.invalidRequestTarget=Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 iib.invalidheader=The HTTP header line [{0}] does not conform to RFC 7230 and has been ignored. iib.invalidmethod=Invalid character found in method name. HTTP method names must be tokens - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Missing string
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new fe318e4 Missing string fe318e4 is described below commit fe318e4fde10251318a99e1d6bcebecfc44d845c Author: remm AuthorDate: Fri Feb 28 17:11:32 2020 +0100 Missing string --- java/org/apache/coyote/http11/Http11InputBuffer.java | 3 +-- java/org/apache/coyote/http11/LocalStrings.properties | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java b/java/org/apache/coyote/http11/Http11InputBuffer.java index 605951d..1620928 100644 --- a/java/org/apache/coyote/http11/Http11InputBuffer.java +++ b/java/org/apache/coyote/http11/Http11InputBuffer.java @@ -546,8 +546,7 @@ public class Http11InputBuffer implements InputBuffer, ApplicationBufferHandler parsingRequestLineStart = 0; return true; } -throw new IllegalStateException( -"Invalid request line parse phase:" + parsingRequestLinePhase); +throw new IllegalStateException(sm.getString("iib.invalidPhase", Integer.valueOf(parsingRequestLinePhase))); } diff --git a/java/org/apache/coyote/http11/LocalStrings.properties b/java/org/apache/coyote/http11/LocalStrings.properties index 6765b87..d744815 100644 --- a/java/org/apache/coyote/http11/LocalStrings.properties +++ b/java/org/apache/coyote/http11/LocalStrings.properties @@ -41,6 +41,7 @@ iib.eof.error=Unexpected EOF read on the socket iib.failedread.apr=Read failed with APR/native error code [{0}] iib.filter.npe=You may not add a null filter iib.invalidHttpProtocol=Invalid character found in the HTTP protocol +iib.invalidPhase=Invalid request line parse phase [{0}] iib.invalidRequestTarget=Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 iib.invalidheader=The HTTP header line [{0}] does not conform to RFC 7230 and has been ignored. iib.invalidmethod=Invalid character found in method name. HTTP method names must be tokens - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Add an option to persist authentication information with the session
пт, 28 февр. 2020 г. в 17:18, : > > This is an automated email from the ASF dual-hosted git repository. > > markt pushed a commit to branch master > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > The following commit(s) were added to refs/heads/master by this push: > new 20a830c Add an option to persist authentication information with > the session > 20a830c is described below > > commit 20a830c6a520922aee47416c129d322e662bfd44 > Author: Carsten Klein > AuthorDate: Wed Feb 19 09:01:04 2020 +0100 > > Add an option to persist authentication information with the session > > Patch provided by Carsten Klein. > --- [...] > diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml > index 821085e..7bcb4df 100644 > --- a/webapps/docs/config/manager.xml > +++ b/webapps/docs/config/manager.xml > @@ -122,6 +122,40 @@ > enabled by setting this attribute to a non empty string. > > > + > +Should authentication information be included when session state > is > +preserved across application restarts? If true, the > session's > +authentication is preserved so that the session remains authenticated > +after the application has been restarted. If not specified, the > default > +value of false will be used.See > +Persistence Across > Restarts > +for more information. > + > +Please note that the session's Principal class as > well > +as its descendant classes are all subject to the > +sessionAttributeValueClassNameFilter. If such a > filter > +is specified or a SecurityManager is enabled, the names > of > +the Principal class and descendant classes must match > that > +filter pattern in order to be restored. > + > + > + > +Should authentication information be included when session state > is > +preserved across application restarts? If true, the > session's > +authentication is preserved so that the session remains authenticated > +after the application has been restarted. If not specified, the > default > +value of false will be used.See > +Persistence Across > Restarts > +for more information. > + > +Please note that the session's Principal class as > well > +as its descendant classes are all subject to the > +sessionAttributeValueClassNameFilter. If such a > filter > +is specified or a SecurityManager is enabled, the names > of > +the Principal class and descendant classes must match > that > +filter pattern in order to be restored. > + > + 1). The diff block above - the same attribute is documented twice? 2). I think that this attribute should be mentioned in security-howto. > > Frequency of the session expiration, and related manager > operations. > Manager operations will be done once for the specified amount of > @@ -178,7 +212,7 @@ > must fully match the pattern. If not specified, the default value of > null will be used unless a SecurityManager > is > enabled in which case the default will be > - > java\\.lang\\.(?:Boolean|Integer|Long|Number|String). > + > java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. 3). Why force a here? I think this will make documentation less readable. > > > > @@ -249,6 +283,21 @@ > By default, this value is set to -1. > > > + > +Should authentication information be included when sessions are > +swapped out to persistent storage? If true, the > session's > +authentication is preserved so that the session remains authenticated > +after being reloaded (swapped in) from persistent storage. If not > +specified, the default value of false will be used. > + > +Please note that the session's Principal class as > well > +as its descendant classes are all subject to the > +sessionAttributeValueClassNameFilter. If such a > filter > +is specified or a SecurityManager is enabled, the names > of > +the Principal class and descendant classes must match > that > +filter pattern in order to be restored. > + > + > > It is the same as described above for the > org.apache.catalina.session.StandardManager class. > @@ -301,7 +350,7 @@ > must fully match the pattern. If not specified, the default value of > null will be used unless a SecurityManager > is > enabled in which case the default will be > - > java\\.lang\\.(?:Boolean|Integer|Long|Number|String). > + > java\\.lang\\.(?:Boolean|Integer|Long|Number|String)|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal|\\[Ljava.lang.String;. >
Re: [tomcat] branch master updated: Add an option to persist authentication information with the session
On Fri, Feb 28, 2020 at 3:18 PM wrote: > This is an automated email from the ASF dual-hosted git repository. > > markt pushed a commit to branch master > in repository https://gitbox.apache.org/repos/asf/tomcat.git > > > The following commit(s) were added to refs/heads/master by this push: > new 20a830c Add an option to persist authentication information with > the session > 20a830c is described below > > commit 20a830c6a520922aee47416c129d322e662bfd44 > Author: Carsten Klein > AuthorDate: Wed Feb 19 09:01:04 2020 +0100 > > Add an option to persist authentication information with the session > > Patch provided by Carsten Klein. > I think it's a bad idea as far as I am concerned, but it could also save up on some whining. Not necessarily a bad idea I guess. Rémy
[tomcat] branch 7.0.x updated: Add an option to persist authentication information with the session
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new 02e97d2 Add an option to persist authentication information with the session 02e97d2 is described below commit 02e97d2b98f28ceeb5dd2d2c9636823a146d55f7 Author: Carsten Klein AuthorDate: Wed Feb 19 09:01:04 2020 +0100 Add an option to persist authentication information with the session Patch provided by Carsten Klein. --- .../catalina/session/LocalStrings.properties | 2 + java/org/apache/catalina/session/ManagerBase.java | 37 +++- .../apache/catalina/session/StandardSession.java | 69 +- .../apache/catalina/session/mbeans-descriptors.xml | 8 +++ webapps/docs/changelog.xml | 6 ++ webapps/docs/config/manager.xml| 62 ++- 6 files changed, 177 insertions(+), 7 deletions(-) diff --git a/java/org/apache/catalina/session/LocalStrings.properties b/java/org/apache/catalina/session/LocalStrings.properties index 2429627..f969a8f 100644 --- a/java/org/apache/catalina/session/LocalStrings.properties +++ b/java/org/apache/catalina/session/LocalStrings.properties @@ -93,6 +93,8 @@ standardSession.isNew.ise=isNew: Session already invalidated standardSession.logoutfail=Exception logging out user when expiring session standardSession.notDeserializable=Cannot deserialize session attribute [{0}] for session [{1}] standardSession.notSerializable=Cannot serialize session attribute [{0}] for session [{1}] +standardSession.principalNotDeserializable=Cannot deserialize Principal object for session [{0}] +standardSession.principalNotSerializable=Cannot serialize Principal object for session [{0}] standardSession.removeAttribute.ise=removeAttribute: Session already invalidated standardSession.sessionCreated=Created Session id = [{0}] standardSession.sessionEvent=Session event listener threw exception diff --git a/java/org/apache/catalina/session/ManagerBase.java b/java/org/apache/catalina/session/ManagerBase.java index 8022d08..af0add0 100644 --- a/java/org/apache/catalina/session/ManagerBase.java +++ b/java/org/apache/catalina/session/ManagerBase.java @@ -233,6 +233,12 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager private boolean warnOnSessionAttributeFilterFailure; +/** + * Determines whether sessions managed by this manager shall persist (serialize) + * authentication information or not. + */ +private boolean persistAuthentication = false; + // Constructors @@ -240,8 +246,11 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager if (Globals.IS_SECURITY_ENABLED) { // Minimum set required for default distribution/persistence to work // plus String +// plus SerializablePrincipal and String[] (required for authentication persistence) setSessionAttributeValueClassNameFilter( -"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)"); +"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)" ++ "|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal" ++ "|\\[Ljava.lang.String;"); setWarnOnSessionAttributeFilterFailure(true); } } @@ -638,10 +647,34 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager Integer.valueOf(this.processExpiresFrequency)); } -// - Public Methods /** + * Return whether sessions managed by this manager shall persist authentication + * information or not. + * + * @return {@code true}, sessions managed by this manager shall persist + * authentication information; {@code false} otherwise + */ +public boolean getPersistAuthentication() { +return this.persistAuthentication; +} + +/** + * Set whether sessions managed by this manager shall persist authentication + * information or not. + * + * @param persistAuthentication if {@code true}, sessions managed by this manager + * shall persist authentication information + */ +public void setPersistAuthentication(boolean persistAuthentication) { +this.persistAuthentication = persistAuthentication; +} + + +// - Public Methods + +/** * {@inheritDoc} * * Direct call to {@link #processExpires()} diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catalina/session/StandardSession
[GitHub] [tomcat] markt-asf commented on issue #247: Tomcat Session Manager w/ Authentication Persistence
markt-asf commented on issue #247: Tomcat Session Manager w/ Authentication Persistence URL: https://github.com/apache/tomcat/pull/247#issuecomment-592535603 Fixed in: - master for 10.0.0-M2 onwards - 9.0.x for 9.0.32 onwards - 8.5.x for 8.5.52 onwards - 7.0.x for 7.0.101 onwards This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #247: Tomcat Session Manager w/ Authentication Persistence
markt-asf closed pull request #247: Tomcat Session Manager w/ Authentication Persistence URL: https://github.com/apache/tomcat/pull/247 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Add an option to persist authentication information with the session
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 33bd08b Add an option to persist authentication information with the session 33bd08b is described below commit 33bd08b9617d81ca99758412ea405ca2994106da Author: Carsten Klein AuthorDate: Wed Feb 19 09:01:04 2020 +0100 Add an option to persist authentication information with the session Patch provided by Carsten Klein. --- .../catalina/session/LocalStrings.properties | 2 + java/org/apache/catalina/session/ManagerBase.java | 37 - .../apache/catalina/session/StandardSession.java | 61 +++-- .../apache/catalina/session/mbeans-descriptors.xml | 8 +++ webapps/docs/changelog.xml | 6 +++ webapps/docs/config/manager.xml| 62 +- 6 files changed, 169 insertions(+), 7 deletions(-) diff --git a/java/org/apache/catalina/session/LocalStrings.properties b/java/org/apache/catalina/session/LocalStrings.properties index 51b7a01..289b272 100644 --- a/java/org/apache/catalina/session/LocalStrings.properties +++ b/java/org/apache/catalina/session/LocalStrings.properties @@ -79,6 +79,8 @@ standardSession.isNew.ise=isNew: Session already invalidated standardSession.logoutfail=Exception logging out user when expiring session standardSession.notDeserializable=Cannot deserialize session attribute [{0}] for session [{1}] standardSession.notSerializable=Cannot serialize session attribute [{0}] for session [{1}] +standardSession.principalNotDeserializable=Cannot deserialize Principal object for session [{0}] +standardSession.principalNotSerializable=Cannot serialize Principal object for session [{0}] standardSession.removeAttribute.ise=removeAttribute: Session already invalidated standardSession.sessionEvent=Session event listener threw exception standardSession.setAttribute.iae=setAttribute: Non-serializable attribute [{0}] diff --git a/java/org/apache/catalina/session/ManagerBase.java b/java/org/apache/catalina/session/ManagerBase.java index 9759e27..51b4f09 100644 --- a/java/org/apache/catalina/session/ManagerBase.java +++ b/java/org/apache/catalina/session/ManagerBase.java @@ -192,6 +192,12 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager private boolean warnOnSessionAttributeFilterFailure; +/** + * Determines whether sessions managed by this manager shall persist (serialize) + * authentication information or not. + */ +private boolean persistAuthentication = false; + // Constructors @@ -199,8 +205,11 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager if (Globals.IS_SECURITY_ENABLED) { // Minimum set required for default distribution/persistence to work // plus String +// plus SerializablePrincipal and String[] (required for authentication persistence) setSessionAttributeValueClassNameFilter( -"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)"); +"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)" ++ "|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal" ++ "|\\[Ljava.lang.String;"); setWarnOnSessionAttributeFilterFailure(true); } } @@ -513,10 +522,34 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager Integer.valueOf(this.processExpiresFrequency)); } -// - Public Methods /** + * Return whether sessions managed by this manager shall persist authentication + * information or not. + * + * @return {@code true}, sessions managed by this manager shall persist + * authentication information; {@code false} otherwise + */ +public boolean getPersistAuthentication() { +return this.persistAuthentication; +} + +/** + * Set whether sessions managed by this manager shall persist authentication + * information or not. + * + * @param persistAuthentication if {@code true}, sessions managed by this manager + * shall persist authentication information + */ +public void setPersistAuthentication(boolean persistAuthentication) { +this.persistAuthentication = persistAuthentication; +} + + +// - Public Methods + +/** * {@inheritDoc} * * Direct call to {@link #processExpires()} diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catali
[tomcat] branch 9.0.x updated: Add an option to persist authentication information with the session
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new c91c16e Add an option to persist authentication information with the session c91c16e is described below commit c91c16ec3097977c989b3831e2bab1d74a71210b Author: Carsten Klein AuthorDate: Wed Feb 19 09:01:04 2020 +0100 Add an option to persist authentication information with the session Patch provided by Carsten Klein. --- .../catalina/session/LocalStrings.properties | 2 + java/org/apache/catalina/session/ManagerBase.java | 37 - .../apache/catalina/session/StandardSession.java | 61 +++-- .../apache/catalina/session/mbeans-descriptors.xml | 8 +++ webapps/docs/changelog.xml | 6 +++ webapps/docs/config/manager.xml| 62 +- 6 files changed, 169 insertions(+), 7 deletions(-) diff --git a/java/org/apache/catalina/session/LocalStrings.properties b/java/org/apache/catalina/session/LocalStrings.properties index e0a5487..62a8b49 100644 --- a/java/org/apache/catalina/session/LocalStrings.properties +++ b/java/org/apache/catalina/session/LocalStrings.properties @@ -84,6 +84,8 @@ standardSession.isNew.ise=isNew: Session already invalidated standardSession.logoutfail=Exception logging out user when expiring session standardSession.notDeserializable=Cannot deserialize session attribute [{0}] for session [{1}] standardSession.notSerializable=Cannot serialize session attribute [{0}] for session [{1}] +standardSession.principalNotDeserializable=Cannot deserialize Principal object for session [{0}] +standardSession.principalNotSerializable=Cannot serialize Principal object for session [{0}] standardSession.removeAttribute.ise=removeAttribute: Session already invalidated standardSession.sessionEvent=Session event listener threw exception standardSession.setAttribute.iae=setAttribute: Non-serializable attribute [{0}] diff --git a/java/org/apache/catalina/session/ManagerBase.java b/java/org/apache/catalina/session/ManagerBase.java index 5e769c8..0cfc20a 100644 --- a/java/org/apache/catalina/session/ManagerBase.java +++ b/java/org/apache/catalina/session/ManagerBase.java @@ -197,6 +197,12 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager private boolean notifyAttributeListenerOnUnchangedValue = true; +/** + * Determines whether sessions managed by this manager shall persist (serialize) + * authentication information or not. + */ +private boolean persistAuthentication = false; + // Constructors @@ -204,8 +210,11 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager if (Globals.IS_SECURITY_ENABLED) { // Minimum set required for default distribution/persistence to work // plus String +// plus SerializablePrincipal and String[] (required for authentication persistence) setSessionAttributeValueClassNameFilter( -"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)"); +"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)" ++ "|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal" ++ "|\\[Ljava.lang.String;"); setWarnOnSessionAttributeFilterFailure(true); } } @@ -543,10 +552,34 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager Integer.valueOf(this.processExpiresFrequency)); } -// - Public Methods /** + * Return whether sessions managed by this manager shall persist authentication + * information or not. + * + * @return {@code true}, sessions managed by this manager shall persist + * authentication information; {@code false} otherwise + */ +public boolean getPersistAuthentication() { +return this.persistAuthentication; +} + +/** + * Set whether sessions managed by this manager shall persist authentication + * information or not. + * + * @param persistAuthentication if {@code true}, sessions managed by this manager + * shall persist authentication information + */ +public void setPersistAuthentication(boolean persistAuthentication) { +this.persistAuthentication = persistAuthentication; +} + + +// - Public Methods + +/** * {@inheritDoc} * * Direct call to {@link #processExpires()} diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/ap
[tomcat] branch master updated: Add an option to persist authentication information with the session
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 20a830c Add an option to persist authentication information with the session 20a830c is described below commit 20a830c6a520922aee47416c129d322e662bfd44 Author: Carsten Klein AuthorDate: Wed Feb 19 09:01:04 2020 +0100 Add an option to persist authentication information with the session Patch provided by Carsten Klein. --- .../catalina/session/LocalStrings.properties | 2 + java/org/apache/catalina/session/ManagerBase.java | 37 - .../apache/catalina/session/StandardSession.java | 61 +++-- .../apache/catalina/session/mbeans-descriptors.xml | 8 +++ webapps/docs/changelog.xml | 6 +++ webapps/docs/config/manager.xml| 62 +- 6 files changed, 169 insertions(+), 7 deletions(-) diff --git a/java/org/apache/catalina/session/LocalStrings.properties b/java/org/apache/catalina/session/LocalStrings.properties index e0a5487..62a8b49 100644 --- a/java/org/apache/catalina/session/LocalStrings.properties +++ b/java/org/apache/catalina/session/LocalStrings.properties @@ -84,6 +84,8 @@ standardSession.isNew.ise=isNew: Session already invalidated standardSession.logoutfail=Exception logging out user when expiring session standardSession.notDeserializable=Cannot deserialize session attribute [{0}] for session [{1}] standardSession.notSerializable=Cannot serialize session attribute [{0}] for session [{1}] +standardSession.principalNotDeserializable=Cannot deserialize Principal object for session [{0}] +standardSession.principalNotSerializable=Cannot serialize Principal object for session [{0}] standardSession.removeAttribute.ise=removeAttribute: Session already invalidated standardSession.sessionEvent=Session event listener threw exception standardSession.setAttribute.iae=setAttribute: Non-serializable attribute [{0}] diff --git a/java/org/apache/catalina/session/ManagerBase.java b/java/org/apache/catalina/session/ManagerBase.java index 1e91a31..56dd793 100644 --- a/java/org/apache/catalina/session/ManagerBase.java +++ b/java/org/apache/catalina/session/ManagerBase.java @@ -197,6 +197,12 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager private boolean notifyAttributeListenerOnUnchangedValue = true; +/** + * Determines whether sessions managed by this manager shall persist (serialize) + * authentication information or not. + */ +private boolean persistAuthentication = false; + // Constructors @@ -204,8 +210,11 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager if (Globals.IS_SECURITY_ENABLED) { // Minimum set required for default distribution/persistence to work // plus String +// plus SerializablePrincipal and String[] (required for authentication persistence) setSessionAttributeValueClassNameFilter( -"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)"); +"java\\.lang\\.(?:Boolean|Integer|Long|Number|String)" ++ "|org\\.apache\\.catalina\\.realm\\.GenericPrincipal\\$SerializablePrincipal" ++ "|\\[Ljava.lang.String;"); setWarnOnSessionAttributeFilterFailure(true); } } @@ -543,10 +552,34 @@ public abstract class ManagerBase extends LifecycleMBeanBase implements Manager Integer.valueOf(this.processExpiresFrequency)); } -// - Public Methods /** + * Return whether sessions managed by this manager shall persist authentication + * information or not. + * + * @return {@code true}, sessions managed by this manager shall persist + * authentication information; {@code false} otherwise + */ +public boolean getPersistAuthentication() { +return this.persistAuthentication; +} + +/** + * Set whether sessions managed by this manager shall persist authentication + * information or not. + * + * @param persistAuthentication if {@code true}, sessions managed by this manager + * shall persist authentication information + */ +public void setPersistAuthentication(boolean persistAuthentication) { +this.persistAuthentication = persistAuthentication; +} + + +// - Public Methods + +/** * {@inheritDoc} * * Direct call to {@link #processExpires()} diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/
[tomcat] branch master updated: Todo update
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 000ee45 Todo update 000ee45 is described below commit 000ee45773f4e28e6f5826293db98988bfad7b29 Author: remm AuthorDate: Fri Feb 28 13:45:18 2020 +0100 Todo update Likely defer the JNI rework since Panama is still in WIP mode. --- TOMCAT-NEXT.txt | 18 -- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/TOMCAT-NEXT.txt b/TOMCAT-NEXT.txt index 34e3adf..0b3a519 100644 --- a/TOMCAT-NEXT.txt +++ b/TOMCAT-NEXT.txt @@ -29,24 +29,22 @@ New items for 10.0.x onwards: 1. Remove APR connector. - 2. Remove org.apache.tomcat.jni and replace with the minimum necessary to -interface with OpenSSL and clones. -We might want to park this one until we see what is available direct from -the JRE with project Panama. - - 3. Clean-up content-type header processing. Remove the optional space after + 2. Clean-up content-type header processing. Remove the optional space after the ';' character (if any). Don't mutate the header if there is no charset parameter. See BZ 62912 for some discussion and additional references. - 4. RFC 3986 states (section 2.2) that a %nn encoded delimiter is NOT equivalent + 3. RFC 3986 states (section 2.2) that a %nn encoded delimiter is NOT equivalent to the decoded form. Provide an option not to decode delimiters in %nn form. - 5. BZ 63286. Make behaviour of %D and %T consistent with httpd. - - 6. Refactor DefaultServlet to use Ranges in parseRanges(). + 4. Refactor DefaultServlet to use Ranges in parseRanges(). Deferred until 10.1.x: 1. Remove the ExtensionValidator and associated classes (assuming that the minimum Java version is Java 9 or later). + 2. Remove org.apache.tomcat.jni and replace with the minimum necessary to +interface with OpenSSL and clones. +We might want to park this one until we see what is available direct from +the JRE with project Panama. + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63286] Inconsistencies between AccessLogValve and mod_log_config
https://bz.apache.org/bugzilla/show_bug.cgi?id=63286 Remy Maucherat changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #7 from Remy Maucherat --- This should be fixed in 10.0.0-M2. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] mads1980 commented on issue #246: OpenSSLEngine improvements to guard against multiple shutdown() calls triggered by construction exception and finalize() later
mads1980 commented on issue #246: OpenSSLEngine improvements to guard against multiple shutdown() calls triggered by construction exception and finalize() later URL: https://github.com/apache/tomcat/pull/246#issuecomment-592486250 This is great, thanks for your attention & support. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4972 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] 5ee4720ea9ca5701ac306caafa56ea41ec23372f Blamelist: Bernd Bohmann ,Mark Thomas BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #246: OpenSSLEngine improvements to guard against multiple shutdown() calls triggered by construction exception and finalize() later
markt-asf closed pull request #246: OpenSSLEngine improvements to guard against multiple shutdown() calls triggered by construction exception and finalize() later URL: https://github.com/apache/tomcat/pull/246 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on issue #246: OpenSSLEngine improvements to guard against multiple shutdown() calls triggered by construction exception and finalize() later
markt-asf commented on issue #246: OpenSSLEngine improvements to guard against multiple shutdown() calls triggered by construction exception and finalize() later URL: https://github.com/apache/tomcat/pull/246#issuecomment-592474362 Rémy has committed a variation of this. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Change access log time argument to use nanosecond
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new a8575ef Change access log time argument to use nanosecond a8575ef is described below commit a8575efbc1de64fe58c8fd99e53a0011b59a8e86 Author: remm AuthorDate: Fri Feb 28 12:28:26 2020 +0100 Change access log time argument to use nanosecond Clear up the %T discrepancies with the usual access log format. --- java/org/apache/catalina/AccessLog.java| 2 +- .../apache/catalina/connector/CoyoteAdapter.java | 5 +-- .../catalina/valves/AbstractAccessLogValve.java| 45 +- .../catalina/valves/ExtendedAccessLogValve.java| 2 +- webapps/docs/changelog.xml | 5 +++ webapps/docs/config/valve.xml | 9 + 6 files changed, 37 insertions(+), 31 deletions(-) diff --git a/java/org/apache/catalina/AccessLog.java b/java/org/apache/catalina/AccessLog.java index 138f9f4..6674309 100644 --- a/java/org/apache/catalina/AccessLog.java +++ b/java/org/apache/catalina/AccessLog.java @@ -76,7 +76,7 @@ public interface AccessLog { * @param request Request (associated with the response) to log * @param response Response (associated with the request) to log * @param time Time taken to process the request/response in - * milliseconds (use 0 if not known) + * nanoseconds (use 0 if not known) */ public void log(Request request, Response response, long time); diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 18b8025..f448f8f 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -20,7 +20,6 @@ import java.io.IOException; import java.nio.charset.Charset; import java.nio.charset.StandardCharsets; import java.util.EnumSet; -import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicBoolean; import jakarta.servlet.ReadListener; @@ -275,7 +274,7 @@ public class CoyoteAdapter implements Adapter { if (!success || !request.isAsync()) { long time = 0; if (req.getStartTimeNanos() != -1) { -time = TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - req.getStartTimeNanos()); +time = System.nanoTime() - req.getStartTimeNanos(); } Context context = request.getContext(); if (context != null) { @@ -403,7 +402,7 @@ public class CoyoteAdapter implements Adapter { // The other possibility is that an error occurred early in // processing and the request could not be mapped to a Context. // Log via the host or engine in that case. -long time = TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - req.getStartTimeNanos()); +long time = System.nanoTime() - req.getStartTimeNanos(); if (context != null) { context.logAccess(request, response, time, false); } else if (response.isError()) { diff --git a/java/org/apache/catalina/valves/AbstractAccessLogValve.java b/java/org/apache/catalina/valves/AbstractAccessLogValve.java index 5cc1f03..1f00595 100644 --- a/java/org/apache/catalina/valves/AbstractAccessLogValve.java +++ b/java/org/apache/catalina/valves/AbstractAccessLogValve.java @@ -700,9 +700,8 @@ public abstract class AbstractAccessLogValve extends ValveBase implements Access return; } -long elapsed = TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - request.getCoyoteRequest().getStartTimeNanos()); // Date for access log should be the beginning of the request -Date date = getDate(System.currentTimeMillis() - elapsed); +Date date = getDate(request.getCoyoteRequest().getStartTime()); CharArrayWriter result = charArrayWriters.pop(); if (result == null) { @@ -1109,8 +1108,8 @@ public abstract class AbstractAccessLogValve extends ValveBase implements Access Response response, long time) { long timestamp = date.getTime(); long frac; -if (usesBegin) { -timestamp -= time; +if (!usesBegin) { +timestamp += TimeUnit.NANOSECONDS.toMillis(time); } /* Implementation note: This is deliberately not implemented using * switch. If a switch is used the compiler (at least the Oracle @@ -1330,30 +1329,29 @@ public abstract class AbstractAccessLogValve extends ValveBase implements Access * write time taken to process the request - %D, %T */ protected static class ElapsedT
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4971 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] efdbc2bffb0f3691d85a926a6584aa7399cd8616 Blamelist: remm Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: The '$' in the class name of Digester$EnvironmentPropertySource...(#244)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/7.0.x by this push: new 8900e3f The '$' in the class name of Digester$EnvironmentPropertySource...(#244) 8900e3f is described below commit 8900e3f20ae231a0691ae73c26b0fb88693f5a0f Author: Bernd Bohmann AuthorDate: Fri Feb 28 12:09:04 2020 +0100 The '$' in the class name of Digester$EnvironmentPropertySource...(#244) The '$' in the class name of Digester$EnvironmentPropertySource is not really shell friendly for unix environments. The class should not a inner class. --- java/org/apache/tomcat/util/digester/Digester.java | 28 +++- .../util/digester/EnvironmentPropertySource.java | 78 ++ webapps/docs/changelog.xml | 7 ++ webapps/docs/config/systemprops.xml| 2 +- 4 files changed, 96 insertions(+), 19 deletions(-) diff --git a/java/org/apache/tomcat/util/digester/Digester.java b/java/org/apache/tomcat/util/digester/Digester.java index 1d65db7..dbbb4db 100644 --- a/java/org/apache/tomcat/util/digester/Digester.java +++ b/java/org/apache/tomcat/util/digester/Digester.java @@ -175,24 +175,16 @@ public class Digester extends DefaultHandler2 { } } - -public static class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { - -@Override -public String getProperty(String key) { -return null; -} - -@Override -public String getProperty(String key, ClassLoader classLoader) { -if (classLoader instanceof PermissionCheck) { -Permission p = new RuntimePermission("getenv." + key, null); -if (!((PermissionCheck) classLoader).check(p)) { -return null; -} -} -return System.getenv(key); -} +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. Still available + * for backwards compatibility. + * + * @deprecated Use {@link org.apache.tomcat.util.digester.EnvironmentPropertySource} + * This will be removed in Tomcat 10 onwards. + */ +@Deprecated +public static class EnvironmentPropertySource extends org.apache.tomcat.util.digester.EnvironmentPropertySource { } diff --git a/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java new file mode 100644 index 000..6b4138c --- /dev/null +++ b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.digester; + +import java.security.Permission; + +import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; + +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. + * + * Usage example: + * + * Configure the certificate with environment variables. + * + * + * {@code + * + * + * } + * + * + * How to configure: + * + * {@code + * echo "org.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource" >> conf/catalina.properties} + * + * or add this to {@code CATALINA_OPTS} + * + * + * {@code + * -Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource} + * + * + * NOTE: When configured the PropertySource for resolving expressions + * from system properties is still active. + * + * @see Digester + * + * @see https://tomcat.apache.org/tomcat-9.0-doc/config/systemprops.html#Property_replacements";>Tomcat Configuration Reference System Properties + */ +public class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { + +@Override +public String getProperty(String key) { +
[tomcat] branch 8.5.x updated: The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new ffba0c6 The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) ffba0c6 is described below commit ffba0c6c97f03e0a32c8a40a1589f93419458ef1 Author: Bernd Bohmann AuthorDate: Fri Feb 28 12:09:04 2020 +0100 The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) The '$' in the class name of Digester$EnvironmentPropertySource is not really shell friendly for unix environments. The class should not a inner class. --- java/org/apache/tomcat/util/digester/Digester.java | 28 +++- .../util/digester/EnvironmentPropertySource.java | 78 ++ webapps/docs/changelog.xml | 7 ++ webapps/docs/config/systemprops.xml| 2 +- 4 files changed, 96 insertions(+), 19 deletions(-) diff --git a/java/org/apache/tomcat/util/digester/Digester.java b/java/org/apache/tomcat/util/digester/Digester.java index 3791d8c..9326ba4 100644 --- a/java/org/apache/tomcat/util/digester/Digester.java +++ b/java/org/apache/tomcat/util/digester/Digester.java @@ -146,24 +146,16 @@ public class Digester extends DefaultHandler2 { } } - -public static class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { - -@Override -public String getProperty(String key) { -return null; -} - -@Override -public String getProperty(String key, ClassLoader classLoader) { -if (classLoader instanceof PermissionCheck) { -Permission p = new RuntimePermission("getenv." + key, null); -if (!((PermissionCheck) classLoader).check(p)) { -return null; -} -} -return System.getenv(key); -} +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. Still available + * for backwards compatibility. + * + * @deprecated Use {@link org.apache.tomcat.util.digester.EnvironmentPropertySource} + * This will be removed in Tomcat 10 onwards. + */ +@Deprecated +public static class EnvironmentPropertySource extends org.apache.tomcat.util.digester.EnvironmentPropertySource { } diff --git a/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java new file mode 100644 index 000..6b4138c --- /dev/null +++ b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.digester; + +import java.security.Permission; + +import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; + +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. + * + * Usage example: + * + * Configure the certificate with environment variables. + * + * + * {@code + * + * + * } + * + * + * How to configure: + * + * {@code + * echo "org.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource" >> conf/catalina.properties} + * + * or add this to {@code CATALINA_OPTS} + * + * + * {@code + * -Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource} + * + * + * NOTE: When configured the PropertySource for resolving expressions + * from system properties is still active. + * + * @see Digester + * + * @see https://tomcat.apache.org/tomcat-9.0-doc/config/systemprops.html#Property_replacements";>Tomcat Configuration Reference System Properties + */ +public class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { + +@Override +public String getProperty(String key)
[tomcat] branch 9.0.x updated: The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 34bc98b The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) 34bc98b is described below commit 34bc98b0516b3209d78ff91f2a4b4eebd822cb05 Author: Bernd Bohmann AuthorDate: Fri Feb 28 12:09:04 2020 +0100 The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) The '$' in the class name of Digester$EnvironmentPropertySource is not really shell friendly for unix environments. The class should not a inner class. --- java/org/apache/tomcat/util/digester/Digester.java | 28 +++- .../util/digester/EnvironmentPropertySource.java | 78 ++ webapps/docs/changelog.xml | 7 ++ webapps/docs/config/systemprops.xml| 2 +- 4 files changed, 96 insertions(+), 19 deletions(-) diff --git a/java/org/apache/tomcat/util/digester/Digester.java b/java/org/apache/tomcat/util/digester/Digester.java index a7c1740..fcf32c7 100644 --- a/java/org/apache/tomcat/util/digester/Digester.java +++ b/java/org/apache/tomcat/util/digester/Digester.java @@ -145,24 +145,16 @@ public class Digester extends DefaultHandler2 { } } - -public static class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { - -@Override -public String getProperty(String key) { -return null; -} - -@Override -public String getProperty(String key, ClassLoader classLoader) { -if (classLoader instanceof PermissionCheck) { -Permission p = new RuntimePermission("getenv." + key, null); -if (!((PermissionCheck) classLoader).check(p)) { -return null; -} -} -return System.getenv(key); -} +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. Still available + * for backwards compatibility. + * + * @deprecated Use {@link org.apache.tomcat.util.digester.EnvironmentPropertySource} + * This will be removed in Tomcat 10 onwards. + */ +@Deprecated +public static class EnvironmentPropertySource extends org.apache.tomcat.util.digester.EnvironmentPropertySource { } diff --git a/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java new file mode 100644 index 000..6b4138c --- /dev/null +++ b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.digester; + +import java.security.Permission; + +import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; + +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. + * + * Usage example: + * + * Configure the certificate with environment variables. + * + * + * {@code + * + * + * } + * + * + * How to configure: + * + * {@code + * echo "org.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource" >> conf/catalina.properties} + * + * or add this to {@code CATALINA_OPTS} + * + * + * {@code + * -Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource} + * + * + * NOTE: When configured the PropertySource for resolving expressions + * from system properties is still active. + * + * @see Digester + * + * @see https://tomcat.apache.org/tomcat-9.0-doc/config/systemprops.html#Property_replacements";>Tomcat Configuration Reference System Properties + */ +public class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { + +@Override +public String getProperty(String key)
[tomcat] 02/02: Remove deprecated code
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 5ee4720ea9ca5701ac306caafa56ea41ec23372f Author: Mark Thomas AuthorDate: Fri Feb 28 11:16:18 2020 + Remove deprecated code --- java/org/apache/tomcat/util/digester/Digester.java | 12 webapps/docs/changelog.xml | 3 +-- 2 files changed, 1 insertion(+), 14 deletions(-) diff --git a/java/org/apache/tomcat/util/digester/Digester.java b/java/org/apache/tomcat/util/digester/Digester.java index fcf32c7..46d80d0 100644 --- a/java/org/apache/tomcat/util/digester/Digester.java +++ b/java/org/apache/tomcat/util/digester/Digester.java @@ -145,18 +145,6 @@ public class Digester extends DefaultHandler2 { } } -/** - * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} - * that uses environment variables to resolve expressions. Still available - * for backwards compatibility. - * - * @deprecated Use {@link org.apache.tomcat.util.digester.EnvironmentPropertySource} - * This will be removed in Tomcat 10 onwards. - */ -@Deprecated -public static class EnvironmentPropertySource extends org.apache.tomcat.util.digester.EnvironmentPropertySource { -} - protected IntrospectionUtils.PropertySource source[] = new IntrospectionUtils.PropertySource[] { new SystemPropertySource() }; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index c69d8d9..513420c 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -71,8 +71,7 @@ Rename org.apache.tomcat.util.digester.Digester$EnvironmentPropertySource to org.apache.tomcat.util.digester.EnvironmentPropertySource. -The old class is still available but deprecated. Patch provided by Bernd -Bohmann. (markt) +Patch provided by Bernd Bohmann. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Polish
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 8cbeb4120a6a75fe2a3f6f5fffba963f32f5c162 Author: Mark Thomas AuthorDate: Fri Feb 28 11:14:56 2020 + Polish --- java/org/apache/tomcat/util/digester/Digester.java| 9 ++--- .../tomcat/util/digester/EnvironmentPropertySource.java | 8 +--- webapps/docs/changelog.xml| 11 +++ 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/java/org/apache/tomcat/util/digester/Digester.java b/java/org/apache/tomcat/util/digester/Digester.java index dc60837..fcf32c7 100644 --- a/java/org/apache/tomcat/util/digester/Digester.java +++ b/java/org/apache/tomcat/util/digester/Digester.java @@ -146,11 +146,14 @@ public class Digester extends DefaultHandler2 { } /** - * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} that uses environment variables to resolve expressions. - * Still available for backwards compatibility. - * @see org.apache.tomcat.util.digester.EnvironmentPropertySource + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. Still available + * for backwards compatibility. * + * @deprecated Use {@link org.apache.tomcat.util.digester.EnvironmentPropertySource} + * This will be removed in Tomcat 10 onwards. */ +@Deprecated public static class EnvironmentPropertySource extends org.apache.tomcat.util.digester.EnvironmentPropertySource { } diff --git a/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java index e7948ce..6b4138c 100644 --- a/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java +++ b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java @@ -22,7 +22,8 @@ import org.apache.tomcat.util.IntrospectionUtils; import org.apache.tomcat.util.security.PermissionCheck; /** - * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} that uses environment variables to resolve expressions. + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} + * that uses environment variables to resolve expressions. * * Usage example: * @@ -49,8 +50,9 @@ import org.apache.tomcat.util.security.PermissionCheck; * {@code * -Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource} * - * - * NOTE: When configured the PropertySource for resolving expressions from system properties is still active. + * + * NOTE: When configured the PropertySource for resolving expressions + * from system properties is still active. * * @see Digester * diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 7a91894..c69d8d9 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -67,6 +67,13 @@ 64166: Ensure that the names returned by HttpServletResponse.getHeaderNames() are unique. (markt) + +Rename org.apache.tomcat.util.digester.Digester$EnvironmentPropertySource +to +org.apache.tomcat.util.digester.EnvironmentPropertySource. +The old class is still available but deprecated. Patch provided by Bernd +Bohmann. (markt) + @@ -164,10 +171,6 @@ Missing store config attributes for Resources elements. (remm) - -Rename org.apache.tomcat.util.digester.Digester$EnvironmentPropertySource to - org.apache.tomcat.util.digester.EnvironmentPropertySource. Old class is still available. - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (8f83475 -> 5ee4720)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 8f83475 The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) new 8cbeb41 Polish new 5ee4720 Remove deprecated code The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/tomcat/util/digester/Digester.java | 9 - .../apache/tomcat/util/digester/EnvironmentPropertySource.java | 8 +--- webapps/docs/changelog.xml | 10 ++ 3 files changed, 11 insertions(+), 16 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244)
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 8f83475 The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) 8f83475 is described below commit 8f83475ea84e95fab3f6a54235a40f69053a7152 Author: Bernd Bohmann AuthorDate: Fri Feb 28 12:09:04 2020 +0100 The '$' in the class name of Digester$EnvironmentPropertySource is no… (#244) The '$' in the class name of Digester$EnvironmentPropertySource is not really shell friendly for unix environments. The class should not a inner class. --- java/org/apache/tomcat/util/digester/Digester.java | 25 ++- .../util/digester/EnvironmentPropertySource.java | 76 ++ webapps/docs/changelog.xml | 4 ++ webapps/docs/config/systemprops.xml| 2 +- 4 files changed, 88 insertions(+), 19 deletions(-) diff --git a/java/org/apache/tomcat/util/digester/Digester.java b/java/org/apache/tomcat/util/digester/Digester.java index a7c1740..dc60837 100644 --- a/java/org/apache/tomcat/util/digester/Digester.java +++ b/java/org/apache/tomcat/util/digester/Digester.java @@ -145,24 +145,13 @@ public class Digester extends DefaultHandler2 { } } - -public static class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { - -@Override -public String getProperty(String key) { -return null; -} - -@Override -public String getProperty(String key, ClassLoader classLoader) { -if (classLoader instanceof PermissionCheck) { -Permission p = new RuntimePermission("getenv." + key, null); -if (!((PermissionCheck) classLoader).check(p)) { -return null; -} -} -return System.getenv(key); -} +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} that uses environment variables to resolve expressions. + * Still available for backwards compatibility. + * @see org.apache.tomcat.util.digester.EnvironmentPropertySource + * + */ +public static class EnvironmentPropertySource extends org.apache.tomcat.util.digester.EnvironmentPropertySource { } diff --git a/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java new file mode 100644 index 000..e7948ce --- /dev/null +++ b/java/org/apache/tomcat/util/digester/EnvironmentPropertySource.java @@ -0,0 +1,76 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.digester; + +import java.security.Permission; + +import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; + +/** + * A {@link org.apache.tomcat.util.IntrospectionUtils.SecurePropertySource} that uses environment variables to resolve expressions. + * + * Usage example: + * + * Configure the certificate with environment variables. + * + * + * {@code + * + * + * } + * + * + * How to configure: + * + * {@code + * echo "org.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource" >> conf/catalina.properties} + * + * or add this to {@code CATALINA_OPTS} + * + * + * {@code + * -Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.util.digester.EnvironmentPropertySource} + * + * + * NOTE: When configured the PropertySource for resolving expressions from system properties is still active. + * + * @see Digester + * + * @see https://tomcat.apache.org/tomcat-9.0-doc/config/systemprops.html#Property_replacements";>Tomcat Configuration Reference System Properties + */ +public class EnvironmentPropertySource implements IntrospectionUtils.SecurePropertySource { + +@Override +public String getProperty(String key) { +return null; +} + +@Override +public String getProperty(String key, ClassLoader classLoader) { +
[Bug 64184] Continuously trying to close the conf/tomcat-users.xml if it doesn't exist.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64184 --- Comment #2 from Stefan Roukens --- How should I achieve to the remove the component? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf merged pull request #244: The '$' in the class name of Digester$EnvironmentPropertySource is no…
markt-asf merged pull request #244: The '$' in the class name of Digester$EnvironmentPropertySource is no… URL: https://github.com/apache/tomcat/pull/244 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (3e5ea37 -> efdbc2b)
This is an automated email from the ASF dual-hosted git repository. remm pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 3e5ea37 Add separate getCommitTimeNanos for consistency add efdbc2b Remove useless call to setStartTime No new revisions were added by this update. Summary of changes: java/org/apache/coyote/http11/Http11InputBuffer.java | 3 --- 1 file changed, 3 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (198949a -> 3e5ea37)
This is an automated email from the ASF dual-hosted git repository. remm pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 198949a Fix javadoc ... add 3e5ea37 Add separate getCommitTimeNanos for consistency No new revisions were added by this update. Summary of changes: java/org/apache/coyote/Response.java | 18 ++ 1 file changed, 14 insertions(+), 4 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Remove useless calls to setStartTime
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 16a6094 Remove useless calls to setStartTime 16a6094 is described below commit 16a6094dbe5994c0b5214d6f647e53b736748afe Author: remm AuthorDate: Fri Feb 28 11:57:48 2020 +0100 Remove useless calls to setStartTime --- java/org/apache/coyote/AbstractProcessor.java | 1 - java/org/apache/coyote/ajp/AjpProcessor.java | 1 - java/org/apache/coyote/http2/Stream.java | 3 --- 3 files changed, 5 deletions(-) diff --git a/java/org/apache/coyote/AbstractProcessor.java b/java/org/apache/coyote/AbstractProcessor.java index 5af3710..662e133 100644 --- a/java/org/apache/coyote/AbstractProcessor.java +++ b/java/org/apache/coyote/AbstractProcessor.java @@ -977,7 +977,6 @@ public abstract class AbstractProcessor extends AbstractProcessorLight implement // information (e.g. client IP) setSocketWrapper(socketWrapper); // Setup the minimal request information -request.setStartTime(System.currentTimeMillis()); request.setStartTimeNanos(System.nanoTime()); // Setup the minimal response information response.setStatus(400); diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java b/java/org/apache/coyote/ajp/AjpProcessor.java index 562fc67..f1c5d1f 100644 --- a/java/org/apache/coyote/ajp/AjpProcessor.java +++ b/java/org/apache/coyote/ajp/AjpProcessor.java @@ -394,7 +394,6 @@ public class AjpProcessor extends AbstractProcessor { setErrorState(ErrorState.CLOSE_CONNECTION_NOW, null); break; } -request.setStartTime(System.currentTimeMillis()); request.setStartTimeNanos(System.nanoTime()); } catch (IOException e) { setErrorState(ErrorState.CLOSE_CONNECTION_NOW, e); diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java index 647ddf6..e25103f 100644 --- a/java/org/apache/coyote/http2/Stream.java +++ b/java/org/apache/coyote/http2/Stream.java @@ -129,9 +129,6 @@ class Stream extends AbstractStream implements HeaderEmitter { this.coyoteResponse.setOutputBuffer(http2OutputBuffer); this.coyoteRequest.setResponse(coyoteResponse); this.coyoteRequest.protocol().setString("HTTP/2.0"); -if (this.coyoteRequest.getStartTime() < 0) { -this.coyoteRequest.setStartTime(System.currentTimeMillis()); -} if (this.coyoteRequest.getStartTimeNanos() < 0) { this.coyoteRequest.setStartTimeNanos(System.nanoTime()); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix javadoc ...
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 198949a Fix javadoc ... 198949a is described below commit 198949a6ef82066b797d09c1223b62a0179ff212 Author: remm AuthorDate: Fri Feb 28 11:58:02 2020 +0100 Fix javadoc ... --- java/org/apache/coyote/Request.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 5e6e470..05ba75c 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -570,7 +570,7 @@ public final class Request { /** * - * @param startTime + * @param startTime time * @deprecated This setter will be removed in Tomcat 10. */ @Deprecated - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building tomcat. Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/4970 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: asf946_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch master] 4645d492999ef30393222a4c2c1efef4ddd293ca Blamelist: remm BUILD FAILED: failed compile Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63865] Cookie Attribute SameSite=None is default to unset in Chrome browser
https://bz.apache.org/bugzilla/show_bug.cgi?id=63865 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|REOPENED|RESOLVED --- Comment #8 from Mark Thomas --- Yes, it clearly is. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63865] Cookie Attribute SameSite=None is default to unset in Chrome browser
https://bz.apache.org/bugzilla/show_bug.cgi?id=63865 Bob changed: What|Removed |Added Resolution|FIXED |--- Status|RESOLVED|REOPENED --- Comment #7 from Bob --- It seems that -unlike whatthe release notes say- this patch is NOT in 8.5.50 , at least not in the sources tagged with it (also no .51 !) Check https://github.com/apache/tomcat/blob/8.5.50/java/org/apache/tomcat/util/http/CookieProcessorBase.java -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Tomcat 7.0.x EOL as 31 March 2021
On 21/02/2020 09:52, Mark Thomas wrote: > All, > > This has been mentioned in various threads and I don't recall any > objections. I think it is time for a vote so we can formally announce this. > > Announce the EOL date for 7.0.x as 31 March 2021 > > [X] Yes Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Connectors (JK) 1.2.48
Ping. Mark On 26/02/2020 15:48, Mark Thomas wrote: > Ping. > > We need at least one more biding vote before this release vote can pass. > > Mark > > > On 20/02/2020 16:55, Mark Thomas wrote: >> Tag: >> https://gitbox.apache.org/repos/asf?p=tomcat-connectors.git;a=commit;h=90b294ce8260ab2585dcb4071ede5d53e51fa354 >> >> Source: >> https://gitbox.apache.org/repos/asf?p=tomcat-connectors.git;a=summary >> >> Dist: >> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/jk/ >> >> >> This is a maintenance release with a handful of bug fixes (compared to >> 1.2.46) and some clean-up. It also includes Windows binaries for IIS. >> >> >> The proposed JK 1.2.48 release is: >> [ ] Broken - do not release >> [ ] Stable - go ahead and release as 1.2.48 >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: dev-h...@tomcat.apache.org >> > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Reconstruct getStartTime since it is not used
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 4645d49 Reconstruct getStartTime since it is not used 4645d49 is described below commit 4645d492999ef30393222a4c2c1efef4ddd293ca Author: remm AuthorDate: Fri Feb 28 11:34:59 2020 +0100 Reconstruct getStartTime since it is not used Deprecate setStartTime, will be removed. getStartTime could be a good utility method, so will probably leave it there. --- java/org/apache/coyote/Request.java | 12 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 3c095cb..5e6e470 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -21,6 +21,7 @@ import java.io.UnsupportedEncodingException; import java.nio.charset.Charset; import java.util.HashMap; import java.util.Map; +import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicBoolean; import jakarta.servlet.ReadListener; @@ -153,7 +154,6 @@ public final class Request { private long bytesRead=0; // Time of the request - useful to avoid repeated calls to System.currentTime -private long startTime = -1; private long startTimeNanos = -1; private int available = 0; @@ -565,11 +565,16 @@ public final class Request { } public long getStartTime() { -return startTime; +return System.currentTimeMillis() - TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - startTimeNanos); } +/** + * + * @param startTime + * @deprecated This setter will be removed in Tomcat 10. + */ +@Deprecated public void setStartTime(long startTime) { -this.startTime = startTime; } public long getStartTimeNanos() { @@ -655,7 +660,6 @@ public final class Request { listener = null; allDataReadEventSent.set(false); -startTime = -1; startTimeNanos = -1; } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64184] Continuously trying to close the conf/tomcat-users.xml if it doesn't exist.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64184 Remy Maucherat changed: What|Removed |Added Severity|normal |enhancement --- Comment #1 from Remy Maucherat --- If you are not using a component, you should remove it. The MemoryUserDatabase will now monitor conf/tomcat-users.xml (if that's the path used) causing this. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64184] New: Continuously trying to close the conf/tomcat-users.xml if it doesn't exist.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64184 Bug ID: 64184 Summary: Continuously trying to close the conf/tomcat-users.xml if it doesn't exist. Product: Tomcat 8 Version: 8.5.50 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: stefan.rouk...@sidn.nl Target Milestone: We recently installed TomEE 7.0.7 along with Tomcat 8.5.50. In the previous Tomcat version (8.5.41) shipped with TomEE 7.0.6 we only notices an error message "SEVERE: The specified user database [conf/tomcat-users.xml] could not be found" because we removed the tomcat-users.xml file (we don't use that functionality). In the 8.5.41 version of Tomcat this was no issue the error was only displayed at startup. Now with Tomcat 8.5.50 we notice that it's trying to close the file every 10 seconds. But throws an error because the file does not exists. Why should it repeatedly try to close the file if it already noticed at startup that the file didn't exists. Same behaviour also occurs when upgraded to TomEE 8.0.1 along with Tomcat 9.0.30 Below the errors/warnings we noticed in the catalina.out log file: SEVERE: The specified user database [conf/tomcat-users.xml] could not be found Feb 28, 2020 9:22:59 AM org.apache.catalina.users.MemoryUserDatabase open WARNING: Failed to close [conf/tomcat-users.xml] java.io.FileNotFoundException: /sidn/tomee/rdap/conf/tomcat-users.xml (No such file or directory) at java.io.FileInputStream.open0(Native Method) at java.io.FileInputStream.open(FileInputStream.java:195) at java.io.FileInputStream.(FileInputStream.java:138) at java.io.FileInputStream.(FileInputStream.java:93) at sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90) at sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188) at org.apache.catalina.users.MemoryUserDatabase.open(MemoryUserDatabase.java:465) at org.apache.catalina.users.MemoryUserDatabaseFactory.getObjectInstance(MemoryUserDatabaseFactory.java:107) at org.apache.naming.factory.FactoryBase.getObjectInstance(FactoryBase.java:96) at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:321) at org.apache.naming.NamingContext.lookup(NamingContext.java:839) at org.apache.naming.NamingContext.lookup(NamingContext.java:159) at org.apache.naming.NamingContextBindingsEnumeration.nextElementInternal(NamingContextBindingsEnumeration.java:117) at org.apache.naming.NamingContextBindingsEnumeration.next(NamingContextBindingsEnumeration.java:71) at org.apache.naming.NamingContextBindingsEnumeration.next(NamingContextBindingsEnumeration.java:34) at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:132) at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:106) at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.lifecycleEvent(GlobalResourcesLifecycleListener.java:81) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123) at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423) at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:366) at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:759) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) at org.apache.catalina.startup.Catalina.start(Catalina.java:688) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:343) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:474) Feb 28, 2020 9:23:19 AM org.apache.catalina.users.MemoryUserDatabase backgroundProcess WARNING: Failed to close [conf/tomcat-users.xml] java.io.FileNotFoundException: /sidn/tomee/rdap/conf/tomcat-users.xml (No such file or directory) at java.io.FileInputStream.open0(Native Method) at java.io.FileInputStream.open(FileInputStream.java:195) at java.io.FileInputStream.(FileInputStream.java:138) at java.io.FileInputStream.(FileInputStream.java:93) at sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90) at sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188) at org.apache.catalina.users.Memor
[Bug 64180] secretRequred=false is ignored if secret=
https://bz.apache.org/bugzilla/show_bug.cgi?id=64180 --- Comment #11 from mgrigorov --- (In reply to Christopher Schultz from comment #9) > (In reply to Remy Maucherat from comment #6) > > This is mostly wontfix as I am certain the request of the reporter is that > > secretRequired disables the need for the client to send the secret. > > > > 10.0.0-M2, 9.0.32, 8.5.52 and 7.0.101 will now allow setting a secret as "", > > and it will be treated as it it had not been set (= null). No doc fix was > > needed, secretRequired was properly documented already. > > Is this how mod_jk/mod_proxy_ajp are working as well? > > For example, in mod_* is it possible to use a "secret" which is the > empty-string? Or do they also treat empty-secret as "no secret"? https://github.com/apache/httpd/commit/d8b6d798c177dfdb90cef1a29395afcc043f3c86#diff-8992fe85968a8915e13ad663eb47d62fR206 I.e. if the value is "" it will be set. If *conn->worker->s->secret is NULL it will set "secret" to NULL, i.e. do nothing. I haven't coded in C for many years but I have the feeling this 'if' is not really needed. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Update request start time using nanoTime
Chris, On Fri, Feb 28, 2020 at 12:20 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Rémy, > > On 2/27/20 10:49, r...@apache.org wrote: > > This is an automated email from the ASF dual-hosted git > > repository. > > > > remm pushed a commit to branch master in repository > > https://gitbox.apache.org/repos/asf/tomcat.git > > > > > > The following commit(s) were added to refs/heads/master by this > > push: new 22ad695 Update request start time using nanoTime 22ad695 > > is described below > > > > commit 22ad69571c019f4d84ccc522298dddb4f8fa8d70 Author: remm > > AuthorDate: Thu Feb 27 16:49:04 2020 +0100 > > > > Update request start time using nanoTime > > > > get/setStartTime are still there, not sure about existing use. > > Another patch round could deprecate them. Also change the access > > log to be the start of the request (a small part of 63286). --- > > > > [snip] > > > > diff --git a/java/org/apache/coyote/AbstractProcessor.java > > b/java/org/apache/coyote/AbstractProcessor.java index > > 254950e..5af3710 100644 --- > > a/java/org/apache/coyote/AbstractProcessor.java +++ > > b/java/org/apache/coyote/AbstractProcessor.java @@ -978,6 +978,7 @@ > > public abstract class AbstractProcessor extends > > AbstractProcessorLight implement setSocketWrapper(socketWrapper); > > // Setup the minimal request information > > request.setStartTime(System.currentTimeMillis()); + > > request.setStartTimeNanos(System.nanoTime()); // Setup the minimal > > response information response.setStatus(400); response.setError(); > > Since we are talking about nanoseconds, here, we ARE, by definition, > splitting hairs :) > > System.currentTimeMillis() and System.nanoTime() may disagree when you > capture them like this, because [a super-small amount of] time elapses > between the two calls. > > Should we instead do: > > long nanos = System.nanoTime(); > request.setStartTimeNanos(nanos); > request.setStartTime(nanos / 100l); > > Or maybe: > > long nanos = System.nanoTime(); > request.setStartTimeNanos(nanos); > request.setStartTime(TimeUnit.NANOSECONDS.toMillis(nanos)); > > Those are not the same. Request#startTime (System.currentTimeMillis) is the milliseconds since Epoch, i.e. a complete timestamp. System.nanoTime() is just a relative time that could be used to measure duration between two calls but it doesn't tell you when exactly a call has happened. > ? > > - -chris > -BEGIN PGP SIGNATURE- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl5YQJgACgkQHPApP6U8 > pFhTeBAAnSpEZcvd99nyNM8rjYaCuXvij+yaKjOWPq0TFoH7mhJGkWGzTeVS0RoX > ONB23CqbhXv2lI9aOcCjlghW7cwvRXCiLU4I6WVZ8fDj2yjPVvEpccNrJLozmuof > DgfCTx/Uc21s0UMkj6maCdxLUfZdGiBNcp7zwURLwanWhzqRfVzna1VwcQNPiws0 > eSK4R0YxrzS6Gt6i00+2e9FyqIe2tUL/hrF5/d3Zj9U4P/b17QOeC3FZfgZjdWMY > splxjEBFx+YmgsAV56qx9uePHjtRnnO30WZEz7X8H+7AwENk6kp5qcA38q7WUkrm > HS3EWYQC8W5dEsu7WcBqj3ZqDSpmwwJaZlSDFXh+bqL9AqEBnLutbBsl+49p6mHP > NvvIQ/Q0sCXOhH7y8juB310yDDkKhHsqRbY2cUzK+eHrdSibESqwDLBDR59F5se/ > GQKw4J3icMdqxq69vOxfbXQ6R0PxiL984xW/bcvyH7xZt+d166+BtzyUWHX3knxH > zv+0XUjErwIVrmXXTFDyJYNtjQUGULVdAtGqqSu6mQ+lw0Kr/6i9gqAR4/TUL202 > zr8drtkAv87UDQvJpEshmoLtq1tXIwBywtKf9XnXSA6Bgbz5kkMf4lbPWbMJdLQP > BhoyiVA3Xcn8WN4RLCVeEqZHd28/6uWjLjvQXFmRIS8at3tYSeE= > =WcID > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >