DO NOT REPLY [Bug 13658] - javax.servlet.request.key_size attribute isn't being set

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658

javax.servlet.request.key_size attribute isn't being set





--- Additional Comments From [EMAIL PROTECTED]  2002-10-16 06:32 ---
It all works for me (against CVS HEAD) using JSSE 1.0.2 with JVM 1.3.1.

I'm leaving the bug open assuming that you are using JSSE 1.1.x that comes with 
the 1.4.x JVM.  If you could confirm this, it would be a big help.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13658] - javax.servlet.request.key_size attribute isn't being set

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658

javax.servlet.request.key_size attribute isn't being set





--- Additional Comments From [EMAIL PROTECTED]  2002-10-16 06:26 ---
*** Bug 13660 has been marked as a duplicate of this bug. ***

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13660] - HttpServletRequest.getAttributeNames() doesn't return javax.servlet.request.cipher_suite attribute

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13660

HttpServletRequest.getAttributeNames() doesn't return 
javax.servlet.request.cipher_suite attribute

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||DUPLICATE



--- Additional Comments From [EMAIL PROTECTED]  2002-10-16 06:25 ---


*** This bug has been marked as a duplicate of 13658 ***

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13677] New: - Deployment Problem in Tomcat4.1.12

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13677

Deployment Problem in Tomcat4.1.12

   Summary: Deployment Problem in Tomcat4.1.12
   Product: Tomcat 4
   Version: 4.1.12
  Platform: Other
OS/Version: Windows NT/2K
Status: UNCONFIRMED
  Severity: Critical
  Priority: Other
 Component: Webapps:Administration
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


We were using the Apache 1.3.2 and Tomact3.2.3  but on upgradation to 
Apache2.0.39 and  Tomcat4.1.12 The previous deployment description  as


But on adding Tomcat was not  starting up and it got shut down . And on adding 
the previous war file to webapps it displayed the  following error. 

Apache Tomcat/4.1.12
Oct 16, 2002 11:13:28 AM org.apache.commons.digester.Digester endElement
SEVERE: End event threw exception
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.commons.beanutils.MethodUtils.invokeMethod(MethodUtils.jav
a:228)
at org.apache.commons.digester.SetNextRule.end(SetNextRule.java:260)
at org.apache.commons.digester.Digester.endElement(Digester.java:1036)
at org.apache.xerces.parsers.AbstractSAXParser.endElement(AbstractSAXPar
ser.java:579)
at org.apache.xerces.impl.XMLNamespaceBinder.endElement(XMLNamespaceBind
er.java:646)
at org.apache.xerces.impl.dtd.XMLDTDValidator.handleEndElement(XMLDTDVal
idator.java:1972)
at org.apache.xerces.impl.dtd.XMLDTDValidator.endElement(XMLDTDValidator
.java:878)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.handleEndElemen
t(XMLDocumentFragmentScannerImpl.java:1144)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanEndElement(
XMLDocumentFragmentScannerImpl.java:987)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContent
Dispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1445)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(XM
LDocumentFragmentScannerImpl.java:333)
at org.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguration.jav
a:524)
at org.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguration.jav
a:580)
at org.apache.xerces.parsers.XMLParser.parse(XMLParser.java:152)
at org.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXParser.j
ava:1169)
at org.apache.commons.digester.Digester.parse(Digester.java:1495)
at org.apache.catalina.startup.ContextConfig.applicationConfig(ContextCo
nfig.java:282)
at org.apache.catalina.startup.ContextConfig.start(ContextConfig.java:63
9)
at org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfi
g.java:243)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(Lifecycl
eSupport.java:166)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:3
493)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase
.java:821)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:80
7)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:579)

at org.apache.catalina.core.StandardHostDeployer.install(StandardHostDep
loyer.java:257)
at org.apache.catalina.core.StandardHost.install(StandardHost.java:772)
at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.j
ava:569)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:411
)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:879)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java
:368)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(Lifecycl
eSupport.java:166)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1196)

at org.apache.catalina.core.StandardHost.start(StandardHost.java:738)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1188)

at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:347
)
at org.apache.catalina.core.StandardService.start(StandardService.java:4
97)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:218
9)
at org.apache.catalina.startup.Catalina.start(Catalina.java:510)
at org.apache.catalina.startu

DO NOT REPLY [Bug 13662] - If-Modifed-Since results in incorrect Content-Type header

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13662

If-Modifed-Since results in incorrect Content-Type header

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED



--- Additional Comments From [EMAIL PROTECTED]  2002-10-16 06:05 ---
Patch applied.

Thanks Much!

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/generators ErrorHandler.java

[billbarker]

billbarker2002/10/15 23:03:40

  Modified:src/share/org/apache/tomcat/modules/generators
ErrorHandler.java
  Log:
  Don't set the content-type on a 304 Not-Modified response.
  
  Submitted by: Martin Algesten [EMAIL PROTECTED]
  
  Revision  ChangesPath
  1.27  +5 -1  
jakarta-tomcat/src/share/org/apache/tomcat/modules/generators/ErrorHandler.java
  
  Index: ErrorHandler.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/generators/ErrorHandler.java,v
  retrieving revision 1.26
  retrieving revision 1.27
  diff -u -r1.26 -r1.27
  --- ErrorHandler.java 23 Mar 2002 02:45:52 -  1.26
  +++ ErrorHandler.java 16 Oct 2002 06:03:39 -  1.27
  @@ -683,7 +683,6 @@
String msg=(String)req.getAttribute("javax.servlet.error.message");
String errorURI = res.getErrorURI();

  - res.setContentType("text/html");
// res is reset !!!
// status is already set
int sc=res.getStatus();
  @@ -691,6 +690,11 @@
if( sc == 304 ) {
//NotModified must not return a body
return;
  + } else {
  + // don't set a content type if we are answering If-Modified-Since.
  + // Proxy caches might update their cached content-type with this
  + // info (mod_proxy does it). Martin Algesten 15th Oct, 2002.
  + res.setContentType("text/html");
}
   
if( sbNote==0 ) {
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 11891] - JspC does not work for webapps

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11891

JspC does not work for webapps





--- Additional Comments From [EMAIL PROTECTED]  2002-10-16 04:58 ---
Greg, I have applied your patch and this has enabled me to proceed 
successfully. It would be great if this could be integrated into the next 
Tomcat release.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 11891] - JspC does not work for webapps

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11891

JspC does not work for webapps





--- Additional Comments From [EMAIL PROTECTED]  2002-10-16 03:25 ---
I am unclear as to whether this problem is approaching a resolution. I am also 
suffering from the same issue in relation to the lack of class packaging for 
files with the same name. Surely this is a prevalent problem, as a lot of 
people must use 'index.jsp' throughout their directory structure.

The release notes for Tomcat 4.1 ($Id: RELEASE-NOTES-4.1.txt,v 1.21 2002/09/23 
00:32:46 billbarker Exp $) refer to this bug, and indicate the fix as being 
the '-webapp' option. I don't believe that this resolves the issue.

Whilst I can both precompile the classes into .java as well as compile 
into .class using the compile="true" switch, this does not suffice for 
deployment; I am deploying into JBoss 3.0.3 / Tomcat 4.1.12 bundle, and this 
gets translated into the Apache directory structure. Because there are 
several 'org.apache.jsp.index_jsp' class files located within different 
directories in the WEB-INF/classes directory of the WAR file, this confuses the 
class loader and stops deployment.

I believe that instead a fixed package which I believe is currently the case, 
the generated code should contain packages that reflect the JSP directory 
structure such as the following:

/index.jsp 
  Java file: com.my.package.index_jsp
  Generated to: /generated/com/my/package/index_jsp.java
/hello/index.jsp 
  Java file: com.my.package.hello.index_jsp
  Generated to: /generated/com/my/package/hello/index_jsp.java

instead of what currently happens, which is
/index.jsp 
  Java file: com.my.package.index_jsp
  Generated to: /generated/com/my/package/index_jsp.java
/hello/index.jsp 
  Java file: com.my.package.index_jsp
  Generated to: /generated/com/my/package/hello/index_jsp.java

Has somebody already contributed a patch to correctly package the generated 
java source code (and when I say package, I reiterate that I mean 'package xxx' 
within the Java source, not simply by locating the source in a sub-directory)?

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startupCatalina.java CatalinaService.java

[Glenn Nielsen]

Oops, thanks for catching that.

I changed org.apache.util. to org.apache.tomcat.,
that should cover it better.

Glenn

Jean-Francois Arcand wrote:
> Hi Glenn,
> 
> should it be org.apache.tomcat.util instead of org.apache.util ?
> 
> Thanks,
> 
> -- Jeanfrancois
> 
> [EMAIL PROTECTED] wrote:
> 
>> glenn   2002/10/15 13:33:19
>>
>>  Modified:catalina/src/share/org/apache/catalina/startup 
>> Catalina.java
>>CatalinaService.java
>>  Log:
>>  Add two new package restrictions
>>  
>>  Revision  ChangesPath
>>  1.49  +8 -6  
>> jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java 
>>
>>  
>>  Index: Catalina.java
>>  ===
>>  RCS file: 
>> 
>/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v
> 
>>
>>  retrieving revision 1.48
>>  retrieving revision 1.49
>>  diff -u -r1.48 -r1.49
>>  --- Catalina.java23 May 2002 17:22:37 -1.48
>>  +++ Catalina.java15 Oct 2002 20:33:19 -1.49
>>  @@ -484,7 +484,8 @@
>>   else
>>   access = "sun.,";
>>   Security.setProperty("package.access",
>>  -access + "org.apache.catalina.,org.apache.jasper.");
>>  +access +  +
>> "org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util."); 
>>
>>   String definition = 
>> Security.getProperty("package.definition");
>>   if( definition != null && definition.length() > 0 )
>>   definition += ",";
>>  @@ -493,7 +494,8 @@
>>   Security.setProperty("package.definition",
>>   // FIX ME package "javax." was removed to prevent 
>> HotSpot
>>   // fatal internal errors
>>  -definition + 
>> "java.,org.apache.catalina.,org.apache.jasper.");
>>  +definition +  +
>> 
>"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util."); 
>>
>>   }
>> // Replace System.out and System.err with a custom 
>> PrintStream
>>  
>>  
>>  
>>  1.8   +8 -6  
>> 
>jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java
> 
>>
>>  
>>  Index: CatalinaService.java
>>  ===
>>  RCS file: 
>> 
>/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java,v
> 
>>
>>  retrieving revision 1.7
>>  retrieving revision 1.8
>>  diff -u -r1.7 -r1.8
>>  --- CatalinaService.java9 Jul 2002 10:46:16 -1.7
>>  +++ CatalinaService.java15 Oct 2002 20:33:19 -1.8
>>  @@ -216,7 +216,8 @@
>>   else
>>   access = "sun.,";
>>   Security.setProperty("package.access",
>>  -access + "org.apache.catalina.,org.apache.jasper.");
>>  +access +
>>  +   
>> "org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util."); 
>>
>>   String definition = 
>> Security.getProperty("package.definition");
>>   if( definition != null && definition.length() > 0 )
>>   definition += ",";
>>  @@ -225,7 +226,8 @@
>>   Security.setProperty("package.definition",
>>   // FIX ME package "javax." was removed to prevent 
>> HotSpot
>>   // fatal internal errors
>>  -definition + 
>> "java.,org.apache.catalina.,org.apache.jasper.");
>>  +definition +
>>  +
>> 
>"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util."); 
>>
>>   }
>> // Start the new server
>>  
>>  
>>  
>>
>> -- 
>> To unsubscribe, e-mail:   
>> 
>> For additional commands, e-mail: 
>> 
>>
>>
>>  
>>
> 
> 
> -- 
> To unsubscribe, e-mail:   
> 
> For additional commands, e-mail: 
> 




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Catalina.java CatalinaService.java

[glenn]

glenn   2002/10/15 17:43:52

  Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
  Log:
  Ooops, wrong package
  
  Revision  ChangesPath
  1.50  +6 -6  
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java
  
  Index: Catalina.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v
  retrieving revision 1.49
  retrieving revision 1.50
  diff -u -r1.49 -r1.50
  --- Catalina.java 15 Oct 2002 20:33:19 -  1.49
  +++ Catalina.java 16 Oct 2002 00:43:51 -  1.50
  @@ -485,7 +485,7 @@
   access = "sun.,";
   Security.setProperty("package.access",
   access + 
  -
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
  +
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.tomcat.");
   String definition = Security.getProperty("package.definition");
   if( definition != null && definition.length() > 0 )
   definition += ",";
  @@ -495,7 +495,7 @@
   // FIX ME package "javax." was removed to prevent HotSpot
   // fatal internal errors
   definition + 
  -
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
  +
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.tomcat.");
   }
   
   // Replace System.out and System.err with a custom PrintStream
  
  
  
  1.9   +6 -6  
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java
  
  Index: CatalinaService.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- CatalinaService.java  15 Oct 2002 20:33:19 -  1.8
  +++ CatalinaService.java  16 Oct 2002 00:43:52 -  1.9
  @@ -217,7 +217,7 @@
   access = "sun.,";
   Security.setProperty("package.access",
   access +
  -   
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
  +   
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.tomcat.");
   String definition = Security.getProperty("package.definition");
   if( definition != null && definition.length() > 0 )
   definition += ",";
  @@ -227,7 +227,7 @@
   // FIX ME package "javax." was removed to prevent HotSpot
   // fatal internal errors
   definition +
  -
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
  +
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.tomcat.");
   }
   
   // Start the new server
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13673] New: - Problem in StandardSession when writing a session manager

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13673

Problem in StandardSession when writing a session manager

   Summary: Problem in StandardSession when writing a session
manager
   Product: Tomcat 4
   Version: Unknown
  Platform: PC
OS/Version: Other
Status: NEW
  Severity: Normal
  Priority: Other
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Hi,

I am trying to write my own session manager and am having limited success.  I 
have written my session manager and get a NullPointerException inside 
setAttribute (see stack trace below).  Looking at the code, I don't the 
StandardSession objects serialize themselves properly.  The read/writeObject 
methods document they do not serialize the manager and it must be set 
explicitly.  I'm guessing it is not set after the the StandardSession is
recovered from the stream.  I am assuming that my session manager does not need 
to reset the manager as that's internal to catalina and the facade blocks 
assess to the get/set manager methods.

I would be glad to send code that reproduce this problem or try patches to help 
resolve the problem.

Many thanks,
Harry.

java.lang.NullPointerException
at org.apache.catalina.session.StandardSession.setAttribute
(StandardSession.java:1268)
at org.apache.catalina.session.StandardSessionFacade.setAttribute
(StandardSessionFacade.java:191)
at org.apache.catalina.session.StandardSessionFacade.setAttribute
(StandardSessionFacade.java:191)
at Session1.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:260)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:191)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke
(StandardContext.java:2396)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:180)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke
(ErrorDispatcherValve.java:170)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:172)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:174)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service
(CoyoteAdapter.java:223)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:405)
at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:380)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt
(PoolTcpEndpoint.java:508)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:533)
at java.lang.Thread.run(Thread.java:536)

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler ImplicitTagLibraryInfo.java

[luehe]

luehe   2002/10/15 17:03:10

  Modified:jasper2/src/share/org/apache/jasper/compiler
ImplicitTagLibraryInfo.java
  Log:
  Fixed call to super() in constructor
  
  Revision  ChangesPath
  1.11  +4 -4  
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/ImplicitTagLibraryInfo.java
  
  Index: ImplicitTagLibraryInfo.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/ImplicitTagLibraryInfo.java,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- ImplicitTagLibraryInfo.java   13 Sep 2002 18:20:42 -  1.10
  +++ ImplicitTagLibraryInfo.java   16 Oct 2002 00:03:10 -  1.11
  @@ -96,7 +96,7 @@
  String prefix,
  String tagdir,
  ErrorDispatcher err) throws JasperException {
  -super(prefix, tagdir);
  +super(prefix, null, tagdir);
this.pc = pc;
this.tagFileMap = new Hashtable();
this.vec = new Vector();
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Vote results + Security Audit redirection

[Costin Manolache]

It seems the vote on a tomcat-commiter list got a majority - 
unless all inactive commiters start voting -1.

Craig/Sam - please create the list or let me know who
can do it. The intention is to have all active commiters
in asap.

As soon as we get the list, I think we should move the 
[Security Audit] and the other thread to it.

We can forward the mails to the public list - but 
I would like to have the fixes in CVS and the potential 
releases before the information gets public.

I'm all for full disclosure and public exploits - but 
at least if we find the bugs, we should fix them before
making it public. 



-- 
Costin



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler JspUtil.java

[luehe]

luehe   2002/10/15 15:34:47

  Modified:jasper2/src/share/org/apache/jasper/compiler JspUtil.java
  Log:
  removed redundant code
  
  Revision  ChangesPath
  1.19  +3 -61 
jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/JspUtil.java
  
  Index: JspUtil.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/JspUtil.java,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- JspUtil.java  9 Oct 2002 22:46:41 -   1.18
  +++ JspUtil.java  15 Oct 2002 22:34:46 -  1.19
  @@ -77,17 +77,7 @@
   import org.apache.jasper.JasperException;
   import org.apache.jasper.logging.Logger;
   
  -import org.w3c.dom.*;
  -import javax.xml.parsers.DocumentBuilder;
  -import javax.xml.parsers.DocumentBuilderFactory;
  -import javax.xml.parsers.ParserConfigurationException;
   import org.xml.sax.Attributes;
  -import org.xml.sax.EntityResolver;
  -import org.xml.sax.ErrorHandler;
  -import org.xml.sax.SAXException;
  -import org.xml.sax.SAXParseException;
  -import org.xml.sax.InputSource;
  -import org.xml.sax.helpers.AttributesImpl;
   
   // EL interpreter (subject to change)
   import javax.servlet.jsp.el.ExpressionEvaluator;
  @@ -115,8 +105,6 @@
   private static final String OPEN_EXPR_XML  = "%=";
   private static final String CLOSE_EXPR_XML = "%";
   
  -private static ErrorHandler errorHandler = new MyErrorHandler();
  -private static EntityResolver entityResolver = new MyEntityResolver();
   private static int tempSequenceNumber = 0;
   private static ExpressionEvaluatorImpl expressionEvaluator = 
   new ExpressionEvaluatorImpl( null );
  @@ -728,52 +716,6 @@
   public Class[] getParameterTypes() {
   return this.parameterTypes;
   }
  -}
  -}
  -
  -class MyEntityResolver implements EntityResolver {
  -public InputSource resolveEntity(String publicId, String systemId)
  - throws SAXException
  -{
  - for (int i=0; imailto:[EMAIL PROTECTED]>
For additional commands, e-mail: 

DO NOT REPLY [Bug 13616] - Encoding in JSP Document(JSP in XML Syntax) is not translated properly.

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13616

Encoding in JSP Document(JSP in XML Syntax) is not translated properly.

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13616] - Encoding in JSP Document(JSP in XML Syntax) is not translated properly.

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13616

Encoding in JSP Document(JSP in XML Syntax) is not translated properly.





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 22:00 ---
Created an attachment (id=3481)
I had fixed this problem today.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

[Security Audit] CoyoteRequest.doGetSession

[Jean-Francois Arcand]

Hi,

In o.a.c.tomcat5.CoyoteRequest (same in tomcat4), there is a doPrivilege 
block that grant the doGetSession method. This method delegate the logic 
to the o.a.c.Manager instance. A Manager can (but it's not required) 
uses a o.a.c.Store object . The Manager and the Store object may need 
special privileges when handling session persistance (see 
o.a.c.session.FileStore for an example).

I would recommend we remove the doPrivilege block from CoyoteRequest and 
delegate the doPrivilege call to the Manager (or the Store) instance. 
That will allow better fine grained security check. Only the required 
operations should be granted (right now every Manager is granted -> so 
every Store instance!). As an example, o.a.c.session.FileStore does not 
contains any security checks in its current implementation, and IMO, it 
should.

The contract between the Manager and CoyoteRequest will have to be 
documented somewhere since Manager written for Tomcat 4 may no longer 
works. The catalina.policy file can then be used to give special 
privileges to ManagerX, but not to ManagerY (same for Store instance or 
whatever objects is used), based on codebase.

Any recommendations/objections to the modification?

Thanks,

-- Jeanfrancois

P.S Right now, if you run Tomcat with the default Security manager, the 
doPrivilege block is useless. For performance reason, we should avoid 
this call.


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-servletapi-5/jsr154/src/share/javax/servlet/http HttpUtils.java

[jfarcand]

jfarcand2002/10/15 14:39:44

  Modified:jsr154/src/share/javax/servlet/http HttpUtils.java
  Log:
  Security Audit. Remove possible security issue.
  
  Submitted by: Bob Hermann
  
  Revision  ChangesPath
  1.2   +1 -3  
jakarta-servletapi-5/jsr154/src/share/javax/servlet/http/HttpUtils.java
  
  Index: HttpUtils.java
  ===
  RCS file: 
/home/cvs/jakarta-servletapi-5/jsr154/src/share/javax/servlet/http/HttpUtils.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- HttpUtils.java13 Aug 2002 16:21:45 -  1.1
  +++ HttpUtils.java15 Oct 2002 21:39:44 -  1.2
  @@ -82,9 +82,7 @@
"javax.servlet.http.LocalStrings";
   private static ResourceBundle lStrings =
ResourceBundle.getBundle(LSTRING_FILE);
  -
  -static Hashtable nullHashtable = new Hashtable();
  -
  +
   
   
   /**
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

[5] Security Audit: fluf found

[Bob Herrmann]

I found this extra bit of fluf, can someone (with jakarta-servletapi
Karma) commit this?

Cheers,
-bob







Index: jsr154/src/share/javax/servlet/http/HttpUtils.java
===
RCS file: /home/cvs/jakarta-servletapi-5/jsr154/src/share/javax/servlet/http/HttpUtils.java,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 HttpUtils.java
--- jsr154/src/share/javax/servlet/http/HttpUtils.java	13 Aug 2002 16:21:45 -	1.1.1.1
+++ jsr154/src/share/javax/servlet/http/HttpUtils.java	15 Oct 2002 21:30:54 -
@@ -83,7 +83,6 @@
 private static ResourceBundle lStrings =
 	ResourceBundle.getBundle(LSTRING_FILE);
 
-static Hashtable nullHashtable = new Hashtable();
 
 
 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13671] New: - Setting a session attribute that do not implements the "serializable" interface will throw an IllegalArgumentException when it cannot find the associated resource standardSession.setAttribute.iae in a Japanese Machine.

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13671

Setting a session attribute that do not implements the "serializable" interface will 
throw an IllegalArgumentException when it cannot find the associated resource 
standardSession.setAttribute.iae in a Japanese Machine.

   Summary: Setting a session attribute that do not implements the
"serializable" interface will throw an
IllegalArgumentException when it cannot find the
associated resource standardSession.setAttribute.iae in
a Japanese Machine.
   Product: Tomcat 4
   Version: 4.1.12
  Platform: PC
OS/Version: Windows NT/2K
Status: NEW
  Severity: Major
  Priority: Other
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Version: Release: 4.1.12
Tomcat component: File:org.apache.catalina.session.StandardSession, Line 1239
Platform: 
OS: Windows 2000, Service Pack 3, Japanese
JVM: JDK 1.4.0_01 Standard Edition (build 1.4.0_01-b03)
Web Server: Don't matter
Log file excerpts:
"Cannot find message associated with key 'standardSession.setAttribute.iae'"
Stack Traces:
java.lang.IllegalArgumentException: Cannot find message associated with 
key 'standardSession.setAttribute.iae'
at org.apache.catalina.session.StandardSession.setAttribute
(StandardSession.java:1239)
at org.apache.catalina.session.StandardSessionFacade.setAttribute
(StandardSessionFacade.java:191)
at org.apache.catalina.session.StandardSessionFacade.setAttribute
(StandardSessionFacade.java:191)
at org.apache.jasper.runtime.PageContextImpl.setAttribute
(PageContextImpl.java:249)
at org.apache.jsp.insertForm1_jsp._jspService(insertForm1_jsp.java:86)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:136)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.jasper.servlet.JspServletWrapper.service
(JspServletWrapper.java:204)
at org.apache.jasper.servlet.JspServlet.serviceJspFile
(JspServlet.java:289)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:193)
at 
jp.co.hottolink.eCRMTool.util.webUtil.SetCharacterEncodingFilter.doFilter
(SetCharacterEncodingFilter.java:134)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:260)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:191)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.valves.CertificatesValve.invoke
(CertificatesValve.java:246)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke
(StandardContext.java:2396)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:180)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke
(ErrorDispatcherValve.java:170)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:172)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNex
t(StandardPipeline.java:641)
at org.apache.catalina.valves.AccessLogValve.invoke
(AccessLogValve.java:469)
at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValv

cvs commit: jakarta-tomcat-connectors/jk build.xml

[costin]

costin  2002/10/15 14:03:26

  Modified:jk   build.xml
  Log:
  Allow configuration of the jar.
  
  Revision  ChangesPath
  1.59  +11 -6 jakarta-tomcat-connectors/jk/build.xml
  
  Index: build.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/build.xml,v
  retrieving revision 1.58
  retrieving revision 1.59
  diff -u -r1.58 -r1.59
  --- build.xml 26 Sep 2002 13:08:38 -  1.58
  +++ build.xml 15 Oct 2002 21:03:26 -  1.59
  @@ -158,7 +158,6 @@
   
   
  -
   
   
   
  - 
  +
  +
  +
  +
  +
  + 
   
   

  - 
   
   

  - 
   
   

  - 
   
   
   

  - 
   
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/util build.xml

[costin]

costin  2002/10/15 14:02:13

  Modified:util build.xml
  Log:
  Allow configuration of the jar, jar only our files.
  
  Revision  ChangesPath
  1.14  +8 -5  jakarta-tomcat-connectors/util/build.xml
  
  Index: build.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/util/build.xml,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- build.xml 6 Oct 2002 20:28:22 -   1.13
  +++ build.xml 15 Oct 2002 21:02:13 -  1.14
  @@ -19,7 +19,9 @@
   
   
   
  -
  +
  +
  +
   
   
   
  @@ -30,7 +32,7 @@
   
   

  - 
  + 
   
   
   
  @@ -73,10 +75,11 @@

   
   
  - 
  + manifest="java/tomcat-util.manifest" >
  +
  +
   

mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: 

Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startupCatalina.java CatalinaService.java

[Jean-Francois Arcand]

Hi Glenn,

should it be org.apache.tomcat.util instead of org.apache.util ?

Thanks,

-- Jeanfrancois

[EMAIL PROTECTED] wrote:

>glenn   2002/10/15 13:33:19
>
>  Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
>CatalinaService.java
>  Log:
>  Add two new package restrictions
>  
>  Revision  ChangesPath
>  1.49  +8 -6  
>jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java
>  
>  Index: Catalina.java
>  ===
>  RCS file: 
>/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v
>  retrieving revision 1.48
>  retrieving revision 1.49
>  diff -u -r1.48 -r1.49
>  --- Catalina.java23 May 2002 17:22:37 -  1.48
>  +++ Catalina.java15 Oct 2002 20:33:19 -  1.49
>  @@ -484,7 +484,8 @@
>   else
>   access = "sun.,";
>   Security.setProperty("package.access",
>  -access + "org.apache.catalina.,org.apache.jasper.");
>  +access + 
>  +
>"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
>   String definition = Security.getProperty("package.definition");
>   if( definition != null && definition.length() > 0 )
>   definition += ",";
>  @@ -493,7 +494,8 @@
>   Security.setProperty("package.definition",
>   // FIX ME package "javax." was removed to prevent HotSpot
>   // fatal internal errors
>  -definition + "java.,org.apache.catalina.,org.apache.jasper.");
>  +definition + 
>  +
>"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
>   }
>   
>   // Replace System.out and System.err with a custom PrintStream
>  
>  
>  
>  1.8   +8 -6  
>jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java
>  
>  Index: CatalinaService.java
>  ===
>  RCS file: 
>/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java,v
>  retrieving revision 1.7
>  retrieving revision 1.8
>  diff -u -r1.7 -r1.8
>  --- CatalinaService.java 9 Jul 2002 10:46:16 -   1.7
>  +++ CatalinaService.java 15 Oct 2002 20:33:19 -  1.8
>  @@ -216,7 +216,8 @@
>   else
>   access = "sun.,";
>   Security.setProperty("package.access",
>  -access + "org.apache.catalina.,org.apache.jasper.");
>  +access +
>  +   
>"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
>   String definition = Security.getProperty("package.definition");
>   if( definition != null && definition.length() > 0 )
>   definition += ",";
>  @@ -225,7 +226,8 @@
>   Security.setProperty("package.definition",
>   // FIX ME package "javax." was removed to prevent HotSpot
>   // fatal internal errors
>  -definition + "java.,org.apache.catalina.,org.apache.jasper.");
>  +definition +
>  +
>"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
>   }
>   
>   // Start the new server
>  
>  
>  
>
>--
>To unsubscribe, e-mail:   
>For additional commands, e-mail: 
>
>
>  
>


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-5 build.xml

[costin]

costin  2002/10/15 13:44:59

  Modified:.build.xml
  Log:
  More 'fast-build' targets.
  
  I intend to remove the compilation part of build2.xml, and move
  the rest in other places ( ant-launcher.xml ? ). While it's very
  fast, it is also too hard to maintain.
  
  The current solution is a bit slower, but it uses the original
  build.xml files for each component.
  
  What I'm doing is simply call the build.xml with the build
  dir and .jar target pointing to our build and the final destination.
  That avoids file copy.
  In addition it uses  to avoid recompiling what doesn't
  change.
  
  After a full build, I get a second one in ~10-15 sec, and then it
  seems to work fine and compile only what changed.
  It is also possible to call individual targets.
  
  That's for people with <2GHz processors only :-)
  
  Revision  ChangesPath
  1.45  +59 -16jakarta-tomcat-5/build.xml
  
  Index: build.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-5/build.xml,v
  retrieving revision 1.44
  retrieving revision 1.45
  diff -u -r1.44 -r1.45
  --- build.xml 14 Oct 2002 23:09:44 -  1.44
  +++ build.xml 15 Oct 2002 20:44:59 -  1.45
  @@ -87,6 +87,21 @@
 
   
   
  +
  +  
  +
  +
  +
  +  
  +
  +
  +
  +  
  +
  +
 
   
   
  @@ -125,18 +140,20 @@
   
 
   
  -  
  -
  -== Building: catalina 
  +  
  +== Building: tomcat-jk 
   
  -
  -
  -
  -
  -
  +
  +  
  +  
  +  
  +  
   
  +  
   
  +  
   == Building: tomcat-coyote 
   
   
  @@ -144,16 +161,41 @@
 
 
   
  +  
   
  -== Building: tomcat-jk 
   
  -
  -  
  -  
  -  
  -  
  +  
  +== Building: admin ( ${admin.build.notrequired} ) 
  +
  +  
  +  
   
   
  +
  +  
  +
  +
  +  
  +
  +
  +
  +
  +
  +== Building: catalina 
  +
  +
  +
  +
  +
  +
  +
  +
  +
  +
  +
  +  
   == Building: tomcat-httpd 
   
   
  @@ -702,7 +744,8 @@
   
 
   
  -  
  +  
   
   
   
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup Catalina.java CatalinaService.java

[jfarcand]

jfarcand2002/10/15 13:44:45

  Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
  Log:
  Security Audit. Add protection for org.apache.coyote and org.apache.tomcat package.
  
  Revision  ChangesPath
  1.6   +6 -6  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/Catalina.java
  
  Index: Catalina.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/Catalina.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- Catalina.java 11 Sep 2002 13:08:18 -  1.5
  +++ Catalina.java 15 Oct 2002 20:44:45 -  1.6
  @@ -488,7 +488,7 @@
   else
   access = "sun.,";
   Security.setProperty("package.access",
  -access + "org.apache.catalina.,org.apache.jasper.");
  +access + 
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote., org.apache.tomcat.");
   String definition = Security.getProperty("package.definition");
   if( definition != null && definition.length() > 0 )
   definition += ",";
  @@ -497,7 +497,7 @@
   Security.setProperty("package.definition",
   // FIX ME package "javax." was removed to prevent HotSpot
   // fatal internal errors
  -definition + "java.,org.apache.catalina.,org.apache.jasper.");
  +definition + 
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote., 
org.apache.tomcat.");
   }
   
   // Replace System.out and System.err with a custom PrintStream
  
  
  
  1.5   +6 -6  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/CatalinaService.java
  
  Index: CatalinaService.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/startup/CatalinaService.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- CatalinaService.java  21 Aug 2002 03:31:18 -  1.4
  +++ CatalinaService.java  15 Oct 2002 20:44:45 -  1.5
  @@ -273,7 +273,7 @@
   else
   access = "sun.,";
   Security.setProperty("package.access",
  -access + "org.apache.catalina.,org.apache.jasper.");
  +access + 
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.tomcat.");
   String definition = Security.getProperty("package.definition");
   if( definition != null && definition.length() > 0 )
   definition += ",";
  @@ -282,7 +282,7 @@
   Security.setProperty("package.definition",
   // FIX ME package "javax." was removed to prevent HotSpot
   // fatal internal errors
  -definition + "java.,org.apache.catalina.,org.apache.jasper.");
  +definition + 
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.tomcat.");
   }
   
   // Start the new server
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Catalina.java CatalinaService.java

[glenn]

glenn   2002/10/15 13:33:19

  Modified:catalina/src/share/org/apache/catalina/startup Catalina.java
CatalinaService.java
  Log:
  Add two new package restrictions
  
  Revision  ChangesPath
  1.49  +8 -6  
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java
  
  Index: Catalina.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v
  retrieving revision 1.48
  retrieving revision 1.49
  diff -u -r1.48 -r1.49
  --- Catalina.java 23 May 2002 17:22:37 -  1.48
  +++ Catalina.java 15 Oct 2002 20:33:19 -  1.49
  @@ -484,7 +484,8 @@
   else
   access = "sun.,";
   Security.setProperty("package.access",
  -access + "org.apache.catalina.,org.apache.jasper.");
  +access + 
  +
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
   String definition = Security.getProperty("package.definition");
   if( definition != null && definition.length() > 0 )
   definition += ",";
  @@ -493,7 +494,8 @@
   Security.setProperty("package.definition",
   // FIX ME package "javax." was removed to prevent HotSpot
   // fatal internal errors
  -definition + "java.,org.apache.catalina.,org.apache.jasper.");
  +definition + 
  +
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
   }
   
   // Replace System.out and System.err with a custom PrintStream
  
  
  
  1.8   +8 -6  
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java
  
  Index: CatalinaService.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/CatalinaService.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- CatalinaService.java  9 Jul 2002 10:46:16 -   1.7
  +++ CatalinaService.java  15 Oct 2002 20:33:19 -  1.8
  @@ -216,7 +216,8 @@
   else
   access = "sun.,";
   Security.setProperty("package.access",
  -access + "org.apache.catalina.,org.apache.jasper.");
  +access +
  +   
"org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
   String definition = Security.getProperty("package.definition");
   if( definition != null && definition.length() > 0 )
   definition += ",";
  @@ -225,7 +226,8 @@
   Security.setProperty("package.definition",
   // FIX ME package "javax." was removed to prevent HotSpot
   // fatal internal errors
  -definition + "java.,org.apache.catalina.,org.apache.jasper.");
  +definition +
  +
"java.,org.apache.catalina.,org.apache.jasper.,org.apache.coyote.,org.apache.util.");
   }
   
   // Start the new server
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [Security Audit] Package protection...

[Glenn Nielsen]

I agree that both of those packages should be protected.
Why they are not included?  org.apache.coyote is most likely missing
because it is a relatively new package.  org.apache.util may just have
been missed.

The code below is in both startup/Catalina.java and startup/CatalinaService.java

I will go ahead and patch this in Tomcat 4 HEAD.

Regards,

Glenn

Jean-Francois Arcand wrote:
> HI,
> 
> is somebody aware why package org.apache.coyote.* and 
> org.apache.tomcat.* are not protected againts package insertion/access 
> in Catalina.java. What is the reasons? Actually, classes are not 
> available to a Webapp (the Classloader is taking care of it) but when 
> Tomcat is embedded in an app container (or when there is a special 
> Classloader), those classes are available :-(
> 
> Actually, we only protect the following package:
> 
>if( System.getSecurityManager() != null ) {
>String access = Security.getProperty("package.access");
>if( access != null && access.length() > 0 )
>access += ",";
>else
>access = "sun.,";
>Security.setProperty("package.access",
>access + "org.apache.catalina.,org.apache.jasper.");
>String definition = Security.getProperty("package.definition");
>if( definition != null && definition.length() > 0 )
>definition += ",";
>else
>definition = "sun.,";
>Security.setProperty("package.definition",
>// FIX ME package "javax." was removed to prevent HotSpot
>// fatal internal errors
>definition + 
> "java.,org.apache.catalina.,org.apache.jasper.");
>}
> 
> Thanks,
> 
> -- Jeanfrancois
> 
> 
> -- 
> To unsubscribe, e-mail:   
> 
> For additional commands, e-mail: 
> 


-- 
--
Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder|
MOREnet System Programming   |  * if iz ina coment.  |
Missouri Research and Education Network  |  */   |
--


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [Security Audit] Package protection...

[Costin Manolache]

IMO sealing is the best protection against insertion, 
and using URLClassLoader ( or making sure all the checks from
URLClassLoader are reproduced ).

I agree, this is a potential risk - as untrusted code may access
package fields. So far I don't see any, but better to be sure.

Costin

Jean-Francois Arcand wrote:

> HI,
> 
> is somebody aware why package org.apache.coyote.* and
> org.apache.tomcat.* are not protected againts package insertion/access
> in Catalina.java. What is the reasons? Actually, classes are not
> available to a Webapp (the Classloader is taking care of it) but when
> Tomcat is embedded in an app container (or when there is a special
> Classloader), those classes are available :-(
> 
> Actually, we only protect the following package:
> 
> if( System.getSecurityManager() != null ) {
> String access = Security.getProperty("package.access");
> if( access != null && access.length() > 0 )
> access += ",";
> else
> access = "sun.,";
> Security.setProperty("package.access",
> access + "org.apache.catalina.,org.apache.jasper.");
> String definition =
> Security.getProperty("package.definition"); if( definition !=
> null && definition.length() > 0 )
> definition += ",";
> else
> definition = "sun.,";
> Security.setProperty("package.definition",
> // FIX ME package "javax." was removed to prevent HotSpot
> // fatal internal errors
> definition +
> "java.,org.apache.catalina.,org.apache.jasper.");
> }
> 
> Thanks,
> 
> -- Jeanfrancois

-- 
Costin



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

[5.0]: build issues on Solaris 8?

[Brzezinski, Paul J]

I've built 5.0 on Solaris 8 (SPARC).  I have installed Java 2 SDK 1.4.1,
Apache 2.0.40 (64-bit SPARC binary built using gcc-3.1).  

Getting an error with the following jk2.properties file:

shm.file=${jkHome}/work/jk2.shm
handler.list=apr,request,channelUnix
channelJni.disabled = 0
apr.jniModeSo=inprocess
channelUnix.file=${jkHome}/work/jk2.socket

Oct 15, 2002 3:32:49 PM org.apache.commons.modeler.Registry loadRegistry
INFO: Loading registry information
Oct 15, 2002 3:32:49 PM org.apache.commons.modeler.Registry getRegistry
INFO: Creating new Registry instance
Oct 15, 2002 3:32:50 PM org.apache.commons.modeler.Registry getServer
INFO: Creating MBeanServer
Oct 15, 2002 3:32:52 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on port 8080
Starting service Tomcat-Standalone
Apache Tomcat/5.0
Oct 15, 2002 3:32:54 PM org.apache.catalina.startup.ContextConfig
authenticatorC
onfig
INFO: Configured an authenticator for method BASIC
Oct 15, 2002 3:32:55 PM org.apache.catalina.startup.ContextConfig tldScan
INFO: Processed tld  /WEB-INF/struts-logic.tld 217
Oct 15, 2002 3:32:56 PM org.apache.catalina.startup.ContextConfig tldScan
INFO: Processed tld jar  /WEB-INF/lib/struts.jar 413
Oct 15, 2002 3:32:56 PM org.apache.catalina.startup.ContextConfig
authenticatorC
onfig
INFO: Configured an authenticator for method FORM
Oct 15, 2002 3:33:03 PM org.apache.catalina.startup.ContextConfig
authenticatorC
onfig
INFO: Configured an authenticator for method FORM
Oct 15, 2002 3:33:04 PM org.apache.catalina.startup.ContextConfig
authenticatorC
onfig
INFO: Configured an authenticator for method FORM
Oct 15, 2002 3:33:04 PM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on port 8080
Oct 15, 2002 3:33:04 PM org.apache.jk.server.JkMain newHandler
SEVERE: Can't create apr
java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory
at org.apache.jk.apr.AprImpl.(AprImpl.java:340)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:140)
at org.apache.jk.server.JkMain.newHandler(JkMain.java:514)
at org.apache.jk.server.JkMain.start(JkMain.java:336)
at
org.apache.jk.server.JkCoyoteHandler.start(JkCoyoteHandler.java:164)
at org.apache.coyote.tomcat5.CoyoteConnector.start(Unknown Source)
at org.apache.catalina.core.StandardService.start(Unknown Source)
at org.apache.catalina.core.StandardServer.start(Unknown Source)
at org.apache.catalina.startup.Catalina.start(Unknown Source)
at org.apache.catalina.startup.Catalina.execute(Unknown Source)
at org.apache.catalina.startup.Catalina.process(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.catalina.startup.Bootstrap.main(Unknown Source)

This is similar to the error that I receive using Tomcat-4.1.12.  Does the
apr stuff just *NOT* work on Solaris 8?


--
mailto:[EMAIL PROTECTED]
Enterprise Distributed Capabilities
EDS Corporation
248-265-8283

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [5.0] 5.0.0 milestione released

[Bob Herrmann]

On Tue, 2002-10-15 at 03:12, Remy Maucherat wrote:
> As voted, I have packaged a first milestone of Tomcat 5.
> 
> http://jakarta.apache.org/builds/jakarta-tomcat/milestone/v5.0.0/
> 
> Note: I put it in the jakarta-tomcat folder. I don't see a point of 
> using the version number in the folder name (and I didn't have write 
> access to jakarta-tomcat-5 anyway; +1 for removing it).

Humm.  Should there be a "nightly-5" directory in this dir

   http://jakarta.apache.org/builds/jakarta-tomcat/

?

Cheers,
-bob



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/mbeans MBeanUtils.java

[jfarcand]

jfarcand2002/10/15 12:08:33

  Modified:catalina/src/share/org/apache/catalina/mbeans
MBeanUtils.java
  Log:
  Security Audit. Since all methods should/are only used by o.a.c.mbean package, 
protects them.
  
  Revision  ChangesPath
  1.6   +67 -67
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/mbeans/MBeanUtils.java
  
  Index: MBeanUtils.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/mbeans/MBeanUtils.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- MBeanUtils.java   20 Sep 2002 21:22:31 -  1.5
  +++ MBeanUtils.java   15 Oct 2002 19:08:33 -  1.6
  @@ -184,7 +184,7 @@
*
* @param component The component for which to create a name
*/
  -public static String createManagedName(Object component) {
  +static String createManagedName(Object component) {
   
   // Deal with exceptions to the standard rule
   String className = component.getClass().getName();
  @@ -211,7 +211,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Connector connector)
  +static ModelMBean createMBean(Connector connector)
   throws Exception {
   
   String mname = createManagedName(connector);
  @@ -239,7 +239,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Context context)
  +static ModelMBean createMBean(Context context)
   throws Exception {
   
   String mname = createManagedName(context);
  @@ -267,7 +267,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(ContextEnvironment environment)
  +static ModelMBean createMBean(ContextEnvironment environment)
   throws Exception {
   
   String mname = createManagedName(environment);
  @@ -295,7 +295,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(ContextResource resource)
  +static ModelMBean createMBean(ContextResource resource)
   throws Exception {
   
   String mname = createManagedName(resource);
  @@ -323,7 +323,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(ContextResourceLink resourceLink)
  +static ModelMBean createMBean(ContextResourceLink resourceLink)
   throws Exception {
   
   String mname = createManagedName(resourceLink);
  @@ -351,7 +351,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(DefaultContext context)
  +static ModelMBean createMBean(DefaultContext context)
   throws Exception {
   
   String mname = createManagedName(context);
  @@ -379,7 +379,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Engine engine)
  +static ModelMBean createMBean(Engine engine)
   throws Exception {
   
   String mname = createManagedName(engine);
  @@ -407,7 +407,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Group group)
  +static ModelMBean createMBean(Group group)
   throws Exception {
   
   String mname = createManagedName(group);
  @@ -435,7 +435,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Host host)
  +static ModelMBean createMBean(Host host)
   throws Exception {
   
   String mname = createManagedName(host);
  @@ -463,7 +463,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Loader loader)
  +static ModelMBean createMBean(Loader loader)
   throws Exception {
   
   String mname = createManagedName(loader);
  @@ -490,7 +490,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Logger logger)
  +static ModelMBean createMBean(Logger logger)
   throws Exception {
   
   String mname = createManagedName(logger);
  @@ -518,7 +518,7 @@
*
* @exception Exception if an MBean cannot be created or registered
*/
  -public static ModelMBean createMBean(Manager manager)
  +static ModelMBean createMBean(Manager manager)
   throws 

[Security Audit] Package protection...

[Jean-Francois Arcand]

HI,

is somebody aware why package org.apache.coyote.* and 
org.apache.tomcat.* are not protected againts package insertion/access 
in Catalina.java. What is the reasons? Actually, classes are not 
available to a Webapp (the Classloader is taking care of it) but when 
Tomcat is embedded in an app container (or when there is a special 
Classloader), those classes are available :-(

Actually, we only protect the following package:

if( System.getSecurityManager() != null ) {
String access = Security.getProperty("package.access");
if( access != null && access.length() > 0 )
access += ",";
else
access = "sun.,";
Security.setProperty("package.access",
access + "org.apache.catalina.,org.apache.jasper.");
String definition = Security.getProperty("package.definition");
if( definition != null && definition.length() > 0 )
definition += ",";
else
definition = "sun.,";
Security.setProperty("package.definition",
// FIX ME package "javax." was removed to prevent HotSpot
// fatal internal errors
definition + 
"java.,org.apache.catalina.,org.apache.jasper.");
}

Thanks,

-- Jeanfrancois


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: Memory Usage

[Bruce Cichowlas]

OptimizeIt seems to always get high recommendations.  Just an unofficial
recommendation.

Bruce

-Original Message-
From: John Jang [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 15, 2002 11:53 AM
To: '[EMAIL PROTECTED]'
Subject: Memory Usage
Importance: High


Hi,

One of my client is trying to use Tomcat Server (3.3.1) with their web
service products.  One of the challenge we face is the memory/cpu usage on
Windows 2000 server.  They currently have IBM Websphere to handle various
java servlet and JSP, and memory usage is little pretty high from their
point of view.  Is there any website or benchmark I can get to see how
tomcat use cpu/memory usage?  Thanks for your info.

Sincerely,

John.



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13662] New: - If-Modifed-Since results in incorrect Content-Type header

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13662

If-Modifed-Since results in incorrect Content-Type header

   Summary: If-Modifed-Since results in incorrect Content-Type
header
   Product: Tomcat 3
   Version: 3.3.1 Final
  Platform: All
OS/Version: Other
Status: NEW
  Severity: Normal
  Priority: Other
 Component: Unknown
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


When doing an "If-Modified-Since" request against a static file 
(StaticInterceptor), in the case of a "304 Not Modified", the Content-Type 
header is always supplied as "text/html". 

This results in problems in our apache httpd 1.3.26 mod_proxy reverse proxy 
cache. mod_proxy updates the Content-Type field of the object with the new 
data. E.g. a gif file will upon entering the cache have the correct 
type "image/gif", but when anyone does an "If-Modified-Since" request and the 
cache asks tomcat if the content is up to date, the type gets overwritten 
with "text/html" which was supplied by tomcat. This then results in images 
with the wrong content type.

According to W3C spec of 304 response header 
(http://www.w3.org/Protocols/HTTP/HTRESP.html):
"Response headers are as if the client had sent a HEAD request, but limited to 
only those headers which make sense in this context. This means only headers 
that are relevant to cache managers and which may have changed independently 
of the document's Last-Modified date. Examples include Date , Server and 
Expires . "

I suspect mod_proxy interprets this *very* broadly and updates most headers 
that are sent over. Arguably changing the Content-Type does not make sense in 
this context, and such both Apache httpd and Apache Tomcat should change the 
behaviour.

Consider the following:

$ curl -I http://mytomcat:18000/images/bit.gif
HTTP/1.0 200 OK
Content-Type: image/gif
Content-Length: 48
Last-Modified: Thu, 03 Oct 2002 15:49:27 GMT
Date: Tue, 15 Oct 2002 16:46:03 GMT
Server: Tomcat Web Server/3.3.1 Final ( JSP 1.1; Servlet 2.2 )

$ curl -I http://mytomcat:18000/images/bit.gif -H "If-Modified-Since: Thu, 03 
Oct 2002 15:49:27 GMT"
HTTP/1.0 304 Not Modified
Content-Type: text/html
Date: Tue, 15 Oct 2002 16:46:22 GMT
Server: Tomcat Web Server/3.3.1 Final ( JSP 1.1; Servlet 2.2 )

The second 'curl' shows the problem.

A quick fix is not to send the Content-Type header on 304. I believe that 
would also be more close to spec. Looking at the Tomcat code I've found that 
the internal StatusHandler always sets "text/html". Here is a patch that makes 
the StatusHandler only do that in case it isn't a 304:

$ diff -u ErrorHandler.java-2002-10-15 ErrorHandler.java
--- ErrorHandler.java-2002-10-15Tue Mar 26 15:36:55 2002
+++ ErrorHandler.java   Tue Oct 15 18:56:23 2002
@@ -683,7 +683,6 @@
String msg=(String)req.getAttribute("javax.servlet.error.message");
String errorURI = res.getErrorURI();

-   res.setContentType("text/html");
// res is reset !!!
// status is already set
int sc=res.getStatus();
@@ -691,6 +690,11 @@
if( sc == 304 ) {
//NotModified must not return a body
return;
+   } else {
+ // don't set a content type if we are answering If-Modified-Since.
+ // Proxy caches might update their cached content-type with this
+ // info (mod_proxy does it). Martin Algesten 15th Oct, 2002.
+ res.setContentType("text/html");
}

if( sbNote==0 ) {

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: SSL client auth in Tomcat 4.0

[Bob Herrmann]

I have gotten clientAuth=true working with Tomcat 5.

It is important to get the trusted certificates properly defined.  

I did this,

export
CATALINA_OPTS="-Djavax.net.ssl.trustStore=/home/bob/issues/ssl/cacerts.jks 
-Djavax.net.ssl.trustStorePassword=changeit"

And sometimes defined this to get extra info.
#  -Djavax.net.debug=ssl,handshake,data,trustmanager"

Cheers,
-bob


On Mon, 2002-10-14 at 20:13, Steven Bradley wrote:
> I'm using Tomcat 4.0 standalone on Windows 2000 and am having trouble 
> getting SSL client authentication working (getting SSL server auth working 
> was a snap).  Here's what I've done so far:
> 
> * created a self-signed client cert using openSSL (key usage includes 
> digital signature)
> * imported client cert (and private key) into Internet Explorer (by way of 
> a PKCS#12 file)
> * imported the Tomcat JKS file with the client certificate
> * configure tomcat server.xml file as follows:
> 
>   port="443"
> minProcessors="5"
> maxProcessors="75"
> enableLookups="true"
>  acceptCount="10"
>  debug="0"
>  scheme="https"
>  secure="true">
>clientAuth="true"
>  keystoreFile="conf/server.keystore"
>  keystorePass ="password"
> protocol="TLS"/>
>  
> 
> * stop/start tomcat
> * point IE browser to https://localhost/index.html
> 
> What IE tells me is that the page can't be displayed (after some 
> handshaking attempts).  Unfortunately, there is no log info generated (even 
> if I increase the debug param in the  element).
> 
> Any clues as to what I may be doing wrong?  Has ANYONE been able to get SSL 
> client authentication working with Tomcat 4.0 standalone (Catalina).
> 
> Thanks in advance
> -- Steven
> 
> 
> --
> To unsubscribe, e-mail:   
> For additional commands, e-mail: 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: MBeanException w/AJP13Connector and (hopefully)itssolution

[Jeff Tulley]

Thanks Costin.  I can look into the patch for the port number in server.xml not being 
honored.  I'm not too JMX savvy, so I probably won't be much help with the MBeans 
extension mechanism.  I see the need though, after going through changing it myself.

Jeff Tulley  ([EMAIL PROTECTED])
(801)861-5322
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com

>>> [EMAIL PROTECTED] 10/15/02 10:44:05 AM >>>
Jeff Tulley wrote:

> So I find that works on NetWare with our mod_jk, as you said.  The only
> thing that worries me is that the port value set in server.xml is not
> honored, on Windows or on NetWare.  Is there somewhere else it is pulling
> its configuration from?  I cannot have shifting ajp ports, since I might
> have two catalina instances running simultaneously, and I need to control
> what port Apache sends requests to, so that I can route them right.
> 
> What I saw was that I set the port to 9010, but Catalina still comes up
> with "ajp13 listening on tcp port 8009".  When I fire up the second
> instance of Catalina, it comes up listening on 8010, after unsuccessfully
> trying to get port 8009.  I cannot just use 8009 and 8010, due to both
> port conflicts on NetWare(with 8009), and because I do not want to rely on
> startup order of the two Catalina instances.
> 
> Is this a bug, or is there some part of the design that I'm missing?

Most likely a bug.

The problem is that we're using 2 configs - one is jk2.properties,
and the other is server.xml.

The original intention was that both mod_jk and the java side use the
same config file/format. Xml in C was considered too complex and too
big change. Unfortunately that wasn't implemented, but there is still
hope for 5.0, if the new config mechanism happens.

Regarding 8009, 8010, etc - that can be disabled ( set maxPort==port ),
it is intended to simplify load-balanced setup ( no need for multiple
configs - at least if you disable the shutdown and http ports which may
create conflicts ).

I'm pretty sure that if you set the port in jk2.properties it'll work,
I'll try to find out why the information is not passed from server.xml.
( if you can send a patch - it would be great ).

Regarding jk1/jk2 - the protocol is identical. The java side ( coyote-based) 
is stable for jk2, and it seems much better than the original connector,
so that's the default. The old one can be considered as deprecated. On the
C side, jk2 is getting there - but most people consider jk1 as more stable
and it's the only one to support netscape or aol - we only implemented the 
apache and iis adapters so far for jk2. Hopefully mod_jk2 will be released 
at the same time with 5.0.

We certainly need a mechanism to extend the mbeans.xml for thrid party
and other modules, again - a patch would be great :-)


Costin





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 9702] - JNDIRealm StartTLS/SSL support request

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9702

JNDIRealm StartTLS/SSL support request





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 17:21 ---
Can someone please add this?

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13658] - javax.servlet.request.key_size attribute isn't being set

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658

javax.servlet.request.key_size attribute isn't being set





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 17:15 ---
It's not being set, I just tested it, and it's being set to null.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13660] - HttpServletRequest.getAttributeNames() doesn't return javax.servlet.request.cipher_suite attribute

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13660

HttpServletRequest.getAttributeNames() doesn't return 
javax.servlet.request.cipher_suite attribute





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 17:11 ---
I have a feeling it has the same cause as bug 13658, and I would say it has been
fixed since 4.1.12.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13658] - javax.servlet.request.key_size attribute isn't being set

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658

javax.servlet.request.key_size attribute isn't being set





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 17:06 ---
AFAIK, this works. Add some debug in Http11Processor.action method (in the SSL
callback).

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13660] New: - HttpServletRequest.getAttributeNames() doesn't return javax.servlet.request.cipher_suite attribute

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13660

HttpServletRequest.getAttributeNames() doesn't return 
javax.servlet.request.cipher_suite attribute

   Summary: HttpServletRequest.getAttributeNames() doesn't return
javax.servlet.request.cipher_suite attribute
   Product: Tomcat 4
   Version: 4.1.12
  Platform: Other
OS/Version: Other
Status: NEW
  Severity: Normal
  Priority: Other
 Component: Connector:Coyote HTTP/1.1
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Attribute javax.servlet.request.cipher_suite is set on SSL connections. It 
used to be the case that you could see the name of this attribute when you 
called HttpServletRequest.getAttributeNames(). This no longer happens. Even 
though the attribute has a value, it's name isn't returned when you call 
HttpServletRequest.getAttributeNames(). The following example demonstrates,

import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class AttributesServlet extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse resp) 
throws IOException {
try {
resp.setContentType("text/html");
PrintWriter pw = resp.getWriter();
pw.println
("AttributesServlet");
Enumeration e = req.getAttributeNames();
while(e.hasMoreElements()) {
String s = (String)e.nextElement();
pw.println("" + s + ": " + req.getAttribute
(s) + "");
}

pw.println("" + req.getAttribute
("javax.servlet.request.cipher_suite") + "");

pw.println("");
pw.close();
}
catch(Exception e) {
e.printStackTrace();
}
}
}

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13658] New: - javax.servlet.request.key_size attribute isn't being set

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13658

javax.servlet.request.key_size attribute isn't being set

   Summary: javax.servlet.request.key_size attribute isn't being set
   Product: Tomcat 4
   Version: 4.1.12
  Platform: Other
OS/Version: All
Status: NEW
  Severity: Normal
  Priority: Other
 Component: Connector:Coyote HTTP/1.1
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


Attribute javax.servlet.request.key_size used to be set for SSL connections 
and indicated the encryption key size (e.g. 128) for the SSL connection. This 
attribute is no longer being set. This attribute is useful if you want to make 
sure that clients are using a certain encryption strength.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: MBeanException w/AJP13Connector and (hopefully) itssolution

[Costin Manolache]

Jeff Tulley wrote:

> So I find that works on NetWare with our mod_jk, as you said.  The only
> thing that worries me is that the port value set in server.xml is not
> honored, on Windows or on NetWare.  Is there somewhere else it is pulling
> its configuration from?  I cannot have shifting ajp ports, since I might
> have two catalina instances running simultaneously, and I need to control
> what port Apache sends requests to, so that I can route them right.
> 
> What I saw was that I set the port to 9010, but Catalina still comes up
> with "ajp13 listening on tcp port 8009".  When I fire up the second
> instance of Catalina, it comes up listening on 8010, after unsuccessfully
> trying to get port 8009.  I cannot just use 8009 and 8010, due to both
> port conflicts on NetWare(with 8009), and because I do not want to rely on
> startup order of the two Catalina instances.
> 
> Is this a bug, or is there some part of the design that I'm missing?

Most likely a bug.

The problem is that we're using 2 configs - one is jk2.properties,
and the other is server.xml.

The original intention was that both mod_jk and the java side use the
same config file/format. Xml in C was considered too complex and too
big change. Unfortunately that wasn't implemented, but there is still
hope for 5.0, if the new config mechanism happens.

Regarding 8009, 8010, etc - that can be disabled ( set maxPort==port ),
it is intended to simplify load-balanced setup ( no need for multiple
configs - at least if you disable the shutdown and http ports which may
create conflicts ).

I'm pretty sure that if you set the port in jk2.properties it'll work,
I'll try to find out why the information is not passed from server.xml.
( if you can send a patch - it would be great ).

Regarding jk1/jk2 - the protocol is identical. The java side ( coyote-based) 
is stable for jk2, and it seems much better than the original connector,
so that's the default. The old one can be considered as deprecated. On the
C side, jk2 is getting there - but most people consider jk1 as more stable
and it's the only one to support netscape or aol - we only implemented the 
apache and iis adapters so far for jk2. Hopefully mod_jk2 will be released 
at the same time with 5.0.

We certainly need a mechanism to extend the mbeans.xml for thrid party
and other modules, again - a patch would be great :-)


Costin





--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: MBeanException w/AJP13Connector and (hopefully)itssolution

[Jeff Tulley]

So I find that works on NetWare with our mod_jk, as you said.  The only thing that 
worries me is that the port value set in server.xml is not honored, on Windows or on 
NetWare.  Is there somewhere else it is pulling its configuration from?  I cannot have 
shifting ajp ports, since I might have two catalina instances running simultaneously, 
and I need to control what port Apache sends requests to, so that I can route them 
right.

What I saw was that I set the port to 9010, but Catalina still comes up with "ajp13 
listening on tcp port 8009".  When I fire up the second instance of Catalina, it comes 
up listening on 8010, after unsuccessfully trying to get port 8009.  I cannot just use 
8009 and 8010, due to both port conflicts on NetWare(with 8009), and because I do not 
want to rely on startup order of the two Catalina instances.

Is this a bug, or is there some part of the design that I'm missing?

Jeff Tulley  ([EMAIL PROTECTED])
(801)861-5322
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com

>>> [EMAIL PROTECTED] 10/15/02 9:44:57 AM >>>
So I'm barking up the wrong tree?  I thought somebody had told me that the Coyote JK 2 
connector only worked with mod_jk2.  I'll go play around with the Coyote / mod_jk 
combo on NetWare, and see how it works.

Thanks.

Jeff Tulley  ([EMAIL PROTECTED])
(801)861-5322
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com 

>>> [EMAIL PROTECTED] 10/15/02 1:08:06 AM >>>
Jeff Tulley wrote:
> When I uncomment the AJP13 Connector, I get the following exception on startup:
> ServerLifecycleListener: createMBeans: MBeanException   
> java.lang.Exception: ManagedBean is not found with Ajp13Connector   
> at org.apache.catalina.mbeans.MBeanUtils.createMBean(MBeanUtils.java:225)
>   
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:369)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:777)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:751)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:339)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.lifecycleEvent(ServerLifecycleListener.java:206)
>  
> at 
>org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:166)
>  
> at org.apache.catalina.core.StandardServer.start(StandardServer.java:2182)   
>   
> at org.apache.catalina.startup.Catalina.start(Catalina.java:510)
> at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)  
> at org.apache.catalina.startup.Catalina.process(Catalina.java:180)  
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)  
> at 
>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
>   
> at 
>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
>   
> at java.lang.reflect.Method.invoke(Method.java:324) 
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203) 
> 
> I'm wondering if the fix is simply to add a section into 
>catalina/src/share/o/a/c/mbeans/mbeans-descriptors.xml, describing the AJP 13 
>connector?
> 
> I've attached my naive fix to this, which is to copy the Coyote connector section, 
>removing only the protocolHandler attribute, since that is unique to Coyote(if I'm 
>not mistaken, I very well could be).
> 
> Could I get one of the committers to review this please and submit the change?  We 
>need this for NetWare, which does not have a port of mod_jk2 yet.

Either Coyote JK 2 or the old AJP 1.3 connector can be used with mod_jk 
(that's why the AJP 1.3 connector is deprecated).

Remy


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: Memory Usage

[Shapira, Yoav]

Hi,

>One of my client is trying to use Tomcat Server (3.3.1) with their web
>service products.  One of the challenge we face is the memory/cpu usage
on
>Windows 2000 server.  They currently have IBM Websphere to handle
various
>java servlet and JSP, and memory usage is little pretty high from their
>point of view.  Is there any website or benchmark I can get to see how
>tomcat use cpu/memory usage?  Thanks for your info.

There's a perfect benchmark out there for you, doing exactly what you
need!!!  You can get it by installing tomcat (preferably the latest
stable version, not 3.3.1), installing your app, and benchmarking it
with a tool like JMeter, OptimizeIt, JProbe, wget, the Grinder, or any
other of the many that are out there.

Almost the only benchmark that's significant is the one conducted on
your own app.  Different apps will have wildly different resource
utilizations on the same server, so looking at someone else's benchmarks
for their app on tomcat (or weblogic for that matter, or any other
server), can be wrong if not downright misleading.

Regardless, you should have a load / stress test in place before you
change servers to ensure your new server platform can handle expected
loads...


Yoav Shapira
Millennium ChemInformatics


This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Memory Usage

[John Jang]

Hi,

One of my client is trying to use Tomcat Server (3.3.1) with their web
service products.  One of the challenge we face is the memory/cpu usage on
Windows 2000 server.  They currently have IBM Websphere to handle various
java servlet and JSP, and memory usage is little pretty high from their
point of view.  Is there any website or benchmark I can get to see how
tomcat use cpu/memory usage?  Thanks for your info.

Sincerely,

John.

TC 3.3.x -> TC 4.1.x : more questions (argh)

[Henri Gomez]

Did there is a way to specify a context loading order.

ie :

ROOT, then app1, app2, zorg1, app3 ?

Regards

PS: It's the case in TC 3.3, and settings context in server.xml in 
4.1.12 didn't seems to works, TC 4.1.x loading context in alphabetically
order 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: MBeanException w/AJP13Connector and (hopefully) itssolution

[Jeff Tulley]

So I'm barking up the wrong tree?  I thought somebody had told me that the Coyote JK 2 
connector only worked with mod_jk2.  I'll go play around with the Coyote / mod_jk 
combo on NetWare, and see how it works.

Thanks.

Jeff Tulley  ([EMAIL PROTECTED])
(801)861-5322
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com

>>> [EMAIL PROTECTED] 10/15/02 1:08:06 AM >>>
Jeff Tulley wrote:
> When I uncomment the AJP13 Connector, I get the following exception on startup:
> ServerLifecycleListener: createMBeans: MBeanException   
> java.lang.Exception: ManagedBean is not found with Ajp13Connector   
> at org.apache.catalina.mbeans.MBeanUtils.createMBean(MBeanUtils.java:225)
>   
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:369)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:777)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:751)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.createMBeans(ServerLifecycleListener.java:339)
>
> at 
>org.apache.catalina.mbeans.ServerLifecycleListener.lifecycleEvent(ServerLifecycleListener.java:206)
>  
> at 
>org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:166)
>  
> at org.apache.catalina.core.StandardServer.start(StandardServer.java:2182)   
>   
> at org.apache.catalina.startup.Catalina.start(Catalina.java:510)
> at org.apache.catalina.startup.Catalina.execute(Catalina.java:400)  
> at org.apache.catalina.startup.Catalina.process(Catalina.java:180)  
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)  
> at 
>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
>   
> at 
>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
>   
> at java.lang.reflect.Method.invoke(Method.java:324) 
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:203) 
> 
> I'm wondering if the fix is simply to add a section into 
>catalina/src/share/o/a/c/mbeans/mbeans-descriptors.xml, describing the AJP 13 
>connector?
> 
> I've attached my naive fix to this, which is to copy the Coyote connector section, 
>removing only the protocolHandler attribute, since that is unique to Coyote(if I'm 
>not mistaken, I very well could be).
> 
> Could I get one of the committers to review this please and submit the change?  We 
>need this for NetWare, which does not have a port of mod_jk2 yet.

Either Coyote JK 2 or the old AJP 1.3 connector can be used with mod_jk 
(that's why the AJP 1.3 connector is deprecated).

Remy


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [VOTE] tomcat-commiters list

[Ian Darwin]

> > The list will be closed to commiters only. The main purpose
> > will be discussions of security and other special issues.
> > This should avoid [Cc] threads.
> >
> > The main target should be active commiters - so it should
> > start empty.
> >
> > This is a majority vote.
> >
> > [X ] I agree with the proposal
> > [ ] I don't agree with the proposal


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: SSL client auth in Tomcat 4.0

[Reddy.Thirumal]

Yes, I did it. It worked fine. 

* First, let the clientAuth="false" then try.

If it doesn't work, you might going wrong when generating the certificates
stuff.

Here are the steps:

keytool -genkey -keystore client.keystore -alias client1 

keytool -keystore client.keystore -certreq -file client.csr -alias client1

openssl ca -config /openssl.cnf -in client.csr -out client.pem -keyfile
ca.key

openssl x509 -in client.pem -out client.der -outform DER

keytool -keystore -import -file ca.cert -alias root

keytool -keystore -import -file client.der -alias client1

If you strictly follow these steps, you will be able to get it done.

Please try and let me know the feedback to [EMAIL PROTECTED]

Cheers



-Original Message-
From: jean-frederic clere [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 15, 2002 3:53 PM
To: Tomcat Developers List
Subject: Re: SSL client auth in Tomcat 4.0


Steven Bradley wrote:
> I'm using Tomcat 4.0 standalone on Windows 2000 and am having trouble 
> getting SSL client authentication working (getting SSL server auth 
> working was a snap).  Here's what I've done so far:
> 
> * created a self-signed client cert using openSSL (key usage includes 
> digital signature)
> * imported client cert (and private key) into Internet Explorer (by way 
> of a PKCS#12 file)
> * imported the Tomcat JKS file with the client certificate

CA file?

> * configure tomcat server.xml file as follows:
> 
> port="443"
>minProcessors="5"
>maxProcessors="75"
>enableLookups="true"
>   acceptCount="10"
>   debug="0"
>   scheme="https"
>   secure="true">
> clientAuth="true"
>   keystoreFile="conf/server.keystore"
>   keystorePass="password"
>protocol="TLS"/>
> 
> 
> * stop/start tomcat
> * point IE browser to https://localhost/index.html
> 
> What IE tells me is that the page can't be displayed (after some 
> handshaking attempts).  Unfortunately, there is no log info generated 
> (even if I increase the debug param in the  element).

Try with Mozilla or with openssl (something like: openssl s_client -port
8443 
-host localhost).
Does it work when clientAuth="false"?

> 
> Any clues as to what I may be doing wrong?  Has ANYONE been able to get 
> SSL client authentication working with Tomcat 4.0 standalone (Catalina).

Sure I tested it... It worked ok.
Make sure the CA that has signed your certificates is in the CA file 
($JAVA_HOME/jre/lib/security/cacerts or something).

> 
> Thanks in advance
> -- Steven
> 
> 
> -- 
> To unsubscribe, e-mail:   
> 
> For additional commands, e-mail: 
> 
> 
> 




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 


* ** *** ** * ** *** ** * ** *** ** *
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. 
Any views or opinions presented are solely those of the author, and do not necessarily
represent those of ESB. 
If you have received this email in error please notify the sender.

Although ESB scans e-mail and attachments for viruses, it does not guarantee
that either are virus-free and accepts no liability for any damage sustained
as a result of viruses.

* ** *** ** * ** *** ** * ** *** ** *

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: SSL client auth in Tomcat 4.0

[jean-frederic clere]

Steven Bradley wrote:
> I'm using Tomcat 4.0 standalone on Windows 2000 and am having trouble 
> getting SSL client authentication working (getting SSL server auth 
> working was a snap).  Here's what I've done so far:
> 
> * created a self-signed client cert using openSSL (key usage includes 
> digital signature)
> * imported client cert (and private key) into Internet Explorer (by way 
> of a PKCS#12 file)
> * imported the Tomcat JKS file with the client certificate

CA file?

> * configure tomcat server.xml file as follows:
> 
> port="443"
>minProcessors="5"
>maxProcessors="75"
>enableLookups="true"
>   acceptCount="10"
>   debug="0"
>   scheme="https"
>   secure="true">
> clientAuth="true"
>   keystoreFile="conf/server.keystore"
>   keystorePass="password"
>protocol="TLS"/>
> 
> 
> * stop/start tomcat
> * point IE browser to https://localhost/index.html
> 
> What IE tells me is that the page can't be displayed (after some 
> handshaking attempts).  Unfortunately, there is no log info generated 
> (even if I increase the debug param in the  element).

Try with Mozilla or with openssl (something like: openssl s_client -port 8443 
-host localhost).
Does it work when clientAuth="false"?

> 
> Any clues as to what I may be doing wrong?  Has ANYONE been able to get 
> SSL client authentication working with Tomcat 4.0 standalone (Catalina).

Sure I tested it... It worked ok.
Make sure the CA that has signed your certificates is in the CA file 
($JAVA_HOME/jre/lib/security/cacerts or something).

> 
> Thanks in advance
> -- Steven
> 
> 
> -- 
> To unsubscribe, e-mail:   
> 
> For additional commands, e-mail: 
> 
> 
> 




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/conf jk2.properties

[mturk]

mturk   2002/10/15 07:04:16

  Modified:jk/conf  jk2.properties
  Log:
  Add the handler.list option example
  
  Revision  ChangesPath
  1.11  +3 -0  jakarta-tomcat-connectors/jk/conf/jk2.properties
  
  Index: jk2.properties
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/conf/jk2.properties,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- jk2.properties16 Aug 2002 08:20:28 -  1.10
  +++ jk2.properties15 Oct 2002 14:04:15 -  1.11
  @@ -5,6 +5,9 @@
   
   ## DOCUMENTATION OF THE FORMAT IN JkMain javadoc.
   
  +# Set the desired handler list
  +# handler.list=apr,request,channelJni
  +#
   # Override the default port for the socketChannel
   # channelSocket.port=8019
   # Default: 
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/conf workers2.properties

[mturk]

mturk   2002/10/15 07:02:08

  Modified:jk/conf  workers2.properties
  Log:
  Add the classpath option to the vm:
  
  Revision  ChangesPath
  1.18  +2 -1  jakarta-tomcat-connectors/jk/conf/workers2.properties
  
  Index: workers2.properties
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/conf/workers2.properties,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- workers2.properties   27 Sep 2002 13:05:11 -  1.17
  +++ workers2.properties   15 Oct 2002 14:02:08 -  1.18
  @@ -68,7 +68,8 @@
   [vm:]
   info=Parameters used to load a JVM in the server process
   #JVM=C:\jdk\jre\bin\hotspot\jvm.dll
  
-OPT=-Djava.class.path=${TOMCAT_HOME}/bin/tomcat-jni.jar;${TOMCAT_HOME}/server/lib/commons-logging.jar
  +classpath=${TOMCAT_HOME}/bin/tomcat-jni.jar
  +classpath=${TOMCAT_HOME}/server/lib/commons-logging.jar
   OPT=-Dtomcat.home=${TOMCAT_HOME}
   OPT=-Dcatalina.home=${TOMCAT_HOME}
   OPT=-Xmx128M
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/xdocs/jk2 configwebcom.xml

[mturk]

mturk   2002/10/15 07:00:11

  Modified:jk/xdocs/jk2 configwebcom.xml
  Log:
  Add the classpath option to the vm:
  
  Revision  ChangesPath
  1.3   +6 -1  jakarta-tomcat-connectors/jk/xdocs/jk2/configwebcom.xml
  
  Index: configwebcom.xml
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/xdocs/jk2/configwebcom.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- configwebcom.xml  3 Oct 2002 16:57:49 -   1.2
  +++ configwebcom.xml  15 Oct 2002 14:00:11 -  1.3
  @@ -190,6 +190,11 @@
   
   Option to pass to this vm, this is a multivalued 
property
   
  +
  +classpath
  +
  +-Djava.class.path 0ption to pass to this vm, this is a 
multivalued property
  +
   
   
   
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_vm_default.c

[mturk]

mturk   2002/10/15 06:59:49

  Modified:jk/native2/common jk_vm_default.c
  Log:
  Add the classpath option to the vm:
  
  Revision  ChangesPath
  1.22  +35 -9 jakarta-tomcat-connectors/jk/native2/common/jk_vm_default.c
  
  Index: jk_vm_default.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_vm_default.c,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- jk_vm_default.c   8 Jul 2002 13:35:02 -   1.21
  +++ jk_vm_default.c   15 Oct 2002 13:59:49 -  1.22
  @@ -424,10 +424,11 @@
   jk_map_t *props=jkvm->properties;
   JavaVMInitArgs vm_args;
   JNIEnv *penv;
  -JavaVMOption options[100];
  +JavaVMOption options[JK2_MAXOPTIONS * 2];
   JavaVM *jvm;
  -int optn = 0, err;
  -
  +int optn = 0, err, classn = 0, classl = 0, i;
  +char *classpath = NULL;
  +
   /** Make sure we have the vm dll */
   if( jkvm->jvm_dll_path ==NULL ||
   ! jk2_file_exists(env, jkvm->jvm_dll_path )) {
  @@ -486,14 +487,32 @@
   
   vm_args.version = JNI_VERSION_1_2;
   vm_args.options = options;
  -
  +for (classn = 0; classn < jkvm->nClasspath; classn++)
  +classl += strlen(jkvm->classpath[classn]);
  +if (classl) {
  +classpath = jkvm->pool->calloc(env, jkvm->pool, 
  +   classl + classn + 
sizeof("-Djava.class.path="));
  +strcpy(classpath, "-Djava.class.path=");
  +strcat(classpath, jkvm->classpath[0]);
  +for (i = 1; i < classn; i++) {
  +strcat(classpath, ";");
  +strcat(classpath, jkvm->classpath[i]);
  +}
  +}
   while(jkvm->options[optn]) {
  -env->l->jkLog(env, env->l, JK_LOG_INFO,
  -  "vm.openJvm2() Option: %s\n", jkvm->options[optn]);
  +if (jkvm->mbean->debug > 1)
  +env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  +  "vm.openJvm2() Option: %s\n", jkvm->options[optn]);
   /* Pass it "as is" */
   options[optn].optionString = jkvm->options[optn];
   optn++;
   }
  +if (classpath) {
  +if (jkvm->mbean->debug > 1)
  +env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  +  "vm.openJvm2() Classpath: %s\n", classpath);
  +options[optn++].optionString = classpath;
  +}
   
   vm_args.nOptions = optn;
   
  @@ -557,10 +576,18 @@
   char *value=valueP;
   
   if( strcmp( name, "OPT" )==0 ) {
  -jkvm->options[jkvm->nOptions]=value;
  -jkvm->nOptions++;
  +if (jkvm->nOptions < JK2_MAXOPTIONS) {
  +jkvm->options[jkvm->nOptions]=value;
  +jkvm->nOptions++;
  +}
   } else if( strcmp( name, "JVM" )==0 ) {
   jkvm->jvm_dll_path=value;
  +}
  +else if( strcmp( name, "classpath" )==0 ) {
  +if (jkvm->nClasspath < JK2_MAXOPTIONS) {
  +jkvm->classpath[jkvm->nClasspath]=value;
  +jkvm->nClasspath++;
  +}
   } else {
   return JK_ERR;
   }
  @@ -580,7 +607,6 @@
   jkvm->pool=pool;
   
   jkvm->jvm_dll_path = NULL;
  -jkvm->options = pool->calloc( env, pool, 64 * sizeof( char *));
   jkvm->nOptions =0;
   
   jkvm->init=jk2_vm_initVM;
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/include jk_vm.h

[mturk]

mturk   2002/10/15 06:59:29

  Modified:jk/native2/include jk_vm.h
  Log:
  Add the classpath option to the vm:
  
  Revision  ChangesPath
  1.5   +8 -1  jakarta-tomcat-connectors/jk/native2/include/jk_vm.h
  
  Index: jk_vm.h
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/include/jk_vm.h,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- jk_vm.h   1 Jul 2002 15:42:52 -   1.4
  +++ jk_vm.h   15 Oct 2002 13:59:28 -  1.5
  @@ -70,6 +70,7 @@
   #include "jk_service.h"
   #include "jk_map.h"
   
  +#define JK2_MAXOPTIONS  64
   struct jk_vm {
   struct jk_bean *mbean;
   
  @@ -91,10 +92,16 @@
   /*
* All initialization options
*/
  -char **options;
  +char *options[JK2_MAXOPTIONS];
  +
  +/*
  + * -Djava.class.path options
  + */
  +char *classpath[JK2_MAXOPTIONS];
   
   int nOptions;
   
  +int nClasspath;
   /** Create the VM, attach - don't execute anything
*/
   int (*init)(struct jk_env *env, struct jk_vm *p );
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [VOTE] tomcat-commiters list

[Glenn Nielsen]

Costin Manolache wrote:
> I would like to propose a new mailing list.
> 
> The list will be closed to commiters only. The main purpose 
> will be discussions of security and other special issues.
> This should avoid [Cc] threads.
> 
> The main target should be active commiters - so it should
> start empty. 
> 
> This is a majority vote.
> 
> [X] I agree with the proposal
> [ ] I don't agree with the proposal
> 

Glenn


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2 CHANGES.txt

[mturk]

mturk   2002/10/15 06:00:49

  Modified:jk/native2 CHANGES.txt
  Log:
  Feel free to add the non-listed changes
  
  Revision  ChangesPath
  1.2   +11 -1 jakarta-tomcat-connectors/jk/native2/CHANGES.txt
  
  Index: CHANGES.txt
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/CHANGES.txt,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- CHANGES.txt   6 Oct 2002 07:52:27 -   1.1
  +++ CHANGES.txt   15 Oct 2002 13:00:49 -  1.2
  @@ -1,6 +1,16 @@
   JAKARTA TOMCAT CONNECTORS 2 (JK2) CHANGELOG: -*-text-*-
   Last modified at [$Date$]
   
  +Changes with JK2 2.0.2:
  +* Add the hostMap cache
  +  [Mladen Turk] 
  +* Allow the lb:name scheme inside the [channel.xxx]
  +  [Mladen Turk]
  +* Duplicate all global directives on each vhost that has inheritGlobals set.
  +  Directives   are   created   using   createBean   only   if   not   found.
  +  Beside directives, the webapps are duplicated to.
  +  [Mladen Turk]
  +  
   Changes with JK2 2.0.1:
   
   * Tentative fix for 12346.
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_uriMap.c

[mturk]

mturk   2002/10/15 05:27:56

  Modified:jk/native2/common jk_uriMap.c
  Log:
  Not my day... (I'll need to clean some things localy ;)
  
  Revision  ChangesPath
  1.55  +2 -2  jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c
  
  Index: jk_uriMap.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c,v
  retrieving revision 1.54
  retrieving revision 1.55
  diff -u -r1.54 -r1.55
  --- jk_uriMap.c   15 Oct 2002 12:23:23 -  1.54
  +++ jk_uriMap.c   15 Oct 2002 12:27:56 -  1.55
  @@ -801,7 +801,7 @@
   if (!vhost)
   vhost = "*";
   sprintf(key, "%s:%d", vhost, port);
  -return uriMap->vhcache->get(env, uriMap->vhosts, key);
  +return uriMap->vhcache->get(env, uriMap->vhcache, key);
   }
   
   static void jk2_uriMap_addHostCache(jk_env_t *env, jk_uriMap_t *uriMap,
  @@ -815,7 +815,7 @@
   key = uriMap->pool->calloc(env, uriMap->pool, strlen(vhost) + 8); 
   
   sprintf(key, "%s:%d", vhost, port);
  -uriMap->vhcache->add(env, uriMap->vhosts, key, hostEnv);
  +uriMap->vhcache->add(env, uriMap->vhcache, key, hostEnv);
   }
   
   static jk_uriEnv_t *jk2_uriMap_mapUri(jk_env_t *env, jk_uriMap_t *uriMap,
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_uriMap.c

[mturk]

mturk   2002/10/15 05:23:23

  Modified:jk/native2/common jk_uriMap.c
  Log:
  Ooops, the wrong repository (forgot the key)
  
  Revision  ChangesPath
  1.54  +1 -0  jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c
  
  Index: jk_uriMap.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c,v
  retrieving revision 1.53
  retrieving revision 1.54
  diff -u -r1.53 -r1.54
  --- jk_uriMap.c   15 Oct 2002 12:18:34 -  1.53
  +++ jk_uriMap.c   15 Oct 2002 12:23:23 -  1.54
  @@ -800,6 +800,7 @@
   return uriMap->vhosts->get(env, uriMap->vhosts, "*");
   if (!vhost)
   vhost = "*";
  +sprintf(key, "%s:%d", vhost, port);
   return uriMap->vhcache->get(env, uriMap->vhosts, key);
   }
   
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13606] - Compiler not thread safe

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13606

Compiler not thread safe





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 12:20 ---
I believe to key to recreating this is to have a jsp page that takes a while to 
compile.  I am trying to make one that will recreate it most of the time (I 
have recreated it outside of our application, but only one out of every 60 or 
so tries).  I hope to be able to send a test case this afternoon.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_uriMap.c

[mturk]

mturk   2002/10/15 05:18:35

  Modified:jk/native2/common jk_uriMap.c
  Log:
  Add host map cache.
  There is no need to map the host when already evaluated.
  On first didtinctive hostMap the found hostEnv is stored to the cache.
  Later it is accesed from the cache skipping lengthy hostMap processing.
  
  Revision  ChangesPath
  1.53  +44 -8 jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c
  
  Index: jk_uriMap.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_uriMap.c,v
  retrieving revision 1.52
  retrieving revision 1.53
  diff -u -r1.52 -r1.53
  --- jk_uriMap.c   13 Oct 2002 07:41:47 -  1.52
  +++ jk_uriMap.c   15 Oct 2002 12:18:34 -  1.53
  @@ -427,7 +427,8 @@
   jk_uriEnv_t *ctxEnv;
   
   env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  -  "uriMap: fix uri %s context %s\n", uriEnv->uri, 
uriEnv->contextPath );
  +  "uriMap: fix uri %s context %s host %s\n", 
uriEnv->uri, 
  +  uriEnv->contextPath, hostEnv->virtual);
   if (context == NULL) {
   if (  uriMap->mbean->debug > 5) 
   env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  @@ -790,6 +791,32 @@
   
   #define SAFE_URI_SIZE 8192
   
  +static jk_uriEnv_t *jk2_uriMap_getHostCache(jk_env_t *env, jk_uriMap_t *uriMap,
  +const char *vhost, int port)
  +{
  +char key[1024];
  +
  +if (!vhost && !port)
  +return uriMap->vhosts->get(env, uriMap->vhosts, "*");
  +if (!vhost)
  +vhost = "*";
  +return uriMap->vhcache->get(env, uriMap->vhosts, key);
  +}
  +
  +static void jk2_uriMap_addHostCache(jk_env_t *env, jk_uriMap_t *uriMap,
  +const char *vhost, int port,
  +jk_uriEnv_t *hostEnv)
  +{
  +char *key;
  +
  +if (!vhost)
  +vhost = "*";
  +key = uriMap->pool->calloc(env, uriMap->pool, strlen(vhost) + 8); 
  +
  +sprintf(key, "%s:%d", vhost, port);
  +uriMap->vhcache->add(env, uriMap->vhosts, key, hostEnv);
  +}
  +
   static jk_uriEnv_t *jk2_uriMap_mapUri(jk_env_t *env, jk_uriMap_t *uriMap,
 const char *vhost, int port,
 const char *uri)
  @@ -826,15 +853,23 @@
 "uriMap.mapUri() uri must start with /\n");
   return NULL;
   }
  -hostEnv = jk2_uriMap_hostMap(env, uriMap, vhost, port);
  +
  +hostEnv = jk2_uriMap_getHostCache(env, uriMap, vhost, port);
   if (!hostEnv) {
  -env->l->jkLog(env, env->l, JK_LOG_INFO,
  -  "uriMap.mapUri() cannot find host %s/\n", vhost);
  -return NULL;
  +hostEnv = jk2_uriMap_hostMap(env, uriMap, vhost, port);
  +if (!hostEnv) {
  +env->l->jkLog(env, env->l, JK_LOG_INFO,
  +  "uriMap.mapUri() cannot find host %s/\n", vhost);
  +return NULL;
  +}
  +if (uriMap->mbean->debug > 1)
  +env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  +  "uriMap.mapUri() caching host %s\n", hostEnv->virtual);   
 
  +jk2_uriMap_addHostCache(env, uriMap, vhost, port, hostEnv);
   }
  -if (uriMap->mbean->debug > 1)
  -env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  -  "uriMap.mapUri() found host %s\n", hostEnv->virtual);
  +else if (uriMap->mbean->debug > 1)
  + env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  +   "uriMap.mapUri() found host %s\n", hostEnv->virtual);
   
   url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER);
   
  @@ -953,6 +988,7 @@
   
   jk2_map_default_create(env, &uriMap->maps, pool);
   jk2_map_default_create(env, &uriMap->vhosts, pool);
  +jk2_map_default_create(env, &uriMap->vhcache, pool);
   
   uriMap->init = jk2_uriMap_init;
   uriMap->destroy = jk2_uriMap_destroy;
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/include jk_uriMap.h

[mturk]

mturk   2002/10/15 05:15:51

  Modified:jk/native2/include jk_uriMap.h
  Log:
  Add host map cache.
  
  Revision  ChangesPath
  1.17  +6 -1  jakarta-tomcat-connectors/jk/native2/include/jk_uriMap.h
  
  Index: jk_uriMap.h
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/include/jk_uriMap.h,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- jk_uriMap.h   23 Sep 2002 17:36:25 -  1.16
  +++ jk_uriMap.h   15 Oct 2002 12:15:51 -  1.17
  @@ -109,7 +109,12 @@
* level.
*/
   struct jk_map *vhosts;
  -
  +
  +/* Virtual host map cache. Once processed the mapped host
  + * will be cached for performance reasons.
  + */
  +struct jk_map *vhcache;
  +
   /* -- Methods -- */
   
   /** Initialize the map. This should be called after all workers
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: [VOTE] tomcat-commiters list

[Larry Isaacs]

> -Original Message-
> From: Costin Manolache [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, October 14, 2002 1:24 PM
> To: [EMAIL PROTECTED]
> Subject: [VOTE] tomcat-commiters list
> 
> 
> I would like to propose a new mailing list.
> 
> The list will be closed to commiters only. The main purpose 
> will be discussions of security and other special issues.
> This should avoid [Cc] threads.
> 
> The main target should be active commiters - so it should
> start empty. 
> 
> This is a majority vote.
> 
> [X] I agree with the proposal
> [ ] I don't agree with the proposal
> 

Larry

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [VOTE] tomcat-commiters list

[Bob Schulze]

[X] I agree with the proposal
[ ] I don't agree with the proposal

Fine for another non-committer.
PLS cont. to read the dev list too ;-)

Bob

Costin Manolache wrote:
> I would like to propose a new mailing list.
> 
> The list will be closed to commiters only. The main purpose 
> will be discussions of security and other special issues.
> This should avoid [Cc] threads.
> 
> The main target should be active commiters - so it should
> start empty. 
> 
> This is a majority vote.
> 
> [ ] I agree with the proposal
> [ ] I don't agree with the proposal
> 



--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [PATCH] catalina.sh and cygwin

[Henri Gomez]

Peter Romianowski wrote:
> Hi,
> 
>   I proposed this patch before without any notice. No problem at all,
> you all seem very busy. But I got several people asking for help
> regarding this issue, so I resend the patch.
> 
>   The problem is, that catalina.sh does not translate the
> $CATALINA_TMPDIR
> path to cygwin-path resulting tomcat in throwing these nasty
> "ContextConfig[] Exception processing JAR at resource path" -
> Exceptions.
> 
>   Here's a patch for that (against the 4.1.12 RELEASE)
> 
> --- catalina_orig.sh  2002-09-23 11:23:00.0 +0200
> +++ catalina.sh   2002-09-27 20:38:36.0 +0200
> @@ -101,6 +101,7 @@
>CATALINA_HOME=`cygpath --path --windows "$CATALINA_HOME"`
>CATALINA_BASE=`cygpath --path --windows "$CATALINA_BASE"`
>CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
> +  CATALINA_TMPDIR=`cygpath --path --windows "$CATALINA_TMPDIR"`
>JSSE_HOME=`cygpath --path --windows "$JSSE_HOME"`
>  fi

Applied, thanks




--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-4.0/catalina/src/bin catalina.sh

[hgomez]

hgomez  2002/10/15 03:31:21

  Modified:catalina/src/bin catalina.sh
  Log:
  Fix $CATALINA_TMPDIR in Cygwin, submitted by Peter Romianowski
  
  Revision  ChangesPath
  1.32  +2 -1  jakarta-tomcat-4.0/catalina/src/bin/catalina.sh
  
  Index: catalina.sh
  ===
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/bin/catalina.sh,v
  retrieving revision 1.31
  retrieving revision 1.32
  diff -u -r1.31 -r1.32
  --- catalina.sh   18 Jul 2002 07:44:22 -  1.31
  +++ catalina.sh   15 Oct 2002 10:31:21 -  1.32
  @@ -100,6 +100,7 @@
 JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
 CATALINA_HOME=`cygpath --path --windows "$CATALINA_HOME"`
 CATALINA_BASE=`cygpath --path --windows "$CATALINA_BASE"`
  +  CATALINA_TMPDIR=`cygpath --path --windows "$CATALINA_TMPDIR"`
 CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
 JSSE_HOME=`cygpath --path --windows "$JSSE_HOME"`
   fi
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

RE: [VOTE] tomcat-commiters list

[Reddy.Thirumal]

I agree with the proposal



* ** *** ** * ** *** ** * ** *** ** *
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. 
Any views or opinions presented are solely those of the author, and do not necessarily
represent those of ESB. 
If you have received this email in error please notify the sender.

Although ESB scans e-mail and attachments for viruses, it does not guarantee
that either are virus-free and accepts no liability for any damage sustained
as a result of viruses.

* ** *** ** * ** *** ** * ** *** ** *

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [VOTE] tomcat-commiters list

[Henri Gomez]

Costin Manolache wrote:
> I would like to propose a new mailing list.
> 
> The list will be closed to commiters only. The main purpose 
> will be discussions of security and other special issues.
> This should avoid [Cc] threads.
> 
> The main target should be active commiters - so it should
> start empty. 
> 
> This is a majority vote.
> 
> [ ] I agree with the proposal
> [ ] I don't agree with the proposal

I agree if it cover only discussions about security, but
discussions and features should stay in tomcat-dev.






--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

cvs commit: jakarta-tomcat-connectors/jk/native2/common jk_worker_ajp13.c

[mturk]

mturk   2002/10/15 02:38:29

  Modified:jk/native2/common jk_worker_ajp13.c
  Log:
  Fix group (lb) processing for channels, allowing the lb:name syntax.
  This prevents making lb:lb:name for such situations.
  
  Revision  ChangesPath
  1.40  +30 -11jakarta-tomcat-connectors/jk/native2/common/jk_worker_ajp13.c
  
  Index: jk_worker_ajp13.c
  ===
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_worker_ajp13.c,v
  retrieving revision 1.39
  retrieving revision 1.40
  diff -u -r1.39 -r1.40
  --- jk_worker_ajp13.c 4 Oct 2002 20:29:19 -   1.39
  +++ jk_worker_ajp13.c 15 Oct 2002 09:38:29 -  1.40
  @@ -740,19 +740,38 @@
   env->l->jkLog(env, env->l, JK_LOG_DEBUG,
 "ajp13.init(): Adding %s to %s\n",
 ajp13->mbean->localName, name);
  -lb= env->getByName2( env, "lb", name );
  -if( lb==NULL ) {
  -/* Create the lb group */
  -if( ajp13->mbean->debug > 0 ) 
  -env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  -  "ajp13.init(): Automatically creating the group 
%s\n",
  -  name);
  -env->createBean2( env, ajp13->workerEnv->mbean->pool, "lb", name );
  +if (strncmp(name, "lb:", 3) == 0) {
  +lb= env->getByName( env, name );
  +if( lb==NULL ) {
  +/* Create the lb group */
  +if( ajp13->mbean->debug > 0 ) 
  +env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  +  "ajp13.init(): Automatically creating the 
group %s\n",
  +  name);
  +env->createBean( env, ajp13->workerEnv->mbean->pool, name );
  +lb= env->getByName( env, name );
  +if( lb==NULL ) {
  +env->l->jkLog(env, env->l, JK_LOG_ERROR,
  +  "ajp13.init(): Failed to create %s\n", name);
  +return JK_ERR;
  +}
  +}
  +}
  +else {
   lb= env->getByName2( env, "lb", name );
   if( lb==NULL ) {
  -env->l->jkLog(env, env->l, JK_LOG_ERROR,
  -  "ajp13.init(): Failed to create %s\n", name);
  -return JK_ERR;
  +/* Create the lb group */
  +if( ajp13->mbean->debug > 0 ) 
  +env->l->jkLog(env, env->l, JK_LOG_DEBUG,
  +  "ajp13.init(): Automatically creating the 
group %s\n",
  +  name);
  +env->createBean2( env, ajp13->workerEnv->mbean->pool, "lb", 
name );
  +lb= env->getByName2( env, "lb", name );
  +if( lb==NULL ) {
  +env->l->jkLog(env, env->l, JK_LOG_ERROR,
  +  "ajp13.init(): Failed to create %s\n", name);
  +return JK_ERR;
  +}
   }
   }
   lb->mbean->setAttribute(env, lb->mbean, "worker",
  
  
  

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

DO NOT REPLY [Bug 13606] - Compiler not thread safe

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13606

Compiler not thread safe





--- Additional Comments From [EMAIL PROTECTED]  2002-10-15 08:56 ---
The sync on javac.execute is useless in that case, as there's already an
equivalent syncing made on javac.compile.
I'll try to reproduce the bug using a frameset.

--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

SSL client auth in Tomcat 4.0

[Steven Bradley]

I'm using Tomcat 4.0 standalone on Windows 2000 and am having trouble 
getting SSL client authentication working (getting SSL server auth working 
was a snap).  Here's what I've done so far:

* created a self-signed client cert using openSSL (key usage includes 
digital signature)
* imported client cert (and private key) into Internet Explorer (by way of 
a PKCS#12 file)
* imported the Tomcat JKS file with the client certificate
* configure tomcat server.xml file as follows:

 

 

* stop/start tomcat
* point IE browser to https://localhost/index.html

What IE tells me is that the page can't be displayed (after some 
handshaking attempts).  Unfortunately, there is no log info generated (even 
if I increase the debug param in the  element).

Any clues as to what I may be doing wrong?  Has ANYONE been able to get SSL 
client authentication working with Tomcat 4.0 standalone (Catalina).

Thanks in advance
-- Steven


--
To unsubscribe, e-mail:   
For additional commands, e-mail: