[tomcat] branch 8.5.x updated: Remove extras-jmx-remote from build.xml. Followup to JMXRemoteLifecycleListener removal (1b9e8fd1f43ed08d6b87cad5182713e1830e499e).
This is an automated email from the ASF dual-hosted git repository. rjung pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 2188891 Remove extras-jmx-remote from build.xml. Followup to JMXRemoteLifecycleListener removal (1b9e8fd1f43ed08d6b87cad5182713e1830e499e). 2188891 is described below commit 2188891d13ba60dd335b3e5daa539bd911c83276 Author: Rainer Jung AuthorDate: Tue Feb 8 10:02:22 2022 +0100 Remove extras-jmx-remote from build.xml. Followup to JMXRemoteLifecycleListener removal (1b9e8fd1f43ed08d6b87cad5182713e1830e499e). --- build.xml | 25 + 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/build.xml b/build.xml index 893cc27..749f8b2 100644 --- a/build.xml +++ b/build.xml @@ -163,10 +163,7 @@ - - - @@ -516,10 +513,6 @@ - - - - @@ -1716,24 +1709,8 @@ - - - - - - - - - - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Remove more occurrences of compile.source and compile.target
This is an automated email from the ASF dual-hosted git repository.
rjung pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new ff75cfc Remove more occurrences of compile.source and compile.target
ff75cfc is described below
commit ff75cfcac51329360cc6e2a85c2df1444cc4cfc6
Author: Rainer Jung
AuthorDate: Tue Feb 8 10:29:28 2022 +0100
Remove more occurrences of compile.source and compile.target
---
build.xml | 2 --
modules/jdbc-pool/build.properties.default | 2 --
2 files changed, 4 deletions(-)
diff --git a/build.xml b/build.xml
index 749f8b2..a297f1b 100644
--- a/build.xml
+++ b/build.xml
@@ -1688,8 +1688,6 @@
diff --git a/modules/jdbc-pool/build.properties.default
b/modules/jdbc-pool/build.properties.default
index 41a0be8..1718a52 100644
--- a/modules/jdbc-pool/build.properties.default
+++ b/modules/jdbc-pool/build.properties.default
@@ -40,8 +40,6 @@ version.suffix=
# contexts by the various build scripts.
base.path=${basedir}/includes
-compile.source=1.7
-compile.target=1.7
compile.release=7
compile.debug=true
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Remove tomcat-catalina-jmx-remote maven artefact deployment.
This is an automated email from the ASF dual-hosted git repository. rjung pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new b9d6a9d Remove tomcat-catalina-jmx-remote maven artefact deployment. b9d6a9d is described below commit b9d6a9dbd0eb97c37e4549ca3c046201559d12d5 Author: Rainer Jung AuthorDate: Tue Feb 8 11:41:24 2022 +0100 Remove tomcat-catalina-jmx-remote maven artefact deployment. The JMXRemoteLifecycleListener class has been removed. --- res/maven/mvn-pub.xml| 4 --- res/maven/tomcat-catalina-jmx-remote.pom | 54 2 files changed, 58 deletions(-) diff --git a/res/maven/mvn-pub.xml b/res/maven/mvn-pub.xml index f959e58..867b53e 100644 --- a/res/maven/mvn-pub.xml +++ b/res/maven/mvn-pub.xml @@ -345,10 +345,6 @@ - - -http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 - http://maven.apache.org/xsd/maven-4.0.0.xsd";> 4.0.0 - org.apache.tomcat - tomcat-catalina-jmx-remote - @MAVEN.DEPLOY.VERSION@ - Tomcat Remote JMX listener - https://tomcat.apache.org/ - - - Apache License, Version 2.0 - http://www.apache.org/licenses/LICENSE-2.0.txt - repo - - - - - org.apache.tomcat - tomcat-util - @MAVEN.DEPLOY.VERSION@ - compile - - - org.apache.tomcat - tomcat-catalina - @MAVEN.DEPLOY.VERSION@ - compile - - - org.apache.tomcat - tomcat-juli - @MAVEN.DEPLOY.VERSION@ - compile - - - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65853] [CsrfPreventionFilter] Extract evaluation of skipNonceCheck into overridable method
https://bz.apache.org/bugzilla/show_bug.cgi?id=65853
--- Comment #4 from Marvin Fröhlich ---
I have further suggestions for this Filter. To add a little flexibility for the
Nonce cache and for the storage of it I suggest construction methods like this:
#
protected static interface NonceCache extends Serializable {
void add(T nonce);
boolean contains(T nonce);
}
protected static class LruCache implements NonceCache {
#
#
protected NonceCache getNonceCache(@SuppressWarnings( "unused" )
HttpServletRequest request, HttpSession session) {
return (NonceCache)
session.getAttribute(Constants.CSRF_NONCE_SESSION_ATTR_NAME);
}
protected NonceCache newNonceCache(@SuppressWarnings( "unused" )
HttpServletRequest request, HttpSession session) {
LruCache nonceCache = new LruCache<>(nonceCacheSize);
session.setAttribute(Constants.CSRF_NONCE_SESSION_ATTR_NAME, nonceCache);
return nonceCache;
}
#
Called like this:
#
NonceCache nonceCache = (session == null) ? null : getNonceCache(req,
session);
#
#
if (nonceCache == null) {
if(log.getLogger().getLevel().isAsVerboseAs(LogLevel.DEBUG)) {
log.logDebug("Creating new CSRF nonce cache with size=" +
nonceCacheSize + " for session " + (null == session ? "(will create)" :
session.getId()));
}
if (session == null) {
if(log.getLogger().getLevel().isAsVerboseAs(LogLevel.DEBUG)) {
log.logDebug("Creating new session to store CSRF nonce cache");
}
session = req.getSession(true);
}
nonceCache = newNonceCache(req, session);
}
#
None cache creation is moved below session "creation" to be able to pass it
into the call of newNonceCache(req, session).
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] 01/02: SWitch to building with Java 11 and using --release
Am 13.01.2022 um 18:27 schrieb ma...@apache.org: This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 2b6e19e971a980e38bcd30f05c554d9b798666c0 Author: Mark Thomas AuthorDate: Thu Jan 13 16:36:32 2022 + SWitch to building with Java 11 and using --release Remove unnecessary references to compile.source and compile.target Since we are now using release, that overrides source and target. --- BUILDING.txt | 2 +- build.xml| 82 +++- 2 files changed, 21 insertions(+), 63 deletions(-) diff --git a/build.xml b/build.xml index 9597d3b..744eaab 100644 --- a/build.xml +++ b/build.xml ... @@ -211,33 +209,6 @@ - - - - - - ... @@ -1969,13 +1929,11 @@ - - - - - - - + + + + + Is there still a way of running the unit tests with older JVMs, like Java 8? I understand, that e switched the build process to Java 11+, but wouldn't it be nice to have the opportunity to check the unit tests with the minimum target release? Altough it makes build.xml slightly more complex, it would probably suffice to revert the change of making the Java 9+ jvmargs non-optional. WDYT? Best regards, Rainer - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o closed pull request #463: Add support for additional user attributes to TomcatPrincipal
michael-o closed pull request #463: URL: https://github.com/apache/tomcat/pull/463 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #463: Add support for additional user attributes to TomcatPrincipal
michael-o commented on pull request #463: URL: https://github.com/apache/tomcat/pull/463#issuecomment-1032593680 @cklein05 Please provide backport PRs for 10.0.x and 9.0.x with default methods. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Add support for additional user attributes in TomcatPrincipal
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c3edf43 Add support for additional user attributes in TomcatPrincipal
c3edf43 is described below
commit c3edf437da20af0f11edc0ad6d893399b01e6287
Author: Carsten Klein
AuthorDate: Wed Jan 12 15:06:42 2022 +0100
Add support for additional user attributes in TomcatPrincipal
This closes #463
---
java/org/apache/catalina/TomcatPrincipal.java | 28 +
.../apache/catalina/realm/GenericPrincipal.java| 46 ++
java/org/apache/catalina/realm/JNDIRealm.java | 2 +-
webapps/docs/changelog.xml | 5 +++
webapps/examples/jsp/security/protected/index.jsp | 44 +
5 files changed, 117 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/catalina/TomcatPrincipal.java
b/java/org/apache/catalina/TomcatPrincipal.java
index 83f9035..1e3d9f6 100644
--- a/java/org/apache/catalina/TomcatPrincipal.java
+++ b/java/org/apache/catalina/TomcatPrincipal.java
@@ -17,6 +17,8 @@
package org.apache.catalina;
import java.security.Principal;
+import java.util.Collections;
+import java.util.Enumeration;
import org.ietf.jgss.GSSCredential;
@@ -47,4 +49,30 @@ public interface TomcatPrincipal extends Principal {
* exception to LoginContext
*/
void logout() throws Exception;
+
+/**
+ * Returns the value of the named attribute as an Object, or
+ * null if no attribute of the given name exists, or if
+ * null has been specified as the attribute's name.
+ *
+ * Only the servlet container may set attributes to make available custom
+ * information about a Principal or the user it represents.
+ *
+ * @param name a String specifying the name of the attribute
+ * @return an Object containing the value of the attribute, or
+ * null if the attribute does not exist, or if
+ * null has been specified as the attribute's name
+ */
+Object getAttribute(String name);
+
+/**
+ * Returns an Enumeration containing the names of the
+ * attributes available to this Principal. This method returns an empty
+ * Enumeration if the Principal has no attributes available to
+ * it.
+ *
+ * @return an Enumeration of strings containing the names of
+ * the Principal's attributes
+ */
+Enumeration getAttributeNames();
}
diff --git a/java/org/apache/catalina/realm/GenericPrincipal.java
b/java/org/apache/catalina/realm/GenericPrincipal.java
index 7260da4..584c104 100644
--- a/java/org/apache/catalina/realm/GenericPrincipal.java
+++ b/java/org/apache/catalina/realm/GenericPrincipal.java
@@ -19,7 +19,10 @@ package org.apache.catalina.realm;
import java.io.Serializable;
import java.security.Principal;
import java.util.Arrays;
+import java.util.Collections;
+import java.util.Enumeration;
import java.util.List;
+import java.util.Map;
import javax.security.auth.login.LoginContext;
@@ -120,7 +123,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
*/
public GenericPrincipal(String name, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, roles, userPrincipal, loginContext, null);
+this(name, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -140,7 +143,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
@Deprecated
public GenericPrincipal(String name, String password, List roles,
Principal userPrincipal, LoginContext loginContext) {
-this(name, roles, userPrincipal, loginContext, null);
+this(name, roles, userPrincipal, loginContext, null, null);
}
/**
@@ -154,10 +157,12 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
* @param loginContext - If provided, this will be used to log out the
user
*at the appropriate time
* @param gssCredential - If provided, the user's delegated credentials
+ * @param attributes - If provided, additional attributes associated with
+ *this Principal
*/
public GenericPrincipal(String name, List roles,
Principal userPrincipal, LoginContext loginContext,
-GSSCredential gssCredential) {
+GSSCredential gssCredential, Map attributes) {
super();
this.name = name;
this.userPrincipal = userPrincipal;
@@ -171,6 +176,7 @@ public class GenericPrincipal implements TomcatPrincipal,
Serializable {
}
this.loginContext = loginContext;
this.gssCredential = gssCredential;
+this.attributes = attributes != null ?
Collections.unmodifiableMap(attributes) : null;
}
@@ -193,
[Bug 65776] "Duplicate accept detected" error from a subsequent request with the same local port
https://bz.apache.org/bugzilla/show_bug.cgi?id=65776 Mark Thomas changed: What|Removed |Added Status|NEEDINFO|NEW --- Comment #14 from Mark Thomas --- Thanks for the additional info. I wasn't able to reproduce the issue on Windows. Combined with your information regarding low load, it looks like you are seeing a false positive. The good news is that means we aren't seeing the same issue on Windows. The bad news is we need to try and find a way to avoid - or at least reduce - the false positive rate. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Remove unused import.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new fd0775c Remove unused import. fd0775c is described below commit fd0775cbd47793b98e5479b3e319fa86b4105a30 Author: Mark Thomas AuthorDate: Tue Feb 8 14:27:00 2022 + Remove unused import. --- java/org/apache/catalina/TomcatPrincipal.java | 1 - 1 file changed, 1 deletion(-) diff --git a/java/org/apache/catalina/TomcatPrincipal.java b/java/org/apache/catalina/TomcatPrincipal.java index 1e3d9f6..515576a 100644 --- a/java/org/apache/catalina/TomcatPrincipal.java +++ b/java/org/apache/catalina/TomcatPrincipal.java @@ -17,7 +17,6 @@ package org.apache.catalina; import java.security.Principal; -import java.util.Collections; import java.util.Enumeration; import org.ietf.jgss.GSSCredential; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] cklein05 opened a new pull request #471: Add support for additional user attributes to TomcatPrincipal (10.0.x)
cklein05 opened a new pull request #471: URL: https://github.com/apache/tomcat/pull/471 @michael-o Here's the 10.0.x backport. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #471: Add support for additional user attributes to TomcatPrincipal (10.0.x)
michael-o commented on pull request #471: URL: https://github.com/apache/tomcat/pull/471#issuecomment-1032731167 @markt-asf If you don't object, I will tomorrow and merge. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] cklein05 opened a new pull request #472: Add support for additional user attributes to TomcatPrincipal (9.0.x)
cklein05 opened a new pull request #472: URL: https://github.com/apache/tomcat/pull/472 @michael-o Here's the 9.0.x backport. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
