Links User Guide Reference Apache Tomcat Development | | Tomcat 6.0.14 (remm) |
| General |
 |
Correct j.u.l log levels in JULI docs. (rjung)
|
|
| Catalina |
 |
Handle special case of ROOT when re-loading webapp after ROOT.xml has
been modified. In some circumstances the reloaded ROOT webapp had no
associated resources. (markt)
|
|
Remove invalid attribute "encoding" of MBean MemoryUserDatabase,
which lead to errors in the manager webapp JMXProxy output. (rjung)
|
|
33774 Retry JNDI authentiction on ServiceUnavailableException
as at least one provider throws this after an idle connection has been
closed. (markt)
|
|
39875: Fix BPE in RealmBase.init(). Port of yoavs's fix from
Tomcat 5. (markt)
|
|
41722: Make the role-link element optional (as required by
the spec) when using a security-role-ref element. (markt)
|
|
42361: Handle multi-part forms when saving requests during
FORM authentication process. Patch provided by Peter Runge. (markt)
|
|
42401: Update RUNNING.txt with better JRE/JDK information.
(markt)
|
|
42444: prevent NPE for AccessLogValve
Patch provided by Nils Hammar (funkman)
|
|
42449:
JNDIRealm does not catch NullPointerException for Sun's
LDAP provider (See bug for details) (funkman)
|
|
42497: Ensure ETag header is present in a 304 response.
Patch provided by Len Popp. (markt)
|
|
Fix XSS security vulnerability (CVE-2007-2450) in the Manager and Host
Manager. Reported by Daiki Fukumori. (markt)
|
|
42547: Fix NPE when a ResourceLink in context.xml tries to
override an env-entry in web.xml. (markt)
|
|
Avoid some casting in ErrorReportValve (remm)
|
|
Fix persistence API annotation, submitted by Bill Burke (remm)
|
|
In Comet mode, if bytes are not read, send an error event (otherwise,
fields referring to the connection could remain) (remm)
|
|
Fix Comet when running Tomcat with the security manager (remm)
|
|
| Jasper |
|
39425 Add additional system property permission to
catalina.policy for pre-compiled JSPs. (markt)
|
|
42438 Duplicate temporary variables were created when
jsp:attribute was used in conjunction with custom tags. Patch provided
by Brian Lenz. (markt)
|
|
42643 Prevent creation of duplicate JSP function mapper
variables. (markt)
|
|
| Coyote |
|
Separate sequence increment from getter in ThreadPool to avoid
misleading increments during monitoring via JMX. (rjung)
|
|
Add back missing socketBuffer attribute in the java.io HTTP connector (remm)
|
|
| Webapps |
|
Don't write error on System.out, use log() instead. (rjung)
|
|
39813: Correct handling of new line characters in JMX
attributes. Patch provided by R Bramley. Ported from tc5.5.x r415029. (markt,rjung)
|
|
42459: Fix Tomcat Web Application Manager table error. (rjung)
|
|
Fix XSS security vulnerabilities (CVE-2007-2449) in the examples.
Reported by Toshiharu Sugiyama. (markt)
|
|
|
| Tomcat 6.0.13 (remm) |
| Catalina |
|
More accurate available() method. (remm)
|
|
Add recycle check in the event object, since it is a facade like the others. (remm)
|
|
When processing a read event, enforce that the servlet consumes all available bytes. (remm)
|
 |
Add a flag in ContainerBase which could be used in embedded scenarios to avoid a double start
of contexts (this problem generally occurs when adding contexts to a started host). (remm)
|
|
42309: Ability to create a connector using a custom protocol specification for embedded.
(fhanik)
|
|
Add SSL engine flag to AprLifecycleListener. (fhanik)
|
|
Improve event processing, so that an END event is generated when encountering EOF, and an
ERROR is always generated on client disconnects. (remm)
|
|
Add declarations for the new XSD files. (remm)
|
|
| Coyote |
|
Add heartbeatBackgroundEnabled flag to SimpleTcpCluster.
Enable this flag don't forget to disable the channel heartbeat thread (pero)
|
|
Possible memory leak when using comet, caused by adding the socket to the poller before
cleaning up the connection tracking structure. (remm)
|
|
42308: nextRequest recycles the request, which caused issues with statistics. (remm)
|
|
Fix non recycled comet flag in the APR connector. (remm)
|
|
| Cluster |
|
Add heartbeatBackgroundEnabled flag to SimpleTcpCluster.
Enable this flag don't forget to disable the channel heartbeat thread (pero)
|
|
Method name cleanup. (fhanik)
|
|
| Webapps |
|
Some examples webapp fixes. Submitted by Frank McCown. (remm)
|
|
|
| Tomcat 6.0.12 (remm) |
| General |
|
License source headers. Submitted by Niall Pemberton. (remm)
|
|
| Catalina |
|
42039 Log a stack trace if a servlet throws an
UnavailableException. Patch provided by Kawasima Kazuh. (markt)
|
|
41990 Add some additional mime-type mappings. (markt)
|
|
41655 Fix message translations. Japanese translations
provided by Suzuki Yuichiro. (markt)
|
 |
Add enabled attribute to AccessLogValve (pero)
|
|
42085: Avoid adding handlers for the root logger twice when they are explicitly
specified. (remm)
|
|
Reduce thread local manipulation in the request dispatcher. Submitted by
Arvind Srinivasan. (remm)
|
|
Avoid keeping references to loggers tied to the webapp classloaders after a reload in
a couple more places. (remm)
|
|
42202: Fix container parsing of TLDs in webapps when Tomcat is installed in
a URL encodable path. (remm)
|
|
| Coyote |
|
42119 Fix return value for request.getCharacterEncoding() when
Content-Type headers contain parameters other than charset. Patch by
Leigh L Klotz Jr. (markt)
|
|
Move away from using a thread local processor for the APR and java.io
connectors, as this does not work well when using an executor. (remm)
|
|
Remove Comet timeout hack in the APR connector. Comet connections will now
use the regular timeout or the keepalive timeout if specified. (remm)
|
|
| Webapps |
|
42025: Update valve documentation to refer to correct regular
expression implementation. (markt)
|
|
Fix various paths in the manager webapps (remm)
|
|
Session viewer and editor for the HTML manager. Submitted by Cédrik Lime. (remm)
|
|
Session handling tools for the manager. Submitted by Rainer Jung. (remm)
|
|
| Jasper |
|
41869 TagData.getAttribute() should return
TagData.REQUEST_TIME_VALUE when the attribute value is an EL expression.
(markt)
|
|
42071 Fix IllegalStateException on multiple requests to
an unavailable JSP. Patch provided by Kawasima Kazuh. (markt)
|
|
After a JSP throws an UnavailableException allow it to be accessed once
the unavailable period has expired. (markt)
|
|
| Cluster |
|
Add toString method to better logging session replication message at tribes MESSAGES (pero)
|
|
|
| Tomcat 6.0.11 (remm) |
| General |
|
Update DBCP to 1.2.2, pool to 1.3, JDT to 3.2.2 and remove collections
build dependency (pero, remm)
|
|
| Catalina |
|
Don't log pattern subtoken at ExtendedAccesLogValve (pero)
|
|
Add some missing JMX attributes for new AccessLogValve (pero)
|
|
41786 Incorrect reference to catalina_home in catalina.sh/bat Patch provided by Mike Hanafey (fhanik)
|
|
41703 SingleSignOnMessage invalid setter, patch provided by Nils Hammar (fhanik)
|
|
41682 ClassCastException when logging is turned on (fhanik)
|
|
41530 Don't log error messages when connector is stopped (fhanik)
|
|
41166 Invalid handling when using replicated context (fhanik)
|
|
Added SENDFILE support for the NIO connector. (fhanik)
|
|
Added support for shared thread pools by adding in the <Executor>
element as a nested element to the <Service> element. (fhanik)
|
|
41666 Correct handling of boundary conditions for
If-Unmodified-Since and If-Modified-Since headers. Patch provided by
Suzuki Yuichiro. (markt)
|
|
41739 Correct handling of servlets with a load-on-startup
value of zero. These are now the first servlets to be started. (markt)
|
|
41747 Correct example ant script for deploy task. (markt)
|
|
41752 Correct error message on exception in MemoryRealm.
(markt)
|
|
39883 Add documentation warning about using antiResourceLocking
on a webapp outside the Host's appBase. (yoavs)
|
|
40150 Ensure user and roll classnames are validated on startup. Patch by
Tom. (yoavs)
|
|
Refactor extend access log valve using the optimized access log valve. Submitted by
Takayuki Kaneko. (remm)
|
|
Possible deadlock in classloading when defining packages. (remm)
|
|
Remove excessive syncing from listener support. (remm)
|
|
Web services support. The actual factory implementations are implemented in the
extras. Submitted by Fabien Carrion. (remm)
|
|
Add logging to display APR capabilities on the platform. (remm)
|
|
Expose executors in JMX. (remm)
|
|
CRLF inside a URL pattern is always invalid. (remm)
|
|
Tweak startup time display. (remm)
|
|
Adjustments to handling exceptions with Comet. (remm)
|
|
If the event is closed asynchronously, generate an end event for cleanup on the
next event. (remm)
|
|
Cleanup hello webapp from the docs and fix a XSS issue in the JSP. (remm)
|
|
Examples webapp cleanup. Submitted by Takayuki Kaneko and Markus Schönhaber. (remm)
|
|
41289: Create configBase, since it is no longer created elsewhere.
Submitted by Shiva Kumar H R. (remm)
|
|
| Coyote |
|
Fixed NIO memory leak caused by the NioChannel cache not working properly.
|
|
Added flag to enable/disable the usage of the pollers selector instead of a Selector pool
when the serviet is reading/writing from the input/output streams
The flag is -Dorg.apache.tomcat.util.net.NioSelectorShared=true
|
|
Requests with multiple content-length headers are now rejected. (markt)
|
|
41675 Add a couple of DEBUG-level logging statements to Http11Processors
when sending error responses. Patch by Ralf Hauser. (yoavs)
|
|
Reuse digester used by the modeler. (remm)
|
|
When the platform does not support deferred accept, put accepted sockets in the
poller. (remm)
|
|
Fix problem with blocking reads for keepalive when using an executor (the number
of busy threads is always 0). (remm)
|
|
The poller now has good performance, so remove firstReadTimeout. (remm)
|
|
42119 Fix return value for request.getCharacterEncoding() when
Content-Type headers contain parameters other than charset. Patch by
Leigh L Klotz Jr. (markt)
|
|
| Webapps |
|
Fix previous update to servlet 2.5 xsd to use correct declaration.
(markt)
|
|
Update host configuration document for new behaviour for directories
in appBase. (markt)
|
|
39540 Add link to httpd 2.2 mod_proxy_ajp docs in AJP connector doc. (yoavs)
|
|
| Jasper |
|
41227 Add a bit of DEBUG-level logging to JspC so users know
which file is being compiled. (yoavs)
|
|
Remove some dead utility code, and refactor stream capture as part of the Ant compiler. (remm)
|
|
Support the trim directive of JSP 2.1 as an equivalent of Jasper's own parameter. (remm)
|
|
41790: Close file stream used to read the Java source. (remm)
|
|
Fix reporting of errors which do not correspond to a portion of the JSP source. (remm)
|
|
Remove try/catch usage for annotation processing in classic tags. The usage
of the log method might have been questionable as well. (remm)
|
|
Cleanup of the message that is displayed for compilation errors. (remm)
|
|
Skip BOM when reading a JSP file. (remm)
|
|
|
| Tomcat 6.0.10 (remm) |
| Catalina |
|
Unify usage of security manager flag, submitted by Arvind Srinivasan. (remm)
|
|
Fix formatting of CGI variable SCRIPT_NAME. (markt)
|
|
41521: Support * for servlet-name, submitted by Paul McMahan. (remm)
|
|
Cache getServletContext value, submitted by Arvind Srinivasan. (remm)
|
|
Add options for handling special URL characters in paths, and disallow '\' and encoded '/'
due to possible differences in behavior between Tomcat and a front end webserver. (remm)
|
|
Fix bad comparison for FORM processing, submitted by Anil Saldhana. (remm)
|
|
41608 Make log levels consistent when Servlet.service()
throws an exception. (markt)
|
|
| Coyote |
|
Reduce usage of MessageBytes.getLength(), submitted by Arvind Srinivasan. (remm)
|
|
| Jasper |
|
41558: Don't call synced method on every request, submitted by Arvind Srinivasan. (remm)
|
|
Switch to a thread local page context pool. (remm)
|
|
|
| Tomcat 6.0.9 (remm) |
| General |
|
Use 2.5 xsd in Tomcat webapps. (markt)
|
|
Compression filter improvements, submitted by Eric Hedström. (markt)
|
|
| Catalina |
|
Properly return connector names. (remm)
|
|
Remove logging of the XML validation flag. (remm)
|
|
Correct error messages for context.xml. (markt)
|
|
41217: Set secure flag correctly on SSO cookie, submitted by
Chris Halstead. (markt)
|
|
40524: request.getAuthType() now returns CLIENT_CERT rather
than CLIENT-CERT. (markt)
|
|
40526: Return support for JPDA_OPTS to catalina.bat and add
a new option JPDA_SUSPEND, submitted by by Kurt Roy. (markt)
|
|
41265: In embedded, remove the code that resets checkInterval
values of zero to 300. (markt)
|
|
| Coyote |
|
37869: Fix getting client certificate, submitted by Christophe Pierret. (remm)
|
|
40960: Throw a timeout exception when getting a timeout rather than a
generic IOE, submitted by Christophe Pierret. (remm)
|
|
| Jasper |
|
EL validation fixes for attributes. (remm)
|
|
41327: Show full URI for a 404. (markt)
|
|
JspException now uses getCause() as the result for getRootCause(). (markt)
|
|
| Cluster |
|
41466: When using the NioChannel and SecureNioChannel its
important to use the channels buffers. (fhanik)
|
|
|
| Tomcat 6.0.8 (remm) |
| Catalina |
|
Make provided instances of RequestDispatcher thread safe. (markt)
|
|
Optional development oriented loader implementation. (funkman)
|
|
Optimized access log valve, submitted by Takayuki Kaneko. (remm)
|
|
Fix error messages when parsing context.xml that incorrectly referred to
web.xml. (markt)
|
|
41217: Set secure attribute on SSO cookie when cookie is
created during a secure request. Patch provided by Chris Halstead.
(markt)
|
|
40524: HttpServletRequest.getAuthType() now returns
CLIENT_CERT rather than CLIENT-CERT for certificate authentication
as per the spec. Note that web.xml continues to use CLIENT-CERT to
specify the certificate authentication should be used. (markt)
|
|
41401: Add support for JPDA_OPTS to catalina.bat and add a
JPDA_SUSPEND environment variable to both startup scripts. Patch
provided by Kurt Roy. (markt)
|
|
| Coyote |
|
Use the tomcat-native-1.1.10 as recommended version.
OpenSSL detection on some platforms was broken 1.1.8 will continue to work,
although on some platforms there can be JVM crash if IPV6 is enabled and
platform doesn't support IPV4 mapped addresses on IPV6 sockets.
|
|
| Jasper |
|
When displaying JSP source after an exception, handle included files.
(markt)
|
|
Display the JSP source when a compilation error occurs and display
the correct line number rather than start of a scriptlet block. (markt)
|
|
Fix NPE when processing dynamic attributes. (remm)
|
|
More accurate EL usage validation. (remm)
|
|
Fix regression for implicit taglib and page data version numbers. (remm)
|
|
41265: Allow JspServlet checkInterval init parameter to be
explicitly set to the stated default value of zero by removing the
code that resets it to 300 if explicitly specified as zero. (markt)
|
|
41327: Show full URI for a 404. Patch provided by Vijay.
(markt)
|
|
| Webapps |
|
Add a virtual hosting how-to contributed by Hassan Schroeder. (markt)
|
|
Update all webapps to use the servlet 2.5 xsd. (markt)
|
|
39572: Improvements to CompressionFilter example provided by
Eric Hedström. (markt)
|
|
|
| Tomcat 6.0.7 (remm) |
| General |
|
Fix installer's bitmap (mturk)
|
|
| Catalina |
|
Refactor logging of errors which may occur when reading a post body (remm)
|
|
| Coyote |
|
37869: Also use the SSL_INFO_CLIENT_CERT field if the chain is empty,
submitted by Grzegorz Grzybek (remm)
|
|
|
| Tomcat 6.0.5 (remm) |
| Catalina |
|
40585: Fix parameterised constructor for o.a.juli.FileHandler
so parameters have an effect. (markt)
|
|
Escape invalid characters from request.getLocale. (markt, remm)
|
|
Update required version for native to 1.1.8. (remm)
|
|
Do not log broken pipe errors which can occur when flushing the content of an error page. (remm)
|
|
| Coyote |
|
Fix firstReadTimeout behavior for the AJP connector. (remm)
|
|
| Jasper |
|
41057: Make jsp:plugin output XHTML compliant. (markt)
|
|
| Cluster |
|
Cluster interface cleanup. (fhanik)
|
|
Refactoring to allow usage of executors. (fhanik)
|
|
|
| Tomcat 6.0.3 (remm) |
| Catalina |
|
37509: Do not remove whitespace from the end of values
defined in logging.properties files. (markt)
|
|
38198: Add reference to Context documentation from Host
documentation that explains how Context name is obtained from the
Context filename. (markt)
|
|
40844 Missing syncs in JDBCRealm. (markt)
|
|
40901: Encode directory listing output. Based on a patch
provided by Chris Halstead. (markt)
|
|
40929: Correct JavaDoc for StandardClassLoader. (markt)
|
|
41008: Allow POST to be used for indexed queries with CGI
Servlet. Patch provided by Chris Halstead. (markt)
|
|
Fix usage of print on the servlet output stream if the processor never used
a writer (fhanik)
|
|
Fix logic of sameSameObjects used to determine correct wrapping of request and
response objects (fhanik)
|
|
Update TLD scan lists, and disable caching for now (remm)
|
|
Add system property to WebappClassLoader to allow disabling setting references
to null when stopping it (remm)
|
|
Add clustered SSO code, submitted by Fabien Carrion (remm)
|
|
| Coyote |
|
40860: Log exceptions and other problems during parameter
processing. (markt)
|
|
Enable JMX for trust store attributes for SSL connector. (markt)
|
|
Port memory usage reduction changes to the java.io HTTP connector. (remm)
|
|
MessageBytes.setString(null) will remove the String value. (remm)
|
|
41057: Caching large strings is not useful and takes too much
memory, so don't cache these (remm)
|
|
Add keepAliveTimeout attribute to most connectors (mturk, remm)
|
|
| Jasper |
|
Relax EL type validation for litterals. (remm)
|
|
Update some version numbers to 2.1. (funkman, remm)
|
|
Add xsds for JSP 2.1 (remm)
|
|
41106: Update validation checks for EL to also include
legacy 1.2 tags (remm)
|
|
| Webapps |
|
40677: Update SSL documentation to indicate that PKCS11
keystores may be used. (markt)
|
|
|
| Tomcat 6.0.2 (remm) |
| General |
|
Various tweaks to distribution (remm, funkman)
|
|
Update Tomcat native to 1.1.7 (mturk)
|
|
Update to JDT 3.2.1 (remm)
|
|
| Catalina |
|
Fix EJB annotation interface (remm)
|
|
| Coyote |
|
Fix passing of the keystore password for the NIO connector (fhanik)
|
|
|
| Tomcat 6.0.1 (remm) |
| Catalina |
|
Refactor exception processing using Throwable.getCause to improve exception chaining (remm)
|
|
Remove dead code involving the Logger (funkman)
|
|
37458: Fix some exceptions which could happen during classloading (markt)
|
|
40817: Fix CGI path (markt)
|
|
34956: Add the possibility to enforce usage of request and response
wrapper objects (markt)
|
|
| Jasper |
|
Many fixes for JSP 2.1 compliance, invloving tag files handling, deferred expressions
validation, bom encoding support (remm)
|
|
| Coyote |
|
Many HTTP NIO connector fixes and refactorings (fhanik)
|
|
HTTP NIO connector performance improvements (fhanik)
|
|
Add packetSize option for the classic AJP connector (jfclere)
|
|
Implement explicit flushing in AJP (mturk)
|
|
|
| Tomcat 6.0.0 (remm) |
| Catalina |
|
SSLEngine attribute added to the AprLifecycleListener(fhanik)
|
|
Add API for Comet IO handling (remm, fhanik)
|
|
Servlet 2.5 support (remm)
|
|
| Jasper |
|
JSP 2.1 support (jhook, remm)
|
|
Unifed EL 2.1 support (jhook)
|
|
| Coyote |
|
SSLEnabled attribute required for SSL to be turned on, on all HTTP connectors (fhanik)
|
|
Memory usage reduction for the HTTP connectors, except java.io (remm)
|
|
Modeler update to use dynamic mbeans rather than model mbeans, which consume more
resources (costin)
|
|
| Cluster |
|
New cluster configuration and new documentation (fhanik)
|
|
|
|
