JBossWeb SVN: r1316 - trunk/java/org/apache/catalina/connector.
by jbossweb-commits@lists.jboss.org
Author: mmillson
Date: 2009-12-04 11:50:03 -0500 (Fri, 04 Dec 2009)
New Revision: 1316
Modified:
trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Log:
Fix parent context cookie overwriting URL encoded cookie for [JBWEB-153]
Modified: trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
===================================================================
--- trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 2009-12-03 15:16:51 UTC (rev 1315)
+++ trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 2009-12-04 16:50:03 UTC (rev 1316)
@@ -652,6 +652,13 @@
*/
protected void parseSessionCookiesId(org.apache.coyote.Request req, Request request) {
+ // If session tracking via cookies has been disabled for the current
+ // context, don't go looking for a session ID in a cookie as a cookie
+ // from a parent context with a session ID may be present which would
+ // overwrite the valid session ID encoded in the URL
+ if (!((Context)request.getMappingData().context).getCookies())
+ return;
+
// Parse session id from cookies
Cookies serverCookies = req.getCookies();
int count = serverCookies.getCookieCount();
14 years, 5 months
JBossWeb SVN: r1315 - tags.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2009-12-03 10:16:51 -0500 (Thu, 03 Dec 2009)
New Revision: 1315
Added:
tags/JBOSSWEB_3_0_0_ALPHA22/
Log:
- Minor JSP and Servlet fixes.
Copied: tags/JBOSSWEB_3_0_0_ALPHA22 (from rev 1314, trunk)
14 years, 5 months
JBossWeb SVN: r1314 - trunk/java/org/apache/catalina/startup.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2009-12-03 09:38:38 -0500 (Thu, 03 Dec 2009)
New Revision: 1314
Modified:
trunk/java/org/apache/catalina/startup/ContextConfig.java
Log:
- I give up for now (I might remove this later) ... Also allow Java method names (at least for the annotations, I suppose it will be a common mistake).
Modified: trunk/java/org/apache/catalina/startup/ContextConfig.java
===================================================================
--- trunk/java/org/apache/catalina/startup/ContextConfig.java 2009-12-03 12:04:08 UTC (rev 1313)
+++ trunk/java/org/apache/catalina/startup/ContextConfig.java 2009-12-03 14:38:38 UTC (rev 1314)
@@ -2120,7 +2120,8 @@
{
for (HttpMethodConstraintElement httpMethodConstraint : httpMethodConstraints)
{
- methodOmissions.add(httpMethodConstraint.getMethodName());
+ String method = toHttpMethod(httpMethodConstraint.getMethodName());
+ methodOmissions.add(method);
boolean methodPA = httpMethodConstraint.getEmptyRoleSemantic().equals(EmptyRoleSemantic.PERMIT);
boolean methodDA = httpMethodConstraint.getEmptyRoleSemantic().equals(EmptyRoleSemantic.DENY);
boolean methodTP = httpMethodConstraint.getTransportGuarantee().equals(TransportGuarantee.CONFIDENTIAL);
@@ -2144,7 +2145,7 @@
constraint.setUserConstraint(org.apache.catalina.realm.Constants.CONFIDENTIAL_TRANSPORT);
}
SecurityCollection collection = new SecurityCollection();
- collection.addMethod(httpMethodConstraint.getMethodName());
+ collection.addMethod(method);
// Determine pattern set
String[] urlPatterns = wrapper.findMappings();
Set<String> servletSecurityPatterns = new HashSet<String>();
@@ -2207,6 +2208,20 @@
/**
+ * Although this does not comply with the spec, it is likely Java method names
+ * will be used in the annotations. Since it is not possible to validate, this
+ * would be an error that is invisible for the user.
+ * @param method
+ * @return
+ */
+ protected String toHttpMethod(String method) {
+ if (method == null || method.length() < 3 || (!method.startsWith("do")))
+ return method;
+ return method.substring(2).toUpperCase();
+ }
+
+
+ /**
* Validate the usage of security role names in the web application
* deployment descriptor. If any problems are found, issue warning
* messages (for backwards compatibility) and add the missing roles.
14 years, 5 months
JBossWeb SVN: r1313 - trunk/java/org/apache/catalina/startup.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2009-12-03 07:04:08 -0500 (Thu, 03 Dec 2009)
New Revision: 1313
Modified:
trunk/java/org/apache/catalina/startup/ContextConfig.java
Log:
- Construct the list of static patterns before processing servlet security elements. Otherwise, only the first constraint defined by a servlet
security would actually do something.
Modified: trunk/java/org/apache/catalina/startup/ContextConfig.java
===================================================================
--- trunk/java/org/apache/catalina/startup/ContextConfig.java 2009-12-02 23:48:45 UTC (rev 1312)
+++ trunk/java/org/apache/catalina/startup/ContextConfig.java 2009-12-03 12:04:08 UTC (rev 1313)
@@ -2090,6 +2090,17 @@
* Translate servlet security associated with Servlets to security constraints.
*/
protected void resolveServletSecurity() {
+ // Skip all patterns for which a static security constraint has been defined
+ HashSet<String> excludedPatterns = new HashSet<String>();
+ SecurityConstraint[] staticConstraints = context.findConstraints();
+ for (SecurityConstraint staticConstraint : staticConstraints) {
+ for (SecurityCollection collection : staticConstraint.findCollections()) {
+ for (String urlPattern : collection.findPatterns()) {
+ excludedPatterns.add(urlPattern);
+ }
+ }
+ }
+ // Iterate over servlet security objects
Container wrappers[] = context.findChildren();
for (int i = 0; i < wrappers.length; i++) {
Wrapper wrapper = (Wrapper) wrappers[i];
@@ -2138,16 +2149,8 @@
String[] urlPatterns = wrapper.findMappings();
Set<String> servletSecurityPatterns = new HashSet<String>();
for (String urlPattern : urlPatterns) {
- servletSecurityPatterns.add(urlPattern);
- }
- SecurityConstraint[] constraints = context.findConstraints();
- for (SecurityConstraint constraint2 : constraints) {
- for (SecurityCollection collection2 : constraint2.findCollections()) {
- for (String urlPattern : collection2.findPatterns()) {
- if (servletSecurityPatterns.contains(urlPattern)) {
- servletSecurityPatterns.remove(urlPattern);
- }
- }
+ if (!excludedPatterns.contains(urlPattern)) {
+ servletSecurityPatterns.add(urlPattern);
}
}
for (String urlPattern : servletSecurityPatterns) {
@@ -2184,16 +2187,8 @@
String[] urlPatterns = wrapper.findMappings();
Set<String> servletSecurityPatterns = new HashSet<String>();
for (String urlPattern : urlPatterns) {
- servletSecurityPatterns.add(urlPattern);
- }
- SecurityConstraint[] constraints = context.findConstraints();
- for (SecurityConstraint constraint2 : constraints) {
- for (SecurityCollection collection2 : constraint2.findCollections()) {
- for (String urlPattern : collection2.findPatterns()) {
- if (servletSecurityPatterns.contains(urlPattern)) {
- servletSecurityPatterns.remove(urlPattern);
- }
- }
+ if (!excludedPatterns.contains(urlPattern)) {
+ servletSecurityPatterns.add(urlPattern);
}
}
for (String urlPattern : servletSecurityPatterns) {
14 years, 5 months
JBossWeb SVN: r1312 - trunk/java/org/apache/catalina/core.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2009-12-02 18:48:45 -0500 (Wed, 02 Dec 2009)
New Revision: 1312
Modified:
trunk/java/org/apache/catalina/core/StandardContext.java
Log:
- Use a linked map here. This allows presenting mappings in the order they are declared in web.xml.
Modified: trunk/java/org/apache/catalina/core/StandardContext.java
===================================================================
--- trunk/java/org/apache/catalina/core/StandardContext.java 2009-12-02 10:32:09 UTC (rev 1311)
+++ trunk/java/org/apache/catalina/core/StandardContext.java 2009-12-02 23:48:45 UTC (rev 1312)
@@ -32,6 +32,7 @@
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
+import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -458,7 +459,7 @@
/**
* The set of JSP property groups defined for the webapp, keyed by pattern.
*/
- protected HashMap<String, JspPropertyGroup> jspPropertyGroups = new HashMap<String, JspPropertyGroup>();
+ protected LinkedHashMap<String, JspPropertyGroup> jspPropertyGroups = new LinkedHashMap<String, JspPropertyGroup>();
/**
14 years, 5 months
JBossWeb SVN: r1311 - in trunk: webapps/docs and 1 other directory.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2009-12-02 05:32:09 -0500 (Wed, 02 Dec 2009)
New Revision: 1311
Modified:
trunk/java/org/apache/jasper/compiler/JspUtil.java
trunk/webapps/docs/changelog.xml
Log:
- Port patch: add void type to JspUtil.
Modified: trunk/java/org/apache/jasper/compiler/JspUtil.java
===================================================================
--- trunk/java/org/apache/jasper/compiler/JspUtil.java 2009-11-30 16:43:48 UTC (rev 1310)
+++ trunk/java/org/apache/jasper/compiler/JspUtil.java 2009-12-02 10:32:09 UTC (rev 1311)
@@ -29,9 +29,7 @@
import javax.el.FunctionMapper;
import javax.servlet.jsp.el.ExpressionEvaluator;
-
import org.apache.el.ExpressionFactoryImpl;
-import org.apache.jasper.Constants;
import org.apache.jasper.JasperException;
import org.apache.jasper.JspCompilationContext;
import org.apache.jasper.el.ExpressionEvaluatorImpl;
@@ -465,6 +463,8 @@
c = float.class;
else if ("double".equals(type))
c = double.class;
+ else if ("void".equals(type))
+ c = void.class;
else if (type.indexOf('[') < 0)
c = loader.loadClass(type);
Modified: trunk/webapps/docs/changelog.xml
===================================================================
--- trunk/webapps/docs/changelog.xml 2009-11-30 16:43:48 UTC (rev 1310)
+++ trunk/webapps/docs/changelog.xml 2009-12-02 10:32:09 UTC (rev 1311)
@@ -217,6 +217,9 @@
<bug>42390</bug>: Correct JSP compilation error with nested tagfile tags with variables with "AT_BEGIN" scope.
Patch provided by Konstantin Kolinko. (markt)
</fix>
+ <fix>
+ <bug>47453</bug>: Handle void return types in JspUtil. Patch by Tim Funk. (markt)
+ </fix>
</changelog>
</subsection>
</section>
14 years, 5 months