Author: rjung Date: Tue Oct 28 14:44:08 2008 New Revision: 708686 URL: http://svn.apache.org/viewvc?rev=708686&view=rev Log: Add news page for 2008 and update front page for 1.2.27.
Added: tomcat/connectors/trunk/jk/xdocs/news/20081001.xml (with props) Modified: tomcat/connectors/trunk/jk/xdocs/index.xml Modified: tomcat/connectors/trunk/jk/xdocs/index.xml URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/index.xml?rev=708686&r1=708685&r2=708686&view=diff ============================================================================== --- tomcat/connectors/trunk/jk/xdocs/index.xml (original) +++ tomcat/connectors/trunk/jk/xdocs/index.xml Tue Oct 28 14:44:08 2008 @@ -45,6 +45,16 @@ <section name="Headlines"> <br /> <ul> +<li><a href="news/20081001.html#28 October - JK-1.2.27 released">28 October 2008 - <b>JK-1.2.27 released</b></a> +<p>The Apache Tomcat team is proud to announce the immediate availability +of Tomcat Connectors 1.2.27 Stable. This release contains interesting <a href="news/20081001.html#28 October - JK-1.2.27 released">improvements</a>. +</p> +<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.27/tomcat-connectors-1.2.27-src.tar.gz">JK 1.2.27 release sources</a> + | <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.27/tomcat-connectors-1.2.27-src.tar.gz.asc">PGP signature</a> +</p> +<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. +</p> +</li> <li><a href="news/20070301.html#20071221.1">21 December 2007 - <b>JK-1.2.26 released</b></a> <p>The Apache Tomcat team is proud to announce the immediate availability of Tomcat Connectors 1.2.26 Stable. @@ -65,106 +75,6 @@ <p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. </p> </li> -<li><a href="news/20070301.html#20070727.1">27 July 2007 - <b>JK-1.2.24 released</b></a> -<p><b>This release has been withdrawn.</b> -</p> -</li> -<li><a href="news/20070301.html#20070518.1">18 May 2007 - <b>JK-1.2.23 released</b></a> -<p>The Apache Tomcat team is proud to announce the immediate availability -of Tomcat Connectors 1.2.23 Stable. -</p> -<p>This version addresses the security flaw: -<br /> -<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860"><b>CVE-2007-1860</b></a> -A double encoded ".." in a URL can be used to access URLs on the AJP backend, -for which no mod_jk forwarding rule exists (patch for CVE-2007-0450 was insufficient). -</p><p> -This version fixes the problem by using ForwardURICompatUnparsed -as the default for the forwarding JkOption. -You can similarly fix the problem for all previous versions of mod_jk by setting -"JkOption ForwardURICompatUnparsed". -If you upgrade to version 1.2.23 please ensure, that you do not have -a different forwarding option in your existing configuration. -We highly recommend, that you are consulting the -<a href="reference/apache.html#Forwarding">forwarding documentation</a>, -especially concerning the implications for interaction with mod_rewrite. -</p><p> -Please note that this issue only affects configurations, -which use a prefix forwarding rule like "/myapp/*" or "/myapp/*.jsp" -to restrict access to the context "/myapp". The issue will allow -malicious URLs to reach "/otherapp" or "/otherapp/*.jsp" as well. -</p><p> -The Tomcat Project thanks Kazu Nambo for his responsible reporting of this -vulnerability. -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.23/tomcat-connectors-1.2.23-src.tar.gz">JK 1.2.23 release sources</a> - | <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.23/tomcat-connectors-1.2.23-src.tar.gz.asc">PGP signature</a> -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. -</p> -</li> -<li><a href="news/20070301.html#20070417.1">17 April 2007 - <b>JK-1.2.22 released</b></a> -<p>The Apache Tomcat team is proud to announce the immediate availability -of Tomcat Connectors 1.2.22 Stable. -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.22/tomcat-connectors-1.2.22-src.tar.gz">JK 1.2.22 release sources</a> - | <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.22/tomcat-connectors-1.2.22-src.tar.gz.asc">PGP signature</a> -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. -</p> -</li> -<li><a href="news/20070301.html#20070301.1">1 March 2007 - <b>JK-1.2.21 released</b></a> -<p>The Apache Tomcat team is proud to announce the immediate availability -of Tomcat Connectors 1.2.21 Stable. -</p> -<p>This version addresses the security flaw: -<br /> -<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774"><b>CVE-2007-0774</b></a> -A Long URL Stack Overflow Vulnerability exists in the URI handler for the mod_jk library. -When parsing a long URL request, the URI worker map routine performs an -unsafe memory copy. This results in a stack overflow condition which can -be leveraged execute arbitrary code. -</p><p> -Please note this issue only affected versions 1.2.19 and 1.2.20 of the -JK Apache Tomcat Connector and not previous versions. -Tomcat 5.5.20 and Tomcat 4.1.34 -included a vulnerable version in their source packages. -<strong>No </strong>other source code releases <strong> and no binary packages</strong> -of Tomcat were affected. -</p><p> -The Apache Tomcat project recommends that all users who have built mod_jk from source apply the patch or upgrade to the latest level and rebuild. Providers of mod_jk-based modules in pre-compiled form will be able to determine if this vulnerability applies to their builds. That determination has no bearing on any other builds of mod_jk, and mod_jk users are urged to exercise caution and apply patches or upgrade unless they have specific instructions from the provider of their module. -</p><p> -The Tomcat Project thanks an anonymous researcher working with -TippingPoint (www.tippingpoint.com) and the Zero Day Initiative -(www.zerodayintiative.com) for their responsible reporting of this -vulnerability. -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.21/tomcat-connectors-1.2.21-src.tar.gz">JK 1.2.21 release sources</a> - | <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.21/tomcat-connectors-1.2.21-src.tar.gz.asc">PGP signature</a> -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. -</p> -</li> -<li><a href="news/20060101.html#20061210.1">10 December 2006 - <b>JK-1.2.20 released</b></a> -<p>The Apache Tomcat team is proud to announce the immediate availability -of Tomcat Connectors 1.2.20 Stable. -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.20/tomcat-connectors-1.2.20-src.tar.gz">JK 1.2.20 release sources</a> - | <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.20/tomcat-connectors-1.2.20-src.tar.gz.asc">PGP signature</a> -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. -</p> -</li> -<li><a href="news/20060101.html#20060917.1">17 September 2006 - <b>JK-1.2.19 released</b></a> -<p>The Apache Tomcat team is proud to announce the immediate availability -of Tomcat Connectors 1.2.19 Stable. -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.19/tomcat-connectors-1.2.19-src.tar.gz">JK 1.2.19 release sources</a> - | <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.19/tomcat-connectors-1.2.19-src.tar.gz.asc">PGP signature</a> -</p> -<p>Download the <a href="http://www.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/">binaries</a> for selected platforms. -</p> -</li> </ul> </section> Added: tomcat/connectors/trunk/jk/xdocs/news/20081001.xml URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/news/20081001.xml?rev=708686&view=auto ============================================================================== --- tomcat/connectors/trunk/jk/xdocs/news/20081001.xml (added) +++ tomcat/connectors/trunk/jk/xdocs/news/20081001.xml Tue Oct 28 14:44:08 2008 @@ -0,0 +1,188 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!DOCTYPE document [ + <!ENTITY project SYSTEM "project.xml"> +]> +<document url="20081001.html"> + + &project; + + <properties> + <author email="dev.AT.tomcat.DOT.apache.DOT.org">Apache Tomcat Connectors Project</author> + <title>2008 News and Status</title> + </properties> + +<body> + +<section name="2008 News & Status"> +<br /> +<subsection name="28 October - JK-1.2.27 released"> +<a name="20081028.1"></a> +<br /> +<p>The Apache Tomcat team is proud to announce the immediate availability +of Tomcat Connectors 1.2.27. This is a stable release adding lots of new features +and some bug fixes. +</p><p> + Please see the <a href="../miscellaneous/changelog.html">ChangeLog</a> for a full list of changes. +</p> +<p>If you find any bugs while using this release, please fill in the +<a href="https://issues.apache.org/bugzilla/enter_bug.cgi?product=Tomcat%20Connectors">Bugzilla</a> +Bug Report. +</p> +<p> +The most important new features in this version are: +</p> +<h3>Watchdog Thread for Periodic Tasks</h3> +<p> +The connector has to run some periodic tasks independant of +request processing. Examples are probing or closing down idle backend +connections, adjusting load numbers and recovering workers from error state. +</p> +<p> +Before version 1.2.27 these tasks were done inside the request processing loop. +When a new request came in and the task was due, the thread handling the +request first executed the internal task and then handled the request. +If there were no requests coming in, the tasks would not run. If any of +the tasks took unexpectedly long, the response time of the request waiting +for the finishing of the task went up. +</p> +<p> +Starting with this release you can configure a separate watchdog thread inside +the web server to run all those tasks independantly of request processing. +This new feature is avaliable for the connector when used with Apache httpd 2.x +or with Microsoft IIS. To keep the behaviour of the new version consistent +with previous releases, this feature is turned off by default. +You can activate the watchdog thread via +<a href="../reference/apache.html"><code>JkWatchdogInterval</code></a> +for Apache or +<a href="../reference/iis.html"><code>watchdog_interval</code></a> +for IIS. +</p> +<h3>Connection Probing</h3> +<p> +In previous releases connection probing (checking whether connections still work) +could only be done immediately after a new connection was established and +directly before sending each request. Since we now have the watchdog +thread available, we also added a periodic probing option, which you +can activate with the worker attribute +<a href="../reference/workers.html"><code>ping_mode</code></a>. +This will also be useful as a protection against the infamous firewall +idle connection drop. +</p> +<p> +The older attributes <code>connect_timeout</code> and <code>prepost_timeout</code> +still exist and work the same way they did in previous releases. +Since there are now three different probing options, we recommend to migrate +your configuration to the newer attributes <code>ping_mode</code>, +<code>ping_timeout</code> and <code>connection_ping_interval</code>. +</p> +<h3>Mount Extensions</h3> +<p> +Usually one defines workers and mounts for the connector. +A worker defines a backend we want to talk to and the configuration parameters of the +communication, connection pools etc. The mounts define which URIs we want to forward to +which worker (so we also call a mount an URI map rule). +In version 1.2.27 you can overwrite certain worker parameter per mount. +</p> +<p> +One easy to understand example is reply timeouts. Until this release you had to specify +a reply timeout for the whole worker. But reply times depend a lot on the type of +request. So normally you want to define a general reply timeout and +for some special URLs you need to relax the reply timeout, because you know those +URLs take much longer to process (like e.g. reporting or other compute intensive tasks). +</p> +<p> +Another possible case is the activation status. You might use a load balancer worker to +forward requests to certain webapps in a farm of Tomcat nodes. If you wanted +to update some webapp on one node, you previously had to stop forwarding requests for +all webapps on this Tomcat node. What was not possible until now, was stopping forwarding +requests restricted to the webapp and the node you wanted to update. +</p> +<p> +Starting with this release, you can add so-called +<a href="../reference/uriworkermap.html#Rule extensions">rule extensions</a> +to your uriworkermap file to influence worker parameters per mount. This will +work for all Apache versions and for IIS. Remember, that +the uriworkermap file automatically gets reloaded after changes without web server +restart. +</p> +<h3>Improved IIS support</h3> +<p> +We improved IIS support im various ways. It is now possible to use +multiple IIS 6 application pools with the ISAPI redirector. +</p> +<p> +Furthermore some improvements were added as compile time features. +The most notable one is chunked encoding support, which was a major +refactoring and is therefore still considered experimental. You can +download binaries with and without chunked encoding support. In future +versions, chunked encoding will likely be availabe in all builds. +</p> +<p> +Another new feature is an elegant way of configuring error page redirects. +All new features are documented on the documentation page about +<a href="../reference/iis.html">configuring IIS</a>. +</p> +<h3>Enhanced Status Worker</h3> +<p> +The +<a href="../reference/status.html">status worker</a> +now can also manage and show statistics for AJP workers that +are not part of a load balancer. Other improvements are the new <code>dump</code> +action, the integration of the new configuration attributes, showing average +request and transfer rates since the last statistics reset and the ability to +display only a single member of a load balancer. +</p> +<p> +Unfortunately we had to change +<a href="../reference/status.html#Data Parameters for the standard Update Action">some request parameters</a> +used for the <code>update</code> action of the status worker. +</p> +<h3>Miscellaneous Improvements</h3> +<p> +Further enhancements are: +<ul> +<li> +Configurable session stickyness indicator: cookie name and URL path +parameter name can be freely chosen instead of the servlet spec compliant +<code>JSESSIONID</code> and <code>;jsessionid</code>. +</li> +<li> +Automatically determining the size of the shared memory segment needed +to accommodate all workers. +</li> +<li> +New connection establishment timeout <code>socket_connect_timeout</code>. +</li> +<li> +New timeout <code>connection_acquire_timeout</code> for acquiring a free connection from +the pool. +</li> +<li> +Improved retry handling by adjusting the meaning of the attribute <code>retries</code> for +AJP workers and for load balancers and by adding the new <code>retry_interval</code>. +</li> +<li> +Allowing the web server to provide error pages instead of Tomcat. +</li> +</ul> +</p> +</subsection> +</section> +</body> +</document> Propchange: tomcat/connectors/trunk/jk/xdocs/news/20081001.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: tomcat/connectors/trunk/jk/xdocs/news/20081001.xml ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]