buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1400 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1686013 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1686028 - /tomcat/trunk/test/org/apache/coyote/http2/
Author: markt Date: Wed Jun 17 14:45:36 2015 New Revision: 1686028 URL: http://svn.apache.org/r1686028 Log: Add a unit test for a simple request with a body Added: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_6_1.java (with props) Modified: tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_4_1.java tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_4_3.java tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_1.java tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_2.java tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_3.java tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java Modified: tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java?rev=1686028&r1=1686027&r2=1686028&view=diff == --- tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java (original) +++ tomcat/trunk/test/org/apache/coyote/http2/Http2TestBase.java Wed Jun 17 14:45:36 2015 @@ -16,6 +16,8 @@ */ package org.apache.coyote.http2; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; @@ -37,6 +39,7 @@ import org.apache.catalina.LifecycleExce import org.apache.catalina.connector.Connector; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; +import org.apache.catalina.util.IOTools; import org.apache.coyote.http2.HpackDecoder.HeaderEmitter; import org.apache.coyote.http2.Http2Parser.Input; import org.apache.coyote.http2.Http2Parser.Output; @@ -105,35 +108,35 @@ public abstract class Http2TestBase exte } -protected void sendSimpleRequest(int streamId) throws IOException { +protected void sendSimpleGetRequest(int streamId) throws IOException { byte[] frameHeader = new byte[9]; ByteBuffer headersPayload = ByteBuffer.allocate(128); -buildSimpleRequest(frameHeader, headersPayload, streamId); +buildSimpleGetRequest(frameHeader, headersPayload, streamId); writeFrame(frameHeader, headersPayload); } -protected void sendLargeRequest(int streamId) throws IOException { +protected void sendLargeGetRequest(int streamId) throws IOException { byte[] frameHeader = new byte[9]; ByteBuffer headersPayload = ByteBuffer.allocate(128); -buildLargeRequest(frameHeader, headersPayload, streamId); +buildLargeGetRequest(frameHeader, headersPayload, streamId); writeFrame(frameHeader, headersPayload); } -protected void buildSimpleRequest(byte[] frameHeader, ByteBuffer headersPayload, int streamId) { -buildRequest(frameHeader, headersPayload, streamId, "/simple"); +protected void buildSimpleGetRequest(byte[] frameHeader, ByteBuffer headersPayload, int streamId) { +buildGetRequest(frameHeader, headersPayload, streamId, "/simple"); } -protected void buildLargeRequest(byte[] frameHeader, ByteBuffer headersPayload, int streamId) { -buildRequest(frameHeader, headersPayload, streamId, "/large"); +protected void buildLargeGetRequest(byte[] frameHeader, ByteBuffer headersPayload, int streamId) { +buildGetRequest(frameHeader, headersPayload, streamId, "/large"); } -protected void buildRequest(byte[] frameHeader, ByteBuffer headersPayload, int streamId, +protected void buildGetRequest(byte[] frameHeader, ByteBuffer headersPayload, int streamId, String url) { MimeHeaders headers = new MimeHeaders(); headers.addValue(":method").setString("GET"); @@ -153,7 +156,7 @@ public abstract class Http2TestBase exte } -protected void buildSimpleRequestPart1(byte[] frameHeader, ByteBuffer headersPayload, +protected void buildSimpleGetRequestPart1(byte[] frameHeader, ByteBuffer headersPayload, int streamId) { MimeHeaders headers = new MimeHeaders(); headers.addValue(":method").setString("GET"); @@ -172,7 +175,7 @@ public abstract class Http2TestBase exte } -protected void buildSimpleRequestPart2(byte[] frameHeader, ByteBuffer headersPayload, +protected void buildSimpleGetRequestPart2(byte[] frameHeader, ByteBuffer headersPayload, int streamId) { MimeHeaders headers = new MimeHeaders(); headers.addValue(":authority").setString("localhost:" + getPort()); @@ -190,6 +193,51 @@ public abstract class Http2TestBase exte } +protected void sendSimplePostRequest(int streamId) throws IOException { +byte[] headersFrameHeader = new byte[9]; +ByteBuffer headersPayload = ByteBuffer.allocate(128); +byte[] dataFrameHeader =
svn commit: r1686024 - /tomcat/trunk/java/org/apache/coyote/http2/Stream.java
Author: markt Date: Wed Jun 17 14:44:14 2015 New Revision: 1686024 URL: http://svn.apache.org/r1686024 Log: Fix inverted logic in reading HTTP/2 input streams Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Stream.java?rev=1686024&r1=1686023&r2=1686024&view=diff == --- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Wed Jun 17 14:44:14 2015 @@ -422,7 +422,7 @@ public class Stream extends AbstractStre // Ensure that only one thread accesses inBuffer at a time synchronized (inBuffer) { -while (inBuffer.position() == 0 && !state.isFrameTypePermitted(FrameType.DATA)) { +while (inBuffer.position() == 0 && state.isFrameTypePermitted(FrameType.DATA)) { // Need to block until some data is written try { inBuffer.wait(); @@ -437,7 +437,7 @@ public class Stream extends AbstractStre written = inBuffer.remaining(); inBuffer.get(outBuffer, 0, written); inBuffer.clear(); -} else if (state.isFrameTypePermitted(FrameType.DATA)) { +} else if (!state.isFrameTypePermitted(FrameType.DATA)) { return -1; } else { // TODO Should never happen - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in ASF Buildbot on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/1399 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1686004 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1686013 - /tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
Author: markt Date: Wed Jun 17 13:56:44 2015 New Revision: 1686013 URL: http://svn.apache.org/r1686013 Log: Don't swallow unknown payload in the parser. That is up to the Output to handle. Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java?rev=1686013&r1=1686012&r2=1686013&view=diff == --- tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Wed Jun 17 13:56:44 2015 @@ -387,7 +387,6 @@ class Http2Parser { private void readUnknownFrame(int streamId, FrameType frameType, int flags, int payloadSize) throws IOException { output.swallow(streamId, frameType, flags, payloadSize); -swallow(payloadSize); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57799] MessageCreationException: Couldn't create SOAP message with Nio2 connector protocol
https://bz.apache.org/bugzilla/show_bug.cgi?id=57799 --- Comment #18 from Justin --- > Without a test case this is going to sit in the NEEDINFO state. Understandable. Regardless of whether there is a test case, there is a bug causing exceptions in Tomcat 8 latest. I may not be the only one who can contribute to its resolution. You're asking me to search through an unfamiliar codebase for a closed-source commercial client which likely uses Windows and SOAP API's that I'm also unfamiliar with, and extract a test case that I feel comfortable sharing. Sadly I have little desire to learn much about this client. I do wish to help the Tomcat community and will try to find the time. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57799] MessageCreationException: Couldn't create SOAP message with Nio2 connector protocol
https://bz.apache.org/bugzilla/show_bug.cgi?id=57799 --- Comment #17 from Mark Thomas --- (In reply to Remy Maucherat from comment #16) > Without a relatively simple test case, I think this should be closed for the > time being. There has to be some concurrency involved and the framework > really gets in the way. That is effectively what the NEEDINFO state does. When I do a release I aim to fix all the open bugs that affect that version excluding any in the NEEDINFO state. I'd prefer a simple test case but right now I'd take any test case that reproduced this issue fairly reliably. Without a test case this is going to sit in the NEEDINFO state. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58031] Posting data exceeding maxPostSize should result in HTTP 413.
https://bz.apache.org/bugzilla/show_bug.cgi?id=58031 --- Comment #8 from Mark Thomas --- (In reply to Konstantin Kolinko from comment #7) > (In reply to Mark Thomas from comment #5) > > I was thinking a using the existing attribute to trigger a 400 response and > > a new attribute to trigger a 413 response. That should cover all the current > > possibilities for parameter/part issues. > > -1. Fair enough. How about using a second attribute to set the response code? If set use the defined code. If not set, use 400. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1686004 - /tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java
Author: markt Date: Wed Jun 17 12:55:45 2015 New Revision: 1686004 URL: http://svn.apache.org/r1686004 Log: Add unit tests for section 5.5 Added: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java (with props) Added: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java?rev=1686004&view=auto == --- tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java (added) +++ tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java Wed Jun 17 12:55:45 2015 @@ -0,0 +1,101 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.coyote.http2; + +import java.nio.ByteBuffer; + +import org.junit.Assert; +import org.junit.Test; + +/** + * Unit tests for Section 5.5 of + * https://tools.ietf.org/html/rfc7540";>RFC 7540. + * + * The order of tests in this class is aligned with the order of the + * requirements in the RFC. + */ +public class TestHttp2Section_5_5 extends Http2TestBase { + +private static final byte[] UNKNOWN_FRAME; + +static { +// Unknown frame type +UNKNOWN_FRAME = new byte[29]; +// Frame header +ByteUtil.setThreeBytes(UNKNOWN_FRAME, 0, 20); +// Type +UNKNOWN_FRAME[3] = (byte) 0x80; +// No flags +// Stream +ByteUtil.set31Bits(UNKNOWN_FRAME, 5, 5); +// zero payload +} + + +// Section 5.5 + +@Test +public void testUnknownSetting() throws Exception { +http2Connect(); + +// Unknown setting (should be ack'd) +sendSetting(1 << 15, 0); + +parser.readFrame(true); + +Assert.assertEquals("0-Settings-Ack\n", output.getTrace()); +} + + +@Test +public void testUnknownFrame() throws Exception { +http2Connect(); + +os.write(UNKNOWN_FRAME); +os.flush(); + +// Ping +sendPing(); + +parser.readFrame(true); + +Assert.assertEquals("0-Ping-Ack\n", output.getTrace()); +} + + +@Test +public void testNonContiguousHeaderWithUnknownFrame() throws Exception { +// HTTP2 upgrade +http2Connect(); + +// Part 1 +byte[] frameHeader = new byte[9]; +ByteBuffer headersPayload = ByteBuffer.allocate(128); +buildSimpleRequestPart1(frameHeader, headersPayload, 3); +writeFrame(frameHeader, headersPayload); + +os.write(UNKNOWN_FRAME); +os.flush(); + +// Read GOAWAY frame +parser.readFrame(true); + +Assert.assertTrue(output.getTrace(), output.getTrace().startsWith( +"0-Goaway-[1]-[" + Http2Error.COMPRESSION_ERROR.getCode() + "]-[")); +} + +} Propchange: tomcat/trunk/test/org/apache/coyote/http2/TestHttp2Section_5_5.java -- svn:eol-style = native - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685992 - /tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
Author: markt Date: Wed Jun 17 11:03:16 2015 New Revision: 1685992 URL: http://svn.apache.org/r1685992 Log: Correct logic error in handling of ping frames Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java?rev=1685992&r1=1685991&r2=1685992&view=diff == --- tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Wed Jun 17 11:03:16 2015 @@ -281,12 +281,12 @@ class Http2Parser { private void readPingFrame(int flags) throws IOException { if (Flags.isAck(flags)) { +output.pingAck(); +} else { // Read the payload byte[] payload = new byte[8]; input.fill(true, payload); output.pingReceive(payload); -} else { -output.pingAck(); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-8-trunk
The Buildbot has detected a restored build on builder tomcat-8-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-8-trunk/builds/298 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-8-commit' triggered this build Build Source Stamp: [branch tomcat/tc8.0.x/trunk] 1685937 Blamelist: kfujino Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: JASPIC Implementation pointers
On 17/06/2015 08:32, Fjodor Vershinin wrote: > Could you provide me your eclipse config files for this project? I think it > would be most convenient way to fix such kind issues. This is something that would have been covered during community bonding. http://svn.apache.org/viewvc/tomcat/trunk/res/ide-support/ > I added some Javadocs, however current implementation is not that stable, > so I'll continue commenting code when code will be more solid. Comments in the code are just as importantas the Javadoc. I'm not too bothered about ensuring every public method is fully documented with Javadoc. The important thing is that there are enough comments for someone to understand the code. >> All user messages, exception messages etc. should use i18n (StringManager). > Fixed. Only "not implemented" exceptions had left, but they will be > removed after some time, so I think it's not mandatory to translate them. Yes, that is fine. No need to use i18n for temporary code. Do make sure there is a TODO marker there so nothing gets missed. >> In JaspicAuthenticator.authenticate() request.getLocalName() is not the > way to get a unique name for the web application (assuming that is what is > required). > > Has been fixed. Now I get unique name in JASPIC 1.1 style. That is better but it is still not unique. It is rare but Tomcat instances can be configured with multiple services and those services may have host names and contexts paths duplicated between them. You really need to find a way to include the engine name as well. You can't use the address:port since there may be multiple connectors with different addresses and/or ports. I'd ignore the request and use the fact that Valves have a Container and that that Container will have a reference to its ancestors. The > All ThreadLocal logic has been replaced with creation of a new instance > every time. I'm not sure about performance, but for now it's more > convenient. I'm not sure about performance either. My general approach is to focus on functional correctness and worry about performance once I have something that is working. Tuning a working implementation is a lot easier than fixing a tuned but broken implementation. I do try to avoid any obvious performance pitfalls as I go along but the bulk of tuning will happen latter. Premature optimisation nearly always causes more problems than it solves. >> In JaspicCallbackHandler how is the PrincipalGroupCallback associated > with the authenticated Principal? > > What do you mean under authenticated Principal? Currently, I merge two > callback's info into tomcat GenericPrincipal, which contains user > principal, user name and roles. Then this GenericPrincipal can be used in > Tomcat's internals. I am not sure how to deal with already authenticated > Principal's, I need to do some research. What I mean is how is this linked in to the Realm (which is currently unused) since it is the Realm that creates the Pincipal. I am encouraged by the most recent round of patches. Progress is being made and I can see the direction development is heading in. I look forward to the next set of patches. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685968 - in /tomcat/trunk/test/org/apache/catalina/authenticator/jaspic: ./ sam/
Author: markt Date: Wed Jun 17 09:17:49 2015 New Revision: 1685968 URL: http://svn.apache.org/r1685968 Log: Review JASPIC unit tests - Line spacing - Renaming to avoid failures when running via the build script Added: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterAuthConfig.java - copied, changed from r1685958, tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfig.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterAuthConfigProvider.java - copied, changed from r1685958, tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfigProvider.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterAuthModule.java - copied, changed from r1685958, tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthModule.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TesterServerAuthContext.java - copied, changed from r1685958, tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestServerAuthContext.java Removed: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfig.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfigProvider.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthModule.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestServerAuthContext.java Modified: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestPrincipalGroupCallback.java Modified: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java?rev=1685968&r1=1685967&r2=1685968&view=diff == --- tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java (original) +++ tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java Wed Jun 17 09:17:49 2015 @@ -29,7 +29,7 @@ import static org.junit.Assert.assertEqu import org.junit.Test; import org.apache.catalina.Context; -import org.apache.catalina.authenticator.jaspic.sam.TestAuthConfigProvider; +import org.apache.catalina.authenticator.jaspic.sam.TesterAuthConfigProvider; import org.apache.catalina.startup.TesterServlet; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; @@ -45,6 +45,7 @@ public class TestJaspicAuthenticator ext private static final String ROLE = "group"; private Context context; + @Override public void setUp() throws Exception { super.setUp(); @@ -53,8 +54,8 @@ public class TestJaspicAuthenticator ext this.context = tomcat.addContext(CONTEXT_PATH, null); // Add protected servlet -Tomcat.addServlet(context, "TesterServlet3", new TesterServlet()); -context.addServletMapping(URI_PROTECTED, "TesterServlet3"); +Tomcat.addServlet(context, "TesterServlet", new TesterServlet()); +context.addServletMapping(URI_PROTECTED, "TesterServlet"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI_PROTECTED); @@ -70,11 +71,12 @@ public class TestJaspicAuthenticator ext context.getPipeline().addValve(new JaspicAuthenticator()); AuthConfigFactory factory = AuthConfigFactory.getFactory(); -factory.registerConfigProvider(new TestAuthConfigProvider(), "HttpServlet", null, +factory.registerConfigProvider(new TesterAuthConfigProvider(), "HttpServlet", null, "Description"); getTomcatInstance().start(); } + @Test public void shouldAuthenticateUsingRegistredJaspicProvider() throws Exception { // given @@ -89,6 +91,7 @@ public class TestJaspicAuthenticator ext assertEquals("OK", byteChunk.toString()); } + @Test public void shouldFailAuthenticationUsingRegistredJaspicProvider() throws Exception { // given @@ -102,8 +105,8 @@ public class TestJaspicAuthenticator ext assertEquals(HttpServletResponse.SC_FORBIDDEN, result); } + private String getUrl() throws MalformedURLException { return new URL("http", "localhost", getPort(), CONTEXT_PATH).toString(); } - } Modified: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java?rev=1685968&r1=1685967&r2=1685968&view=diff =
svn commit: r1685958 - in /tomcat/trunk/test/org/apache/catalina/authenticator/jaspic: ./ sam/
Author: markt Date: Wed Jun 17 09:04:26 2015 New Revision: 1685958 URL: http://svn.apache.org/r1685958 Log: Add initial JASPIC unit tests Patch by fjodorver Added: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/ tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java (with props) tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicCallbackHandler.java (with props) tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestPrincipalGroupCallback.java (with props) tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/ tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfig.java (with props) tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthConfigProvider.java (with props) tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestAuthModule.java (with props) tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/sam/TestServerAuthContext.java (with props) Added: tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java?rev=1685958&view=auto == --- tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java (added) +++ tomcat/trunk/test/org/apache/catalina/authenticator/jaspic/TestJaspicAuthenticator.java Wed Jun 17 09:04:26 2015 @@ -0,0 +1,109 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.authenticator.jaspic; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.HashMap; +import java.util.List; + +import javax.security.auth.message.config.AuthConfigFactory; +import javax.servlet.http.HttpServletResponse; + +import static org.junit.Assert.assertEquals; + +import org.junit.Test; + +import org.apache.catalina.Context; +import org.apache.catalina.authenticator.jaspic.sam.TestAuthConfigProvider; +import org.apache.catalina.startup.TesterServlet; +import org.apache.catalina.startup.Tomcat; +import org.apache.catalina.startup.TomcatBaseTest; +import org.apache.tomcat.util.buf.ByteChunk; +import org.apache.tomcat.util.descriptor.web.LoginConfig; +import org.apache.tomcat.util.descriptor.web.SecurityCollection; +import org.apache.tomcat.util.descriptor.web.SecurityConstraint; + +public class TestJaspicAuthenticator extends TomcatBaseTest { + +private static String CONTEXT_PATH = "/foo"; +private static final String URI_PROTECTED = "/protected"; +private static final String ROLE = "group"; +private Context context; + +@Override +public void setUp() throws Exception { +super.setUp(); + +Tomcat tomcat = getTomcatInstance(); +this.context = tomcat.addContext(CONTEXT_PATH, null); + +// Add protected servlet +Tomcat.addServlet(context, "TesterServlet3", new TesterServlet()); +context.addServletMapping(URI_PROTECTED, "TesterServlet3"); +SecurityCollection collection = new SecurityCollection(); +collection.addPattern(URI_PROTECTED); + +SecurityConstraint constraint = new SecurityConstraint(); +constraint.addAuthRole(ROLE); +constraint.addCollection(collection); +context.addConstraint(constraint); + +// Configure the authenticator +LoginConfig loginConfig = new LoginConfig(); +loginConfig.setAuthMethod("JASPIC-BASIC"); +context.setLoginConfig(loginConfig); +context.getPipeline().addValve(new JaspicAuthenticator()); + +AuthConfigFactory factory = AuthConfigFactory.getFactory(); +factory.registerConfigProvider(new TestAuthConfigProvider(), "HttpServlet", null, +"Description"); +getTomcatInstance().start(); +} + +@Test +public void shouldAuthenticateUsingRegistredJaspicProvider() throws Exception { +// given +String url = getUrl() + URI_PROTECTED + "?doLogin=true"; +ByteChunk byteChunk = new ByteChunk(); + +//
svn commit: r1685954 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicAuthenticator.java jaspic/JaspicCallbackHandler.java jaspic/LocalStrings.properties
Author: markt Date: Wed Jun 17 09:01:11 2015 New Revision: 1685954 URL: http://svn.apache.org/r1685954 Log: Fix issues with previous patch to remove use of ThreadLocal Modified: tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685954&r1=1685953&r2=1685954&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties Wed Jun 17 09:01:11 2015 @@ -26,7 +26,6 @@ authenticator.noAuthHeader=No authorizat authenticator.notContext=Configuration error: Must be attached to a Context authenticator.requestBodyTooBig=The request body was too large to be cached during the authentication process authenticator.sessionExpired=The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser -authenticator.unauthorized=Cannot authenticate with the provided credentials digestAuthenticator.cacheRemove=A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes. Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java?rev=1685954&r1=1685953&r2=1685954&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java Wed Jun 17 09:01:11 2015 @@ -38,9 +38,7 @@ import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; /** - * Security valve which implements JASPIC authentication - * @author Fjodor Vershinin - * + * Security valve which implements JASPIC authentication. */ public class JaspicAuthenticator extends AuthenticatorBase { @@ -54,12 +52,14 @@ public class JaspicAuthenticator extends @SuppressWarnings("rawtypes") private Map authProperties = null; + @Override protected synchronized void startInternal() throws LifecycleException { super.startInternal(); serviceSubject = new Subject(); } + @Override public boolean authenticate(Request request, HttpServletResponse response) throws IOException { MessageInfo messageInfo = new MessageInfoImpl(request, response, true); @@ -98,31 +98,38 @@ public class JaspicAuthenticator extends return false; } + @Override public void login(String userName, String password, Request request) throws ServletException { throw new IllegalStateException("not implemented yet!"); } + @Override public void logout(Request request) { throw new IllegalStateException("not implemented yet!"); } + private void handleUnauthorizedRequest(HttpServletResponse response, AuthException e) throws IOException { -log.error(sm.getString("authenticator.unauthorized"), e); -response.sendError(HttpServletResponse.SC_UNAUTHORIZED, -sm.getString("authenticator.unauthorized")); +response.sendError(HttpServletResponse.SC_UNAUTHORIZED); +if (log.isDebugEnabled()) { +log.debug(sm.getString("authenticator.jaspic.unauthorized"), e); +} } + private String getAppContextId(Request request) { return request.getServletContext().getVirtualServerName() + " " + request.getContextPath(); } + private JaspicCallbackHandler getJaspicCallbackHandler() { return new JaspicCallbackHandler(container.getRealm()); } + @Override protected String getAuthMethod() { return AUTH_TYPE; Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685954&r1=1685953&r2=1685954&view=diff ==
svn commit: r1685947 - in /tomcat/trunk/java/org/apache/catalina/authenticator/jaspic: JaspicAuthenticator.java JaspicCallbackHandler.java PrincipalGroupCallback.java
Author: markt Date: Wed Jun 17 08:47:03 2015 New Revision: 1685947 URL: http://svn.apache.org/r1685947 Log: Removed use of ThreadLocal. Added some Javadoc comments. Patch provided by fjodorver. Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/PrincipalGroupCallback.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java?rev=1685947&r1=1685946&r2=1685947&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicAuthenticator.java Wed Jun 17 08:47:03 2015 @@ -34,10 +34,14 @@ import javax.servlet.http.HttpServletRes import org.apache.catalina.LifecycleException; import org.apache.catalina.authenticator.AuthenticatorBase; import org.apache.catalina.connector.Request; - import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; +/** + * Security valve which implements JASPIC authentication + * @author Fjodor Vershinin + * + */ public class JaspicAuthenticator extends AuthenticatorBase { private static final Log log = LogFactory.getLog(JaspicAuthenticator.class); @@ -45,35 +49,44 @@ public class JaspicAuthenticator extends private static final String AUTH_TYPE = "JASPIC"; private static final String MESSAGE_LAYER = "HttpServlet"; -private JaspicCallbackHandler callbackHandler; private Subject serviceSubject; @SuppressWarnings("rawtypes") private Map authProperties = null; - @Override protected synchronized void startInternal() throws LifecycleException { super.startInternal(); -callbackHandler = new JaspicCallbackHandler(container.getRealm()); serviceSubject = new Subject(); } - @Override public boolean authenticate(Request request, HttpServletResponse response) throws IOException { MessageInfo messageInfo = new MessageInfoImpl(request, response, true); +JaspicCallbackHandler callbackHandler = getJaspicCallbackHandler(); + AuthConfigFactory factory = AuthConfigFactory.getFactory(); -String appContext = request.getLocalName() + " " + request.getContextPath(); +String appContext = getAppContextId(request); -AuthConfigProvider configProvider = -factory.getConfigProvider(MESSAGE_LAYER, appContext, null); -ServerAuthConfig authConfig = getAuthConfig(appContext, configProvider); -String authContextId = authConfig.getAuthContextID(messageInfo); - -ServerAuthContext authContext = null; -authContext = getAuthContext(authConfig, authContextId, authProperties, authContext); -AuthStatus authStatus = validateRequest(messageInfo, authContext); +AuthConfigProvider configProvider = factory.getConfigProvider(MESSAGE_LAYER, appContext, +null); +if (configProvider == null) { +handleUnauthorizedRequest(response, null); +return false; +} + +AuthStatus authStatus; +try { +ServerAuthConfig authConfig = configProvider.getServerAuthConfig(MESSAGE_LAYER, +appContext, callbackHandler); +String messageAuthContextId = authConfig.getAuthContextID(messageInfo); +ServerAuthContext authContext = authConfig.getAuthContext(messageAuthContextId, +serviceSubject, authProperties); +authStatus = authContext.validateRequest(messageInfo, new Subject(), serviceSubject); +} catch (AuthException e) { +handleUnauthorizedRequest(response, e); +return false; +} if (authStatus == AuthStatus.SUCCESS) { Principal principal = callbackHandler.getPrincipal(); @@ -82,52 +95,33 @@ public class JaspicAuthenticator extends } return true; } - return false; } - -private AuthStatus validateRequest(MessageInfo messageInfo, ServerAuthContext authContext) { -Subject clientSubject = new Subject(); -try { -return authContext.validateRequest(messageInfo, clientSubject, serviceSubject); -} catch (AuthException e) { -throw new IllegalStateException(e); -} -} - - -@SuppressWarnings("rawtypes") -private ServerAuthContext getAuthContext(ServerAuthConfig authConfig, String authContextId, -Map authProperties, ServerAuthContext authContext) { -try { -return authConfig.getAuthContext(authContextId, servi
svn commit: r1685946 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicCallbackHandler.java jaspic/LocalStrings.properties
Author: markt Date: Wed Jun 17 08:42:56 2015 New Revision: 1685946 URL: http://svn.apache.org/r1685946 Log: Fix issues with previous patch to use an i18n error message Added: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties (with props) Modified: tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685946&r1=1685945&r2=1685946&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties Wed Jun 17 08:42:56 2015 @@ -27,7 +27,6 @@ authenticator.notContext=Configuration e authenticator.requestBodyTooBig=The request body was too large to be cached during the authentication process authenticator.sessionExpired=The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser authenticator.unauthorized=Cannot authenticate with the provided credentials -authenticator.jaspic.unknownCallback=Unknown JASPIC callback: {0} digestAuthenticator.cacheRemove=A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes. Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685946&r1=1685945&r2=1685946&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java Wed Jun 17 08:42:56 2015 @@ -63,7 +63,8 @@ public class JaspicCallbackHandler imple } else if (callback instanceof PasswordValidationCallback) { handlePasswordValidationCallback((PasswordValidationCallback) callback); } else { -throw new IllegalStateException(sm.getString("authenticator.jaspic.unknownCallback", callback.getClass())); +throw new IllegalStateException( +sm.getString("authenticator.jaspic.unknownCallback", callback.getClass())); } } Added: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties?rev=1685946&view=auto == --- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties (added) +++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties Wed Jun 17 08:42:56 2015 @@ -0,0 +1,16 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +authenticator.jaspic.unknownCallback=Unknown JASPIC callback: [{0}] Propchange: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/LocalStrings.properties -- svn:eol-style = native - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685943 - in /tomcat/trunk/java/org/apache/catalina/authenticator: LocalStrings.properties jaspic/JaspicCallbackHandler.java
Author: markt Date: Wed Jun 17 08:37:52 2015 New Revision: 1685943 URL: http://svn.apache.org/r1685943 Log: Use i18n for error message Patch provided by fjodorver Modified: tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java Modified: tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties?rev=1685943&r1=1685942&r2=1685943&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/LocalStrings.properties Wed Jun 17 08:37:52 2015 @@ -27,6 +27,7 @@ authenticator.notContext=Configuration e authenticator.requestBodyTooBig=The request body was too large to be cached during the authentication process authenticator.sessionExpired=The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser authenticator.unauthorized=Cannot authenticate with the provided credentials +authenticator.jaspic.unknownCallback=Unknown JASPIC callback: {0} digestAuthenticator.cacheRemove=A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes. Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java?rev=1685943&r1=1685942&r2=1685943&view=diff == --- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java (original) +++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/JaspicCallbackHandler.java Wed Jun 17 08:37:52 2015 @@ -30,8 +30,10 @@ import javax.security.auth.message.callb import org.apache.catalina.Realm; import org.apache.catalina.realm.GenericPrincipal; +import org.apache.tomcat.util.res.StringManager; public class JaspicCallbackHandler implements CallbackHandler { +protected static final StringManager sm = StringManager.getManager(JaspicCallbackHandler.class); private Realm realm; @@ -61,7 +63,7 @@ public class JaspicCallbackHandler imple } else if (callback instanceof PasswordValidationCallback) { handlePasswordValidationCallback((PasswordValidationCallback) callback); } else { -throw new IllegalStateException("Unknown callback!"); +throw new IllegalStateException(sm.getString("authenticator.jaspic.unknownCallback", callback.getClass())); } } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685941 - /tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Author: markt Date: Wed Jun 17 08:37:10 2015 New Revision: 1685941 URL: http://svn.apache.org/r1685941 Log: Whitespace police Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685941&r1=1685940&r2=1685941&view=diff == --- tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java (original) +++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed Jun 17 08:37:10 2015 @@ -136,7 +136,6 @@ public class ReplicatedMap extends if (backup == null || backup.length == 0) return null; try { - //publish the data out to all nodes MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, (Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685938 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/tribes/tipis/ReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino Date: Wed Jun 17 08:30:46 2015 New Revision: 1685938 URL: http://svn.apache.org/r1685938 Log: When failed to replication, rather than all member is handled as a failed member, exclude the failure members from backup members. Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685938&r1=1685937&r2=1685938&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed Jun 17 08:30:46 2015 @@ -17,12 +17,16 @@ package org.apache.catalina.tribes.tipis; import java.io.Serializable; +import java.util.ArrayList; +import java.util.Arrays; import java.util.Iterator; import java.util.Map; import org.apache.catalina.tribes.Channel; import org.apache.catalina.tribes.ChannelException; +import org.apache.catalina.tribes.ChannelException.FaultyMember; import org.apache.catalina.tribes.Member; +import org.apache.catalina.tribes.RemoteProcessException; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; @@ -132,12 +136,36 @@ public class ReplicatedMap extends if (backup == null || backup.length == 0) return null; -//publish the data out to all nodes -MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, -(Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); - -getChannel().send(getMapMembers(), msg, getChannelSendOptions()); - +try { + +//publish the data out to all nodes +MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, +(Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); + +getChannel().send(getMapMembers(), msg, getChannelSendOptions()); +} catch (ChannelException e) { +FaultyMember[] faultyMembers = e.getFaultyMembers(); +if (faultyMembers.length == 0) throw e; +ArrayList faulty = new ArrayList(); +for (FaultyMember faultyMember : faultyMembers) { +if (!(faultyMember.getCause() instanceof RemoteProcessException)) { +faulty.add(faultyMember.getMember()); +} +} +Member[] realFaultyMembers = faulty.toArray(new Member[faulty.size()]); +if (realFaultyMembers.length != 0) { +backup = excludeFromSet(realFaultyMembers, backup); +if (backup.length == 0) { +throw e; +} else { +if (log.isWarnEnabled()) { +log.warn("Unable to replicate backup key:" + key ++ ". Success nodes:" + Arrays.toString(backup) ++ ". Failed nodes:" + Arrays.toString(realFaultyMembers), e); +} +} +} +} return backup; } Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1685938&r1=1685937&r2=1685938&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed Jun 17 08:30:46 2015 @@ -189,6 +189,11 @@ Ensure that the nodes that the data has been successfully replicated are set to the backup node. (kfujino) + +When failed to replication, rather than all member is handled as a +failed member, exclude the failure members from backup members. +(kfujino) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685937 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/tribes/tipis/LocalStrings.properties java/org/apache/catalina/tribes/tipis/ReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino Date: Wed Jun 17 08:27:05 2015 New Revision: 1685937 URL: http://svn.apache.org/r1685937 Log: When failed to replication, rather than all member is handled as a failed member, exclude the failure members from backup members. Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties?rev=1685937&r1=1685936&r2=1685937&view=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties Wed Jun 17 08:27:05 2015 @@ -40,4 +40,5 @@ lazyReplicatedMap.unableReplicate.backup lazyReplicatedMap.unableReplicate.proxy=Unable to replicate proxy key:{0} to backup:{1}. Reason:{2} replicatedMap.member.disappeared=Member[{0}] disappeared. Related map entries will be relocated to the new node. replicatedMap.unable.relocate=Unable to relocate[{0}] to a new backup node -replicatedMap.relocate.complete=Relocation of map entries was complete in {0} ms. \ No newline at end of file +replicatedMap.relocate.complete=Relocation of map entries was complete in {0} ms. +replicatedMap.unableReplicate.completely=Unable to replicate backup key:{0}. Success nodes:{1}. Failed nodes:{2}. \ No newline at end of file Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685937&r1=1685936&r2=1685937&view=diff == --- tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed Jun 17 08:27:05 2015 @@ -17,12 +17,16 @@ package org.apache.catalina.tribes.tipis; import java.io.Serializable; +import java.util.ArrayList; +import java.util.Arrays; import java.util.Iterator; import java.util.Map; import org.apache.catalina.tribes.Channel; import org.apache.catalina.tribes.ChannelException; +import org.apache.catalina.tribes.ChannelException.FaultyMember; import org.apache.catalina.tribes.Member; +import org.apache.catalina.tribes.RemoteProcessException; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; @@ -131,12 +135,35 @@ public class ReplicatedMap extends if (backup == null || backup.length == 0) return null; -//publish the data out to all nodes -MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, -(Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); - -getChannel().send(getMapMembers(), msg, getChannelSendOptions()); - +try { + +//publish the data out to all nodes +MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, +(Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); + +getChannel().send(getMapMembers(), msg, getChannelSendOptions()); +} catch (ChannelException e) { +FaultyMember[] faultyMembers = e.getFaultyMembers(); +if (faultyMembers.length == 0) throw e; +ArrayList faulty = new ArrayList<>(); +for (FaultyMember faultyMember : faultyMembers) { +if (!(faultyMember.getCause() instanceof RemoteProcessException)) { +faulty.add(faultyMember.getMember()); +} +} +Member[] realFaultyMembers = faulty.toArray(new Member[faulty.size()]); +if (realFaultyMembers.length != 0) { +backup = excludeFromSet(realFaultyMembers, backup); +if (backup.length == 0) { +throw e; +} else { +if (log.isWarnEnabled()) { + log.warn(sm.getString("replicatedMap.unableReplicate.completely", key, +Arrays.toString(backup), Arrays.toString(realFaultyMembers)), e); +} +} +} +} return backup; } Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1685937&r1=1685936&r2=1685937&view=diff ==
svn commit: r1685936 - in /tomcat/trunk/java/org/apache/catalina/tribes/tipis: LocalStrings.properties ReplicatedMap.java
Author: kfujino Date: Wed Jun 17 08:23:06 2015 New Revision: 1685936 URL: http://svn.apache.org/r1685936 Log: Add warning log. Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties?rev=1685936&r1=1685935&r2=1685936&view=diff == --- tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/LocalStrings.properties Wed Jun 17 08:23:06 2015 @@ -40,4 +40,5 @@ lazyReplicatedMap.unableReplicate.backup lazyReplicatedMap.unableReplicate.proxy=Unable to replicate proxy key:{0} to backup:{1}. Reason:{2} replicatedMap.member.disappeared=Member[{0}] disappeared. Related map entries will be relocated to the new node. replicatedMap.unable.relocate=Unable to relocate[{0}] to a new backup node -replicatedMap.relocate.complete=Relocation of map entries was complete in {0} ms. \ No newline at end of file +replicatedMap.relocate.complete=Relocation of map entries was complete in {0} ms. +replicatedMap.unableReplicate.completely=Unable to replicate backup key:{0}. Success nodes:{1}. Failed nodes:{2}. \ No newline at end of file Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685936&r1=1685935&r2=1685936&view=diff == --- tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java (original) +++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed Jun 17 08:23:06 2015 @@ -18,6 +18,7 @@ package org.apache.catalina.tribes.tipis import java.io.Serializable; import java.util.ArrayList; +import java.util.Arrays; import java.util.Iterator; import java.util.Map; @@ -153,7 +154,14 @@ public class ReplicatedMap extends Member[] realFaultyMembers = faulty.toArray(new Member[faulty.size()]); if (realFaultyMembers.length != 0) { backup = excludeFromSet(realFaultyMembers, backup); -if (backup.length == 0) throw e; +if (backup.length == 0) { +throw e; +} else { +if (log.isWarnEnabled()) { + log.warn(sm.getString("replicatedMap.unableReplicate.completely", key, +Arrays.toString(backup), Arrays.toString(realFaultyMembers)), e); +} +} } } return backup; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1685935 - /tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java
Author: kfujino Date: Wed Jun 17 08:12:35 2015 New Revision: 1685935 URL: http://svn.apache.org/r1685935 Log: When failed to replication, rather than all member is handled as a failed member, exclude the failure members from backup members. Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Modified: tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java?rev=1685935&r1=1685934&r2=1685935&view=diff == --- tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java (original) +++ tomcat/trunk/java/org/apache/catalina/tribes/tipis/ReplicatedMap.java Wed Jun 17 08:12:35 2015 @@ -17,12 +17,15 @@ package org.apache.catalina.tribes.tipis; import java.io.Serializable; +import java.util.ArrayList; import java.util.Iterator; import java.util.Map; import org.apache.catalina.tribes.Channel; import org.apache.catalina.tribes.ChannelException; +import org.apache.catalina.tribes.ChannelException.FaultyMember; import org.apache.catalina.tribes.Member; +import org.apache.catalina.tribes.RemoteProcessException; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; @@ -131,12 +134,28 @@ public class ReplicatedMap extends if (backup == null || backup.length == 0) return null; -//publish the data out to all nodes -MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, -(Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); - -getChannel().send(getMapMembers(), msg, getChannelSendOptions()); - +try { + +//publish the data out to all nodes +MapMessage msg = new MapMessage(getMapContextName(), MapMessage.MSG_COPY, false, +(Serializable) key, (Serializable) value, null,channel.getLocalMember(false), backup); + +getChannel().send(getMapMembers(), msg, getChannelSendOptions()); +} catch (ChannelException e) { +FaultyMember[] faultyMembers = e.getFaultyMembers(); +if (faultyMembers.length == 0) throw e; +ArrayList faulty = new ArrayList<>(); +for (FaultyMember faultyMember : faultyMembers) { +if (!(faultyMember.getCause() instanceof RemoteProcessException)) { +faulty.add(faultyMember.getMember()); +} +} +Member[] realFaultyMembers = faulty.toArray(new Member[faulty.size()]); +if (realFaultyMembers.length != 0) { +backup = excludeFromSet(realFaultyMembers, backup); +if (backup.length == 0) throw e; +} +} return backup; } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: JASPIC Implementation pointers
Hi, Mark! I'd updated my jaspic-implementation branch, where I have updated version. Thank you for your comments, almost all of this issues has been fixed. > The patch triggered a number of basic IDE warnings that should have been already fixed (use of <> and@Override) Could you provide me your eclipse config files for this project? I think it would be most convenient way to fix such kind issues. > The code is completely uncommented. While I can guess at what most of the code is meant to be doing there needs to be some comments to explain what is going on and why. Where appropriate, reference the JASPIC 1.1 spec. I added some Javadocs, however current implementation is not that stable, so I'll continue commenting code when code will be more solid. >All user messages, exception messages etc. should use i18n (StringManager). Fixed. Only "not implemented" exceptions had left, but they will be removed after some time, so I think it's not mandatory to translate them. >There are no unit tests (note most Tomcat unit tests are more like integration tests) I've prepared a couple unit tests and one integration test. >In JaspicAuthenticator.authenticate() request.getLocalName() is not the way to get a unique name for the web application (assuming that is what is required). Has been fixed. Now I get unique name in JASPIC 1.1 style. >In JaspicAuthenticator.getAuthConfig() is a single, shared call back handler the correct model? Would per request/response call back handler instances remove the need for ThreadLocals? >The use of a ThreadLocal JaspicCallbackHandler needs to be justified. Is a ThreadLocal really the only solution? If so there needs to be a very clear comment explaining why. Also, the ThreadLocal must be cleared as soon as it is no longer required. > Will JaspicCallbackHandler.handle(Callback[]) only be called once per authentication? If not, the ThreadLocal is overwritten. All ThreadLocal logic has been replaced with creation of a new instance every time. I'm not sure about performance, but for now it's more convenient. > In JaspicCallbackHandler how is the PrincipalGroupCallback associated with the authenticated Principal? What do you mean under authenticated Principal? Currently, I merge two callback's info into tomcat GenericPrincipal, which contains user principal, user name and roles. Then this GenericPrincipal can be used in Tomcat's internals. I am not sure how to deal with already authenticated Principal's, I need to do some research. >The use of instanceof in PrincipalGroupCallback.addCallback doesn't look right. Why not use separate methods? Fixed. >PrincipalGroupCallback.getPrincipal() has an empty if block. Fixed. -- Thanks, Fjodor