August 2012 - jbossweb-commits - Jboss List Archives

JBossWeb SVN: r2066 - in branches/7.0.x: webapps/docs and 1 other directory.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2012-08-23 07:42:33 -0400 (Thu, 23 Aug 2012) New Revision: 2066 Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java branches/7.0.x/java/org/apache/coyote/ajp/Constants.java branches/7.0.x/webapps/docs/sysprops.xml Log: Improve a bit the Tomcat authentication property patch. Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java 2012-08-16 04:30:24 UTC (rev 2065) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java 2012-08-23 11:42:33 UTC (rev 2066) @@ -329,8 +329,7 @@ /** * Use Tomcat authentication ? */ - protected boolean tomcatAuthentication = - Boolean.valueOf(System.getProperty("org.apache.coyote.ajp.AprProcessor.TOMCATAUTHENTICATION", "true")).booleanValue(); + protected boolean tomcatAuthentication = true; public boolean getTomcatAuthentication() { return tomcatAuthentication; } public void setTomcatAuthentication(boolean tomcatAuthentication) { this.tomcatAuthentication = tomcatAuthentication; } Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java 2012-08-16 04:30:24 UTC (rev 2065) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java 2012-08-23 11:42:33 UTC (rev 2066) @@ -345,7 +345,7 @@ * Should authentication be done in the native webserver layer, * or in the Servlet container ? */ - protected boolean tomcatAuthentication = true; + protected boolean tomcatAuthentication = Constants.DEFAULT_TOMCAT_AUTHENTICATION; public boolean getTomcatAuthentication() { return tomcatAuthentication; } public void setTomcatAuthentication(boolean tomcatAuthentication) { this.tomcatAuthentication = tomcatAuthentication; } Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java 2012-08-16 04:30:24 UTC (rev 2065) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java 2012-08-23 11:42:33 UTC (rev 2066) @@ -319,8 +319,7 @@ * Should authentication be done in the native webserver layer, * or in the Servlet container ? */ - protected boolean tomcatAuthentication = - Boolean.valueOf(System.getProperty("org.apache.coyote.ajp.AprProcessor.TOMCATAUTHENTICATION", "true")).booleanValue(); + protected boolean tomcatAuthentication = Constants.DEFAULT_TOMCAT_AUTHENTICATION; public boolean getTomcatAuthentication() { return tomcatAuthentication; } public void setTomcatAuthentication(boolean tomcatAuthentication) { this.tomcatAuthentication = tomcatAuthentication; } Modified: branches/7.0.x/java/org/apache/coyote/ajp/Constants.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/Constants.java 2012-08-16 04:30:24 UTC (rev 2065) +++ branches/7.0.x/java/org/apache/coyote/ajp/Constants.java 2012-08-23 11:42:33 UTC (rev 2066) @@ -44,6 +44,8 @@ public static final int DEFAULT_CONNECTION_UPLOAD_TIMEOUT = 300000; public static final int DEFAULT_SERVER_SOCKET_TIMEOUT = 0; public static final boolean DEFAULT_TCP_NO_DELAY = true; + public static final boolean DEFAULT_TOMCAT_AUTHENTICATION = + Boolean.valueOf(System.getProperty("org.apache.coyote.ajp.DEFAULT_TOMCAT_AUTHENTICATION", "true")).booleanValue(); // Prefix codes for message types from server to container public static final byte JK_AJP13_FORWARD_REQUEST = 2; Modified: branches/7.0.x/webapps/docs/sysprops.xml =================================================================== --- branches/7.0.x/webapps/docs/sysprops.xml 2012-08-16 04:30:24 UTC (rev 2065) +++ branches/7.0.x/webapps/docs/sysprops.xml 2012-08-23 11:42:33 UTC (rev 2066) @@ -168,6 +168,12 @@ <p>Server Identity stringr: the <code>Server:</code> header. The default value is <code>Apache-Coyote/1.1</code>.</p> </property> + + <property name="org.apache.coyote.ajp.DEFAULT_TOMCAT_AUTHENTICATION"> + <p>Perform authentication in the application server rather than in the frontend + web server. The default value is <code>true</code>.</p> + </property> + </properties> </section>

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2064 - tags.

by jbossweb-commits＠lists.jboss.org

Author: jfrederic.clere(a)jboss.com Date: 2012-08-10 17:32:37 -0400 (Fri, 10 Aug 2012) New Revision: 2064 Added: tags/JBOSSWEB_7_0_17_FINAL/ Log: Web 7.0.17.

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2063 - branches/7.0.x/java/org/apache/catalina/connector.

by jbossweb-commits＠lists.jboss.org

Author: jfrederic.clere(a)jboss.com Date: 2012-08-10 12:49:50 -0400 (Fri, 10 Aug 2012) New Revision: 2063 Modified: branches/7.0.x/java/org/apache/catalina/connector/Connector.java Log: Improve the patch a bit more... Modified: branches/7.0.x/java/org/apache/catalina/connector/Connector.java =================================================================== --- branches/7.0.x/java/org/apache/catalina/connector/Connector.java 2012-08-10 15:35:58 UTC (rev 2062) +++ branches/7.0.x/java/org/apache/catalina/connector/Connector.java 2012-08-10 16:49:50 UTC (rev 2063) @@ -270,7 +270,7 @@ * Allowed virtual hosts. */ protected Set<String> allowedHosts = null; - protected Set<String> allowedHostsIgnoreCase = new HashSet(); + protected Set<String> allowedHostsIgnoreCase = null; protected static HashMap<String, String> replacements = new HashMap<String, String>(); static { @@ -393,7 +393,11 @@ public void setAllowedHosts(Set<String> allowedHosts) { this.allowedHosts = allowedHosts; - addAllowedHostsToLowerCaseSet(); + if (allowedHosts != null) { + this.allowedHostsIgnoreCase = new HashSet(); + addAllowedHostsToLowerCaseSet(); + } else + this.allowedHostsIgnoreCase = null; } private void addAllowedHostsToLowerCaseSet() {

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2062 - branches/7.0.x/java/org/apache/catalina/connector.

by jbossweb-commits＠lists.jboss.org

Author: mmusaji Date: 2012-08-10 11:35:58 -0400 (Fri, 10 Aug 2012) New Revision: 2062 Modified: branches/7.0.x/java/org/apache/catalina/connector/Connector.java branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java Log: [JBPAPP-9404] Added changes so that a copy of the Set of allowedHost is stored as lower case to avoid a bug which was found in the original fix for JBPAPP-9404 Modified: branches/7.0.x/java/org/apache/catalina/connector/Connector.java =================================================================== --- branches/7.0.x/java/org/apache/catalina/connector/Connector.java 2012-08-10 15:33:30 UTC (rev 2061) +++ branches/7.0.x/java/org/apache/catalina/connector/Connector.java 2012-08-10 15:35:58 UTC (rev 2062) @@ -19,6 +19,8 @@ package org.apache.catalina.connector; import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; import java.util.Set; import javax.management.MBeanRegistration; @@ -268,7 +270,7 @@ * Allowed virtual hosts. */ protected Set<String> allowedHosts = null; - + protected Set<String> allowedHostsIgnoreCase = new HashSet(); protected static HashMap<String, String> replacements = new HashMap<String, String>(); static { @@ -391,8 +393,20 @@ public void setAllowedHosts(Set<String> allowedHosts) { this.allowedHosts = allowedHosts; - + addAllowedHostsToLowerCaseSet(); } + + private void addAllowedHostsToLowerCaseSet() { + Iterator<String> it = allowedHosts.iterator(); + while (it.hasNext()) { + String allowedHost = it.next(); + allowedHostsIgnoreCase.add(allowedHost.toLowerCase()); + } + } + + public Set<String> getAllowedHostsIgnoreCase() { + return allowedHostsIgnoreCase; + } /** * Is this connector available for processing requests? Modified: branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java =================================================================== --- branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-08-10 15:33:30 UTC (rev 2061) +++ branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-08-10 15:35:58 UTC (rev 2062) @@ -548,7 +548,7 @@ } if (connector.getAllowedHosts() != null) { Host host = (Host) request.getMappingData().host; - if (!connector.getAllowedHosts().contains(host.getName())) { + if (!connector.getAllowedHostsIgnoreCase().contains(host.getName())) { res.setStatus(403); res.setMessage("Host access is forbidden through this connector"); return false;

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2061 - branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector.

