Catalina

48822: Include context name in reload and stop log statements. Based on the patch provided by Marc Guillemot. (kkolinko) 50673: Improve Catalina shutdown when running as a service. Do not call System.exit(). (kkolinko) 50689: Provide 100 Continue responses at appropriate points during FORM authentication if client indicates that they are expected. (kkolinko) Improve HTTP specification compliance in support of Accept-Language header. (kkolinko)

Coyote

49795: Backport AprEndpoint shutdown improvements, to make it more robust. (mturk/kkolinko) 50325: When the JVM indicates support for RFC 5746, disable Tomcat's allowUnsafeLegacyRenegotiation configuration attribute and use the JVM configuration to control renegotiation. (markt) 50631: InternalNioInputBuffer should honor maxHttpHeadSize. (kkolinko) 50651: Fix NPE in InternalNioOutputBuffer.recycle(). (kkolinko)

Cluster

Be consistent with locks on sessionCreationTiming, sessionExpirationTiming in DeltaManager.resetStatistics(). (kkolinko)

Catalina

49543: Allow Tomcat to use shared data sources with per application credentials. (fhanik) 50205: Add the deployIgnorePaths attribute to the Host element. Based on a patch by Jim Riggs. (markt/kkolinko) 50413: Additional fix that ensures the error page is served regardless of any Range headers in the original request. (kkolinko) 50550: When a new directory is created (e.g. via WebDAV) ensure that a subsequent request for that directory does not result in a 404 response. (markt/kkolinko) Provide session creation and destruction rate metrics in the session managers. (markt) 50606: Improve CGIServlet: Provide support for specifying empty value for the executable init-param. Provide support for explicit additional arguments for the executable. Those were broken when implementing fix for bug 49657. (kkolinko) 50620: Stop exceptions that occur during Session.endAccess() from preventing the normal completion of Request.recycle(). (markt)

Coyote

Remove a huge memory leak in the NIO connector introduced by the fix for 49884. (markt)

Cluster

50600: Prevent a ConcurrentModificationException when removing a WAR file via the FarmWarDeployer. (markt)

General

filter input of manager app servlets. (kkolinko) 43960: Expose available property of StandardWrapper via JMX. (markt) Update to Commons Daemon 1.0.5. (mturk) Switch to using the Eclipse compiler JAR directly rather than creating it from the larger JDT download. (markt) Allow the off-line building of the extras package. (markt) Update to Commons Pool 1.5.5. (markt) 49728, 50084: Improve PID file handling when another process is managing the PID file and Tomcat does not have write access. (markt) 49909, 50201: Provide a mechanism to log requests rejected before they reach the AccessLogValve to appear in the access log. (markt/kkolinko)

Catalina

38113: Provide a system property that enables a strict interpretation of the specification for getQueryString() when an empty query string is provided by the user agent. (markt) Return a copy of the current URLs for the WebappClassLoader to prevent modification. This facilitated, although it wasn't the root cause, CVE-2010-1622. (markt) 48837: Extend thread local memory leak detection to include classes loaded by subordinate class loaders to the web application's class loader such as the Jasper class loader. Patch provided by Sylvain Laurent. (kkolinko) 48973: Avoid creating a SESSIONS.ser file when stopping an application if there's no session. Patch provided by Marc Guillemot. (slaurent) 49030: Failure during start of one connector should not leave some connectors started and some ignored. (kkolinko) 49195: Don't report an error when shutting down a Windows service for a Tomcat instance that has a disabled shutdown port. (markt) 49209: Fix problem with JDBC driver memory leak prevention when running under a security manager. Patch provided by Sylvain Laurent. (markt) 49613: Improve performance when using SSL for applications that make multiple class to Request.getAttributeNames(). Patch provided by Sampo Savolainen. (markt) 49657: Handle CGI executables with spaces in the path. (markt) 49667: Ensure that using the JDBC driver memory leak prevention code does not cause a one of the memory leaks it is meant to avoid. (markt) 49749: Respect httpOnly setting of Context when creating SSO cookie. (markt) Provide better web application state information via JMX. (markt) 49811: Add an option to disable URL rewriting on a per Context basis. (markt) 49856: Expose the executor name for the connector via JMX. (markt) 49915: Make error more obvious, particularly when accessed via JConsole, if StandardServer.storeConfig() is called when there is no StoreConfig implementation present. (markt) 49965: Use correct i18n resources for StringManager in JAASRealm. (kkolinko) 49987: Fix potential data race in the population of the Servlet Context initialisation parameters. (markt) Code clean-up. Avoid some casts in StandardContext. (markt) Add security policy and token poller protection to the JRE memory leak protection provided in Tomcat 6. (markt/kkolinko) 50026: Add support for mapping the default servlet to URLs other than /. (timw) 50128: Improve exception handling in PersistentManagerBase when running with a security manager. (kkolinko) 50131: Avoid possible NPE in debug output in PersistentValve. Patch provided by sebb. (kkolinko) 50138: Fix threading issues in org.apache.catalina.security.SecurityUtil. (markt) Add a new filter, org.apache.catalina.filters.CsrfPreventionFilter, to provide generic cross-site request forgery (CSRF) protection for web applications. (markt) Make sure Contexts defined in server.xml pick up any configClass setting from the parent Host. (markt) 50222: Modify memory leak prevention code so it pins the system class loader in memory rather than than the common class loader, which is better for embedded systems. (schultz) Make memory leak prevention code that clears ThreadLocal instances more robust against objects with toString() methods that throw exceptions. (markt) 50282: Load javax.security.auth.login.Configuration with JreMemoryLeakPreventionListener to avoid memory leak when stopping a webapp that would use JAAS. (slaurent) 50413: Ensure 304s are not returned when using static files as error pages. (markt) 50453: Correctly handle multiple X-Forwarded-For headers in the RemoteIpValve. Patch provided by Jim Riggs. (markt) 50459: Fix thread/classloader binding issues in StandardContext. (slaurent) 50527: Improve an error message shown by HttpServlet. (markt) 50556: Improve JreMemoryLeakPreventionListener to prevent a potential class loader leak caused by a thread spawned when the class com.sun.jndi.ldap.LdapPoolManager is initialized and the system property com.sun.jndi.ldap.connect.pool.timeout is set to a value greater than 0. (slaurent) 50642: Move the sun.net.www.http.HttpClient keep-alive thread memory leak protection from the JreMemoryLeakPreventionListener to the WebappClassLoader since the thread that triggers the memory leak is created on demand. (markt)

Coyote

47913: Return the IP address rather than null for getRemoteHost() with the APR connector if the IP address does not resolve. (markt) Avoid a NPE for APR connector unlockAccept with default soTimeout. (mturk) 48545: Allow JSSE trust stores to be used without providing a password. Based on a patch by smmwpf54. (kkolinko) 48738: Add support for flushing gzipped output. Based on a patch by Jiong Wang. (markt) Avoid a NPE in the DeltaManager when a parallel request invalidates the session before the current request has a chance to send the replication message. (markt) 48925: request.getLocalAddr() returns null when using the default Jk AJP/1.3 connector. (rjung) 49497: Stop accepting new requests (inc keep-alive) once the BIO connector is paused and the current request has finished processing. (markt) 49521: Disable scanning for a free port in Jk AJP/1.3 connector by default. Do not change maxPort field value of ChannelSocket in its setPort() and init() methods. Add support for maxPort attribute on a Connector element as a synonym for channelSocket.maxPort. (kkolinko) 49625: Ensure Vary header is set if response may be compressed rather than only setting it if it is compressed. (markt) 49730: Fix race condition in StandardThreadExecutor that can lead to long delays in processing requests. Patch provided by Sylvain Laurent. (markt) 49860: Add support for trailing headers in chunked HTTP requests. The header length is limited to 8192 by default and the limit can be changed via a system property. (markt/kkolinko) 49972: Fix potential thread safe issue when formatting dates for use in HTTP headers. (markt) 50072: NIO connector can mis-read request line if not sent in a single packet. (markt/kkolinko) Improve recycling of processors in Http11NioProtocol. (kkolinko) 50273: Provide a workaround for an HP-UX issue that can result in large numbers of SEVERE log messages appearing in the logs as a result of normal operation. (markt) Make SSL certificate encoding algorithm consistent between connectors by using the JVM default for all connectors. This also fixes an issue with the NIO connector on IBM JVMs. (markt) 50467: Protected against NPE triggered by a race condition that causes the NIO poller to fail, preventing the processing of further requests. (markt)

Jasper

49217: Ensure that identifiers used in EL meet the requirements of the Java Language Specification. This check is off by default and can be enabled by setting a system property. (markt) 49555: Correctly handled Tag Libraries where functions are defined in static inner classes. (markt) 49665: Provide better information including JSP file name and location when a missing file is detected during TLD handling. Patch provided by Ted Leung. (markt) 49985: Fix thread safety issue in EL parser. (markt) 49986: Fix thread safety issue in JSP reloading. (timw)) 49998: Make jsp:root detection work with single quoted attributes as well. (timw) 50066: Compile a recursive tag file if it depends on a JAR. Patch provided by Sylvain Laurent. (markt) 50078: Fix threading issues in EL caches and make cache sizes configurable. Threading patch provided by Takayoshi Kimura. (markt) 50105: When processing composite EL expressions use Enum.name() rather than Enum.toString() as required by the EL specification. (markt) 50228: Improve recycling of BodyContentImpl. This avoids keeping a cached reference to a webapp-provided Writer used in JspFragment.invoke() calls. (kkolinko) 50460: Fix memory leak in JspDocumentParser triggered by first access to a jspx page. (kkolinko) 50500: Use correct coercions (as per the EL spec) for arithmetic operations involving string values containing '.', 'e' or 'E'. Based on a patch by Brian Weisleder. (markt)

Cluster

49343: When ChannelException is thrown, remove listener from channel. (kfujino) Add Null check when CHANGE_SESSION_ID message received. (kfujino) When a cluster node disappears when using the backup manager, handle the failed ping message rather than propagating the exception (which just logs the stack trace but doesn't do anything to deal with the failure). (markt) 49905: Fix potential memory leak when using asynchronous session replication. (markt) 49924: When non-primary node changes into a primary node, make sure isPrimarySession is changed to true. (kfujino) Add support for maxActiveSessions attribute to BackupManager. (kfujino) Improve sending an access message in DeltaManager. Use maxInactiveInterval not of the Manager, but of the session. If maxInactiveInterval is negative, the access message is not being sent. (kfujino) 50547: Add time stamp for CHANGE_SESSION_ID message and SESSION_EXPIRED message. (kfujino)

Webapps

49585: Update JSVC documentation to reflect new packaging of Commons Daemon. (markt) Configure the Manager web application to use the new CSRF protection. To take advantage of this protection, the manager role must be removed from all users and the new manager-gui and manager-script roles used instead. (markt) Configure the Host Manager web application to use the new CSRF protection. To take advantage of this protection, the admin role must be removed from all users and the new admin-gui and admin-script roles used instead. (markt) 50303: Update JNDI how-to to reflect new JavaMail and JAF download locations and that JAF is now included in Java SE 6. (markt) CVE-2010-4172: Multiple XSS in Manager application. (markt/kkolinko) Improve Tomcat Logging documentation. (kkolinko) 50242: Provide a sample log4j configuration that more closely matches the default JULI configuration. Patch provided by Christopher Schultz. (kkolinko) 50294: Add more information to documentation regarding format of configuration files. Patch provided by Luke Meyer. (markt) Configure the Manager and Host-Manager web applications to use HttpOnly flag for their session cookies. (kkolinko) 50316: Fix display of negative values in the Manager web application. (kkolinko) Improve documentation of database connection factory. (rjung)

Other

48716: Do not call reset if the default LogManager is in use. (markt) Use native line endings for example Eclipse configuration files in source distribution. (markt) 49428: Add a work-around for the known namespace issues for some Microsoft WebDAV clients. Based on the patch provided by Panagiotis Astithas. (kkolinko) 49861: Fix formatting of log messages in JXM remote listener. Do not use commas when printing RMI port numbers. (markt) 50140: Don't ignore a user specified install directory on 64-bit platforms when using the Windows installer. (markt) 50552: Avoid NPE that hides error message when using Ant tasks. (schultz) Numerous improvements to the Windows installer: update install/uninstall icons, create an installation log, allow 32-bit JVMs to be selected when installing on a 64-bit platform, replace the .ini files with the script equivalents, use the new manager and host-manager roles, provide the ability to edit the roles for the added user, add support for the /? command line switch, clean up fully after installation, add DetailPrint statements for operations that may take time and improve the descriptions of the components. (kkolinko, mturk, markt)

Catalina

48960: Add a new option to the SSI Servlet and SSI Filter to allow the disabling of the exec command. This is now disabled by default. Based on a patch by Yair Lenga. (markt) 49551: Allow default context.xml location to be specified using an absolute path. (markt) 49598: When session is changed and the session cookie is replaced, ensure that the new Set-Cookie header overwrites the old Set-Cookie header. (markt) Fix order when listing Webapp loader search URLs. (rjung) Add support for *.jar pattern in VirtualWebappLoader. (kkolinko)

Catalina

Arrange filter logic. (jfclere) 49230: Enhance JRE leak prevention listener with protection for the keep-alive thread started by sun.net.www.http.HttpClient. Patch provided by Rob Kooper. (markt) 49351: Fix possible NPE when embedding and no name is specified for the Service. (markt) 49424: Avoid NPE if client provides no data with a chunked POST request. (markt) 49414: Improve diagnostic of memory leaks. Differentiate between request threads and application created threads when warning about still running threads when an application stops. (markt) 49443: Fix RemoteIpValve documentation. Use remoteIpHeader rather than remoteIPHeader consistently. (markt) Add property searchExternalFirst to WebappLoader. If set, the external repositories will be searched before the WEB-INF ones. (rjung)

Cluster

49445: When session ID is changed after authentication, ensure the DeltaManager replicates the change in ID to the other nodes in the cluster. (kfujino)

Webapps

49213: Grant permissions required by manager application when running under a security manager. (markt/kkolinko) 49436: Correct documented default for readonly attribute of the UserDatabase component. (markt)

General

Update DBCP to 1.3. (markt)

Catalina

Fix CVE-2010-1157. Prevent possible disclosure of host name or IP address via the HTTP WWW-Authenticate header when using BASIC or DIGEST authentication. (markt) Include context name when reporting memory leaks to aid root cause identification. (markt) Improve exception handling on session de-serialization to assist in identifying the root cause of 48007. (kkolinko) 48379: Make session cookie name, domain and path configurable per context. (markt) 48589: Make JNDIRealm easier to extend. Based on a patch by Candid Dauth. (markt/kkolinko) 48629: Allow user names as well as DNs to be used with the nested role search. Add roleNested to the documentation. Patch provided by Felix Schumacher. (markt) 48661: Make error page behavior consistent, regardless of how the error page is defined. If a response has been committed, always include the error page. (markt) 48729: Return roles defined by both userRoleName and roleName mechanisms. Patch provided by 'eric'. Also make user's role list immutable.(markt) 48760: Fix potential multi-threading issue in static resource serving where multiple threads could try to use the the same InputStream. (markt) 48790: Fix thread safety issue in the count of the maximum number of active session. (markt/kkolinko) 48793: Make catalina.sh more robust to different return values on different platforms. Patch provided by Thomas GL. (markt) 48840: Swallow output (if any) from use of cd when determining $CATALINA_HOME in catalina.sh and tool-wrapper.sh scripts. Based on patch provided by mdietze. (markt/kkolinko) 48895: Make clearing of ThreadLocals that are causing memory leaks on web application stop, reload or undeploy configurable since the process of clearing them is not thread-safe. (markt) 48903: Fix deadlock in webapp class loader. (rjung) 48971: Make stopping of leaking Timer threads optional and disabled by default. (markt) 48976: Document JAVA_ENDORSED_DIRS in start-up scripts. Patch provided by Laurent Vaills. (markt) 48983: Improve debug logging for situations when RemoteIpValve is bypassed. Patch provided by Cyrille Le Clerc. (markt) 49018: Fix processing of time argument in the Expire sessions action in the Manager web application. (kkolinko) 49116: If session is already invalid, expire session to prevent memory leak. (kfujino) 49158: Ensure only one session cookie is returned for a single request. (markt/fhanik) 49245: Fix session expiration check in cross-context requests. (markt) 49398: ByteChunk.indexOf(String, int, int, int) could not find a string of length 1. (kkolinko) Fix possible overflows when calculating session statistics. (kkolinko) Log unexpected exceptions when providing access to web application resources in ApplicationContext. (kkolinko) Improve exception handling in CatalinaShutdownHook. (kkolinko) Expose properties of VirtualWebappLoader and WebappClassLoader via JMX. (rjung)

Coyote

48839: Correctly handle HTTP header folding in the NIO connector. Patch suggested by Richa Baronia. (markt) 48843: Prevent possible deadlock for worker allocation in connectors. (kkolinko) 48843: Fix handling of add queues in AprEndpoint.Poller and AprEndpoint.Sendfile. Do not miss wakeups. (kkolinko) 48862: Add support for the backlog parameter to the AJP connector. (pero/markt) 48917: Correct name of mod_jk module in ApacheConfig. Patch provided by Todd Hicks. (markt) 49095: AprEndpoint did not wakeup acceptors during shutdown when deferAccept option was enabled. Based on a patch provided by Ruediger Pluem. (kkolinko) Use chunked encoding for http 1.1 requests with no content-length (regardless of keep-alive) so client can differentiate between complete and partial responses. (markt) Correct the SSL session timeout attribute name so the code agrees with the documentation. (markt) CoyotePrincipal now implements Serializable. (fhanik) Enable the BIO AJP connector to run under a security manager. (markt)

Jasper

45015: Correct a regression in quote handling caused by the re-factoring of attribute parsing. (markt) 48701: Add a system property to allow disabling enforcement of JSP.5.3. The specification recommends, but does not require, this enforcement. (kkolinko) 48737: Don't assume paths that start with /META-INF/... are always in JARs. This is not true for some IDEs. Patch provided by Fabrizio Giustina. (markt) 49081: Correctly handle EL expressions of the form #${...}. (markt) 49196: Avoid NullPointerException in PageContext.getErrorData() if an error-handling JSP page is called directly. (markt)

Cluster

48717: When a node joins a cluster and it receives all the current sessions, ensure the sessionCreated event is fired if the Manager is configured to replicate session events. (markt) 48934: Previous fix to handle dropped connections incorrectly permanently disabled session replication. (fhanik) 49051: memberAlive is not called if member has not already existed in membership. (kfujino) 49151: Avoid ClassCastException in BackupManager#stop. (kfujino) 49170: Do not send duplicated session. (kfujino) Add missing messages and ensure cluster listeners log messages to correct logger. (markt)

Webapps

Use underscores instead of spaces in anchor names in Tomcat documentation. (kkolinko) Add support for displaying the Spring Security user name (if present) in the Manager application. (markt) Improve the ChatServlet Comet example (/examples/jsp/chat/). (kkolinko)

Other

Update to Commons Daemon 1.0.2. Use service launcher (procrun) from the Commons Daemon release. Do not keep a copy of it in our source tree. (mturk/kkolinko) Update to NSIS 2.46. (kkolinko) 48990: Fix the skip.installer build property so if set, only the Windows installer is skipped. (markt) 49178: Provide in catalina.policy an example of additional permissions that might be needed for code located in $CATALINA_BASE/lib. (markt) 49236: Do not use indexing when packing Tomcat JARs. (kkolinko) Remove unused code from org.apache.tomcat.util.buf classes. (kkolinko) Rearrange tomcat-juli.jar permissions and wrap long lines in the conf/catalina.policy file, to make the text more readable when cited in documentation. (kkolinko) Do not evaluate the execute.installer property when building a release. The skip.installer property is used instead. (kkolinko)

Catalina

Close security hole in unreleased 6.0.25 by ensuring new find leaks functionality is protected by a security constraint. (kkolinko) 48831: Improve logging shutdown behaviour. Use Catalina's shutdown hook to shutdown JULI. This enables them to be shutdown in the correct order. Do not shutdown global handlers several times. (markt/kkolinko)

Coyote

48584: Prevent the APR connector logging an error if the acceptor fails during shutdown since this is expected. (mturk) 48660: Using compression should not overwrite any Vary header set by a web application. (markt)

Jasper

48371: Ensure generated servlet mappings are inserted at the correct location when using JspC and allow the option that controls this to be configured on the command line. Also allow the encoding of web.xml to be configured when using JspC and deprecate some unused JspC methods. (markt/kkolinko) 48498: Avoid ArrayIndexOutOfBoundsException triggered by a Java 6/7 XML parser bug. (markt/kkolinko) 48668: Additional fixes to ensure deferred syntax is handled correctly. (kkolinko) 48827: Correct a regression in the fix for 47977 that caused an incorrect non-empty body error to be reported for valid JSP documents. (markt)

Webapps

Make changelog.xml be directly rendered as HTML by certain browsers. (kkolinko) Add support for automated generation of TOC tables and for links to svn revisions to tomcat-docs.xsl in documentation. (kkolinko/fhanik) Move Manager application JSPs that are not intended to be accessed directly under the WEB-INF directory. (kkolinko) Improve the messages displayed by the find leaks diagnostic in the Manager application. (kkolinko)

Other

Encode all property files using ascii escaped UTF-8. Also fixes deployment problem when using French locale. (jfclere/rjung)

Catalina

48039: Return immediately if start() is called on an already started StandardService. (markt) 48109: Ensure InputStream is closed on error condition in web application class loader. (markt) 48179: Clean up dead code that was used to read tldCache file. (kkolinko) 48318: Handle case where WebDAV resource is in directory listing but is not accessible. (markt) 48384: Add a per context xslt option for directory listings. Make the fallback options work as described in the documentation. (markt) 48577: Filter URL when displaying missing included page. (markt) 48612: Prevent exception on shutdown if the address attribute is specified for a connector. (markt) 48613: Further fixes to ensure APRLifecycleListener is only used if defined in server.xml. (fhanik) 48614: Correct JULI log file buffering so default behaviour is no buffering. (fhanik) 48625: Provide an option to exit if an error occurs during the initialization phase. (fhanik) 48645: Use specified encoding rather than null in calls to RequestUtil.URLDecode(byte[] bytes, String enc) (markt) 48653: Force request.secure and request.scheme to false and http if the X-Forwarded-Proto header has the value http. Patch provided by Cyrille Le Clerc. (markt) 48678: Remove duplicate server field from org.apache.catalina.startup.Catalina. (markt) 48694: Remove potential deadlock in web application class loader. (markt) 48716: Provide additional configuration options for JULI. (markt) 48726: Prevent OOME when uploading large WAR files with the deployer. Patch provided by adam. (markt) Improve memory leak protection by safely stopping threads started via java.util.Timer that an application starts but fails to stop and by clearing references retained due to the use of java.util.ResourceBundle. (markt) Modify ThreadLocal memory leak detection to not report false positives and to simplify implementation. (markt/kkolinko) Basic memory leak detection was added to the standard Host implementation and exposed via JMX to detect memory leaks on web application reload. (markt/kkolinko)

Coyote

Update the native/APR library version bundled with Tomcat to 1.1.20. (kkolinko)

Jasper

Add some debug logging to the compiler where exceptions were previously swallowed. (markt) 48170: Remove unnecessary synchronization that is causing issues under load. (markt) 48580: Prevent AccessControlException if first access is to a JSP that uses a FunctionMapper. (markt) 48582: Avoid NPE on background compilation failure. (markt) 48616: Don't declare or synchronize scripting variables for JSP fragments since they are scriptless. This is an alternative fix for 42390 that avoids both the original problem and the regression in the first fix. (kkolinko) 48627: Fix regression in re-factored EL parsing. Keep literals as literals and handle deferredSyntaxAllowedAsLiteral. (kkolinko) 48668: When parsing JSPs only parse EL as EL if EL is enabled else strings such as ${ will be silently dropped. (markt) Various EL TCK failures. (markt)

Cluster

Force a disconnect if an error occurs during replication such as a firewall dropping the connection. (fhanik)

Webapps

Add new "Find leaks" command to the Manager application. It allows to detect web applications that have caused memory leaks on stop, reload or undeploy. (markt/kkolinko)

Other

Ensure files in conf directory have CRLF line endings when using the Windows installer. (kkolinko) Allow special characters recognized by the Windows command-line shell to be present in the names of CATALINA_HOME/_BASE and the current directory used to call the Tomcat scripts. (kkolinko) Don't use @Deprecated annotations in javax.servlet.jsp.JspContext since the specification does not include them in the API definition. (markt) Improve the information in the JAR manifest files. (markt)

Catalina

Correct TCK failures with security manager caused by the original fix for 47774. (markt)

Other

Remove broken link in README.html. (jfclere) Add .notice files to the set of files that have their line endings changed. (markt) .zip distributions should have windows line endings. (markt)

Catalina

47774: Ensure web application class loader is used when calling session listeners. (markt) 48006: Add additional information to the optional X-Powered-By header to align with the content suggested in the Servlet specification. (markt) 48345: Sessions timed out too early when using PersistentManager. Patch provided by Keiichi Fujino. (markt) 48398: Make objects used as locks final to ensure correct operation. Patch provided by sebb. (markt) 48417: Update French translations. Patch provided by Andr� Warnier. (markt/kkolinko) 48421: Fix file descriptor and potential memory leak when a web application uses a local logging.properties file. Allow a web application's log files to be deleted once the web application has been stopped. (markt) 48454: Ensure stderr is completely read before terminating the CGI process. Patch provided by Markus Grieder. (markt) 48516: Prevent NPE in JNDIRealm if requested user does not exist. Patch provided by Kevin Conaway. (markt) Fix implementation of log buffer size and provide a cleaner interface. (fhanik/kkolinko)

Coyote

Update version of native bundled in Windows installer to 1.1.19. (mturk) Update recommended version for native to 1.1.19. (rjung) 48004: All web applications to set the http Server header. (markt) 48470: Ensure Tomcat does not lock up if shut down under load. (markt)

Jasper

47977: Using a body with a tag that has an empty body should cause an error. (markt) 48112: Correct handling of } character in literals when parsing expressions. This also improves the fix for 47413. (markt)

Webapps

48530: Add information on the Manager Server Status page to the Manager How-To in the documentation webapp. Based on a patch by Arnaud Espy. (markt) 48532: Add information to the BIO/NIO SSL configuration page in the documentation web application to specify how the defaults for the various trust store attributes are determined. (markt)

Other

Remove hard coded version numbers and instead apply version filter already defined in ant scripts. (rjung) 47609: Correct regression in previous fix. (markt) 48464: Provide an option to specify the command window title in catalina.bat on Windows. Patch provided by LiuYan. (markt) Add some missing deprecation markers for javax.servlet.jsp.JspContext. (markt/kkolinko)

Catalina

Log errors if a web application starts a thread but fails to stop the thread when the web application stops or is reloaded. Failure to stop a thread is very likely to result in a memory leak. (markt) Provide an option to stop any threads a web application starts but fails to stop when the web application stops or is reloaded. Using this option is very likely to result in instability and should be viewed as a last resort in development and is not recommended at all in production. (markt) Log errors if a web application creates a ThreadLocal but fails to clear it when the web application stops or is reloaded. Failure to clear a ThreadLocal is very likely to result in a memory leak. (markt) Clear any unintentional references remaining in sun.rmi.transport.Target when the web application stops or is reloaded. Failure to clear these is very likely to result in a memory leak. (markt)

Coyote

Remove unneeded line from the method that normalizes decodedURI. (kkolinko)

Other

Correct MD5 generation in the build process. (jfclere/kkolinko) 47609: Provide fail-safe EOL conversion for build process. Based on patches by sebb/kkolinko. (markt)

Catalina

Fix issues with expression language when running under a SecurityManager. (markt) Remove duplicate mime-mapping entries in web.xml. Re-order entries alphabetically to make it easier to identify duplicates. (markt) Use a more sensible default (webapps) for a Host's appBase. (markt/idarwin) 37794: Support the parsing of parameters from chunked POSTs. (markt) 37984: Strip {MD5} as well as {SHA} if present in digest passwords in LDAP directories. (markt) 38352: Allow JSPs to write to the directory defined by javax.servlet.context.tempdir when running under a security manager. (markt) 39231: Call LoginContext.logout() when using JAAS realm and session expires. (markt/kkolinko) 40380: Fix potential synchronization issue in StandardSession.expire(). (markt) 41059: Reduce chances of errors when ENABLE_CLEAR_REFERENCES is used. Patch provided by Curt Arnold. (markt) 43343: Fix additional concurrency issues identified with the persistent session manager. (markt) 44041: Fix threading issue in WebappClassLoader that can lead to duplicate class definition under high load. (markt/fhanik) 44943: Use the same engine name in server.xml comments to reduce copy and pastes issues. (markt/kkolinko) 45255: Provide protection against session fixation by changing session ID automatically on authentication. (markt/kkolinko) 45403: Add additional checks on web application deployment and do not swallow IO errors. (kkolinko) 45785: Additional fix required for the extension validator. Based on a patch by Rolf Wojtech. (markt) 46908: Try and support java encoding names when using an xml parser provided via the endorsed mechanism. (markt) 46967: Better handling of errors when trying to use Manager.randomFile. Based on a patch by Kirk Wolf. (markt) 47046: Unregister all MBeans, including when non-default engine names are used. (markt) Use native2ascii to ensure non-ASCII characters in property files are handled correctly in all circumstances. (markt) 47050: Remove unnecessary filtering of error messages. (markt) 47080: Fix NPE in RealmBase when uri is null. (markt) 47158: Fix some thread safety issues in the AccessLogValve. (markt) 47228: Correct French translations. Patch provided by sebb. (markt) 47299: Simplify code and make embedding easier. (markt) 47316: Allow different values for Service name and Engine name. This corrects a regression introduced by the fix for 42707. (markt) 47343: Editing context.xml for a directory should not delete the directory. This was a regression caused by the fix for 42747. (markt) 47364: Improve Javadoc for org.apache.catalina.connector.Request.getAttributeNames() to include information on the handling of Tomcat's internal request attributes. (markt) 47451: Don't throw an NPE if the various response.setHeader() methods are called with null header name, zero length header name or null value. Silently ignore the calls in the same way they are ignored if the response has already been committed. (markt) 47462: Allow individual web applications to override metadata complete if set in the global web.xml. Patch provided by Keiichi Fujino. (markt) 47495: Provide a more meaningful error message is server.xml is not readable and exit immediately if a server cannot be created. (funkman/kkolinko) 47518: Correct reference in Valve Javadoc that referred to an old method. Patch provided by Christopher Schultz. (markt) 47537: Return an error page rather than a zero length 200 response if the forward to the login or error page fails during FORM authentication. (markt) 47718: Fix file descriptor leak on context stop/reload. Patch provided by George Sexton. (markt) 47796: Fix OpenEJB integration. Reset annotation processor on context stop. (markt) 47826: Correct error in debug message in org.apache.catalina.Bootstrap (markt) 47836: Clear cached TLD information on context reload. (markt) 47841: When using the CombinedRealm, if one of the nested Realms fails to start, skip that Realm rather than preventing the CombinedRealm from starting. (markt) 47881: Fix processing of startd and stopd arguments. Patch provided by Qingyang Xu. (kkolinko) 47918: Correct mbean descriptors for the host deployer. Patch provided by Uwe G�nther. (markt) 47930: Fix thread safety issues on session swap-in in the persistent session manager. (markt/kkolinko) 47976: Correct usage message and Javadoc for org.apache.catalina.startup.Catalina. (markt) 47997: Ensure the NamingContextListener applies to all naming contexts, not just the global one. Patch provided by Michael Allman. (markt) 48049: Fix copy and paste error so NamingContext.destroySubContext() works correctly. Patch provided by gingyang.xu (markt) 48097: Make WebappClassLoader to do not swallow AccessControlException. (kkolinko) 48097: Avoid throwing an AccessControlException which can lead to a NoClassDefFoundError on first access of first jsp. (kkolinko/markt) 48257: Correct error in Spanish translations. Patch provided by Guillermo Guti�rrez. (markt) 48306, 48307: Correct French translations. Patches provided by Marc Paquette. (markt) 48322: Single quote characters are not HTTP separators and should not be treated as such in the cookie handling. (markt) 48413: Correct some French translations. Patch provided by Andr� Warnier. (markt) Deprecate the caseSensitive option on the StandardContext which will be removed in Tomcat 7 onwards. (markt) Log deployments consistently for WAR, directory and descriptor deployments. (markt) Better logging for parameter decoding issues to help identify broken requests. (markt) Update Apache Commons Pool from 1.4 to 1.5.4. This update includes various fixes to prevent deadlocks, reduces synchronization and makes object allocation occur fairly - i.e. objects are allocated to threads in the order that the threads request them. This update fixes a number of issues in Tomcat's built-in copy of DBCP. (markt) Allow log file encoding to be configured for JULI FileHandler. (kkolinko) Provide debug logging for JNDI lookups. (markt) Correct JDBC driver de-registration on web application stop and fix NPE that is exposed by the fix. (markt) Ensure JDBC driver de-registration works with a security manager. (markt) 48214: Ensure JDBC driver de-registration is not too zealous. (markt) Various JNDI realm improvements for Active Directory. These include the ability to specify a default role, optional handling for nested roles and an option to ignore PartialResultExceptions (markt). Expose Servlet Filters via JMX. Based on a patch by Xie Xiaodong as part of GSOC2009. (markt) Tomcat now uses the Platform MBean server by default so all MBeans registered by Tomcat will be exposed via JMX (eg via JConsole) without requiring any additional configuration. (markt) The JMX Remote Lifecycle Listener allows the ports used by JMX to be fixed, making it easier to configure firewalls to all JMX traffic to pass through. Part of the extras package. (markt) Make context deployment error message for fixDocBase() more meaningful. (markt) Add an additional permission required by JULI when running under newer JDKs and a security manager. (markt) Remove unnecessary reference to tomcat-coyote.jar from the bootstrap JAR manifest. (kkolinko) Use correct method to create URLs in VirtualWebappLoader. (kkolinko) Provide a new listener to protect against a memory leak caused by a change in the Sun JRE from version 1.6.0_15 onwards. Also include protection against locked JAR files, memory leaks triggered by XML parsing and the GC Daemon. (markt) Don't swallow exceptions in ApplicationContextFacade.doPrivileged() (kkolinko) Close resource stream in WebappClassLoader after read error. (pero) Include attribute name into the text of Non-serializable exception that might be thrown by Session.setAttribute() in distributable applications. (mturk) Add RemoteIpValve, a port of mod_remoteip. Patch provided by Cyrille Le Clerc. (markt) Allow per instance configuration of JULI or log4j for core Tomcat logging when using CATALINA_BASE. (markt/kkolinko) Prevent NPE in JULI during shutdown when resources try to log messages after JULI has been shutdown. (fhanik/kkolinko) Make the JULI FileHandler easier to extend. (fhanik) Make buffer size for FileHandler configurable. (fhanik) Make JULI FileHandler thread safe. (fhanik) Provide an option to disable buffering in the JULI FileHandler. (kkolinko) Ensure log messages are not lost on shutdown. (markt) 44679: Provide an option to allow the equals character in unquoted cookie values. (markt) Add support for a connectionTimeout parameter to the JNDIRealm. (markt) Various (un)deployment related improvements including better handling of failed (un)deployment, additional checking for valid zip entries that don't make sense in a WAR and improved validation of WAR file names. (markt)

Coyote

Implement socket.unlockTimeout attribute for NIO connector. Update version of native bundled in Windows installer to 1.1.18. (kkolinko) Update minimum required version for native to 1.1.17. (rjung) 46950: Fix doing SSL renegotiation when a resource with CLIENT-CERT auth is requested. (markt) Align tcnative native and Java method names. (rjung) Dont report thread count from connector if an external executor is used. 39637: Enable the AJP connectors to correctly handle client certificate chains. Patch by Patrik Schnellmann. (markt) 46985: Clean up code and remove impossible condition. (markt/kkolinko) 47225: Fix error in calculation of a buffer length in the mapper. (markt) 47320: Don't rely on the platform default encoding being suitable to parse the session ID. (markt) 47499: Don't swallow bind exceptions. (markt) 47744: Prevent a medium term memory leak if using SSL with the JSSE provider and also using a security manager. Based on a patch by Greg Vanore. (markt) 47963: Ensure that any HTTP status messages are compliant with RFC2616. (markt/kkolinko) 47987: Limit size of not found resources cache. (markt) 48009: Protect against the situation where editing a context.xml file may result in the file disappearing for a very short time. (markt) Use correct connector attribute (SSLEnabled) rather than secure to determine if SSL should be used. (fhanik) Provide a workaround for CVE-2009-3555, the TLS renegotiation issue, for the default Blocking IO Java connector. 48252: Fix stack overflow exception when setting jkHome on NIO connector. (fhanik) 48311: Only the APR lifecycle listener should try and initialise APR. (markt)

Jasper

38797: Fix a regression in the previous patch for 37933. (markt) 38897: Add uri of broken TLD to error message to aid debugging. (markt) 41661: Fix thread safety issue with JspConfig.init() (markt) 41824: Need to use canonical rather than binary form when writing code. (markt) 42390: Fix compilation issue with some nested tag files and simple tags. (kkolinko/markt) 43656: Correctly coerce null to zero when the target type is Number. (markt) 46907: Don't swallow input stream when debug logging is enabled. (markt) 47318: Process directives found in include preludes and codas. (markt) 47331: Treat uninterpreted tags as template text for JSP.2.2. (markt) 47413: Ensure expressions of the form "${a}${b}" are correctly coerced to String. (kkolinko) 47453: Handle void return types for deferred methods. (funkman) Remove the code that auto-detects the value for compilerSourceVM, compilerTargetVM options of Jasper, because we know that this version of Tomcat cannot run on JDK 1.4 and thus the value is always "1.5". (kkolinko) Change default values for JDK version compliance options of JspC (-source and -target when running from command line) to be "1.5", to be the same as the ones used by Jasper servlet. (kkolinko) Make constants in the TagHandlerPool really constant. (markt) When development mode is enabled and a JSP is deleted, ensure next request for that JSP is consistent with the JSP having been removed. (markt/kkolinko) 48019: Be more careful about skipping content that does not need to be parsed. (markt) Better handling of exception in JSP if parsed JSP source is not available. (markt)

Cluster

DeltaSession needs endAccess so that CrossContext replication works. (pero) DeltaManager needs to replicate changed attributes even if session gets invalidated. Otherwise session listeners will not see the right data on the secondary nodes. (rjung) Spurious startup errors during session transfer. Sessions get transferred, but node still waits until timeout. (rjung) Perform deserializtion events with context class loader. (fhanik) 47515: Correctly replicate timestamp during startup. (fhanik) 47478: Call replication listeners when using BackupManager. (fhanik) 47369: Reset data diff after replication. (fhanik) 40551: Enable the JvmRouteBinderValve to work with PersistentManagers as well as clustering. Based on a patch by Chris Chandler. (markt) 47342: Fix potential NPE on replicated context start. Patch provided by Keiichi Fujino. (markt) 47389: DeltaManager doesn't do session replication if notifySessionListenersOnReplication=false. Patch by Keiichi Fujino. (fhanik) 47502: Don't replicate session attributes known not to be serializable. (funkman) 47554: Include httpOnly attribute when re-writing session cookie after fail over. (markt) 47799: Enable the domain to be configured for Membership and DomainFilterInterceptor. Patch provided by Keiichi Fujino. (markt) 48113: Display IP addresses using 0 to 255 rather than -128 to +127. Based on a patch by Quintin Beukes. (fhanik/kkolinko)

Webapps

41564: Add some documentation on installing Tomcat as a service on operating systems with User Account Control, e.g. Vista. (markt) 47161: Report thread count correctly in Manager when exectors are used and return -1 when it can not easily be determined. (markt) 47235: Remove use of autoReconnect from MySQL examples. (markt) 47324: Fix submit URL for session list page so it works behind a reverse proxy. Patch provided by Maik Jablonski. (markt) 47425: Add crlFile attribute to the SSL configuration documentation. (markt) 47444: Remove Jakarta references from the documentation. (markt) 47656: Add information to documentation on system property replacement in configuration files. (markt) 47705: Fix division by zero error in the manager when trying to expire sessions when the session timeout is set to infinite. (funkman) Fix display of session information pages of Manager application in Internet Explorer. (kkolinko) Do not reuse windows (tabs) for session detail pages in Manager application. (kkolinko) 47769: Clarify the JNDI docs with repect to use of <resource-ref> and related elements, specifically when they are required and when they may be omitted. (markt) 48381: Add information on how Tomcat treats host names to the host configuration documentation. (markt)

Other

37847: Make location and filename of catalina.out configurable in catalina.sh. (fhanik) 37848: Re-fix not outputting info messages when there is no terminal. (markt) 39194: Make classpath configuration consistent in the startup scripts. (markt/kkolinko) Update Tomcat Windows service application (procrun) to version 2.0.5. It contains a fix for issue 41538 (mturk) 40786: Include 64-bit Windows service wrapper in distributions. Update the Windows installer to automatically use the correct binary on 64-bit machines. (markt) Update Windows Installer to use NSIS 2.45. They say that this version provides support for the upcoming Microsoft Windows 7. (kkolinko) Don't add blank lines to end of files when fixing line-endings for tar.gz distribution. (markt) Use explicit encoding during filtering operations when building Tomcat for distribution. (kkolinko) Remove references to unused commons-collections from the build scripts. (markt) Fix download task check for commons-pool and commons-dbcp in the build scripts. (kkolinko) Include deployer-howto.html into the deployer distributive. (kkolinko) 47149: Build scripts: Explicitly specify encoding when compiling. (kkolinko) 47267: Ensure release notes displayed by Windows installer have CRLF line-endings regardless of which OS the install package is built on. (markt/kkolinko) Include NOTICE, LICENSE and manifest files in all Tomcat JARs and add a mechanism to the build process to enable these files to be customised per JAR as required. (markt) 47699: Provide better handling of PID files. (markt) 47824: Make Servlet API an optional dependency for JULI when using Maven. (markt) Add support for per instance (using $CATALINA_BASE) log4j.properties files, JDBC drivers etc by adding ${catalina.base}/lib and ${catalina.base}/lib/*.jar to the start of the common loader class path. (markt) Correct CVE-2009-3548. When installed via the Windows installer and using defaults, don't create an administrative user with a blank password. Additionally, the administrative user is only created if the manager or host-manager web applications are selected for installation. (markt) Further improvements to the administrative user name and password handling in the Windows installer. (kkolinko)

Catalina

42579: Handle both relative and absolute search results in the JNDIRealm. Patch provided by Brandon DuRette. (markt) 46562: Close shtml files after processing to allow other processes to modify the files. (markt) 46815: Make the MemoryUserDatabase read-only by default. (markt) 46816: Align session manager mbean descriptor with implementation. (markt) Fix a typo in the OPTIONS response from the default servlet. (markt) 46822: Remove unnecessary object creation from StandardContext. Patch provided by Anthony Whitford. (markt) 46866: Better initialisation of Random objects. (markt) 46875: Catch and handle possible IllegalStateExceptions in CometConnectionManagerValve related to session expiration. (markt) Correct some errors reported when testing the WebDAV servlet with the Litmus test suite. (markt) 46933: Update StringManager to use Java 5 features. Patch provided by Jens Kapitza. (markt) 46990: Fix synchronization issues reported by FindBugs. Patch provided by Sebb. (markt)

Coyote

Allow huge request body packets for AJP13. (rjung) 45026: Never return an empty HTTP status reason phrase. mod_jk and httpd 2.x do not like that. (rjung) Set remote port for AJP connectors from the optional request attribute AJP_REMOTE_PORT. (rjung) Update tc-native to 1.1.16 (markt) 46982: Correct reporting of DST offset in access logs. (markt) 46984: Invalid characters in HTTP request method now result in a 400 response. (markt) 46991: Fix AJP connector always reporting bytes received as zero. (markt)

Jasper

37929: Fix invalidated session causing pageContext methods to fail. (markt) 41606: Prevent double initialisation of JSPs. Patch provided by Chris Halstead. (markt) 46354: ArrayIndexOutOfBoundsException when using org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true Patch provided by Konstantin Kolinko. (markt) 46909: Only include semi-colon in type attribute for <jsp:plugin> when it is required. (markt) 47013: Use system property rather than hard-coded string for pre-compilation flag. (markt)

Cluster

A node should ignore its own heartbeat messages. (rjung)

Webapps

46509: Use correct link on error page in JSP security example. Patch provided by Michael Moody. (markt) 46599: Document known DAEMON issue. (markt) 46807: Correct docs for configuration of tag pooling. (markt) 46924: Clarify behaviour when auto deployment is enabled and a WAR, directory or context file is deleted or updated. (markt) 46958: All xml manager status output to work regardless of context path. (markt)

Other

46351: Refactor the build script. Patch provided by Marc Guillemot. (markt) 46910: Properties files corrupted by build process. (remm) 46915: When resolving ResourceBundle properties, don't claim to have resolved the property unless we really have resolved it. (markt) Fix .pdf and .exe corruption in -src.tar.gz distribution. (markt) Enable running Tomcat directly from the build directory on linux systems. (markt)

Catalina

Manager application prints FAIL if application was deployed but failed to start (fhanik) When shutdown port is disabled, print user friendly message and not a stack trace. (fhanik) 37458: Correct sync issue that leads to NPE in rare circumstances. Patch provided by Konstantin Kolinko. (markt) 38553: Return 401 rather than 400 if client does not present a certificate CLIENT-CERT authentication. (markt) 38570: When checking docBase against appBase, make sure we check for an exact match against the appBase. (markt) 39013: When testing for invalid docBase, test for an exact match with the appBase dir. (markt) 39396: Don't include TRACE in OPTIONS response unless we know it hasn't been disabled in the connector. (markt) 42747: Ensure context.xml takes effect on first deployment for WAR and DIR deployments. context.xml is now copied to CATALINA_BASE/<engine name>/<host name> for DIR as well as WAR deployments. (markt) 43071: Start poller before acceptor (r719267) Fix read/write timeout of async comet operations (r719264) Implement async close behaviour for Comet/NIO. No-op for APR (same behavior as before) (r719262) Default thread count for HTTP connectors is 200. (r713186) Comet should always invoke END and properly invoke READ (r713174) Fix class cast exception when shutting down a replicated context but no cluster has been configured in server.xml (r713177) Dererence socket when its no longer used. Frees up socket buffers and memory. No functional change. (r713175) Correct wrong "No role found" debug message, logged in RealmBase even if a role was found. (rjung) 44809: Improve AprLifecycleListener Error Messages. (jfclere) Log AccessControlException for context specific logging.properties during startup with security manager. (rjung) 41407: Add CLIENT-CERT support to the JAAS Realm. (markt) 42409: Make custom and standard error page handling consistent by using resetBuffer() which will not alter previously set headers. (markt) 42673: Fix SSI virtual includes for multi-level contexts. Patch provided by Peter Jodeleit. (markt) 42707: Make adding a host alias via JMX take effect immediately. (markt) 43656: Correct regression in previous fix for this bug. Patch provided by Nils Eckert. (markt) 45419: Set Accept-Ranges for static resources served by DefaultServlet. (markt) 45441: Correctly map filters for FORWARD and INCLUDE. (markt) 45447: Convert Spanish resource files to use UTF-8 and provide translations where previously missing. Patch provided by Jesus Marin. (markt) 45453: Remove potential race condition in JDBC Realm. Based on a patch by Santtu Hyrkk. (markt) 45576: Add DIGEST support to the JAAS Realm. (markt) 45585: Allow Tomcat to start if using $CATALINA_BASE but not JULI. Patch based on a suggestion by Ian Ward Comfort. (markt) The JAAS Realm did not assign roles to authenticated users. (markt) Provide full stacktrace and message when the ErrorReportValveClass can't be instantiated. (funkman) 45608: Make allocated servlet count synchronized to ensure the correct allocated servlet count is available during shutdown. (markt) 45628: When checking MANIFEST dependancies, JARs without dependencies should allows be considered to be full-filled. (markt) 45735: Improve ETag handling. (remm) 45785: Ignore directories named xxx.jar in WEB-INF/lib. (markt) 45823: Log missing request headers as '-' not 'null'. Based on a patch by Per Landberg. (markt) 45825: Correctly handle annotations in parent classes. Based on a patch by Florent Benoit. (markt) 45906: Further ETag handling improvements. Patch provided by Chris Hubick. (markt) Add the CombinedRealm that enables authentication to be attempted against multiple realms. (markt) Add the LockOutRealm that enables a standard Realm to be wrapped with the functionality to lock out a user after too many failed logins. (markt) Make the upper size limit of the static resource cache configurable since the default of cacheMaxSize/20 gave too high a value for large caches. (markt) Fix HTML decoding error in SSI processing. (markt) Fix cast error in JULI log factory. (markt) Fix some thread safety issues in date formatting. (markt) Fix a String comparison bug in the digester property replacement that resulted in non-optimal operation. (markt) Correct handle multi-level contexts defined using context.xml files. (markt) 45933: Don't use xml parser from web-app to process tld files. (markt) 45951: Support changing of JSESSIONID cookie name and jsessionid path parameter name. Based on a patch by Jean-frederic Clere. (markt) 46011: Make Principal accessible (if set) via Subject.getSubject(AccessController.getContext()) when processing filters. Based on a patch by tsveg1. (markt) 46075: When uploading files, don't create buffers at the maximum configured size. Use the default size and let the buffers grow to the maximum size if necessary. (markt) 46085: Fix a rare thread safety issue with session expiration. (markt) 46096: Support annotation processing whilst running under a security manager. (markt) The invoker servlet has been deprecated and will be removed in Tomcat 7 onwards. (markt) 46105: Correctly set URI encoding when replaying a request after FORM authentication. (markt) Remove unnecessary reference to commons-logging from the bootstrap JAR manifest. (markt) 46232: Enabled the XMl parser to be over-ridden using the standard endorsed mechanism. (markt) 46261: Treat %2F in a context name literally rather than converting it (inconsistently) to '/' - that is what '#' is for. (markt) 46298: Throw an SQLException with a useful message rather than a NPE if the URL for the JDBCRealm is invalid. Based on a patch by Owen Jacobson. (markt) 46304: Further fixes to make Principal accessible (if set) via Subject.getSubject(AccessController.getContext()) when processing filters. (markt) 46403: Provide a workaround for an IE and Safari bug that means the Max-Age attribute of a cookie is ignored. (markt) 46408: Fix invalid cast in security utility package. (markt) Remove duplicate normalisation implementations and make normalise behaviour consistent throughout code base. (markt) 46683: Fix typo in French localisation file name for the org.apache.catalina.loader package. (markt) 46606: Make the max DEPTH for a WebDAV request configurable. The default is still 3. (markt) 44382: Add support for using httpOnly for session cookies. This is disabled by default. (markt/fhanik) Fix possible NCDFE when using FORM authentication. (jfclere) Fix possible synchronisation bottleneck in cookie creation. (markt) Fix various spelling errors reported on the mailing lists. (markt) Make the logging manager and properties file configurable via environment variables. (fhanik)

Coyote

45154: Implement SEND_FILE behavior for SSL connections using NIO (fhanik) Fix file descriptor leak during NIO send file behavior. (fhanik) Implement usage of keyAlias attribute for NIO, previously attribute was ignored. (fhanik) Prevent server from calling close on an already closed NIO socket. One that had timed out. (fhanik) Fix bug with SEND_FILE behavior in NIO. Send file would delay until selector timed out, even though socket was ready to be written. (fhanik) Fix possible NPE in NioEndpoint.java (fhanik) Update tc-native to 1.1.15 in build.properties.default (jfclere) 43327: Socket bind fails when using APR on a system with IPv6 enabled but no explicit IPv6 address configured. (markt/jfclere) 44285: Make the SSL session cache size and timeout configurable. (markt) 45074: Add configuration parameters to enable the tuning of sendfile and poller thread count in the APR HTTP connector. Patch provided by Alex Barclay. (jfclere/markt) 45528: Add detection for invalid SSL configuration to prevent infinite logging loop on start-up. (markt) 45591: NPE on start-up failure in some cases. Based on a patch by Matt Passell. (markt) 46077: Expose deferAccept for configuration. Patch provided by Michael Leinartas. (markt) Don't swallow input if we know the connection is going to be closed. (billbarker) 46125: Return a status code of 400 if the request headers are too large. (markt) Make certain that classes are first loaded by trusted code when working in a sandbox. (billbarker) Log a message if we reach maxThreads in a connector thread pool. (markt) Enable the thread pool limits to be modified via JMX. (markt) Fix HTTP/1.0 redirects handling with APR AJP connector. (remm) 46666: keepAliveTimeout should be used regardless of setting of disableUploadTimeout. (markt)

Jasper

36923: Treat EL expressions as template text if EL expressions are disabled. (markt) 37515: Support 1.6 and 1.7 as source and target for compilation. (markt) ClassCastException in EL ExpressionBuilder. (rjung) Use more generics in EL to improve type safety. (rjung) Use a lookahead to remove potential ambiguity in EL parsing. (markt) Correct typo in JSP EL examples. (markt) 38197: Take account of jsp:attribute elements when pooling tags. (markt) 42077: Ensure the iterator returned by javax.el.CompositeELResolver#getFeatureDescriptor() skips any null FeatureDescriptors. Patch provided by Mathias Broekelmann. (markt) 42693: Fix JSP generation error with recursive tag file structure. (markt) 45427: Correctly handle unmatched quotes in EL expressions. (markt) 45511: The failure of the empty keyword was a regression caused by the previous fix for 42565. The original fix for 42565 has been reverted and a new fix applied. (markt) 45648: Don't trim the last character when parsing the EL namespace. (markt) 45666: Prevent infinite loop on include. (markt) 45691: Prevent generation of duplicate variable names when generating code for JSPs. (markt) Correct signed/unsigned conversion error in ASCII parsing. (markt) Fix various edge-cases when parsing EL, particularly inside attribute values. Note the the Expert Group has confirmed that JSP.1.6 takes precedence over JSP.1.3.10. Therefore EL in attributes must be escaped twice. (markt) 46047: Include the path to the JAR when recording dependencies that are located inside a JAR file. Patch provided by C�dric Mailleux. (markt) 46381: Composite expressions used for attribute values must be coerced to Strings. (markt) 46397: Don't pool tag instances that implement JspIdConsumer. (markt) 46462: Limit package test to just the o.a.jsp package to allow use of packages such as o.a.jspwiki. (markt) 46471: Fix naming clash when tags in different libraries have the same name. (markt) 46564: Make page encoding check for tagx compilation case-insensitive. (markt)

Cluster

Prevent NPE for ReplicationValve (pero) Provide TCP only start-up option when using static membership. (fhanik) Document the multicast recovery options. (fhanik) 45261: Add a new SimpleCoordinator for tribes provided by Robert Newson. (markt) 45618: Make sure NIO selector is closed when no longer used. Unlikely to be an issue in normal usage. (markt) 45851: Fix out of order message processing issues with the FarmWarDeployer. (markt) Fix small memory leak in FarmWarDeployer. (markt) 46357: Corrected test for host's parent must be an engine. (markt) Fix so that JvmrouteBinderValve can rewrite session suffix with parallel requests from same client. (pero)

Webapps

45940: Correct name of username attribute for JDBC resources in JNDI how to. (markt) 46035: Fix multiple typos in monitoring how to. (markt) 46067: Fix typos in Advanced IO how to. (markt) 46115: Correct Manager UI to show that path is required when using the deploy command. (markt) 46121: Add note to manager documentation regarding possible naming clash with new Ant 1.7 resources datatype and how to avoid it. (markt) Remove unsed parameters from Native/APR example connector configuration in docs. (markt) Use CSS based solution for printer-friendly docs. Patch provided by vitezslav.smid as part of GSoc with additional work by Tim Funk. (markt) Update the FAQ linsk in the docs to refer to the wiki. Use xlst task rather than style task to generate docs. (funkman/markt) Document the LifecycleListeners. (markt) Fix broken URL mapping in the examples. (markt) 46563: Update doc for correct default for pollerThreadCount. (markt) 46600: Document maxKeepAliveRequests for the NIO connector. (markt) Fix CVE-2009-0781. XSS in calendar example. (markt)

Other

41861: Update service name to Apache Tomcat 6 to prevent conflicts with previous major Tomcat versions. (markt/rjung) 45852: Add special handling for cp932 (aka ms932) when creating tomcat-users.xml with Windows installer. (markt) 45878: Restore manifest, licence and notice files to the jsp and servlet jars. (markt) 45879: Move NOTICE file from documentation webapp to the installation directory. (markt) Add a workaround for DBCP-191. Tomcat will now build without error on a 1.6 JDK but because it does this by skipping DBCP, release builds must be generated with a 1.5 JDK. (costin/markt) 46366: Correct information in RUNNING.txt regarding use of CATALINA_HOME and CATALINA_BASE. (markt) Use more useful JPDA defaults in catalina.bat. (markt) Correct error in 2.5 web-app XSD.

Catalina

42727: Correctly handle request lines that are exact multiples of 4096 in length. Patch provided by Will Pugh. (markt) 42678: Only ignore docBase if it really is a subdir of appBase. Patch provided by juergen. (markt) 42722: Possible NPE in CGI Servlet. (markt) 45285: Look for annotations in class hierarchy. (markt) Add additional checks for URI normalization. (remm)

Jasper

42565: Make EL ternary expression without space before colon work. Patch provided by Lucas Galfaso. (markt)

Webapps

45323: Add note that context.xml files can only contain a single Context element. (markt)

Cluster

45317: Properly document and log the value of the state transfer timeout flag (fhanik)

Other

45332: Specify the correct encoding (the current Windows code page) rather than assuming UTF-8 when creating tomcat-users.xml with the Windows installer. (markt)

General

45315: Add Unix support for NSIS. (remm)

Catalina

45272: Put in work around for Internet Explorer not accepting a quoted Path: value using the Set-Cookie header (fhanik) APR connector now adds connection to poller after using send file. (remm) Add ManagerBase session getLastAccessedTimestamp and getCreationTimestamp for better remote JMX access. (pero) Expose alwaysSend flag for message dispatch interceptor. (fhanik) 29936: Create digesters and parsers earlier so we aren't using the webapp class loader when we create them. (markt) 42662: Properly resolve reflection proxies during session replication. (fhanik) 42750: Request line should be tolerant of multiple whitespaces. (markt/fhanik) 42934: Change the order of events on context start so contextInitialized() event is fired before sessionDidActivate(). The spec isn't 100% clear on the required order but this seems more logical than the current behaviour. (markt) 43079: Fix identification of suspicious URL patterns. Patch provided by John Kew. (markt) 43080: Log suspicious URL patterns to the correct web app. (markt) 43117: Setting an empty workDir could result in all of CATALINA_HOME being deleted. Patch provided by Takayuki Kaneko. (markt) 43142: Don't assume a directory named xxx.war is a war file. (markt) 43150: Allow Tomcat to start correctly when installed on a path that contains a # character. (markt) The fix for 43285 had the side-effect of coercing null values to zero. This side-effect has been made configurable with a system property, org.apache.el.parser.COERCE_TO_ZERO which defaults to true. Patch provided by Nils Eckert. (markt) 43343: Correctly handle requesting a session we are in the middle of persisting. Based on a suggestion by Wade Chandler. (markt) 43425: Make annotations spec compliant. Patch provided by Dain Sundstrom. (markt) 43470: Fix various class cast exceptions. Based on a patch by Lucas Galfaso. (markt) 43578: Fix startup when installation path contains a space. Patch provided by Ray Sauers. (markt) 43683: Fix 404 that could occur if a Servlet is accessed while the context is reloading. (markt) ExtendedAccessLogValve cs-uri not print empty querystring. (pero) ServletContext.getResource("noslash/resource") only requires forward slash if STRICT_SERVLET_COMPLIANCE flag is set to true. This mimics the behavior of 6.0.15 and earlier. (fhanik) 44021: Add support for using the # character to define multi-level contexts in WARs and directories in the appBase. (markt) 44282: Fix TRACE level class loader logging message when a security manager is used. (markt) 44337: Dir listing crashes if no readme-file present. (funkman) If listener declared in web.xml, only add it once. (funkman) Fix NPE when iterating through sessions for expiration. (fhanik/jim) 44380: Don't scan non-file URLs for TLDs. Patch provided by Florent Benoit. (markt) 44389: Fix memory leak that occurred if using a RequestDispatcher. Patch provided by Arto Huusko. (markt) 44529: Correct handling of resource constraints so no roles (deny all) overrides no aoth-constraint (allow all). (markt) 44562: HEAD requests cannot use includes. Patch provided by David Jencks. (markt) 44595: Add possibility to request the QueueSize of an executor via JMX. (jfclere) Fix CGI Servlet so it correctly reads the environment variables on Vista. (markt) 44611: DirContextURLConnection didn't implement getHeaderFields(), getHeaderField(String name) was case sensitive and returned "" rather than null for header values that did not exist. Patch provided by Chris Hubick. (markt) 44633: Provide a more helpful error message if a class can't be loaded due to a version error. (rjung/markt) 44646: Correct various issues, including an ISE, in CometConnectionManagerValve. (markt) 44673: ServletInputStream is no longer readable once closed. (markt) Better handling of lack of permission for context specific logging. (markt) Add permission required to read JDK logging config. (markt) Update web.xml to reflect packaging of SSI and CGI. (markt) Add missing access check for ThreadWithAttributes. (markt) 44833: Correctly override StandardSession methods from DeltaSession. (fhanik) 44943: Use the same engine name in server.xml comments to reduce copy and pastes issues. (markt) 44988: Use Java5 syntax for debug options. Patch provided by Cedrik Lime. (markt) 45101: Format header dates obtained from DirContextURLConnection as per the HTTP spec. Patch provided by Chris Hubick. (markt) A new valve, org.apache.catalina.valves.WebdavFixValve, that forces MS clients connecting to the WebDAV Servlet on port 80 to use a client that works rather than the default broken one. (markt) 45195: Passing in null into setAttribute or removeAttribute cause NPE. (markt)

Coyote

NIO: Fix bug in NIO sendfile, symptoms during heavy traffic is that connection don't get closed. For previous versions, one can disable sendfile to work around the problem. (fhanik) APR: Allow to specify the "random device" to use to collect the entropy. (jfclere) Fix NIO/SSL live lock during client disconnect. (fhanik) Fix possible ArrayIndexOutOfBoundsException. Patch provided by Charles R Caldarale. (markt/jim) Add support for keystore types that do not need a file. Based on a patch by Bruno Harbulot. (markt) 43094: Allow specification of keystore providers. Based on a patch by Bruno Harbulot. (markt) 43191: Make it possible to override the defaults with the compressableMimeType attribute. Based on a patch by Len Popp. (markt) 44391: Correct handling of escaped values in SSI processing. (markt) 44392: HTML entities now handled correctly in SSI processing. (markt) 44558: Improve error message so address is included if binding fails. (markt) 44494: Character input limited to 8KB. (remm) 44620: Infinite loop in NIO connector. (markt) 44785: Correctly document default maxThreads for AJP connector. (markt) Log errors for AJP signoffs at DEBUG level, since it is harmless if mod_jk has hung up the phone. (billbarker) 44968: Provide more information when the load of a keystore fails. (markt)

Jasper

31257: Quote endorsed dirs if they contain a space. (markt) 42943: Make sure nested element is inside <jsp:text> element before throwing exception. (markt) 43617: Correctly escape attribute values in tag files. Based on a patch by Lucas Galfaso. (markt) 43656: Fix various numeric coercion bugs. Includes a patch by Nils Eckert and fixes related issues identified in a test case provided by Konstantin Kolinko. (markt) 43741: Correctly handle dependencies for tag files in JARs. (markt) 44408: Reduce synchronisation when evaluating EL expressions. Patch provided by Robert Andersson. (markt) 44428: Fix possible NPE during serialization. (markt) 44766: EL doesn't coerce custom Number subclasses. (markt) 44877: Prevent collisions on tag pool names. (markt) 44986: Make page encoding consistency checks case-insensitive. (markt) 44994: Enable nested conditional expressions in JSP EL. Patch provided by James Manger. (markt) 45015: You can't use an unescaped quote if you quote the value with that character. (markt/fhanik) Add HTML filtering of error messages for included resources in case the app has tried to include an unsafe URL that does not exist. This is really an app responsibility but the filtering has been added for XSS safety. (markt)

Webapps

Update documentation to use correct version number, correct file paths and to use $CATALINA_BASE rather than $CATALINA_HOME where applicable. (markt/jim) Add a section on available system property configuration options. (markt) Amend the JNDI datasource doc to reflect new value for no limit used by updated commons-pool and commons-DBCP. (markt) 43333: Fix errors in sendfile documentation. (markt) 43366: Provide backwards compatibility for manager sessions command. (markt) 44541: Document packetSize attribute for AJP connector. (markt) 44715: Document secret attribute for AJP connector. (markt) Fix some links in the ROOT application that are broken if ROOT is renamed. (markt) Align the Realm documentation so that both the configuration and the how-to are consistent. (markt) 45277: Fix typo in logging docs. (markt)

Cluster

45212: AbstractReplicatedMap.entrySet() now returns entries rather than vaules. (markt) 45279: Properly close multicast socket. Fix session replication dead lock during non sticky load balancing. (fhanik)

Other

Improve the Tests for unit tests for the cookie issues. (jfclere) Fix build for JavaDoc. Patch provided by Stephen Bannasch. (markt) 44955: Use correct location for endorsed directory in Windows installer. (markt)

General

Update commons-logging to version 1.1.1 and the NSIS installer to 2.34. (markt) Update to commons-pool version 1.4, native version 1.1.12 and update the download location for the commons libraries. (markt) Change chunked input parsing, always parse CRLF directly after a chunk has been received, except if data is not available. If data is not available for CRLF parsing, we run into BZ 11117, and must defer the parsing of CRLF to the next read event. This fixes the incorrect blocking when using CometProcessor and the draining data during the READ event where it before would block incorrectly waiting for the next chunk (fhanik) The CometProcessor interface now extends the javax.servlet.Servlet interface(fhanik) Fix CVE-2007-5342 by limiting permissions granted to JULI. (markt) Fix handling of CometEvent.close when called during BEGIN event (fhanik) 43594: Use setenv from CATALINA_BASE (if set) in preference to the one in CATALINA_HOME. Patch provided by Shaddy Baddah. (markt/jim) 43692: Clean up unused entries from build scripts. Patch provided by Paul Shemansky. (markt) 43775: Don't try to change line endings of binary files in the source distribution. (markt) 43846: Fix block simulated read and writes causing timeouts. Add non blocking parsing of HTTP request headers. Perf improvements(fhanik) 43957: Service.bat doesn't configure logging correctly. Patch provided by Richard Fearn. (markt/jim) Cookie handling/parsing changes! The following behavior has been changed with regards to Tomcat's cookie handling a) Cookies containing control characters, except 0x09(HT), are rejected using an InvalidArgumentException b) If cookies are not quoted, they will be quoted if they contain tspecials(ver0), tspecials2(ver1) characters c) Escape character '\\' is allowed and respected as a escape character, will be unescaped during parsing Cookie parsing of $Version regression from 6.0.15 has been fixed The script that builds the windows installer was including additional files due to the way it processes recurrsive file selectors. The selectors have been modified to only include the intended files. (markt)

Catalina

Fix ManagerServlet.expireSessions throws Exceptions as iterate longer session lists at production servers. (pero) 38131: WatchedResource doesn't work if app is outside host appbase webapps. Patch provided by Peter Lynch (pero) Add -Dorg.apache.catalina.tribes.dns_lookups=false as default. The ability to turn off reverse DNS lookups for membership.(fhanik) Set correct StandardManager.sessionCounter after reload/restart. (pero) 42503: ServletContext.getResourceAsStream() could return stale data. Patch provided by Arvind Srinivasan. (funkman/jim) 43236: When resetting the response, also reset the flags associated with using a writer or an output stream to allow the user to change character set after the reset. (markt) 43241: Make ServletContext.getResourceAsStream() conform to the specification. Patch provided by John Kew. (markt) 43530: doc link fixes provided by Paul Shemansky (funkman) 43675: Fix a possible logging related classloader leak. (markt) 43687: Remove conditional headers on Form Auth replay, since the UA (esp. FireFox) isn't expecting it. 43706: WebDAV copy/move now returns 201 on success. Based on a patch by Panagiotis Astithas. (markt) 43840: Include user principal if possible when serializing / de-serializing sessions. (markt) 43868: MBean methods getInvoke and getSetter were broken. (markt) 43887: Make error messages much more helpful when illegal Servlet names are used. Based on a patch provided by Mike Baranczak. (markt) Fix a bug that causes CGI Servlet to fail when it is included. (markt) Improve the webDAV Servlet Javadocs to make clear that the WebDAV Servlet can not be used as the default servlet. (markt) 43993: mime mapping for WS-Policy. Patch by Fabian Ritzmann (funkman) 44041: Fix duplicate class definition under load. (markt) 44084: JASSRealm was broken for application provided Principals. Patch provided by Noah Levitt. (markt) 44223: Use the javax.net.ssl.trustStoreType setting if no explicit connector configuration is provided and the property is set. (markt/jim) 44268: Log a warning if a duplicate listener configuration is ignored. (markt/jim)

Coyote

43622: Don't overwrite the min compression size set by the compression attribute with the default. (markt/jim) 43839: URL based session tracking failed when a session cookie from a parent context was present. Based on a patch by Yuan Qingyun. (markt) 43914: URLs in location headers should be encoded. Patch provided by Ivan Todoroski. (markt)

Jasper

43285: Missing EL Coercion causes argument type mismatch. Patch provided by Bernhard Huemer. (funkman/jim) 43675: Fix a possible logging related classloader leak. (markt) 43702: Inner class files have unnecessarily long names. (markt) 43743: Fix NPE when compiling nest tag files packaged in a JAR. (markt) 43757: Rather than use string matching to work out the line in the JSP with the error, use the SMAP info and the knowledge that for a scriptlet there is a one to one line mapping. (markt/jim) 43758: Fix NPE when scripting elements are empty. (markt) 43909: Make sure locale maps to wrapped ELContext. Patch provided by Tuomas Kiviaho. (markt) 43944: Fix a missing resource exception. (markt) Improve docs for Jasper configuration. Put options in alphabetcial order, add some missing options, deprecate an unused one and address feedback about the page provided on the users list.

Webapps

43173: Fix typo in logging documentation regarding location of logging.properties. (markt) 43344: Fix typo in if.jsp example. Patch provided by Tim Nowaczyk. (markt) 43468: Fix possible NPE when listing contexts in the Manager application. (markt) 43515: Fix bug in Manager application that may have caused problems when listing contexts. Patch provided by Lucas Galfaso. (markt) 43611: Provide an error message if user tries to upload a war for a context defined in server.xml rather than failing silently. (markt/jim) 43800: Make relationship between APR and the native connector clearer. (markt) 44088: Fix expire session button in manager. (markt) 44094: Add a note about the side effects of configuring a context as privileged. (markt) Update JNDI documentation to refer to configuring contexts via context.xml rather than server.xml. (markt/jim)

Cluster

Fix FarmWarDeployer can be only configured as host subelement (pero) Fix wrong && at ReplicationValve (pero) Add get/set methods for properties in the Tcp Failure detector. (fhanik/jim)

General

Fix the MD5 file contents in distribution Add ANT script to be able to publish signed Tomcat JAR's to ASF Maven repo (fhanik) Use Eclipse JDT 3.3.1. (pero)

Catalina

Guess java location from the PATH environment and improve fix for 37284 Add NIO connector to server.xml parsing warning, remove Connector as exception case 43653: Fix SSL buffer mixup when response is unable to write more than socket buffer can handle 43643: If connector doesn't support external executor, display warning 43641: Property bind multicast address for cluster membership 42693: Fix JSP compiler bug Add mbean descriptor for virtual webapp loader 43487: Fix request processing stats 43435: Don't iterate and relocate sessions if they are not part of the map. 43356: Keystore parameter is relative to CATALINA_BASE, Truststore is either defined as parameter, javax.net.ssl.trustStore or if empty defaults to the keystore. SSL Client cert authentication changed from boolean to "true|false|want" (fhanik) 30949: Improve previous fix. Ensure requests are re-cycled on cross-context includes and forwards when an exception occurs in the target page. (markt) 42944: Correctly handle servlet mappings that use a '+' character as part of the url pattern. (markt) 42951: Don't use CATALINA_OPTS when stopping Tomcat. This allows options for starting and stopping to be set on JAVA_OPTS and options for starting only to be set on CATALINA_OPTS. Without this fix, some startup options (eg the port for remote JMX) would cause stop to fail. Based on a fix suggested by Michael Vorburger. Port of r454193 (36976) from Tomcat 5.5.x. (markt,rjung) Validation of attributes and elements used in server.xml. (remm) 43175: Fix typos in servlet XSD files. Patch provided by Takayuki Kaneko. (markt) 43216: Set correct StandardSession#accessCount as StandardSession.ACTIVITY_CHECK is true. Patch provided by Takayuki Kaneko (pero) Made session createTime accessible for all SessionManager via JMX (pero) 43129: Support logging of all response header values at AccessLogValve (ex. add %{Set-Cookie}o to your pattern). (pero) Support logging of all response header values at ExtendedAccessLogValve (ex. add x-O(Set-Cookie) to your pattern). (pero) Support logging of current thread name at AccessLogValve (ex. add %I to your pattern). Usefull to compare access logging entry later with a stacktraces. (pero) Improve large-file support (more then 4 Gb) at all AccessLogValves, backport from 5.5.25. (pero) Optimized JDBCAccessLogValve combined pattern request attribute access. (pero) o.a.juli.ClassLoaderLogManager handle more then one system property replacement at file logging.properties. (pero) 43338: Support '*' servlet-name mapping at filter-mapping. Patch provided by Keiichi Fujino. (pero) 41797: CNFE/NPE thrown from function mapper when externalizing Patch by Tuomas Kiviaho- tuomas.kiviahos at ikis fi (funkman) 43453: ClassCastException at org.apache.catalina.core.StandardContext.findStatusPage(int) (funkman) Fix important vulnerability when webdav is enabled for write. (markt) Call stopAwait in StandardServer.stop if port == -1. (pero) 43668: Fix NPE when the outer most wrapper is a ServletRequest/ResponseWrapper, but not a HttpServletRequest/ResponseWrapper on a Forward. (billbarker)

Coyote

Harmonize with HTTP java.io code. Otherwise the socket is not closed. In the APR connector, start accepting connections after fully starting the connector, to prevent possible exceptions due to non initialized fields. (remm) Cookie parser refactoring, submitted by John Kew. (remm) Make cookie escaping / unescaping consistent. (markt) 43479: Memory leak cleaning up sendfile connections, submitted by Chris Elving. (remm) 42925: Add maintain for sendfile. (remm) Fix explicit flush before response commit in the org.apache.jk AJP connector. (pero) 43621: Fix possible Dos condition when using the experimental NIO/AJP Connector (billbarker)

Jasper

37326: No error reported when an included page does not exist. (markt)

Webapps

Fix WebDAV Servlet so it works correctly with MS clients. (markt) Fix CVE-2007-5461, an important information disclosure vulnerability in the WebDAV Servlet. Based on a patch by Marc Schoenefeld. (markt) 42979: Update sample.war to include recent security fixes in the source code. (markt) Minor connector doc fix. (jfclere)

Cluster

Set correct BioReceiver transfer buffer size. (pero)

Other

Tests for unit tests for the cookie issues. (jfclere)

General

Correct j.u.l log levels in JULI docs. (rjung)

Catalina

Handle special case of ROOT when re-loading webapp after ROOT.xml has been modified. In some circumstances the reloaded ROOT webapp had no associated resources. (markt) Remove invalid attribute "encoding" of MBean MemoryUserDatabase, which lead to errors in the manager webapp JMXProxy output. (rjung) 33774: Retry JNDI authentiction on ServiceUnavailableException as at least one provider throws this after an idle connection has been closed. (markt) 39875: Fix BPE in RealmBase.init(). Port of yoavs's fix from Tomcat 5. (markt) 41722: Make the role-link element optional (as required by the spec) when using a security-role-ref element. (markt) 42361: Handle multi-part forms when saving requests during FORM authentication process. Patch provided by Peter Runge. (markt) 42401: Update RUNNING.txt with better JRE/JDK information. (markt) 42444: prevent NPE for AccessLogValve Patch provided by Nils Hammar (funkman) 42449: JNDIRealm does not catch NullPointerException for Sun's LDAP provider (See bug for details) (funkman) 42497: Ensure ETag header is present in a 304 response. Patch provided by Len Popp. (markt) Fix XSS security vulnerability (CVE-2007-2450) in the Manager and Host Manager. Reported by Daiki Fukumori. (markt) 42547: Fix NPE when a ResourceLink in context.xml tries to override an env-entry in web.xml. (markt) Avoid some casting in ErrorReportValve (remm) Fix persistence API annotation, submitted by Bill Burke (remm) In Comet mode, if bytes are not read, send an error event (otherwise, fields referring to the connection could remain) (remm) Fix Comet when running Tomcat with the security manager (remm)

Jasper

39425: Add additional system property permission to catalina.policy for pre-compiled JSPs. (markt) 42438: Duplicate temporary variables were created when jsp:attribute was used in conjunction with custom tags. Patch provided by Brian Lenz. (markt) 42643: Prevent creation of duplicate JSP function mapper variables. (markt)

Coyote

Separate sequence increment from getter in ThreadPool to avoid misleading increments during monitoring via JMX. (rjung) Add back missing socketBuffer attribute in the java.io HTTP connector (remm)

Webapps

Don't write error on System.out, use log() instead. (rjung) 39813: Correct handling of new line characters in JMX attributes. Patch provided by R Bramley. Ported from tc5.5.x r415029. (markt,rjung) 42459: Fix Tomcat Web Application Manager table error. (rjung) Fix XSS security vulnerabilities (CVE-2007-2449) in the examples. Reported by Toshiharu Sugiyama. (markt)

Catalina

More accurate available() method. (remm) Add recycle check in the event object, since it is a facade like the others. (remm) When processing a read event, enforce that the servlet consumes all available bytes. (remm) Add a flag in ContainerBase which could be used in embedded scenarios to avoid a double start of contexts (this problem generally occurs when adding contexts to a started host). (remm) 42309: Ability to create a connector using a custom protocol specification for embedded. (fhanik) Add SSL engine flag to AprLifecycleListener. (fhanik) Improve event processing, so that an END event is generated when encountering EOF, and an ERROR is always generated on client disconnects. (remm) Add declarations for the new XSD files. (remm)

Coyote

Add heartbeatBackgroundEnabled flag to SimpleTcpCluster. Enable this flag don't forget to disable the channel heartbeat thread (pero) Possible memory leak when using comet, caused by adding the socket to the poller before cleaning up the connection tracking structure. (remm) 42308: nextRequest recycles the request, which caused issues with statistics. (remm) Fix non recycled comet flag in the APR connector. (remm)

Cluster

Add heartbeatBackgroundEnabled flag to SimpleTcpCluster. Enable this flag don't forget to disable the channel heartbeat thread (pero) Method name cleanup. (fhanik)

Webapps

Some examples webapp fixes. Submitted by Frank McCown. (remm)

General

License source headers. Submitted by Niall Pemberton. (remm)

Catalina

42039: Log a stack trace if a servlet throws an UnavailableException. Patch provided by Kawasima Kazuh. (markt) 41990: Add some additional mime-type mappings. (markt) 41655: Fix message translations. Japanese translations provided by Suzuki Yuichiro. (markt) Add enabled attribute to AccessLogValve (pero) 42085: Avoid adding handlers for the root logger twice when they are explicitly specified. (remm) Reduce thread local manipulation in the request dispatcher. Submitted by Arvind Srinivasan. (remm) Avoid keeping references to loggers tied to the webapp classloaders after a reload in a couple more places. (remm) 42202: Fix container parsing of TLDs in webapps when Tomcat is installed in a URL encodable path. (remm)

Coyote

42119: Fix return value for request.getCharacterEncoding() when Content-Type headers contain parameters other than charset. Patch by Leigh L Klotz Jr. (markt) Move away from using a thread local processor for the APR and java.io connectors, as this does not work well when using an executor. (remm) Remove Comet timeout hack in the APR connector. Comet connections will now use the regular timeout or the keepalive timeout if specified. (remm)

Webapps

42025: Update valve documentation to refer to correct regular expression implementation. (markt) Fix various paths in the manager webapps (remm) Session viewer and editor for the HTML manager. Submitted by C�drik Lime. (remm) Session handling tools for the manager. Submitted by Rainer Jung. (remm)

Jasper

41869: TagData.getAttribute() should return TagData.REQUEST_TIME_VALUE when the attribute value is an EL expression. (markt) 42071: Fix IllegalStateException on multiple requests to an unavailable JSP. Patch provided by Kawasima Kazuh. (markt) After a JSP throws an UnavailableException allow it to be accessed once the unavailable period has expired. (markt)

Cluster

Add toString method to better logging session replication message at tribes MESSAGES (pero)

General

Update DBCP to 1.2.2, pool to 1.3, JDT to 3.2.2 and remove collections build dependency (pero, remm)

Catalina

Don't log pattern subtoken at ExtendedAccesLogValve (pero) Add some missing JMX attributes for new AccessLogValve (pero) 41786: Incorrect reference to catalina_home in catalina.sh/bat Patch provided by Mike Hanafey (fhanik) 41703: SingleSignOnMessage invalid setter, patch provided by Nils Hammar (fhanik) 41682: ClassCastException when logging is turned on (fhanik) 41530: Don't log error messages when connector is stopped (fhanik) 41166: Invalid handling when using replicated context (fhanik) Added SENDFILE support for the NIO connector. (fhanik) Added support for shared thread pools by adding in the <Executor> element as a nested element to the <Service> element. (fhanik) 41666: Correct handling of boundary conditions for If-Unmodified-Since and If-Modified-Since headers. Patch provided by Suzuki Yuichiro. (markt) 41739: Correct handling of servlets with a load-on-startup value of zero. These are now the first servlets to be started. (markt) 41747: Correct example ant script for deploy task. (markt) 41752: Correct error message on exception in MemoryRealm. (markt) 39883: Add documentation warning about using antiResourceLocking on a webapp outside the Host's appBase. (yoavs) 40150: Ensure user and roll classnames are validated on startup. Patch by Tom. (yoavs) Refactor extend access log valve using the optimized access log valve. Submitted by Takayuki Kaneko. (remm) Possible deadlock in classloading when defining packages. (remm) Remove excessive syncing from listener support. (remm) Web services support. The actual factory implementations are implemented in the extras. Submitted by Fabien Carrion. (remm) Add logging to display APR capabilities on the platform. (remm) Expose executors in JMX. (remm) CRLF inside a URL pattern is always invalid. (remm) Tweak startup time display. (remm) Adjustments to handling exceptions with Comet. (remm) If the event is closed asynchronously, generate an end event for cleanup on the next event. (remm) Cleanup hello webapp from the docs and fix a XSS issue in the JSP. (remm) Examples webapp cleanup. Submitted by Takayuki Kaneko and Markus Sch�nhaber. (remm) 41289: Create configBase, since it is no longer created elsewhere. Submitted by Shiva Kumar H R. (remm)

Coyote

Fixed NIO memory leak caused by the NioChannel cache not working properly. Added flag to enable/disable the usage of the pollers selector instead of a Selector pool when the serviet is reading/writing from the input/output streams The flag is -Dorg.apache.tomcat.util.net.NioSelectorShared=true Requests with multiple content-length headers are now rejected. (markt) 41675: Add a couple of DEBUG-level logging statements to Http11Processors when sending error responses. Patch by Ralf Hauser. (yoavs) Reuse digester used by the modeler. (remm) When the platform does not support deferred accept, put accepted sockets in the poller. (remm) Fix problem with blocking reads for keepalive when using an executor (the number of busy threads is always 0). (remm) The poller now has good performance, so remove firstReadTimeout. (remm) 42119: Fix return value for request.getCharacterEncoding() when Content-Type headers contain parameters other than charset. Patch by Leigh L Klotz Jr. (markt)

Webapps

Fix previous update to servlet 2.5 xsd to use correct declaration. (markt) Update host configuration document for new behaviour for directories in appBase. (markt) 39540: Add link to httpd 2.2 mod_proxy_ajp docs in AJP connector doc. (yoavs)

Jasper

41227: Add a bit of DEBUG-level logging to JspC so users know which file is being compiled. (yoavs) Remove some dead utility code, and refactor stream capture as part of the Ant compiler. (remm) Support the trim directive of JSP 2.1 as an equivalent of Jasper's own parameter. (remm) 41790: Close file stream used to read the Java source. (remm) Fix reporting of errors which do not correspond to a portion of the JSP source. (remm) Remove try/catch usage for annotation processing in classic tags. The usage of the log method might have been questionable as well. (remm) Cleanup of the message that is displayed for compilation errors. (remm) Skip BOM when reading a JSP file. (remm)

Catalina

Unify usage of security manager flag, submitted by Arvind Srinivasan. (remm) Fix formatting of CGI variable SCRIPT_NAME. (markt) 41521: Support * for servlet-name, submitted by Paul McMahan. (remm) Cache getServletContext value, submitted by Arvind Srinivasan. (remm) Add options for handling special URL characters in paths, and disallow '\' and encoded '/' due to possible differences in behavior between Tomcat and a front end webserver. (remm) Fix bad comparison for FORM processing, submitted by Anil Saldhana. (remm) 41608: Make log levels consistent when Servlet.service() throws an exception. (markt)

Coyote

Reduce usage of MessageBytes.getLength(), submitted by Arvind Srinivasan. (remm)

Jasper

41558: Don't call synced method on every request, submitted by Arvind Srinivasan. (remm) Switch to a thread local page context pool. (remm)

General

Use 2.5 xsd in Tomcat webapps. (markt) Compression filter improvements, submitted by Eric Hedstr�m. (markt)

Catalina

Properly return connector names. (remm) Remove logging of the XML validation flag. (remm) Correct error messages for context.xml. (markt) 41217: Set secure flag correctly on SSO cookie, submitted by Chris Halstead. (markt) 40524: request.getAuthType() now returns CLIENT_CERT rather than CLIENT-CERT. (markt) 40526: Return support for JPDA_OPTS to catalina.bat and add a new option JPDA_SUSPEND, submitted by by Kurt Roy. (markt) 41265: In embedded, remove the code that resets checkInterval values of zero to 300. (markt)

Coyote

37869: Fix getting client certificate, submitted by Christophe Pierret. (remm) 40960: Throw a timeout exception when getting a timeout rather than a generic IOE, submitted by Christophe Pierret. (remm)

Jasper

EL validation fixes for attributes. (remm) 41327: Show full URI for a 404. (markt) JspException now uses getCause() as the result for getRootCause(). (markt)

Cluster

41466: When using the NioChannel and SecureNioChannel its important to use the channels buffers. (fhanik)

Catalina

Make provided instances of RequestDispatcher thread safe. (markt) Optional development oriented loader implementation. (funkman) Optimized access log valve, submitted by Takayuki Kaneko. (remm) Fix error messages when parsing context.xml that incorrectly referred to web.xml. (markt) 41217: Set secure attribute on SSO cookie when cookie is created during a secure request. Patch provided by Chris Halstead. (markt) 40524: HttpServletRequest.getAuthType() now returns CLIENT_CERT rather than CLIENT-CERT for certificate authentication as per the spec. Note that web.xml continues to use CLIENT-CERT to specify the certificate authentication should be used. (markt) 41401: Add support for JPDA_OPTS to catalina.bat and add a JPDA_SUSPEND environment variable to both startup scripts. Patch provided by Kurt Roy. (markt)

Coyote

Use the tomcat-native-1.1.10 as recommended version. OpenSSL detection on some platforms was broken 1.1.8 will continue to work, although on some platforms there can be JVM crash if IPV6 is enabled and platform doesn't support IPV4 mapped addresses on IPV6 sockets.

Jasper

When displaying JSP source after an exception, handle included files. (markt) Display the JSP source when a compilation error occurs and display the correct line number rather than start of a scriptlet block. (markt) Fix NPE when processing dynamic attributes. (remm) More accurate EL usage validation. (remm) Fix regression for implicit taglib and page data version numbers. (remm) 41265: Allow JspServlet checkInterval init parameter to be explicitly set to the stated default value of zero by removing the code that resets it to 300 if explicitly specified as zero. (markt) 41327: Show full URI for a 404. Patch provided by Vijay. (markt)

Webapps

Add a virtual hosting how-to contributed by Hassan Schroeder. (markt) Update all webapps to use the servlet 2.5 xsd. (markt) 39572: Improvements to CompressionFilter example provided by Eric Hedstr�m. (markt)

General

Fix installer's bitmap (mturk)

Catalina

Refactor logging of errors which may occur when reading a post body (remm)

Coyote

37869: Also use the SSL_INFO_CLIENT_CERT field if the chain is empty, submitted by Grzegorz Grzybek (remm)

General

Fix tagging which did not include 6.0.5's changelog (remm)

Catalina

40585: Fix parameterised constructor for o.a.juli.FileHandler so parameters have an effect. (markt) Escape invalid characters from request.getLocale. (markt, remm) Update required version for native to 1.1.8. (remm) Do not log broken pipe errors which can occur when flushing the content of an error page. (remm)

Coyote

Fix firstReadTimeout behavior for the AJP connector. (remm)

Jasper

41057: Make jsp:plugin output XHTML compliant. (markt)

Cluster

Cluster interface cleanup. (fhanik) Refactoring to allow usage of executors. (fhanik)

General

Update to NSIS 2.22 (remm) Fix regression in 6.0.3 with Windows wrapper (mturk)

General

Catalina

37509: Do not remove whitespace from the end of values defined in logging.properties files. (markt) 38198: Add reference to Context documentation from Host documentation that explains how Context name is obtained from the Context filename. (markt) 40844: Missing syncs in JDBCRealm. (markt) 40901: Encode directory listing output. Based on a patch provided by Chris Halstead. (markt) 40929: Correct JavaDoc for StandardClassLoader. (markt) 41008: Allow POST to be used for indexed queries with CGI Servlet. Patch provided by Chris Halstead. (markt) Fix usage of print on the servlet output stream if the processor never used a writer (fhanik) Fix logic of sameSameObjects used to determine correct wrapping of request and response objects (fhanik) Update TLD scan lists, and disable caching for now (remm) Add system property to WebappClassLoader to allow disabling setting references to null when stopping it (remm) Add clustered SSO code, submitted by Fabien Carrion (remm)

Coyote

40860: Log exceptions and other problems during parameter processing. (markt) Enable JMX for trust store attributes for SSL connector. (markt) Port memory usage reduction changes to the java.io HTTP connector. (remm) MessageBytes.setString(null) will remove the String value. (remm) 41057: Caching large strings is not useful and takes too much memory, so don't cache these (remm) Add keepAliveTimeout attribute to most connectors (mturk, remm)

Jasper

Relax EL type validation for litterals. (remm) Update some version numbers to 2.1. (funkman, remm) Add xsds for JSP 2.1 (remm) 41106: Update validation checks for EL to also include legacy 1.2 tags (remm)

Webapps

40677: Update SSL documentation to indicate that PKCS11 keystores may be used. (markt)

General

Various tweaks to distribution (remm, funkman) Update Tomcat native to 1.1.7 (mturk) Update to JDT 3.2.1 (remm)

Catalina

Fix EJB annotation interface (remm)

Coyote

Fix passing of the keystore password for the NIO connector (fhanik)

General

37439, 40823: Documentation cleanup (markt)

Catalina

Refactor exception processing using Throwable.getCause to improve exception chaining (remm) Remove dead code involving the Logger (funkman) 37458: Fix some exceptions which could happen during classloading (markt) 40817: Fix CGI path (markt) 34956: Add the possibility to enforce usage of request and response wrapper objects (markt)

Jasper

Many fixes for JSP 2.1 compliance, invloving tag files handling, deferred expressions validation, bom encoding support (remm)

Coyote

Many HTTP NIO connector fixes and refactorings (fhanik) HTTP NIO connector performance improvements (fhanik) Add packetSize option for the classic AJP connector (jfclere) Implement explicit flushing in AJP (mturk)

Catalina

SSLEngine attribute added to the AprLifecycleListener(fhanik) Add API for Comet IO handling (remm, fhanik) Servlet 2.5 support (remm)

Jasper

JSP 2.1 support (jhook, remm) Unifed EL 2.1 support (jhook)

Coyote

SSLEnabled attribute required for SSL to be turned on, on all HTTP connectors (fhanik) Memory usage reduction for the HTTP connectors, except java.io (remm) Modeler update to use dynamic mbeans rather than model mbeans, which consume more resources (costin)

Cluster

New cluster configuration and new documentation (fhanik)