jbossweb-commits January 2014

jbossweb-commits@lists.jboss.org

1 participants
24 discussions

JBossWeb SVN: r2337 - in branches/7.4.x/src/main/java/org: apache/catalina/valves and 2 other directories.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2014-01-10 10:09:14 -0500 (Fri, 10 Jan 2014) New Revision: 2337 Modified: branches/7.4.x/src/main/java/org/apache/catalina/session/StoreBase.java branches/7.4.x/src/main/java/org/apache/catalina/valves/PersistentValve.java branches/7.4.x/src/main/java/org/jboss/web/CatalinaLogger.java branches/7.4.x/src/main/java/org/jboss/web/CatalinaMessages.java branches/7.4.x/src/main/java/org/jboss/web/WebLogger.java branches/7.4.x/src/main/java/org/jboss/web/php/ScriptEnvironment.java Log: Andiamo. Modified: branches/7.4.x/src/main/java/org/apache/catalina/session/StoreBase.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/catalina/session/StoreBase.java 2014-01-10 14:25:54 UTC (rev 2336) +++ branches/7.4.x/src/main/java/org/apache/catalina/session/StoreBase.java 2014-01-10 15:09:14 UTC (rev 2337) @@ -178,7 +178,7 @@ try { keys = keys(); } catch (IOException e) { - manager.getContainer().getLogger().error("Error getting keys", e); + manager.getContainer().getLogger().error(MESSAGES.errorGettingKeys(), e); return; } if (manager.getContainer().getLogger().isDebugEnabled()) { Modified: branches/7.4.x/src/main/java/org/apache/catalina/valves/PersistentValve.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/catalina/valves/PersistentValve.java 2014-01-10 14:25:54 UTC (rev 2336) +++ branches/7.4.x/src/main/java/org/apache/catalina/valves/PersistentValve.java 2014-01-10 15:09:14 UTC (rev 2337) @@ -33,6 +33,7 @@ import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; import org.apache.catalina.session.PersistentManager; +import org.jboss.web.CatalinaLogger; /** @@ -115,7 +116,7 @@ try { session = store.load(sessionId); } catch (Exception e) { - container.getLogger().error("deserializeError"); + CatalinaLogger.VALVES_LOGGER.deserializationError(e); } if (session != null) { if (!session.isValid() || Modified: branches/7.4.x/src/main/java/org/jboss/web/CatalinaLogger.java =================================================================== --- branches/7.4.x/src/main/java/org/jboss/web/CatalinaLogger.java 2014-01-10 14:25:54 UTC (rev 2336) +++ branches/7.4.x/src/main/java/org/jboss/web/CatalinaLogger.java 2014-01-10 15:09:14 UTC (rev 2337) @@ -689,4 +689,8 @@ @Message(id = 1150, value = "X param in wrong format. Needs to be 'x-#(...)'") void extendedAccessLogBadXParam(); + @LogMessage(level = ERROR) + @Message(id = 1151, value = "Deserialization error") + void deserializationError(@Cause Throwable t); + } Modified: branches/7.4.x/src/main/java/org/jboss/web/CatalinaMessages.java =================================================================== --- branches/7.4.x/src/main/java/org/jboss/web/CatalinaMessages.java 2014-01-10 14:25:54 UTC (rev 2336) +++ branches/7.4.x/src/main/java/org/jboss/web/CatalinaMessages.java 2014-01-10 15:09:14 UTC (rev 2337) @@ -1020,4 +1020,7 @@ @Message(id = 376, value = "Cannot use a read or write listener without upgrading or starting async") IllegalStateException cannotSetListenerWithoutUpgradeOrAsync(); + @Message(id = 377, value = "Error getting keys") + String errorGettingKeys(); + } Modified: branches/7.4.x/src/main/java/org/jboss/web/WebLogger.java =================================================================== --- branches/7.4.x/src/main/java/org/jboss/web/WebLogger.java 2014-01-10 14:25:54 UTC (rev 2336) +++ branches/7.4.x/src/main/java/org/jboss/web/WebLogger.java 2014-01-10 15:09:14 UTC (rev 2337) @@ -53,4 +53,8 @@ @Message(id = 7502, value = "Invalid PHP library %s.%s.%s, required version is %s.%s.%s") void invalidPhpLibrary(int major, int minor, int patch, int requiredMajor, int requiredMinor, int requiredPatch); + @LogMessage(level = ERROR) + @Message(id = 7503, value = "Invalid null script names") + void invalidScriptNames(); + } Modified: branches/7.4.x/src/main/java/org/jboss/web/php/ScriptEnvironment.java =================================================================== --- branches/7.4.x/src/main/java/org/jboss/web/php/ScriptEnvironment.java 2014-01-10 14:25:54 UTC (rev 2336) +++ branches/7.4.x/src/main/java/org/jboss/web/php/ScriptEnvironment.java 2014-01-10 15:09:14 UTC (rev 2337) @@ -36,6 +36,7 @@ import org.apache.catalina.util.IOTools; import org.jboss.logging.Logger; +import org.jboss.web.WebLogger; /** @@ -48,8 +49,6 @@ */ public class ScriptEnvironment { - private static Logger log = Logger.getLogger(ScriptEnvironment.class); - /** * The Request attribute key for the client certificate chain. */ @@ -363,7 +362,7 @@ || sScriptName == null || sFullName == null || sName == null) { - log.error("Invalid script names"); + WebLogger.ROOT_LOGGER.invalidScriptNames(); return false; }

11 years, 2 months

1
0
0 / 0

JBossWeb SVN: r2336 - in branches/7.4.x: webapps/docs and 1 other directory.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2014-01-10 09:25:54 -0500 (Fri, 10 Jan 2014) New Revision: 2336 Modified: branches/7.4.x/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java branches/7.4.x/webapps/docs/sysprops.xml Log: Port the alwaysUseSession option from Tomcat, disabled by default (as in Tomcat). Modified: branches/7.4.x/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2014-01-07 09:27:45 UTC (rev 2335) +++ branches/7.4.x/src/main/java/org/apache/catalina/authenticator/AuthenticatorBase.java 2014-01-10 14:25:54 UTC (rev 2336) @@ -121,7 +121,20 @@ protected boolean unregisterSsoOnLogout = Boolean.valueOf(System.getProperty("org.apache.catalina.authenticator.AuthenticatorBase.UNREGISTER_SSO_ON_LOGOUT", "false")).booleanValue(); + /** + * Should a session always be used once a user is authenticated? This may + * offer some performance benefits since the session can then be used to + * cache the authenticated Principal, hence removing the need to + * authenticate the user via the Realm on every request. This may be of help + * for combinations such as BASIC authentication used with the JNDIRealm or + * DataSourceRealms. However there will also be the performance cost of + * creating and GC'ing the session. By default, a session will not be + * created. + */ + protected boolean alwaysUseSession = + Boolean.valueOf(System.getProperty("org.apache.catalina.authenticator.AuthenticatorBase.ALWAYS_USE_SESSION", "false")).booleanValue(); + /** * The Context to which this Valve is attached. */ @@ -619,11 +632,16 @@ request.setUserPrincipal(principal); Session session = request.getSessionInternal(false); - if (session != null && changeSessionIdOnAuthentication) { - Manager manager = request.getContext().getManager(); - manager.changeSessionId(session, request.getRandom()); - request.changeSessionId(session.getId()); + if (session != null) { + if (changeSessionIdOnAuthentication) { + Manager manager = request.getContext().getManager(); + manager.changeSessionId(session, request.getRandom()); + request.changeSessionId(session.getId()); + } + } else if (alwaysUseSession) { + session = request.getSessionInternal(true); } + // Cache the authentication information in our session, if any if (cache) { if (session != null) { Modified: branches/7.4.x/webapps/docs/sysprops.xml =================================================================== --- branches/7.4.x/webapps/docs/sysprops.xml 2014-01-07 09:27:45 UTC (rev 2335) +++ branches/7.4.x/webapps/docs/sysprops.xml 2014-01-10 14:25:54 UTC (rev 2336) @@ -65,6 +65,22 @@ It supports <code>:reload</code>. </property> + <property name="org.apache.catalina.authenticator.AuthenticatorBase.CHANGE_SESSIONID_ON_AUTH"> + Should the session ID, if any, be changed upon a successful + authentication to prevent a session fixation attack ? If not specified, the default value of + <code>false</code> will be used. + </property> + + <property name="org.apache.catalina.authenticator.AuthenticatorBase.UNREGISTER_SSO_ON_LOGOUT"> + Unregister the SSO when logging out. If not specified, the default value of + <code>false</code> will be used. + </property> + + <property name="org.apache.catalina.authenticator.AuthenticatorBase.ALWAYS_USE_SESSION"> + Should a session always be used once a user is authenticated ? If not specified, the default value of + <code>false</code> will be used. + </property> + <property name="org.apache.tomcat.util.buf.StringCache.byte.enabled"> If <code>true</code>, the String cache is enabled for <code>ByteChunk</code>. If not specified, the default value of

11 years, 2 months

1
0
0 / 0

JBossWeb SVN: r2335 - branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2014-01-07 04:27:45 -0500 (Tue, 07 Jan 2014) New Revision: 2335 Modified: branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java Log: Use my patch from Tomcat instead: don't do anything at all if nothing was written yet. Modified: branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java 2014-01-06 18:06:29 UTC (rev 2334) +++ branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java 2014-01-07 09:27:45 UTC (rev 2335) @@ -84,20 +84,23 @@ public void onWritePossible(boolean useDispatch) { + if (buffers == null) { + // Servlet 3.1 will call the write listener once even if nothing + // was written + return; + } boolean complete = true; try { // If this is false there will be a call back when it is true while (sos.isReady()) { complete = true; - if (buffers != null) { - for (ByteBuffer buffer : buffers) { - if (buffer.hasRemaining()) { - complete = false; - sos.write(buffer.array(), buffer.arrayOffset(), - buffer.limit()); - buffer.position(buffer.limit()); - break; - } + for (ByteBuffer buffer : buffers) { + if (buffer.hasRemaining()) { + complete = false; + sos.write(buffer.array(), buffer.arrayOffset(), + buffer.limit()); + buffer.position(buffer.limit()); + break; } } if (complete) { @@ -120,7 +123,6 @@ } if (!complete) { // Async write is in progress - long timeout = getSendTimeout(); if (timeout > 0) { // Register with timeout thread

11 years, 2 months

1
0
0 / 0

JBossWeb SVN: r2334 - branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server.

by jbossweb-commits＠lists.jboss.org

Author: remy.maucherat(a)jboss.com Date: 2014-01-06 13:06:29 -0500 (Mon, 06 Jan 2014) New Revision: 2334 Modified: branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java Log: JBWEB-287: Add a null check because the write event should be called even if no write was made (from the Servlet spec). Modified: branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java =================================================================== --- branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java 2013-12-20 13:46:07 UTC (rev 2333) +++ branches/7.4.x/src/main/java/org/apache/tomcat/websocket/server/WsRemoteEndpointImplServer.java 2014-01-06 18:06:29 UTC (rev 2334) @@ -89,13 +89,15 @@ // If this is false there will be a call back when it is true while (sos.isReady()) { complete = true; - for (ByteBuffer buffer : buffers) { - if (buffer.hasRemaining()) { - complete = false; - sos.write(buffer.array(), buffer.arrayOffset(), - buffer.limit()); - buffer.position(buffer.limit()); - break; + if (buffers != null) { + for (ByteBuffer buffer : buffers) { + if (buffer.hasRemaining()) { + complete = false; + sos.write(buffer.array(), buffer.arrayOffset(), + buffer.limit()); + buffer.position(buffer.limit()); + break; + } } } if (complete) {

11 years, 2 months

1
0
0 / 0

← Newer
1
2
3
Older →

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

jbossweb-commits January 2014