by jbossweb-commits＠lists.jboss.org

Author: mmusaji Date: 2012-08-10 11:33:30 -0400 (Fri, 10 Aug 2012) New Revision: 2061 Modified: branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/Connector.java branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/CoyoteAdapter.java Log: [JBPAPP-9404] Added fix so allowedHosts are correctly found. Also added changes so that a copy of the Set of allowedHost is stored as lower case to avoid a bug which was found in the original fix for this Modified: branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/Connector.java =================================================================== --- branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/Connector.java 2012-08-10 12:13:30 UTC (rev 2060) +++ branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/Connector.java 2012-08-10 15:33:30 UTC (rev 2061) @@ -19,6 +19,8 @@ package org.apache.catalina.connector; import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; import java.util.Set; import javax.management.MBeanRegistration; @@ -268,7 +270,7 @@ * Allowed virtual hosts. */ protected Set<String> allowedHosts = null; - + protected Set<String> allowedHostsIgnoreCase = new HashSet(); protected static HashMap<String, String> replacements = new HashMap<String, String>(); static { @@ -391,8 +393,20 @@ public void setAllowedHosts(Set<String> allowedHosts) { this.allowedHosts = allowedHosts; - + addAllowedHostsToLowerCaseSet(); } + + private void addAllowedHostsToLowerCaseSet() { + Iterator<String> it = allowedHosts.iterator(); + while (it.hasNext()) { + String allowedHost = it.next(); + allowedHostsIgnoreCase.add(allowedHost.toLowerCase()); + } + } + + public Set<String> getAllowedHostsIgnoreCase() { + return allowedHostsIgnoreCase; + } /** * Is this connector available for processing requests? Modified: branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/CoyoteAdapter.java =================================================================== --- branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-08-10 12:13:30 UTC (rev 2060) +++ branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-08-10 15:33:30 UTC (rev 2061) @@ -55,6 +55,7 @@ import org.apache.catalina.Context; import org.apache.catalina.Globals; +import org.apache.catalina.Host; import org.apache.catalina.Manager; import org.apache.catalina.Session; import org.apache.catalina.Wrapper; @@ -542,11 +543,13 @@ res.setMessage("Context not mapped"); return false; } - if (connector.getAllowedHosts() != null - && !connector.getAllowedHosts().contains(request.getMappingData().host)) { - res.setStatus(403); - res.setMessage("Host access is forbidden through this connector"); - return false; + if (connector.getAllowedHosts() != null) { + Host host = (Host) request.getMappingData().host; + if (!connector.getAllowedHostsIgnoreCase().contains(host.getName())) { + res.setStatus(403); + res.setMessage("Host access is forbidden through this connector"); + return false; + } } // Filter trace method

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2060 - branches.

by jbossweb-commits＠lists.jboss.org

Author: mmusaji Date: 2012-08-10 08:13:30 -0400 (Fri, 10 Aug 2012) New Revision: 2060 Added: branches/JBOSSWEB_7_0_16_FINAL_JBPAPP-9404/ Log: [JBPAPP-9404] Create a one off branch]

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2059 - in branches/7.0.x/java/org/apache/coyote: http11 and 1 other directory.

by jbossweb-commits＠lists.jboss.org

Author: jfrederic.clere(a)jboss.com Date: 2012-08-09 10:39:59 -0400 (Thu, 09 Aug 2012) New Revision: 2059 Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java branches/7.0.x/java/org/apache/coyote/http11/Http11AprProtocol.java branches/7.0.x/java/org/apache/coyote/http11/Http11Protocol.java Log: Arrange r2033 = add the internal JMX names. Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java 2012-08-08 16:26:10 UTC (rev 2058) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProtocol.java 2012-08-09 14:39:59 UTC (rev 2059) @@ -189,14 +189,14 @@ if (this.domain != null ) { try { tpOname = new ObjectName - (domain + ":" + "type=ThreadPool,name=" + getName()); + (domain + ":" + "type=ThreadPool,name=" + getJmxName()); Registry.getRegistry(null, null) .registerComponent(endpoint, tpOname, null ); } catch (Exception e) { log.error("Can't register threadpool" ); } rgOname = new ObjectName - (domain + ":type=GlobalRequestProcessor,name=" + getName()); + (domain + ":type=GlobalRequestProcessor,name=" + getJmxName()); Registry.getRegistry(null, null).registerComponent (cHandler.global, rgOname, null); } Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java 2012-08-08 16:26:10 UTC (rev 2058) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java 2012-08-09 14:39:59 UTC (rev 2059) @@ -186,14 +186,14 @@ if (this.domain != null ) { try { tpOname = new ObjectName - (domain + ":" + "type=ThreadPool,name=" + getName()); + (domain + ":" + "type=ThreadPool,name=" + getJmxName()); Registry.getRegistry(null, null) .registerComponent(endpoint, tpOname, null ); } catch (Exception e) { log.error("Can't register threadpool" ); } rgOname = new ObjectName - (domain + ":type=GlobalRequestProcessor,name=" + getName()); + (domain + ":type=GlobalRequestProcessor,name=" + getJmxName()); Registry.getRegistry(null, null).registerComponent (cHandler.global, rgOname, null); } Modified: branches/7.0.x/java/org/apache/coyote/http11/Http11AprProtocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/http11/Http11AprProtocol.java 2012-08-08 16:26:10 UTC (rev 2058) +++ branches/7.0.x/java/org/apache/coyote/http11/Http11AprProtocol.java 2012-08-09 14:39:59 UTC (rev 2059) @@ -136,14 +136,14 @@ if( this.domain != null ) { try { tpOname=new ObjectName - (domain + ":" + "type=ThreadPool,name=" + getName()); + (domain + ":" + "type=ThreadPool,name=" + getJmxName()); Registry.getRegistry(null, null) .registerComponent(endpoint, tpOname, null ); } catch (Exception e) { log.error("Can't register threadpool" ); } rgOname=new ObjectName - (domain + ":type=GlobalRequestProcessor,name=" + getName()); + (domain + ":type=GlobalRequestProcessor,name=" + getJmxName()); Registry.getRegistry(null, null).registerComponent ( cHandler.global, rgOname, null ); } Modified: branches/7.0.x/java/org/apache/coyote/http11/Http11Protocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/http11/Http11Protocol.java 2012-08-08 16:26:10 UTC (rev 2058) +++ branches/7.0.x/java/org/apache/coyote/http11/Http11Protocol.java 2012-08-09 14:39:59 UTC (rev 2059) @@ -202,14 +202,14 @@ if (this.domain != null) { try { tpOname = new ObjectName - (domain + ":" + "type=ThreadPool,name=" + getName()); + (domain + ":" + "type=ThreadPool,name=" + getJmxName()); Registry.getRegistry(null, null) .registerComponent(endpoint, tpOname, null ); } catch (Exception e) { log.error("Can't register endpoint"); } rgOname=new ObjectName - (domain + ":type=GlobalRequestProcessor,name=" + getName()); + (domain + ":type=GlobalRequestProcessor,name=" + getJmxName()); Registry.getRegistry(null, null).registerComponent ( cHandler.global, rgOname, null ); }

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2058 - branches/7.0.x/java/org/apache/coyote/ajp.

by jbossweb-commits＠lists.jboss.org

Author: jfrederic.clere(a)jboss.com Date: 2012-08-08 12:26:10 -0400 (Wed, 08 Aug 2012) New Revision: 2058 Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java Log: Fix for AS7-1581. Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java 2012-08-06 16:37:53 UTC (rev 2057) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpAprProcessor.java 2012-08-08 16:26:10 UTC (rev 2058) @@ -329,7 +329,8 @@ /** * Use Tomcat authentication ? */ - protected boolean tomcatAuthentication = true; + protected boolean tomcatAuthentication = + Boolean.valueOf(System.getProperty("org.apache.coyote.ajp.AprProcessor.TOMCATAUTHENTICATION", "true")).booleanValue(); public boolean getTomcatAuthentication() { return tomcatAuthentication; } public void setTomcatAuthentication(boolean tomcatAuthentication) { this.tomcatAuthentication = tomcatAuthentication; } Modified: branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java =================================================================== --- branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java 2012-08-06 16:37:53 UTC (rev 2057) +++ branches/7.0.x/java/org/apache/coyote/ajp/AjpProtocol.java 2012-08-08 16:26:10 UTC (rev 2058) @@ -319,7 +319,8 @@ * Should authentication be done in the native webserver layer, * or in the Servlet container ? */ - protected boolean tomcatAuthentication = true; + protected boolean tomcatAuthentication = + Boolean.valueOf(System.getProperty("org.apache.coyote.ajp.AprProcessor.TOMCATAUTHENTICATION", "true")).booleanValue(); public boolean getTomcatAuthentication() { return tomcatAuthentication; } public void setTomcatAuthentication(boolean tomcatAuthentication) { this.tomcatAuthentication = tomcatAuthentication; }

12 years, 4 months

1
0
0 / 0

JBossWeb SVN: r2057 - branches/7.0.x/java/org/apache/catalina/connector.

by jbossweb-commits＠lists.jboss.org

Author: jfrederic.clere(a)jboss.com Date: 2012-08-06 12:37:53 -0400 (Mon, 06 Aug 2012) New Revision: 2057 Modified: branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java Log: Fix for JBPAPP-9314. Modified: branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java =================================================================== --- branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-07-26 14:09:13 UTC (rev 2056) +++ branches/7.0.x/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-08-06 16:37:53 UTC (rev 2057) @@ -55,6 +55,7 @@ import org.apache.catalina.Context; import org.apache.catalina.Globals; +import org.apache.catalina.Host; import org.apache.catalina.Manager; import org.apache.catalina.Session; import org.apache.catalina.Wrapper; @@ -545,11 +546,13 @@ res.setMessage("Context not mapped"); return false; } - if (connector.getAllowedHosts() != null - && !connector.getAllowedHosts().contains(request.getMappingData().host)) { - res.setStatus(403); - res.setMessage("Host access is forbidden through this connector"); - return false; + if (connector.getAllowedHosts() != null) { + Host host = (Host) request.getMappingData().host; + if (!connector.getAllowedHosts().contains(host.getName())) { + res.setStatus(403); + res.setMessage("Host access is forbidden through this connector"); + return false; + } } // Filter trace method

12 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

jbossweb-commits August 2012