The Jakarta Project
      The Apache Jakarta Tomcat Servlet/JSP Container

The Apache Jakarta Tomcat 5 Servlet/JSP Container

Changelog

Tomcat 5.0.28
General
fix 30239: Updated IIS how-to to link to Wiki page with instrutions for IIS 5 and IIS 6 configurations. (yoavs)
fix 30238: Replaced isapi_redirector.dll isapi_redirect.dll in installation script for consistency. (yoavs)
fix 29584: Enhanced and clarified JNDI documentation. (yoavs)
fix 30245: Corrected Connector documentation to list "address" as a common attribute. (yoavs)
fix 29826: Modified setclasspath.bat exit code to 1. (yoavs)
update Updated status page, mostly rewritten. (yoavs)
update Updated Jakarta-Commons dependencies: BeanUtils to 1.7.0, Collections to 3.1. (yoavs)
update Removed classic compiler directives from Ant build, as we use modern anyways. (yoavs)
update Modified RELEASE-PLAN-5.0.html to indicate status given start of work on Tomcat 5.next. (yoavs)
update Added command lines utilities version.sh, version.bat to let you know what version is installed. (funkman)
Catalina
fix 30602: Subject is not available during the first call to the servlet which use the basic authentication (jfarcand)
fix 29831: Added support for Boolean property to BeanFactory. (yoavs)
fix 28875: Made ErrorReportValve use UTF-8 encoding by default. (yoavs)
fix 30325: Only set CATALINA_HOME if not already set (in bin/catalina.sh). (yoavs)
fix 30144: Made SSIServlet check resource MimeType before using text/html and UTF-8 default. (yoavs)
fix 29406: Made JAASRealm configurable as to whether it should use the context ClassLoader or the default ClassLoader by adding a useContextClassLoader boolean attribute. (yoavs)
fix If ServletResponse.getWriter() is called and no char encoding has been specified, set response char encoding to default (ISO-8859-1) so that it is reflected in getContentType() and Content-Type header, as required by the Servlet Spec (Bugtraq 6152759) (luehe)
fix 29869: Better JMX/JSR77 support in StandardContext and StandardWrapper. (remm)
update Fixed broken link to JK documenration from AJP Connector reference page. (yoavs)
fix 30587: Typo in ExtendedAccessLogValve. (yoavs)
fix 30561: Broken restart of NamingService. (yoavs)
fix 29668: NPE in HostConfig, directory created for deployed WAR instead of xml file. (yoavs)
fix 30179: Improved Bootstrap catalina.properties handling. (yoavs)
fix 30762: Servlet#destroy was called before contextDestroyed. (yoavs)
fix 30650: Added explicit comments on session equals() implementation. (yoavs)
Coyote
fix 30770: Check that the browser actually sent a user-agent header before using it. (billbarker)
fix Default charset not included in Content-Type response header if no char encoding was specified (see Bugtraq 6152759). (luehe)
Jasper
fix 29971: Commented out page directive is parsed. (luehe)
fix 30067: 'Scripting elements are disallowed here' exception behind scriptless tag. (luehe)
fix 30073: NPE when compiling .jspx with broken xml format in jspcmode. (luehe)
fix 30291: Smap for a tag should not include its body. (kinman)
fix 30289: Incorrect Smap for multiple line java expression. (kinman)
Cluster
Webapps
fix 29779: Admin/Examples SetCharacterEncodingFilter wrong package. (yoavs)
fix 30354: manager-howto.xml used wrong Ant task. (yoavs)
Tomcat 5.0.27 (yoavs)
General
updateUpdated dependencies on commons-dbcp (to 1.2.1), commons-pool (to 1.2), and commons-logging (to 1.0.4). (yoavs)
fix 29368: Replaced references to xmlParserAPIs.jar with xml-apis.jar, as the former is now deprecated in Xerces. Users wishing to use old versions of Xerces that don't have xml-apis.jar can still do so without a problem. Users wishing to build tomcat using xmlParserAPIs.jar instead of xml-apis.jar can also do so with a trivial edit in the build.xml file. (yoavs)
Catalina
fix 29048: Made DataSourceRealm easier to extend. (yoavs)
fix 29472: Embedded overrides add/remove Connector, but not findConnectors (luehe)
fix 29561: NullPointerException in Compiler.java:547 (luehe)
fix ServletResponse.setContentType sets response encoding after getWriter was called (Bugtraq 5062838) (luehe)
Coyote
Jasper
fix 29597: Added -javaEncoding attribute support to JspC command-line. (yoavs) 29418: Same thing, -javaEncoding added to help with this umlauts bug. (yoavs)
Cluster
Webapps
fix Fix CGI servlet so it correctly handles binary responses (eg images) - Ported from TC4. (markt)
Tomcat 5.0.26 (yoavs)
General
fix 28335: Fixed JavaDocs. (yoavs)
update Changed build dependency on JUnit from 3.7 to 3.8.1. (yoavs)
update Added ant-launcher.jar (Ant 1.6 and later) to common/lib, as it's required by the Launcher scripts. (yoavs)
fix 28989: Added ant-launcher.jar to launcher classpath. (yoavs)
fix 24723: Corrected JNDI DataSources documentation and added explicit notes about a couple of common problems. (yoavs)
fix 29258: Added explanation about jmx.jar bootstrap classpath setup to release notes. (yoavs)
Catalina
fix 29133: Fixed stop -force option processing in bin/catalina.sh. (yoavs)
fix 28943: Fixed CURRENT_DIR missing % signs in bin/startup.bat. (yoavs)
fix 29255: common/lib/naming-factory.jar missing MailSession and SendMail factories. (yoavs)
fix 29038: Create directories above context xml file as needed. (yoavs)
fix 28533: Fixed without-jni check in jk_java.m4. (yoavs)
fix 28940: Added UTF-8 encoding directive to Deployer build. (yoavs)
Coyote
fix 29162: Added quote escape for mod_jk module location. (yoavs)
fix 28837: Added Solaris includes to JK native build script. (yoavs)
fix 28914: Added threadPriority attribute and related code. (yoavs)
fix 29108: Fix chunked encoding on EBCDIC machines (remm)
fix 29166: Tweak expectations to work with pipelining (assuming the client will correctly not send the request entity body unless it gets a 100) (remm)
Jasper
update Added support for JSP compilations in a clustered environment: Make sure each server always uses the most recent version of a servlet class file, even if it was generated by another server instance. (luehe)
update Include javac errors whose line numbers cannot be mapped to JSP page in error message that is returned to client. (luehe)
update Added setJspFiles() method, to allow comma-separated list of JSPs to be specified from ant. (luehe)
Cluster
Webapps
fix 28914: Added management code for threadPriority. (yoavs)
Tomcat 5.0.25 (yoavs)
General
fix Fix some manifests (remm)
Catalina
docs javadocs correction: getMaxActive() actually returns max number of sessions that have been active at the same time, as opposed to (StandardManager.)getMaxActiveSessions(), which returns the limit (or -1) (luehe)
fix Make those classes in deploy non final so it is possible to customized them (jfarcand)
fix 28971: Regression: the server cookies should be parsed after the context is mapped, otherwise, the session cookie is never considered valid, and it will use the last one (remm).
fix 28959: Fix again mark/reset functionality, and minimize the size of the allocated buffer (remm)
fix Make SingleSignOnEntry constructor public from package protected, submitted by Brian Stansberry (remm)
fix 22176: Allow username and/or password to start and/or end in a space when using BASIC authentication (markt)
fix 22413: response.encodeURL(response.encodeURL("xxx.jsp") now works correctly in root context (markt)
fix Fix subject lost problem with JAAS realm, submitted by Janne Vaananen (jfarcand)
fix Fixed parsing of some multi range requests, and generate MIME boundaries starting with a CRLF (remm)
Coyote
fix 28850: Enable parsing error messages in the given Locale by using MessageFormat.setLocale (billbarker, luehe)
Jasper
fix Fix a bug where the out-dated version of TagInfo instance of a tag file is used when compiling the tag file (kinman)
fix Small-icon and large-icon values are not retrieved (luehe)
fix When fragment element is used, type and rtexprvalue are not set correctly (luehe)
fix 28603: JspC Ant task does not detect errors on a second compile (luehe)
fix 28840: NPE when using an Iterator for items in a JSTL forEach tag, and add support for java.util.Map and java.util.Enumeration (luehe)
update Refactoring of Mark (luehe)
fix 28696: xsi:schemaLocation should be a valid attribute for jsp:root (kinman)
fix 28604: If compiling from JspC, the absolute (instead of context-relative) path of the JSP that caused the error is now printed (when compiling from JspServlet, we continue to print only the context-relative path of the JSP) (luehe)
fix Fixed error messages for jsp.error.variable.both/alias (luehe)
fix Added setter for xpoweredBy in JSPc (luehe)
Cluster
update Refactored the session message to be an interface, so that all base classes are interfaces implemented by the different modules (fhanik)
update Supporting TTL and so time out settings for multicast sockets (fhanik)
Webapps
fix 21502: Obtain number of active sessions directly, submitted by Angus Mezick (markt)
fix 21790: Modify noshade references to align with XHTML reference guide, submitted by Henning Schmiedehausen (markt)
Tomcat 5.0.24 (remm)
General
fix Bad CVS tagging (remm)
Webapps
update Change to list any additionally JNDI data-sources that are present in the web.xml file, but not defined either globally or at the context level, on the context level maintenance page to make it possible to click on the data-source and edit it (amyroh)
Tomcat 5.0.23 (remm)
General
update New procrun binaries (mturk)
fix Fix the problems with paths having spaces in service.bat (mturk)
fix 28333: Add a message about cvs login in the case where checkout fails in the Ant netbuild (remm)
Catalina
fix When the webapp specific JspServlet inherits the mappings from the global JspServlet, we need to wipe out the wrapper corresponding to the global JspServlet from the mapper (luehe)
update If there's a non fatal exception (with validation), no exception will be rethrown by the digester. This will make the webapp startup fail if the XML is invalid and XML validation is enabled, even if the error isn't fatal (= the webapp would run without errors if validation was disabled) (remm)
fix 28262: Fix redeployment after removal of a war, submitted by Peter Rossbach (remm)
fix 28107: Simplify Ant tasks declarations, submitted by Matt Raible (remm)
update Remove the hadcoding of the extension validator (remm)
fix 13924: The spec states if an error page declaration doesn't match the original exception and the exception is an instance of ServletException then the exception should be unwrapped and a second pass made of the error page declarations (markt, luehe)
update 28272: Deploy manager command should use context.xml from war file (luehe)
update Added support for exception chaining if JDK 1.4 is present (luehe)
fix Optimization: delay parsing of the cookies (remm)
fix 19521: Add warning to RequestDumperValve docs to make users aware of possible side effects (markt)
fix java.lang.NoClassDefFoundError: org/apache/tomcat/util/compat/JdkCompat during startup on some systems (luehe)
fix Avoid NPE if there are no extensions, and validating extensions is attempted (remm)
fix 19545: CGI issues with CONTENT_LENGTH (markt)
update Expose more of the session management methods at the top-level Manager interface (luehe)
fix 18141: Support parameters with multiple values in CGI servlet (markt)
fix 9851: Digest authentication failed with Mozilla and other issues re RFC2617 (markt)
fix Always introspect for protocol hadlers, so that the attributes are meaningful (remm)
update Remove static reference in the memory protocol handler, since the JMX registration is functional (remm)
fix Stop the manager earlier, so that listeners are still present (remm)
update Allow extending SSO functionality, submitted by Brian Stansberry (remm)
Coyote
fix Set the RMI port to the one provided in parameter in JK (hgomez)
fix Small memory usage optimization in the adapter (remm)
update Treat the IS, OS, reader and writer as facades, which will be cleared after each request if the security manager is enabled (remm)
fix 19254: Provide a basic implementation for the clean-native target, submitted by marcs (markt)
update Test and related updates for the in memory protocol handler, allowing to specify the URI as a String, or (better) a char array (remm)
fix 28674: Make duplicate more friendly to a subsequent reallocation (remm)
fix Fix URI normalization where the URI is "/." (remm)
Jasper
fix 28244: XML Comment between jsp:attribute causes attributes after the comment to be ignored (kinman)
fix 19049: Clarify error message when nesting exceptions, submitted by Joseph Shraibman (markt)
fix 28361: foreach no longer works in tag file (luehe)
update Added support for exception chaining if JDK 1.4 is present (luehe)
fix Moved check for JSP resource existence into synchronized block (if JspServletWrapper==null), to avoid having multiple threads check for it simultaneously (luehe)
update Added number of JSPs that have been *re*loaded to set of monitorable attributes (luehe)
fix Fix a bug where a custom tag with tagdependent body type is not handled correctly in XML syntax (kinman)
fix 28380: Javac error with ':' and '.' in attribute names (kinman)
fix When in deployment (ie., !development) mode, save any compilation exceptions and rethrow them (instead of recompiling and getting the same exception over and over again) until the next scheduled recompilation (luehe)
fix Close URLConnection's InputStream after getting lastModified date, submitted by martin (luehe)
fix 28147: Remove canonicalization, which is not very useful here, and can cause trouble with symlinks, submitted by Rick Wong (remm)
fix 28603: JspC Ant task does not detect errors on a second compile (luehe)
fix 28604: JspC should not display the whole stack trace of errors (luehe)
fix Fixed another incidence where URLConnection was not closed when checking for lastModified date of included resources (luehe)
Cluster
fix 28161: The "smart" queue will now use the session message getUniqueId instead of sessionId, this makes sure that no messages are overridden when the queue fills up (fhanik)
fix The async replication thread will now properly exit when members join or leave the cluster (fhanik)
fix Make sure to close the channel upon server stop (fhanik)
fix Membership alive time gets updated with each new broad cast, this will keep the membership updated with the exact lifetime of each node, the cluster sorts its members by desc alive time, and change the started flag to be set earlier in the DeltaManager (fhanik)
fix Added all the interestOps to the synchronized blocks to guarantee non blocking behaviour at all times, submitted by Rainer Jung (fhanik)
update Added in the ability to run the DeltaManager/DeltaSession without a container, so that a different clustering plug in can be used to backup sessions in a primary/secondary store (fhanik)
fix Setting the interface on the multicast service if there is a bind address (fhanik)
Webapps
fix Add missing keys - connector.useBodyEncodingForURI allowTrace (amyroh)
update Add DataSourceRealm support in admin webapp (amyroh)
fix 20786: Manger webapp session output not formatted correctly for session inactive for less than 10 minutes (markt)
fix 28524: Exception throw when creating new JNDI data source (amyroh)
fix Display GlobalNamingResource config if web.xml has resource-ref definition without Context Resource config (amyroh)
fix Change to list any additionally JNDI data-sources that are present in the web.xml file, but not defined either globally or at the context level, on the context level maintenance page to make it possible to click on the data-source and edit it (amyroh)
Tomcat 5.0.22 (remm)
General
add New procrun 2 Windows wrapper (mturk)
update Xerces 2.6.2 (remm)
Catalina
fix Fix getContext("/") so current context is returned if called whilst in the root context (markt)
fix Refactor the Extension validator without using a singleton pattern to fix a possible NPE (remm)
fix Allow webapp to override JspServlet (settings) inherited from global web.xml (luehe)
Coyote
fix Add detection for JDK 1.5 (billbarker)
fix 16157: Set AuthType on HttpServletRequest, submitted by Kan Ogawa (markt)
fix Add public method consistently (jfarcand)
Jasper
fix Moved initialization of 'varName' to where it is needed (luehe)
update Allow disable tag pooling for ant task (and command line option) in jspc (funkman)
fix 28236: when reallocating, make the buffer grow faster (512 bytes at a time was not sufficient) (remm)
Modules
fix 28131: Fix expiration of delta sessions (fhanik)
fix access() on a session should not set isNew false (fhanik)
fix 28259: fixed the blocking interestOps(), although selector.select() still doesn't wakeup when a new request comes in (fhanik)
Webapps
fix Remove resource bundle which was causing problems in the admin webapp (remm)
Tomcat 5.0.21 (remm)
General
update Updated procrun binaries (mturk)
Catalina
update Add support for xml validation/namespaceAware at the context level (jfarcand)
fix 18479: Non-serializable sessions attributes should be removed (so valueUnbound is called) (markt)
fix javax.naming.NamingException after a Stop/Start cycle of a web app (jfarcand)
fix 18626: Make clear which file digester failed to parse (markt)
fix When principal caching is disabled, the saved request wasn't used by the FORM authenticator (remm)
Coyote
fix 27917: Make certain that the endpoint is closed, even if Apache has already dropped the connection (billbarker)
fix Change to the absolute path using %CD% for setting CATALINA_HOME (mturk)
fix gzip compression can also be used in HTTP 1.0 (hgomez)
Jasper
fix 27830: undefined EL variable in unterpreted text (XML syntax) causes "null" (instead of) "" to be generated (kinman)
fix Return 500 error code if JSP error page mechanism is invoked (the current impl used to return 200) (luehe)
fix 16830: bodyContent content not reset when a tag is reused (kinman)
fix 27948: NPE with null fragment (luehe)
fix 27665: Nested tags with scripting variables generates invalid code (kinman)
fix 28058: JspRuntimeLibrary.getContextRelativePath() can throw StringIndexOutOfBoundsException (kinman)
Tomcat 5.0.20 (remm)
General
code Update to Apache License 2.0 (billbarker, hgomez, jfarcand, luehe)
Catalina
fix The defaultHostName may be alias, so we need to also try to find if the registered hosts' aliases contains the defaultHostName (jfarcand)
fix 27108: Use catalina.home in the docBase for all core webapps (remm)
fix 27077: Port fix for NPE is data source realm (remm)
fix Fix some setters and operations in MBeans (remm)
fix 27127: Shutdown doesn't work with custom server port and non-default config file (remm)
fix Fix logging of errors when pausing and resuming connector (remm)
fix 27293: Fix if-unmodified-since check, using the old-and-simple trick of adding 1000 (remm)
fix Provide an implementation for getName() and getPassword() in UserDatabaseRealm, to add support for client cert (markt)
fix 27309: NPE fix if there's no local session when doing cross context (remm)
fix 27276: Fix NPE when a null password is set, submitted by Rohan Lenard (remm)
fix Reuse already existing util code in deployer (remm)
fix Clone arrays returned by getParameterValues() and getCookies() when a security manager is in place (luehe)
update Register all classloaders with JMX, so that Tomcat is actually manageable through JMX remote, and move jmx.jar to bin (remm)
fix 19852: Don't remove application parameters on stop (makt)
fix Avoid serializing Subject/Principal when persisting the session (jfarcand)
fix Make stats counters volatile (remm)
fix 27447; Pos should be reset in case of a long line (of course), and reset/skip is useless (it is allowed to just put another mark) (remm)
fix Fix mark/reset functionality (remm)
fix 27478: Fix crossContext flag when dispatching back to the original context (remm)
fix Much less verbose logging when there's a bad cookie (remm)
fix Add two MIME types, submitted by Scott Pontillo (remm)
add Add error message about the absence of JMX when running standalone (remm)
fix Initialize accessCount to 0, and call access when creating a session and in crossContext creations as well (remm, luehe)
fix 17690: Display more helpful error message if docBase is invalid for a WAR (mart)
fix 17859: Provide cygwin friendly JAVA_ENDORSED_DIRS property (markt)
fix Include session cookies in HttpServletRequest.getCookies() (luehe)
fix 18369: Prevent npe in StoreBase if a sql exception occurs (markt)
fix 27752: Due to the use of the '#' special char to replace '/', the URL must be handled in a special way (remm)
Coyote
fix 27050: keystoreFile parameter, when specified as relative, is not treated relative to $CATALINA_BASE or catalina.base property (luehe)
fix Fix JMX Request registration in JK (billbarker)
fix 27033: Encode the address in the protocol name (remm)
fix Set minSpareThreads / maxSpareThreads in JK (hgomez)
fix 27299: Make sure HexUtils is accessed before some output is made (remm)
fix 20184, 24763: getLen returns the length excluding the header (truk)
fix In makeSpace, we should compare the desiredSpace to the limit, so that we actually allow enough (remm)
fix 27513: Fix off by one when terminating threads, submitted by Sergei Zhirikov (remm)
fix Add flag to disable optimized output (which causes problem when using the buffers for input) (remm)
fix Fix problems with finding the Adapter in TC 5 (billbarker)
fix 27629: Call close to release native memory, submitted by Christian Nester (remm)
fix 27704: Result of request.getServletPath() wrong in case JSP inside jsp-property-group (luehe)
fix If using clientAuth="want", then don't change it to "need" when requesting the cert for CLIENT-CERT auth (billbarker)
fix Fix exception when attempting to pause the channel w/o specifying an address, and fix problem where requests weren't being unregistered because of a misformatted Msg (billbarker)
fix Fix thread unregistration in JK (billbarker)
Jasper
fix When security is on, propagate potential ClassNotFoundException instead of swallowing it and just dumping its stack trace (luehe)
fix Add some intellignece to the compiler for generating code for useBean action. Generate direct instantiation (use new) when possible, use bean.instantiate when bean name is specified, and for the case of invalid bean class, either issue a translation time error (instead of javac error), or generate codes to throw InstantiationException at runtime, depending on a new compiler switch, errorOnUseBeanInvalidClassAttribute(defaulted to true) (kinman)
fix According to the spec, it is a fatal error for the taglib directive to appear after actions using the prefix introduced by it (remm)
fix Close input stream to web.xml (luehe)
fix 27300: Wrong Smap when jsp comments are present (remm)
fix 27330: pageContext not defined in the body of nest tags (kinman)
fix 27338: Wrong Smap line for CDATA in scriptlets in .jspx pages (kinman)
fix 27368: Annotate several node types with missing Java line information (kinman)
fix hen a.jsp jsp:includes b.jsp that jsp:includes c.jsp, the context relative path for c.jsp is computed incorrectly (kinman)
add Added JSP monitoring facility (luehe)
fix 27517: The pageEncoding attribute is not used, when charset value is set (luehe)
update Fix SMAP mapping for inner classes (kinman)
fix 27520: Avoid NPE when folder is not readable (remm)
fix 16113: Removing then replacing a jsp page continues to give a 404, submitted by Torsten Fohrer (kinman)
fix 14359: Remove last traces of largefile option (markt)
fix 27642: trimSpaces property not settable via command-line options (luehe)
fix 18005: Provide a better error message if session expires during login process (markt)
fix 27664: Welcome files not found in combination with jsp-property-group (luehe)
fix 14228: Fix access to environment entries during webapp early startup (remm)
fix 13499: If page output is unbuffered, illegal state exception is no longer thrown on forward if and only if nothing has been written to the page (markt)
Webapps
docs 27307: Improvements to DataSource HOWTO, submitted by Felipe Leme (remm)
fix Escape '?' in generated XML of status servlet, submitted by Peter Lin (remm)
update 25160: Improve I18N for admin, submitted by Takashi Okamoto (amyroh)
fix 20770: Admin Tool removes "workDir" attribute from "context" (amyroh)
docs 16507: Update valve docs to provide pointer to the Jakarta Regexp docs (markt)
update Add JSP status info to the status servlet (luehe, remm)
fix 24085: Display group and role list when validation fails (amyroh)
Modules
fix 26988: Remove unnecessary line feeds from stdin stream of the CGI servlet, submitted by Kevin Schantz (markt)
docs Fix some docs bugs, including 27183 (remm, markt)
fix 27090: Make parameter encoding configurable (markt)
fix 27100: Remove lock obsfucation functionality as it breaks a number of webdav clients and does not appear to be covered by the webdav spec (markt)
fix Some minor clustering updates (fhanik)
fix Reenabled the doRun flag in the multicast service (fhanik)
fix 27190: Ensure webdav servlet returns correct status in response to MOVE request (markt)
fix The new and valid flags have to be set before the creation listeners are invoked (fhanik)
fix Added in the server ip and port for debug purposes when logging a ACK timeout (fhanik)
Tomcat 5.0.19 (remm)
General
fix Updates and additions to Spanish translations, submitted by Jesus Marin (larryi)
code Remove nearly all compiler warnings: remaining bad imports, deprecated digester and modeler usage (remm)
fix Add new build targets for Gumpy (billbarker)
update Update to NSIS 2.0 (remm)
update Update to latest commons-daemon (mturk)
fix Add support for silent installations in the NSIS script (remm)
Catalina
fix 12363: valueBound() must be called before the object is made available via getAttribute(), submitted by Pablo Morales (makt)
fix 26237: fixed a typo in MemoryUserDatabase which would cause problems if the pathname is aboslute, submitted by Xavier Poinsard (remm)
fix 26261: don't call expire after calling isValid, submitted by Paul Harvey (remm)
fix Use response encoding when generating error report (luehe)
fix 26051: session must not expire even if the request processing time is bigger than the session timeout (remm)
update Optimize session access: remove synchronization, minimize object allocation for events, and reduce the amount of hashtable lookups (remm)
fix Replaced SC_INTERNAL_SERVER_ERROR with SC_FORBIDDEN if anonymous access is not allowed (luehe)
fix 11042: comment in server.xml now shows that connectionTimeout should be set to 0 rather than -1 to disable timeout (markt)
fix Try to fix some character corruption in non-English resource strings in the nightly build (larryi)
fix Improvements to session activity tracking, handling the case where the session is new, as well as cross context (remm)
fix 26341: when calling the removeAttributes during session expiration, notified attributes should see the session as invalid (remm)
fix 26010: '_' was an inappropriate character to replace the path separator, since it's a common character in HTTP; '#' will be used instead (remm)
fix Add missing setUseContextClassLoader call to avoid possible classloader issue when Tomcat is embedded (jfarcand)
update Update service shutdown procedure: pause connectors, wait for a while, stop the container, stop connectors (remm)
fix Strip out any path parameter when doing request dispatcher mapping (luehe)
fix Throw the proper exception type when a name is already bound, submitted by Robert Kruger (remm)
fix 26414: add support for liking to user transactions, submitted by Robert Kruger (remm)
fix 26373: initialize mapper before load on startup servlets (remm)
fix Ignore setBufferSize()/setLocale() calls on included response (luehe)
fix 26611: forward + include was hiding the special forward request attributes (remm)
fix 26487: RFC 2254 done on whole string instead of just DN, submitted by Jeff Tulley (funkman)
fix 26715: Call endAccess after reading a session from storage so that the session properly timeouts, submitted by Jochen Strunk (remm)
fix Fix rule matching algorithm for one character constraints, such as /s/* (billbarker)
update Added support for configurable session id length (luehe)
fix The forward request attributes must reflect the original request, so only set them if the request being passed doesn't have them (remm)
fix 26838: refactor once again the enum algorithm (remm)
fix 14283: Catch and log exceptions in listeners (markt)
Coyote
fix Fix JMX self-registration of JK when loading the "normal" way (billbarker)
fix Add an option to allow the admin to *not* JMX register the requests, since reclaiming memory can be difficult in JNI mode (billbarker)
fix Add request unregistration, to avoid the memory leak which was affecting HTTP (billbarker)
fix Fix the problem that every Handler was getting added twice (billbarker)
fix Handle unregistering Requests for ChannelUnix (billbarker)
fix Don't create a monitor thread unless maxSpareThreads is smaller than maxThreads (remm)
add Allow configuring the size of the HTTP header buffer, which represents the majority of the memory allocated by Tomcat; the new default value is 4KB (remm)
update Allow the option to only "want" client authentication, submitted by Michael Becker (billbarker)
add Implement clean shutdown of the connectors, using new pause and resume methods on the connector interface (remm)
update Add support for connector pause to JK (billbarker)
fix Cleanup the logging for unknown packets in JK (remm)
fix Avoid java.util.ConcurrentModificationException seen with very high load in RequestGroupInfo (luehe)
fix 26492: consider all session ids sent as cookies until one is valid; also don't create cookie objects from sessionId cookies, which seems consistent with sessionId hiding from the URL (remm)
fix 25805: add localDataSource flag, based on code submitted by Neil Katin (remm)
fix 26567: the mapper will complain if the default host is not known, which could make mapping fail without a way to easily identify the cause (remm)
fix 25363: Expose the SSL attributes in getAttributeNames() (remm)
fix Make sure a filter is always added in all cases (remm)
Jasper
fix 26191: fix classcast exception is JSP document parser, submitted by Trond Aasan (remm)
fix 26242: add back a setVerbose setter to jspc for compatibility with Ant (remm)
fix 26276: generated TLD inconsistent after tagfile changes (kinman)
fix 26335: modification check for tagfiles does not work recursively (kinman)
fix 26432: Incorrect mapping for url pattern in jsp property group (kinman)
fix Implicit "pageContext" object no longer exposed in tag files, to comply with JSP spec (luehe)
fix 26628: Fix handling of a EL function with no arguments (remm)
fix Convert selected tag attribute types to their Fully-Qualified-Name equivalents if the taglib is JSP 1.2 based (luehe)
update Ported (from org.apache.catalina.startup.TldConfig) ability to ignore (for TLD scanning purposes) JARs (in the classloader delegation chain) that are known not to contain any TLDs (luehe)
fix 13960, 13961: Javadocs fixes, submitted by David Medinets (markt)
fix 26796: include fails when tag files are referenced in a tag directives (kinman)
fix Parser for JSP pages in XML syntax ignores custom action's body type (luehe)
Modules
fix 12361: support CGI scripts in unpacked WARs: scripts are extracted to the context work directory before execution (markt)
update Add support for URIEncoding, useBodyEncodingForURI, and allowTrace properties on the connector (larryi)
fix Updating the admin webapp for the change in type of clientAuth (billbarker)
add Add WebDAV webapp to TC5 (markt)
docs 13805: update docs to show that the shared directory is relative to CATALINA_BASE not CATALINA_HOME (markt)
update Added in distributed expire logic for the delta session (fhanik)
add Added in a module cluster interface (fhanik)
add Refactored a lot of the cluster code: the cluster element has sub elements, makes the configuration is modular (fhanik)
docs Document other methods for load balancing (remm)
docs Document that Context elements should not be placed in server.xml (yoavs, remm)
update Add examples, introductory notes, and a brief how-to notes for tag plugins (kinman)
fix Fixed bug with the fact that the manager base has a static variable called name, caused session messages to be sent to the wrong managers (fhanik)
fix Fixed serialization of principal when replicating data (fhanik)
fix Port various session fixes (fhanik)
docs Small docs updates for CGI and others (idarwin)
fix 26906: The destination path needs to be normalised after the protocol and host has been removed (if present) (markt)
fix Lock token must be returned after lock creation, submitted by Pieter van Prooijen (markt)
Tomcat 5.0.18 (remm)
General
fix Fix packaging of the source .tar.gz (remm)
fix Fix bug in the netbuild where the script would always attempt to checkout the sources (jfclere)
fix 26162: Fix typo in the minimal config (remm)
Catalina
fix Remove CGI servlet dependency on JDK 1.4 (markt)
fix 26171: Fix NPE in AccessLogValve during a reload (yoavs)
Coyote
fix Fix memory leak when spare threads are destroyed (remm, fhanik)
Modules
fix Implemented the ability to not expire sessions on shutdown, since that will expire them across the cluster (fhanik)
fix Fix initialization of the session in delta manager (fhanik)
Tomcat 5.0.17 (remm)
General
add Add minimal server.xml (yoavs)
update Upgrade to Xerces 2.6.0 (remm)
add Add service.bat for NT service installation/uninstallation (mturk)
fix 10286: Fix license typos (markt)
update Upgrade to NSIS RC 2, and add metadata to the generated installer (remm)
update New jsvc 1.0 Unix daemon wrapper (remm)
update New procrun 1.0 Windows service wrapper (billbarker)
Catalina
fix Properly implement new API methods getLocalName and getLocalPort (jfarcand)
fix 25193: Don't attempt to parse the parameters if the request body wasn't fully read (remm)
fix 25234: isValid already expires sessions, so backgroundProcess shouldn't call expire again, submitted by Paul Harvey (remm)
fix Sync catalina.properties included in the JAR with the main one (remm)
fix Fix WebDAV servlet issues: 23999, 24001, 24005 (markt)
update Managers cleanup, add stats and JMX for the PersistentManager (remm)
fix Cache the result of getURLs, which was a major performance problem when using RMI from Tomcat (remm)
update Fix authentication and authorization compliance with the final specification; also optimize algorithm (billbarker, remm)
fix 7080: Handle a null username correctly, submitted by Tim Walsh (markt)
fix JNDI realm fixes: 23190, 16541 (funkman)
fix 23885: Strings for JAAS realm (funkman)
fix 5762: Include port in HTTP_HOST environment variable, submitted by Martin Dengler (markt)
fix 5759: CGI servlet does not support extension mapping (markt)
fix 25593: Set all common resources attributes on start, including allowLinking (remm)
fix Reset the repositories array on certain method calls, and override addURL to set hasExternalRepositories to true (remm)
fix Improve creation of cross context sessions: they will now timeout correctly and they will appear as new when created (remm)
fix 8859: Correct namespace handling for lock owners in WebDAV servlet (markt)
fix Add a minTime attribute on servlets (remm)
fix 25703: ExtendedLogValve use wrong filename after rotate or checkexits case, submitted by Peter Rossbach (funkman)
fix Allow disabling the shutdown hook, which is useful when embedding using the main class with JMX (remm)
fix 25792: Fix session timeout implementation, which could lead to incorrect invalidation in some cases, submitted by Jarno Peltoniemi (remm)
fix 9625: Stack traces are now escaped to ensure correct display (markt)
fix 25885: Incorrect addApplicationParameter test, submitted by Peter Rossbach (remm)
fix 25886: Remove the check on the maximum amount of active sessions during session creation (remm)
fix 19998: Changed StringTokenizer creation to be compatible with Windows in the CGI servlet (yoavs)
fix 11682: Deploying a webapp to the root context via an Ant task when unpackWARs is true now behaves correctly (markt)
fix 25878: Add HostConfig after new Host is created via admin and prevent duplicate errorReportValve creation after restart, submitted by Peter Rossbach (amyroh)
update 25889: Allow configuring users and passwords, and automatically reconnect if connection fails for some reason, submitted by Peter Rossbach (remm)
fix Fix array out of bounds when the docBase of a webapp is equal to "" (remm)
fix Update spanish translation, submitted by Jesus Marin (remm)
add Add backgroundProcess method on the manager (fhanik, remm)
fix Cleanup of HostConfig, and add some i18n (remm)
fix When creating a Host dynamically with JMX, the autoDeploy should be set to false (remm)
Coyote
fix Update Japanese strings, submitted by Kazuhiro Kazama (larryi)
fix Fix JkCoyote to properly handle the distinction between localName/Port and serverName/Port (billbarker)
fix 25199: Fix NPE when there's no default servlet, submitted by Torsten Fohrer (remm)
fix Port optimization from CharChunk to prevent needless allocation of byte arrays (larryi)
update Add a flag to allow using the encoding specified in the contentType or using setCharacterEncoding for the URI paramters (remm)
fix When redirecting to a folder, append the query string if not null, to avoid losing query parameters, and refactor to use the new postParseRequest processing (remm)
fix 25603: Adding a 'truststoreType' attribute, and making the trustStorePassword default to the keystorePass (billbarker)
fix Add a try/catch when adding a wrapper, similar to what is done when handling contexts (remm)
fix Fix host removal from the mapper (remm)
fix Small cleanup of a thread startup in the thread pool (billbarker)
add Repackaging ApacheConfig and friends for Tomcat 5 in the org.apache.jk.config package (billbarker)
fix Fix error-condition logging statements in MapperListener (billbarker)
fix Add a privileged action for setDateHeader (billbarker)
add 25819: Add support for the security manager in JK (billbarker)
fix Cosmetic fixes in the Mapper (remm)
fix Report an exception which occurred during a low level flush (remm)
fix Tweak thread pool according to suggestions from Dave Dice (remm)
fix Add an "allowTrace" flag on the connector, and disable TRACE by default (remm)
fix Move the call to setSocketOptions to prevent a potential DoS condition when using SSL, submitted by Alex Chan (billbarker)
Jasper
fix Avoid using deprecated Character.isSapce method in ParserController (kinman)
fix Update Japanese strings, submitted by Kazuhiro Kazama (larryi)
update Rewrite error checking when processing tag files to conform with the lastest JSP spec (kinman)
fix When a tag file includes a file, make sure the included file environment maintains the isTag and directiveOnly properties (kinman)
fix Have JspC.execute() propagate its exceptions (luehe)
fix For tag files, don't issue error for multiple definition when both are for dynamic-attributes (kinman)
fix 25263: Bad smap when template text got concatenated (kinman)
fix The spec allows an attribute to be specified in multple tag directives, if they have the same value; it is an error if not (kinman)
fix Use development mode by default: mappedFile is now true (remm)
fix 25787: Directives added to working tag files are not generated (kinman)
Webapps
fix Update Japanese admin webapp strings, submitted by Kazuhiro Kazama (larryi)
fix 25138: i18n fixes in admin, submitted by Takashi Okamoto (amyroh)
docs The Context (or DefaultContext) element should now be used to configure the file based resources (which is the default); other types of resources can have their properties set through this element (remm)
docs 25119: Remove mention of the pause attribute in Ant task (remm)
docs Update connector documentation to refer to two connectors: HTTP and AJP, in an attempt to clear confusion (remm)
fix 24771: Unable to create new connector (markt)
add Add manager statistics for each context, as well as navigation links so that this is actually useful (remm)
docs Document new HTTP connector flags (remm, larryi)
docs Add architecture documentation (yoavs)
docs 25555: Updating SSO docs, submitted by Brian Stansberry (billbarker)
docs Clustering docs update (fhanik)
docs The war attribute of the deploy task should point to a .war (remm)
docs In the appdev example, use the localWar attribute instead of war for deploying a local webapp (remm)
docs 9960: Clarify potential issues using xml context files and auto deployment (markt)
docs 25774: Added note about GNU make for daemon on FreeBSD systems (yoavs)
docs Add info that session persistence can be disabled by setting the attribute to an empty String (remm)
Modules
fix 25493: Implemented true synchronous replication (fhanik)
fix Longer read timeout, since under load it can take a while (fhanik)
add Adding in a regular io cluster listener to be used with JDK 1.3 (fhanik)
fix Fix the validator task after the digester factory refactoring (remm)
fix Fix packaging of the deployer JAR (remm)
add Implemented compression of the data sent over the wire by the cluster (fhanik)
fix Only print a message when the connection fails (fhanik)
fix Removed sychronization overhead on clustering (fhanik)
fix Status servlets tweaks, to allow extending it (remm)
fix 25948: Undeploy should be called with the displayed path to be able to work on the root context, submitted by Peter Rossbach (remm)
fix Remove incorrect className attribute in proxy HOWTO (remm)
fix Fixed 100% cpu bug with the replication listener (fhanik)
add Implemented socket pool for replication since the synchronized send became a bottleneck (fhanik)
add Implement delta replication (fhanik)
fix Clustering performance improvements (fhanik)
fix Fixed a bug in a dead lock with the pooled socket sender when a member crashes (fhanik)
add Implemented distributed expiration of sessions (fhanik)
fix Print out a warning if no socket is returned from the pool and we are still connected (fhanik)
update Changing the default manager to be DeltaManager (fhanik)
Tomcat 5.0.16 (remm)
Catalina
fix Catch exception in WebappLoader when there is an empty jar file (amyroh)
fix 25033: Calculating the object name should occur as early as possible, to fix a stop/start scenario based on different object instances (remm)
fix Fix JMX object name generator when there are valves with the same classname in the pipeline (remm)
fix 25079: CL.getResource will return JAR based URLs for .class files (remm)
update Make a lot of manager and session fields protected instead of private (remm)
update Add many fields in JMX for StandardContext and StandardDefaultContext (remm)
update Add managerChecksFrequency field to DefaultContext (remm)
Jasper
update General cleanup of the per thread tag handlers (luehe)
fix In XML syntax, recognize \$ escape sequence in template text (kinman)
fix Make sure that white spaces in template texts around <![CDATA[...]]> are trimmed (kinman)
Webapps
docs Balancer webapp documentation (yoavs)
docs Add back in reference to using mod_jk for serving static content (glenn)
docs Document new flags for the DefaultContext, Context and Resources elements (remm)
fix 25078: Fix serverinfo Ant task (remm)
fix The line numbers for uncommenting cgi and ssi keeps on getting out of sync with web.xml: an attempt at rewording to not have them get out of sync (funkman)
Tomcat 5.0.15 (remm)
General
fix Remove useCanonicalCaches system property from JVM startup on Windows, as Sun JDK 1.4.2_02 fixes the bad behavior (remm)
docs In the Servlet spec, add missing package Javadoc description (jfarcand)
update Update to commons-daemon 1.0 alpha (jfclere)
update Use base-jakarta.loc property to avoid hardcoding locations (jfclere)
Catalina
update Merge digester's initialization logic into one class and add schema support for parsers other than Xerces (jfarcand)
update Modify the MBean lifecycle for the containers: the MBeans will now be removed only on destroy, rather than on stop (remm)
fix 9723: Avoid unnecessary calls to RequestUtil.filter, submitted by Arvind Srinivasan (amyroh)
fix 23853: add MBean description for DatasourceRealm, based on a patch by Kyle VanderBeek (amyroh)
fix Fix unregistration of valves on stop (the objectname should be reset so that the valve is registered again) (remm)
fix Fix registration of the root context through JMX (basically, it's the usual "/" to "" conversion for the path) (remm)
update All the properties defined in catalina.properties will now be set as system properties (remm)
update Add fields to control the resources, as well as set them globally using DefaultContext (remm)
fix In PersistentManagerBase, return the object instead of a null, and throw the proper exception (jfarcand)
add Extend digester to be able to do system property replacement in server.xml and the context config files, using the ${...} syntax used by Ant (remm)
fix 24006: allow header handling in WebDAV servlet, submitted by Mark Thomas (remm)
fix 24368: Fix unhandled exception submitted by Mark Thomas (remm)
fix 23764: fix SSO logout (remm)
fix 24829: The command is the last parameter, not the first one (remm)
fix 24832: Merge code from JDBC realm, fixing the valve after a restart of the database, submitted by submitted by Peter Rossbach (remm)
update 23881: SSO in embedded Tomcat, submitted by Brian Stansberry (remm)
update When calling ServletContext.log, append the application's name so we know from which application the log is coming (jfarcand)
fix Don't throw an ISE if Session.getLastModified is called while the session is expiring, submitted by Brian Stansberry (remm)
fix 9077: When a session timeouts, it won't logout of all webapps, submitted by Brian Stansberry (remm)
Coyote
update Added support for localized messages in the thread pool (luehe)
fix 24270: NoClassDefFoundError when running in security mode (jfarcand)
update Correct any maxThreads settings < 10 in adjustLimits(), since they would result in a non functional connector (luehe)
fix 24428: No continue if not HTTP/1.1 (remm)
fix Encode address property so Connector can handle IPV6 address in ObjectName (amyroh)
fix Don't add the charset if it's the default one (remm)
fix Add getter for RequestInfo.globalProcessor - it was returning AttributeNotFoundException because of missing getter (amyroh)
update Add a limit to the size of a POST which will be processed using getParameter (remm)
update Refactor postParseRequest to avoid throwing an exception (billbarker)
fix Only set charset when it is explicitely set (billbarker)
fix Add new JMX connector attributes (remm)
update Add maxPostSize support for client cert, to allow limiting the size of the buffered data (billbarker, remm)
fix Throw exception if keyAlias does not identify key entry in connector's key store, to prevent infinite loop on org.apache.tomcat.util.net.PoolTcpEndpoint acceptSocket (luehe)
fix The KeyStore implementation ("JKS") of the SUN provider converts alias names to lower case, so we need to do the same (luehe)
fix Fix character encoding for URL parameters: char decoding should only occur after %xx decoding (remm)
fix Fixes to remote address and host resolution through JMX (amyroh)
update Add getters to the thread pool and HTTP connector (amyroh)
Jasper
fix 24186: Jasper SystemLogHandler memory leak, submitted by Matthias Ernst
update Concatenate text strings of adjacent TemplateText nodes, which may reduce code size and improve performance (kinman)
fix 10903: Generate errors for unbalanced end tags (kinman)
docs Add some javadocs in EL related classes (kinman)
fix Use ISO-8859-1 as the default encoding for <jsp:param> since it is the default encoding for the request object (kinman)
update A small performance improvement: instantiate the bean object with its constructor, if "class" attribute is specified in usebean, instead of going thru java.beans.Beans.instantiate() (kinman)
update 24506: provide an option to trim white spaces that appear in a template text between two actions/directives; this is not spec compliant, so this is disabled by default (kinman)
docs Document Jasper option "trimSpaces" (kinman, remm)
fix '<' operator used in simple Math throws an error: When used with taglib (luehe)
docs Fix JSPC classpath in the docs (remm)
fix 24904: Nested custom tag causes bogus compilation errors (kinman)
fix 24779: Jasper fails to compile a valid JSP document (xml syntax) when an EL string in template text contains a "[]" (kinman)
fix 24957: Operators are mis-treated as functions (kinman)
Webapps
fix Fix incorrect tags comments in the admin webapp (kinman)
fix 24349: Avoid NPE (which renders the HTML manager servlet unusable) if a context hasn't been started successfully, submitted by Ferenc Dobi (remm)
fix 24250: Make output compatible with JMX Ant task, submitted by Peter Rossbach (remm)
fix Fix the webapps docbase in the embed distribution, and some cleanup (remm)
update Include the manager in the embed package (remm)
docs Document new Jasper, Connector and DefaultContext attributes (remm)
docs Remove Tyrex documentation for now (remm)
fix 24787: Allow host aliases of more than 24 characters (remm)
update Update JSP examples to JSTL 1.1 (kinman)
Modules
add Add delta manager to clustering (fhanik)
fix If null is passed into the value of setAttribute to a clustered session, then remove the attribute (fhanik)
update Add more configuration options to clustering (fhanik)
update Clustering code reorganization (fhanik)
add Added in member alive time (fhanik)
add New balancer webapp, which allows redirection to cluster nodes according to simple rules (yoavs)
Tomcat 5.0.14 (remm)
General
update New procrun binaries, fixing running as a service (mturk)
update Upgrade to commons-pool 1.1 and commons-dbcp 1.1 (remm)
Catalina
update Cleanup schema validation and add a status message at startup (jfarcand)
update Small tweaks to allow to execute the bootstrap JAR (remm)
fix Explicitly add commons-logging-api on the classpath on Unix (remm)
fix 23799: Canonicalize catalinaBase and catalinaHome (remm)
fix Start/stop ContainerBackgroundProcessor thread as part of StandardContext.start()/stop(), respectively (luehe)
fix Better increment the error count value by incrementing the count everytime sendError is invoked (jfarcand)
update Add system property replacement to the Connector, to be expanded to other elements (remm)
update Added support for nesting a Context Listener and webapp Loader within a DefaultContext (glenn)
fix Remove support for Embedded.main in the shell scripts, which has been removed (jfarcand)
fix Add the caching flags even over a secure connection, due to Mozilla bugs (remm)
fix 23608: Improve setclasspath, submitted by Adam Hardy (remm)
fix Add support for resource links to DefaultContext (remm)
Coyote
add Add regexp support to check for Compression/HTTP 1.1 compatible browsers (hgomez)
fix Allow the TrustStore to have a different type from the KeyStore (billbarker)
fix Catch AccessControlException's so that unauthorized access to a socket when using the Java SecurityManager does not shutdown the worker thread (glenn)
fix Don't pretend that we are going to do something if the SSL handshake fails (billbarker)
fix Fix setting charset through a variety of methods (luehe)
fix If no keepalive, don't use chunking (remm)
fix Avoid some copying on a common case, when a JSP page is flushing its own buffer (kinman)
update In case the server needs to reinitiate SSL handshake (with client auth enabled), consume request body and buffer it, so that it does not interfere with client's handshake messages; with help from Bill Barker (luehe)
fix SocketExceptions can occur in a networked app, so reduce logging level for these during setup of the socket options (glenn)
Jasper
fix Serialize directory creating to avoid a potential race condition (kinman)
fix Quote value of 'classid' attribute (luehe)
fix 23691: Tweak the SMAP tracking code so that it works for classic custom tag and JSP fragments (kinman)
fix Make Smap's FileSection work for windows too (kinman)
fix 24019: Make sure that the "No Java compiler" error message is produced only when there is really no javac (kinman)
Webapps
fix Check connectors with the same port number under different domain (amyroh)
fix Restoring JDK 1.3.1 support to StatusTransformer (billbarker)
Modules
fix The clustered manager will now respect the distributable flag (fhanik)
fix The clustered manager will act like a standard manager if the distributable flag is not set (fhanik)
update Implemented session state transfer (fhanik)
docs Added in a clustering how to (fhanik)
update Added in the suspect feature to avoid to much error printing (fhanik)
fix Removed the session replication upon session creation, this happens at the end of the request anyway (fhanik)
fix In JMX land, the JSR 77 beans must be in the same domain as the engine; this is due to a "limitation" of JMX which prevents retrieving attributes of a bean when the unregistration event is sent (remm)
fix Add regexp to embed (remm)
Tomcat 5.0.13 (remm)
General
code Import cleanups (hgomez)
fix Fix an incorrect test in the startup script (kinman)
update Switch back to Xerces 2.5.0 (jfarcand)
update Update the J2EE 1.4 schema jsr154/src/share/dtd/j2ee_1_4.xsd to clarify that fully-qualified-classType is a binary name, submitted by Mark Roth (kinman)
update Move the commons-daemon Windows binaries to jakarta-tomcat-connectors, as they were Tomcat specific (mturk)
update Changes are synchronizing with the latest Servlet 2.4 specification, submitted by Yutaka Yoshida (jfarcand)
update New view source and many fixes in JSP examples, submitted by Mark Roth (kinman)
Catalina
fix Sessions created in the target webapp of a cross-context were invalid (luehe)
fix JMX registrations of servlets that map to the same jsp-file used the same name (luehe)
update Separated JSESSION cookie configuration into its own method, which may be overridden (luehe)
fix Add missing doPrivileged block for adding cookies and encoding URLs (jfarcand)
fix Preload additional inner classes (jfarcand)
fix Fix to properly create Loader MBean at webapp restart (amyroh, remm)
fix Fix to properly create Manager MBean at webapp restart (amyroh)
update Avoid TLD-scanning the JARs under WEB-INF lib twice per webapp (luehe)
fix Do not let the parsing error of a single TLD disrupt the parsing of remaining TLDs in the JAR (luehe)
fix Fix a problem rebuilding the context path given the context file name (remm)
fix Don't save any context files if config base doesn't exist (remm)
update Add the possibility to specify straight URLs in the repository list (= single JARs, remote repositories, etc) (remm)
fix Fix issues with wait-for-servlet-unload logic (remm)
fix 23373: Prevent clobbering the server if we already have read server.xml (billbarker)
update Make RMI/IIOP port configurable (hgomez)
update Properly implement schema validation with Xerces (jfarcand)
update Added hard-coded list of names of JARs that are known not to contain any TLDs, which can be overridden using the new TldConfig.setNoTldJars() (luehe)
fix Fix handling of root context when upacking a WAR; note that obviously using a context path with a WAR which doesn't match the name will result in the webapp being deployed twice (remm)
fix Remove debugging logs in LoggerBase (amyroh)
fix Set -Dsun.io.useCanonCaches=false for Windows, which is a Sun JDK 1.4.2 specific property, to ensure that case correct canonical paths are obtained (remm)
fix Print out a message after successful validation using the Validator task (remm)
fix Add an example on how to configure GZIP compression in the main server.xml (hgomez)
fix Minor fixes in the scripts, mirroring the new paths (jfarcand)
fix 23525: HttpSessionListener implementors are called too late (jfarcand)
fix Need to call the listener when the session is invalidated because the interval between the time the session is marked invalid and the StandardrManager expires the session can't be predicted (jfarcand)
fix In the WebDAV servlet, decode and normalize destination path before doing anything else (remm)
fix Adjust logging in the JAAS realm according to suggestions from bug 23547, submitted by Adam Hardy (remm)
fix Japanese translation update, submitted by Kazuhiro Kazama (remm)
Coyote
fix Respond 400 to requests which contain '%' with no or invalid trailing hex digits (leith)
fix 23276: Fix compatibility with Sun JDK 1.4.0, submitted by Steve Appling (remm)
fix Fix matching of the content types for which compression is allowed, submitted by Steve Appling (remm)
fix Fix logging of errors which occur in setSocketOptions, and do not process the connection in case of an error (remm)
fix Set the monitor thread as non daemon with the HTTP/1.1 connector (remm)
fix Fix trust store factory property name typo, submitted by Chris Halstaed (billbarker)
fix Fix some action descriptions (hgomez)
update Improve configuration of GZIP compression (hgomez)
fix Fix HTTP/1.1 on EBCDIC machine (jfclere)
fix Change the way to kill the thread after a server socket restart (remm)
fix In the TCP endpoint, use the appropriate exception for killing the thread, improve if block, and replace while + break with a simpler if (remm)
fix Make the TrustStore a configurable option (so different Hosts can have different TrustStores) (billbarker)
fix Set the proper default for TCP no delay in HTTP protocol (remm)
Jasper
fix For template texts that generate multiple Java lines, addidtional mapping informations are kept in the TemplateText node, to aid SMAP generation (kinman)
fix 22058: Fix bad SMAP mappings and compilation errors when using fragments (kinman)
fix When a tag handler class is an inner class, it is specified in the TLD in binary form (Outer$Inner): it needs to be converted to canonical form (Outer.Inner) when generating Java files (kinman)
fix Add missing doPrivileged block in PageContextImpl (jfarcand)
fix Package protect the Jasper classes properly (jfarcand)
fix 22833: Make sure scriptlet declarations get properly mapped (kinman)
fix Fix another SMAP bug (kinman)
fix Fixed javadocs for tldScanJar(File file) (luehe)
fix Fix a bug in Parser.isTemplateText(): Since '%' is not a delimiter in JspReader.parseToken(), an expression "<%String s;%>" after a template text would be treated as a template text when mappedfile option is set to true, and got concatenated to the template text (kinman)
fix Fixed javadocs of parseTLD, which used to return boolean but was changed to void (luehe)
fix Fix bug: \<%foo%> in template text hides expression (kinman)
fix Support java extension directories when invoking javac (kinman)
fix Fix Jasper script (kinman)
fix Some Javadoc improvements in Compiler (kinman)
Webapps
fix Use the proper conversion for MB and KB, and fix formatting errors (remm)
fix Allow undeploying webapps when docBase isn't in the host appBase: their context file will be removed, but the docBase will not be removed (remm)
docs Replace references to TC 4 with TC 5, submitted by Kazuhiro Kazama (billbarker)
fix Fixes to Japanese translation of the manager, submitted by Kazuhiro Kazama (remm)
fix Do not allow duplicate port connector creation in the admin webapp (amyroh)
update Add save command (saves either the full config, or a context config) to the manager (remm)
fix Fix for root context handling in the manager servlet (remm)
fix Fix to not display JAASRealm node since admin doesn't support editing such Realm (amyroh)
fix Package the Manager class, which is supposedly "needed" by the deployer (remm)
fix Fix JDBCRealm creation via admin (amyroh)
fix State the welcome file is index.jsp, not index.html (funkman)
fix Fix the way the tree builder was querying JAASRealm (amyroh)
docs Update SSL docs, including adding notes for the current limitations of IBM's implementation of JSSE (billbarker)
fix The Ant tasks will now decode the server messages using UTF-8, submitted by Takashi Okamoto (remm)
docs Add JAAS realm documentation, submitted by Adam Hardy (remm)
fix Admin webapp Japanese translation update, submitted by Tanaka Yoshihiro (remm)
Tomcat 5.0.12 (remm)
Catalina
fix Refactor persistent manager periodic processing (jfarcand)
fix Allow extending StandardPipeline (jfarcand)
update Refactor manager initialization, move it into ContextConfig, and remove Cluster.setDistributable (remm)
add Added in support for sending out access time pings to the cluster, and for session.invalidate to go out to the other nodes in the cluster (fhanik)
fix Remove the artificial limit of 3 for classpath creation (remm)
fix In SecurityUtil, always associate a Subject; if not created, then create a default one (jfarcand)
fix Fix security policy after move of commons-logging (remm)
fix Don't do a real flush at the end of request processing (remm)
fix Remove useless flush in the ErrorReportValve (remm)
fix Throw ThreadDeath for invalid classloader accesses (remm)
fix 23131: Fix wrong classloader binding when reloading the web application after class modifications (remm)
fix Remove overriding the mapped servlet path with the jsp-file in the request dispatcher (remm)
update Add a delegate flag on the context to allow easy configuration of the delegation policy, which is easier to use with JMX embedding (remm)
Coyote
update Add support for specifying the TrustStore algorithm, with default to the keystore algorithm (billbarker)
fix Refactor thread pool logic to avoid deadlocks when no processor is available (billbarker)
fix Filter out all control chars from the response header, as mandated by the HTTP specification (remm)
fix 21763: Make certain that we don't return a bad Socket (billbarker)
update Refactor byte chunk buffering so that the written data fits inside the limit; the number of byte copies is similar to what it was before (remm)
add Add a buffer at the socket layer, configured using the socketBuffer attribute; add handling for explicit client flushes (remm)
Jasper
update Add an compilation option to generate writing char arrays instead of Strings for template texts (kinman)
fix Fix jsp-config problem (jfarcand)
fix Use out.print(expr) instead of out.write(String.valueOf(expr)) for outputting expressions in template texts (kinman)
fix Fix SMAPping for small text strings with genStrAsCharArray=false (ecarmich)
Webapps
docs Update classloader documentation to reflect the actual classloading order (luehe)
fix 21933: Add header possibly ignored if buffer is too large, submitted by Chris Kessel (funkman)
docs Update the application development documentation for changes in Tomcat 5 (remm)
update Add manager translation in German, submitted by Yann Cebron (remm)
Tomcat 5.0.11 (remm)
General
fix Update all download locations to archive.apache.org to use stable links (remm)
docs Update running and building instructions (remm)
Catalina
update Modify the commons-logging packaging (only the commons-logging API is bundled now) to resolve the classloading problems, and remove the special case handling from the webapp classloader; pivileged webapps can now use log4j (remm)
fix 22986: Fix bad canonicalization call which was causing problems when a host appBase was absolute (remm)
Coyote
docs Add documentaion on mod_jk tools (glenn)
fix Handle query string decoding as a special case, using the character encoding specified for the rest of the URI in the connector, whereas the encoding of the entity body was used; this can be UTF8 as per the W3C standard, but for interoperability, it is a one for one byte to character conversion (remm)
fix Null a busy processor in the pool array, so that the algoritm is more consistent (remm)
fix MessageBytes.toChars should set the type to chars (remm)
update Make the update of the stats an explicit call (I believe it is valid to call recycle multiple times, and it is hard to avoid with HTTP keepalive) (remm)
fix Decrease the timeout reduction ratio when the server gets loaded, and add a setStatus so an error is counted (remm)
Webapps
fix 22956: Use UTF8 encoding in the manager web application, submitted by Takashi Okamoto (remm)
Tomcat 5.0.10 (remm)
General
update JSP 2.0 specification updates, submitted by Mark Roth (kinman)
update Servlet 2.4 schema update, submitted by Yutaka Yoshida (jfarcand)
update Get ready for using JSR 160 RI (JMX Remote 1.0): copy additional, optional, JMX binaries (remm)
update Replace MX4J 1.1.1 with the Sun JMX 1.2 RI (remm)
code Major update to Japanese internationalization, submitted by Kazuhiro Kazama (remm)
fix Fix bad imports (remm)
Catalina
add Add sessions and serverinfo tasks, submitted by Vivek Chopra (remm)
fix Minor optimization: Avoid scanning duplicate JARs for TLDs (luehe)
update Expose the new connector properties in JMX (amyroh)
fix Big JDBCRealm cleanup: fix for 7116, 10623, 11929, 8091, and make authenticate synchronized since there are race conditions between the connection being opened, used and exceptions occuring (funkman)
fix Simplifying the code by hiding the arrayCopy (billbarker)
fix 22691: Wrap getCanonicalFile in a try/catch (remm)
fix Reenable validation, using Xerces 2.1 instead of Xerces 2.5 (remm)
fix 22698: Restore RealmBase.main(), allowing to compute digests (remm)
fix 22546: Fix small filter extension mapping bug, where if the extension of the request starts with the tested path, it would have been matched (remm)
fix 22695: don't check for session validity when activating and passivating (remm)
fix Do not create a new Subject everytime a Servlet/Filter is invoked, associate the same Subject to the AccessControlContext (jfarcand)
update When saving server.xml, don't save the value of properties which have their default values (remm)
fix Release all logs associated with this CL when stopping the CL, and avoid NPE in toString after stop (remm)
fix Avoid references leak: clean up and recycle all thread local resources, and reset the context CL after invoking the pipeline (remm)
fix The request dispatcher should also not log a client abort exception (remm)
fix When saving server.xml, don't print the className if it's one of the standard implementations, and add some fields to the exception list (remm)
fix Null out the reference to the resources when stopping the classloader (remm)
fix Don't save the config file attribute, as it is always useless, and don't indent context config files (remm)
update Allow overriding the Host's unpackWARs using a new unpackWAR attribute on the Context element (remm)
fix Include the pathInfo when a relative path is used to get a request dispatcher, submitted by Mark Thomas (remm)
fix 20029: fix "-force" shell script parameter handling, submitted by Christian Brensing (remm)
fix Deploy descriptors even if deployOnStartup is false, as they should be considered as if they were part of server.xml (remm)
fix Apply patch for 22857 and 22858 to CGI servlet, submitted by Mark Thomas (amyroh)
fix Get the absolute path to the work dir, so that JARs in /WEB-INF/lib can be found when using non filesystem based resources (luehe)
fix XML-escape the values when writing out the tomcat-users.xml file, submitted by Mark Thomas (billbarker)
Cluster
fix Set dirty flag gets set on setMaxInactiveInterval (fhanik)
Coyote
fix Also consider last element in comma-separated protocols list, or the case where the list contains a single element and no commas (luehe)
fix Implement getAttribute(key) in the protocol (amyroh)
fix Make certain that we are still in an https session before looking for certs, submitted by Mark Thomas (billbarker)
fix Adding accessors so that the JkCoyote connectors can play nice with the admin webapp (billbarker)
fix Fix parsing of the content-type header in Response (luehe)
Jasper
fix When an error occurs, get the file name from path instead of from the exception (kinman)
fix Don't generate code to do an instanceof when it can be done at translation time (kinman)
fix Avoid defining multiple getServletInfo() methods (one for each page directive with an 'info' attribute) (luehe)
fix Supply taglib's unique id (instead of the value of the uri argument in the directive) to the TagLibraryValidator's validate method (luehe)
fix Ensure that <jsp:root> is root element in JSP document (luehe)
fix Prepend "urn:jsptld" to uri values that represent relative paths when adding "xmlns:prefix" attribute on the root of the JSP document's XML view (see JSP.10.1.5), and make the value passed as the uri argument to TagLibraryValidator.validate() match the above (luehe)
fix When precompiling with JSPC, files that match the url-pattern specified in jsp-config should be included for compilation (kinman)
update Added support for JSP.6.2.4: fix issues with DOCTYPE validation (luehe)
fix Don't combine LineInfos from different files (ecarmich)
fix Set Node.startMark correctly in JSP document nodes created from character data: this fixes incorrect SMAPping of template text nodes containing line feeds, and incorrect error reporting for unparseable EL expression nodes (ecarmich)
fix JSP error page mechanism fails intermittently to display contents of error page, which occurred when a JSP was using a custom page context (luehe)
fix Use just the class name if package is imported, and in tag files, declare request as HttpServletRequest and response HttpServletResponse, as is the case in servlets (kinman)
Webapps
docs The Loader does not have a method to set a work dir, remove from docs (glenn)
fix Update the host properties in admin (amyroh)
update Update admin with the latest connector changes, including thread pool configuration (amyroh)
fix Fix to return null when an error response is sent, submitted by Jeff Tulley (amyroh)
fix Get rid of the maximum size of the username and password fields (amyroh)
fix 22268: allow using SHA digest (amyroh)
fix In the default page, update links to the lists, and add a link to the open bugs (remm)
docs Update for changes to jsvc from commons-daemon (remm)
add Refactor the status servlet, allowing for XML output in addition to the user friendly HTML, submitted by Peter Lin, based on code from John Turner (remm)
update Implement the XML processor state status (remm)
docs Update classloader documentation according to the current behavior (remm)
Deployer
fix In validator task, set the context classloader to avoid issues with commons-logging (remm)
fix Validate before running javac (remm)
Tomcat 5.0.9 (remm)
Catalina
fix Fix bug where no static resource over 512 bytes would get cached by default (remm)
fix Ensure uniqueness of patterns across all servlets, so that it is possible to reliably override the servlets defined in the default configuration (remm)
fix Fix and improve static resource cache space allocation algorithm (remm)
Coyote
fix Revert a patch on CoyoteConnector causing a performance regression (remm)
fix When mapping to the default servlet, or mapping to a physical welcome file, String representation of the path is available, which saves some object creation (remm)
Jasper
fix Disable tag pooling when a JSP uses "extends", to avoid NPE when the pool was accessed (luehe)
Tomcat 5.0.8 (remm)
General
fix Update commons-daemon packaging for consistency and ease of use on Unix (remm)
update Servlet specification updates, submitted by Yutaka Yoshida (jfarcand)
update JSP specification updates, submitted by Mark Roth (kinman)
fix 22494: Removed logVerbosityLevel doc and init-param from JSP Servlet, as they're no longer used, submitted by Eric Carmichael (yoavs)
Catalina
fix Remove some stack trace dumping in MapperListener (remm)
fix Remove extra setLogger call in Embedded.createContext (remm)
update Add support for TLD validation, and fix bug 21917 where entities couldn't be resolved in a TLD (jfarcand)
fix Fixed logic so that iterator actually gets cloned when "clone" is set to true, and replace LinkedList with ArrayList (luehe)
fix Avoid NPE when ensuring that resource path starts with '/' (luehe)
fix Avoid reformatting constant Expires header on every request (luehe)
fix Log client abort exceptions as debug information (remm)
fix Found a way to avoid the extra restart caused by the web.xml tracker, when the webapp was deployed by an outside source, such as the manager servlet (remm)
fix Improve CL stopped error message, so that it is more explanatory (remm)
fix When using the deployer, schema validation wasn't supported (remm)
fix Fix NPE when getMessage of an exception returns null in the DefaultServlet (jfarcand)
fix Fix behavior of HttpSession.setMaxInactiveInterval() (luehe)
fix Cleanup of the XML descriptors for the model MBeans, removing old connectors and old attributes (remm)
update Update the store and persistent manager code so that both will use the container provided background processing thread, rather than using one thread per component (as much as two threads per context) (remm)
add Add new managerChecksFrequency attribute to StandardContext, allowing to configure how often the manager session expiration and passivation checks will be called, similar to the intervals used in Tomcat 4.1.x (remm)
fix Disable schema validation for now, due to persistent issues with Xerces (remm)
Coyote
update Added support for specifying alias name for server keypair and cert chain, to be used by the server to authenticate itself to SSL clients (luehe)
update Added support for specifying comma-separated list of SSL protocol variants to be enabled, which may be useful to disable the less secure SSLv2 (luehe)
fix Fixed bug in CoyoteConnector getter methods for SSL related attributes, which would always return null if SSL properties were configured directly on the Connector element (instead of its nested and now deprecated Factory element) (luehe)
update Moving the new protocols logic to the 14 Factory (billbarker)
fix Clone request attribute names iterator (luehe)
fix Fix client abort logging, and throw a client abort when an IOException occurs when writing bytes (remm)
fix Avoid a NPE when requesting the remote address between requests or before processing any request (remm)
Jasper
update Allow a taglib to be defined more than once in taglib directives, even in statically included files, and remove need for keeping a Stack for prefix bookkeeping (kinman)
fix When including a JSP document (written in the XML syntax), in the resulting XML View of the translation unit the root element of the included segment must have the default namespace reset to "" (kinman)
fix Don't merge SMAP entries in the outputStartLines aren't consecutive, which fixes IllegalArgumentException when SMAPs are generated (remm)
fix Replaced JSPC error message with localizable error code (luehe)
update Added -classpath option to JspC (luehe)
fix Beautify the insertion of the XML fragment in JSPC (remm)
fix Restoring JVM 1.3.x compatibility to Jasper, with a new split String method (billbarker)
fix Add attibutes doctype-root-element, doctype-system and doctype-public to <jsp:output> for outputing a DOCTYPE declaration in XML documents, per latest spec change (kinman)
fix Fixed buffer realloc when writing single char (luehe)
fix Spec has been changed to allow for include-prelude and include-coda in jsp-config (kinman)
fix Restored JSP default for 1.2 based tag handlers (luehe)
fix Adjust Java lines mappings for codes that are generated in buffers (kinman)
Webapps
update Add two JMX related tasks, designed to use the jmxproxy servlet, submitted by Vivek Chopra (remm)
docs Document usage of commons-daemon with Tomcat on Unix (remm)
update Add new JSP XML test in the tester, and fix the one that was already there (remm)
fix The tester should handle i18ned manager reload messages (remm)
Tomcat 5.0.7 (remm)
General
code Tomcat 5.0.x release plan was voted (remm)
update Various JSP 2.0 API updates, submitted by Mark Roth (kinman)
update Update to commons-modeler 1.1, submitted by Yoav Shapira (remm)
update Simplify the use of the Ant script shipped in the embedded package (remm)
update Bundle Xerces 2.5.0 again, due to bugs in Crimson (remm)
Catalina
update Allow putting a /META-INF/context.xml inside any WAR file deployed by the HostConfig (remm)
fix Many bugfixes in JNDI realm: 18698, 11678, 19864, 20518, with help from David DeWolf and Jeff Tulley (funkman)
fix Fix for three related request dispatcher bugs, including 22013, 4690 (cross context sessions support), and port the fix for ServletContext.getContext(...) when using the root context (remm)
update Use PropertyUtils to obtain the rootCause. This way we can also drill into nested JspExceptions or another Throwable object which has a 'rootCause' property which returns a Throwable (funkman)
update Extract all non class resources from a JAR on access to a non class resource (remm)
fix 14817: JNDIRealm SHA digest implementation incorrect (funkman)
fix NPE when an invalid web.xml is deployed and the digester throws an exception (jfarcand)
fix 22236: addAttributeValues may return null, this could trigger a NPE if debugging was turned up >=2 (funkman)
fix 22146: Use Class.forName instead of ClassLoader.loadClass (remm)
fix Split the applicationListeners array in two, for performance reasons (remm)
fix Fix bug where welcome files were not being processed in the embedded distribution (remm)
Coyote
fix 9351: parsing IPv6 hostnames (in IP form, obviously), submitted by Masashi Yamaguchi (remm)
fix Allow extending CoyoteConnector (jfarcand)
update 22192: the context mapping algorithm actually needs to be similar to the algorithm used for widcard wrapper mapping; optimize wildcard mapping: since the amount of nesting the mapping has is known, some mapping operations can be avoided (remm)
update Allow for customization of JSSE trust and key managers (luehe)
fix Added check for (keystoreType == null) before calling getKeyManagers/getTrustManagers (luehe)
fix Use less aggressive socket timout reduction when the server load increases (remm)
fix Fix calculation of a request processing time (it must not include the time waiting for data in keepalive mode, or the time waiting for data for an initial request on a connection) (remm)
fix Fixing CoyoteConnector getters for JMX; CoyoteConnector will now rely on the protocol handler for most of the values it returns (billbarker)
Jasper
fix 22090: Enable expression cache, submitted by Matthias Ernst (remm)
fix 22103: Release servlet writer after compilation, submitted by Gilles Scokart (remm)
fix 21206: Fix including a JSP, where Jasper would do weird things whenever the outer request had a non null pathInfo; it will now use the included servlet path correctly (remm)
fix Have 'isELIgnored' page directive attribute take precedence over JSP config el-ignored (luehe)
update Replaced JspServlet's "tagPoolSize" config param with the correct "tagpoolMaxSize" in web.xml, and removed getTagPoolSize() from Options, because tag pool size is no longer needed at compile time (luehe)
update Simplify the way the URLClassLoader used by JSPC gets initialized (luehe)
fix 22133: workaround for a JDK 1.3 scoping bug, submitted by Matthias Ernst (remm)
docs Added javadocs for getExtends methods (luehe)
update Refactor some code in JspDocumentParser, since startPrefixMapping got called before startElement, turn on push/pop prefixes for taglibs in XML syntax, so that proper prefix can be located (kinman)
fix Make JspFragment.getJspContext abstract (kinman)
update JSPC will now display root cause for build errors; also fix a needed side effect in classpath generation when tag files must be compiled (remm)
fix In JspDocumentParser, pop is called in the same order as push, so the Stack should be replaced by a LinkedList (remm)
fix Replaced JSPC message with more meaningful warning (luehe)
fix 22266: keep template text together with mappedfile="true", submitted by Eric Carmichael (remm)
fix 22006: Invalid SMAP line entries when running with mappedfile=true, submitted by Eric Carmichael (remm)
fix Apply workaround for failure in optimizeLineSection() when there are entries with an outputStartLine of 0, Submitted by Eric Carmichael (remm)
fix The "out" in the Fragment helper functions is now JspWriter instead of java.io.Writer, so that it won't trigger errors when a fragment contains include actions (kinman)
Webapps
docs Update the documentation to reflect the fact that the Factory element is no longer required to setup a stand-alone SSL Connector (billbarker)
update The status servlet will now also display wrapper mappings (remm)
fix Allow passing a regular path instead of an URL for the WAR to upload to the DeployTask; also pass the right URL String so that the "update" flag is no longer ignored (remm)
fix Fixes to the manager servlet: cleanup URL handling, to be consistent with the HTML manager; don't send extra "OK" messages; fix update flag; make sure configFile is null if there's no context XML file (remm)
fix Fix webapp tagging and redeployment from a tag (remm)
fix Display byte sizes and times using sensible units (KB and MB, s and ms) in the status servlet (remm)
fix Display the remote host when in keepalive status, as well as the elapsed time (it corresponds mostly to the amount of time since the start of the previous request) (remm)
Tomcat 5.0.6 (remm)
General
update Synchronize the server.xml used by the Windows installer with the main default server.xml (remm)
update Update to Xerces 2.5.0 (remm)
update Add additional information in the welcome HTML for the release download (remm)
fix 21999: Typo fix, submitted by Liu Kang (remm)
Catalina
update Remove welcome file processing from the default servlet (funkman)
fix Search for TLDs in all subdirectories of WEB-INF, except classes and lib (luehe)
fix Fix possible file descriptor leaks in the code responsible for unpacking a WAR (remm)
fix 21908: Fix Unix startup script bug (bad AS/400 condition), submitted by Jason Corley (funkman)
update Remove useless casts in AccessLogValve (remm)
fix The default socket factory class name is now the Coyote factory (remm)
add Add a new digester rule using the IntrospectionTools so that all attributes are passed to the connector, including those which have no explicit setters (in which case the setProperty method is called) (remm)
update Simplify the connector configuration in server.xml (remm, billbarker)
update Expose the ServletWrapper statistics through JMX (remm)
update The connectors default configuration are now similar to the HTTPd 2.0 default configuration, submitted by Henri Gomez (remm)
update Send JSR 77 spec required notifications for J2EE mbeans (amyroh)
update Put the CSS used by various Tomcat components in a separate class in the util package (remm)
fix Remove path normalization in the default servlet (remm)
fix Copy jk2.properties to conf folder (remm)
fix Remove some attributes from the default JK 2 configuration, which should instead be configured through jk2.properties (remm)
update Remove unneeded fields in the CoyoteConnector (remm)
fix Make the SingleSignOn methods protected so it is possible to extend that class and have a customized version (jfarcand)
add Add code allowing configuring the resource cache size for a context (remm)
update Refactor extension handling; available and required extensions are now consistently NULL if not present (luehe)
fix System resources were identified but then ignored when checking if an app's dependencies could be resolved (luehe)
add Add the sslProtocol property on the connector to define the protocol used in SSL (luehe)
update Synchronize the startup scripts based on the Tomcat 4.1 code (funkman)
fix Close JarInputStream after reading manifest (luehe)
update Use commons-logging and the existing StringManager in the extension validator (luehe)
fix 22032: missing security-policy in default configuration; precompiled JSPs running under the security manager always have to access org.apache.jasper.runtime.* classes (jfarcand)
update Remove old reload code, now replaced with a simpler stop/start sequence (remm)
fix Tomcat will now ignore a non existent classpath JAR (remm)
fix Some steps of start shouldn't be executed if the context startup has previously encountered errors (remm)
fix Temporary fix for running SSL without a SocketFactory (billbarker)
code Remove apparently useless wrapper classes (remm)
Coyote
fix Fix welcome file mapping, so that the order of the welcomes specified in web.xml is respected, whereas previously servlet mapped welcomes would have a priority over physical welcome files (funkman)
fix When shutting down the endpoint's server socket, close the unlocking socket inside a finally block (remm)
fix Fix configuration of the maxThreads attribute of the thread pool (remm)
update Add a new protocol attribute on the Coyote connector, which can be used rather than using the protocol handler classname; acceptable values are either "HTTP/1.1" or "AJP/1.3" (remm)
update Improve the thread names and numbering, based on the associated connector name and the number of existing threads, so that reading a thread dump is significantly easier (remm)
fix Fix a bug redirecting to a folder: the context path was lost (remm)
fix Fix incorrect URL normalization of the "///" sequence, due to a bad port of the String based algorithm to arrays (remm)
add The HTTP/1.1 connector will now automatically scale down the timeout and disable connection keepalive should the server start getting low on processors (remm)
fix Make certain that we tell Apache that we have finished with the request; If the Adapter throws an exception before entering the Pipeline, we end up with both Apache and Tomcat trying to read the Channel and hence not serving requests (billbarker)
Jasper
fix 21823: Compiler uses invoking page's PageInfo for handling tag files, submitted by Eric Carmichael (luehe)
fix 21978: Certain tag file pathnames lead to compile errors, submitted by Eric Carmichael; also add check for Java keywords in package names (kinman)
fix Remove useless check if the security manager is not present (jfclere)
update Refactor getDerivedPackageName and eliminate some duplicate code (kinman)
fix 21168: Incorrect paths in generated SMAP file entries, submitted Eric Carmichael (luehe)
fix 20155: The strutsel-exercise-taglib application can not be compiled with jspc, because the correct class loader was not being set (kinman)
update Make JspProperty constructor public, to allow for user supplied JspConfig (kinman)
update Removed unused methods and instance variables in Collector and PageInfo (luehe)
fix 22084: Fix incorrect indentation of generated code, submitted by Eric Carmichael (remm)
Webapps
add Display contexts and servlets stats in the status servlet, so that the administrator can get a complete view of the server (remm)
update Beautify the status servlet, and integrate it with the HTML manager, through links (remm)
fix In the status servlet scoreboard, add missing whitespace between method and URI (remm)
docs Update the connectors documentation (remm)
docs Manager, HTML manager and deployer docs update (remm)
docs Document the background processing feature, and the configuration of the resource cache (remm)
fix Add a legend for the status servlet scoreboard (remm)
fix Fix typo in the Struts definition of the default context forms, submitted by Jeff Tulley (remm)
docs Initialize filter so that the release notes of the docs look right (remm)
Tomcat 5.0.5 (remm)
General
add Update the tester web application for Tomcat 5, and make a tester run part of the release process (remm)
fix In the checkout target, only checkout modeler from commons instead of all of commons (funkman)
fix Add the catalina-optional JAR in the embed package (remm)
fix Fix obscure JAXP related CL problem in embedded mode, by preloading some descriptors (remm)
fix Release notes updates (funkman)
Catalina
update Added Embedded.createConnector() methods that take address of type String (luehe)
fix Don't set the no-caching headers for protected POSTed pages. This makes the "back" button in the browser works as expected. (billbarker)
fix 21341: Fix error page forwarding (remm)
fix In the extended log valve, if bytes are requested, then print bytes, not the date (funkman)
update Add a Container.getPipeline() to allow bypassing the (useless) invoke method (remm)
add Add code to allow printing partial stack traces for exceptions in HTML report pages, as well as add a note about the full stack trace of the root cause being available in the logs (remm)
update Logs will now contain the root cause of ServletExceptions (remm)
fix Fix a problem where the Strings weren't escaped in the same way for chars such as '. This caused problems for localization in French. (remm)
fix Add leading + to timezone offset in the access logs (funkman)
update Merge ErrorDispacherValve functionality back into StadardHostValve, and remove associated hacks from StandardServer and StandardHost (remm)
fix Like some of the other resources, application parameters must not be reset on a context stop, as they come from a Context element. Regular parameters read from web.xml should be fine. (remm)
fix Correctly update the mapper. The previous code was not compatible with the invoker servlet and its dynamically added wrappers. (remm)
fix Use the context logger for all webapp related error messages (remm)
update Remove RequestListenerValve and merge it into StandardContextValve (remm)
fix Fix NPE exception when instances attribute is null (jfarcand)
fix 21822: Valves should only be registered and unregistered when: addValve or removeValve is called and the associated pipeline is started or on start and stop of the pipeline (remm)
update Update security constraints processing to be compliant with the new behavior specified in the Servlet 2.4 specification, where security constraints must now be combined. SecurityConstraint Realm.findSecurityConstraint is changed to SecurityConstraint[] findSecurityConstraints, and implemented in RealmBase. (billbarker)
fix Fix problems updating a WAR for a context which had a context file (it would be ignored) (remm)
fix Do not redeploy a context when a context file is added, and the context wasn't deployed with the auto deployer (remm)
fix The SetDocBaseRule will not throw a NPE, and will attempt to guess the context docbase if not set (remm)
Coyote
fix Slight re-factoring of the JSSE SSL implementation to allow it to work with non-Sun vendor's 1.4.x JVMs. (billbarker)
add Added support for X-Powered-By response header, as defined by the Servlet 2.4 and JSP 2.0 specs (luehe)
fix Fix context removal from the mapper when Tomcat is used as embedded (jfarcand)
fix As mandated by the specs, the mapper will always redirect for physical directories, and will always process physical welcome files mapping (billbarker)
Jasper
fix 21753: Fix comment generation, submitted by Eric Carmichael (billbarker)
update Hide all taglib and XML namespace management in PageInfo (luehe)
fix Forgive duplicate attribute values on static include (luehe)
fix Fixed typos and formatting of JspC help message (luehe)
fix Changed "jsp:usebean" to "jsp:useBean", submitted by Petr Jiricka (luehe)
update Preparation work for new 'static include' rules (luehe)
update Ignore default settings for "extends" and "language" when checking for multiple page directive attributes with conflicting values (luehe)
fix Do not unconditionally use "JSP" as the default body-content type, because it is illegal for SimpleTag handlers (luehe)
Webapps
fix Fix many tests (see bug 21731), partially submitted by Peter Rossbach (remm)
docs Added link to FAQ and Wiki on the introduction page of the docs (funkman)
docs Update docs for AccessLogValve (funkman)
docs Update docs index according to the menu changes (remm)
docs Add some Windows setup documentation (remm)
update Allow a WAR uploaded using the HTML manager to contain a META-INF/context.xml context file, for consistency with the Ant deploy task (remm)
fix Remove work directory when undeploying a web application using the manager (remm)
Tomcat 5.0.4 (remm)
General
code 19912, 19939, 19940, 19941: Many small typo fixes in resources, submitted by Chris Pepper (yoavs)
update Upgrade to commons-fileupload 1.0 (remm)
update Upgrade to Struts 1.1 (remm)
code Improve packaging to reduce total size of the Tomcat download (remm)
Catalina
code Cleanup Catalina and subcomponents Javadoc generation (remm)
fix Fix NPE in ApplicationHttpRequest when the object is created by a named dispatcher (jfarcand)
fix Escape '/' in the configFile name of a context, and strip out leading '/' (remm)
fix Initialize the context mapper after starting the context so that the welcome files are correctly set (remm)
fix 19607: Remove Context XML descriptor on undeploy (remm)
update 4829: Improve deployer so that the unpackWARs flag value is respected regardless of how the context is deployed (remm)
fix If a context XML file is added for an existing context, or if the context XML file is updated, the context will be redeployed (remm)
update Add logging on initialization of the URL stream handler (remm)
fix Add some Coyote inner classes to the preload list (jfarcand)
update Remove session recycling, which was previously disabled after security concerns were raised (remm)
update Implement proper handling of the context docBase when it is deployed from a context XML descriptor, using a new custom digester rule (remm)
fix 21419: Fix failure to start context when the Context element is included in server.xml, submitted by Torsten Fohrer (remm)
fix The pathinfo needs to be set in the ErrorDispatcherValve when sreq.getAttribute(Globals.EXCEPTION_ATTR) returns null and also non null (jfarcand)
fix 21045: Update the message keys of the manager servlet (remm)
fix In the manager servlet, use the configFile when undeploying, to properly remove the config file even if it does not match the context path (remm)
Coyote
fix Allow '*' as a valid URL (keith)
add Add support for enabling subset of supported SSL cipher suites (luehe)
add Add support for enabling subset of supported SSL cipher suites in JSSE implementation (luehe)
fix Wrap encodeURL method call inside a doPrivileged block (jfarcand)
update Add support for mapping host aliases (remm)
update 21219: Close the HTTP connection after certain error codes, or an unexpected exception, similar to HTTPd behavior (billbarker)
add Add support for enabling subset of supported SSL cipher suites in PureTLS implementation (billbarker)
Jasper
fix Improve web.xml insertion code so that the order of elements is respected (remm)
update 19622: Add encoding configuration to JspC (yoavs)
fix Remove comments generation when JspC is including mappings into web.xml, so that character coding issues are avoided (remm)
fix Support regenerating the web.xml with JspC without manually removing the generated servlet mappings (remm)
update Add detailed message about a likely Javac configuration problem whenever compilation fails and all messages and traces are empty (remm)
fix Allow the "value" attribute of <jsp:param> action to be non- String types (kinman)
fix Improve rare error message when static including fails (remm)
fix 21067: EL expression that returns an array causes compilation error (kinman)
fix 21440: Partial fix for <jsp:include> whose target performing a 'forward' does not behave as expected (luehe)
Webapps
fix Remove parallel initialization of the admin webapp, which is not a best practice pattern (remm)
docs Add deployer documentation (remm)
docs Add some documentation on the JMXProxy servlet (funkman)
fix Fix broken Javadocs links (remm)
update Add a bugzilla query for all open TC 5 bugs, hoping people will help address them (remm)
docs Update Host documentation based on the new and updated flags (remm)
Tomcat 5.0.3 (remm)
General
update Upgrade to commons-el 1.0 (remm)
update Split main Catalina JAR, and move i18n related resource files to separate JARs (remm)
fix 19808: Add the sit MIME mapping (funkman)
fix 20263: Fix problems running Tomcat with procrun as a Windows service, submitted by Mladen Turk (remm)
update Package Unix source from commons-daemon in the Tomcat distribution, so that the Unix wrapper can easily be used if needed (remm)
update Upgrade to commons-fileupload 1.0 RC 1, submitted by Martin Cooper (billbarker)
code Fix the netbuild (remm)
update Specification schema changes, submitted by Mark Roth (kinman)
update Many tag handling specification clarifications, submitted by Mark Roth (kinman)
Catalina
fix Fix JMX registration order again during context startup: the object name is constructed before the pipeline initialization, but the JMX registration only occurs after the context is started (remm)
fix Properly close WARs after expanding them in the deployer (remm)
update Fix handling of invalid WARs during auto deploy, which will be logged as a simple WARN without a stack trace, and reattempt deployment later (remm)
fix Dig as deep as possible to display possible nesting of ServletExceptions (funkman)
fix Fix NPE exception in classloader when an invalid war file is deployed (jfarcand)
fix Container incorrectly processes invalid URL patterns in jsp-property-groups (jfarcand)
add Add optional XSL processing to the output of the default servlet, as well the ability to include a readme file, similar to Apache (funkman)
code Remove bundled support for Tyrex (remm)
fix Comment out invoker servlet declaration (remm)
update Move context descriptors to $CATALINA_BASE/conf/[engine name]/[host name] to make the feature more secure (remm)
update Update the host properties: liveDeploy becomes autoDeploy (dynamically deploy and update web applications), and autoDeploy becomes deployOnStartup (deploy webapps from appBase on startup) (remm)
fix Remove thread local caching in the default servlet, which was causing a memory leak (remm)
add Add a mechanism to allow the classloader to release JAR file handles periodically (remm)
fix 20758: Remove a number of leaked references to the context object, so it can be properly garbage collected when the application is removed (remm)
fix Do JMX registration of the context before starting the pipeline (remm)
update Replace Catalina TLD-inside-JAR parsing code with a file based algorithm (remm)
update ServletContext.getResource for a JAR resource located inside /WEB-INF/lib will return a file based URL (remm)
update The special directories /WEB-INF/classes and /WEB-INF/lib are now considered to be non cacheable, in order to conserve cache space (remm)
fix Clear out constructs used for classloading, after a class has been successfully loaded (remm)
update Generalize WAR unpacking, based on the unpackWARs flag (remm)
update Track WARs for changes when WARs are unpacked: if the WAR is updated the web application will be redeployed (remm)
code Remove CertificatesValve, as it is useless with Coyote, and introduces a hard dependency on JSSE (billbarker)
update Add caching mechanism for invocation of methods using privileged actions (jfarcand)
fix 20380: AccessLogValve incorrectly calculates timezone, 16374: Date in file name configurable, 16400: Allow logging to be conditional (funkman)
add W3C Extended Log File Format support (funkman)
update Refactor FORM using a forward, based on the patch by Jeff Tulley (remm)
fix Properly set the wrapped request dispatcher state, submitted by Jan Luehe (remm)
update Have all contexts inherit Embedded's logger (luehe)
update Add logging of unexpected exceptions occuring during reference resolution (remm)
fix unbindClassLoader was throwing NPE when newly added context was removed (amyroh)
fix Fix Gump failure by copying the Ant JAR manually (jfarcand)
update Update confidential HTTPS redirection without using an actual URL, which has a hard JSSE dependency (remm)
add Include updated clustering code (fhanik, remm)
update Remove useless typecasts in the main processing pipeline, and make critical methods final, to enforce the Catalina design pattern (remm)
update Request dispatcher optimizations, based on the belief that wrapping is only needed (if at all) for the special attributes (remm)
update Major filter mapping optimization, using simple String region matching, as well as synchronization removal (remm)
add Add new callback on the container interface to process any background task the container may have (backgroundProcess), as well as a new backgroundProcessor attribute (default value: 10s for the engine container, and -1 for all others, so that only the engine has an associated thread) (remm)
add Refactor application reloading, deployment handling and session expiration to be able to use a single thread per Catalina engine, opposed to one thread per feature per webapp or virtual host; this should save resources and make Tomcat suitable for large scale web hosting; individual containers can still "own" their own reloading thread if they need to (remm)
fix Fix a bug where the context is not registered again in JMX after a stop/start, which would break mapping (remm)
update Implement context reloading as stop, followed by start, in an attempt to avoid code duplication and clear user confusion on what a reload exactly does (remm)
update Pass the request URI as a parameter to the request dispatcher, as this avoids rebuilding it (remm)
fix Unify the way we shutdown the server, and fix a classloading problem when the digester files are under common/lib instead of server/lib (jfarcand)
fix Do not register a StandardContext instance when the context is stopped (undeployed) (remm)
code Remove the old Catalina mapper (remm)
update Switch to the "new" mapper for request dispatcher mapping (remm)
fix 20018: ErrorPage directive doesn't work for HTTP error codes (400,500,..) (remm)
update Remove synchronized block on the request dispatcher wrapper request, submitted by Remy Maucherat (jfarcand)
fix Allow the getAttribute() method access to the wrapped request object (like setAttribute/removeAttribute) (jfarcand)
update Add the rest of missing attributes for j2eeType=WebModule and Servlet (amyroh)
code Remove redundant commons-beanutils JAR (remm)
update Isolate the validating digester creation so that the code can be reused (remm)
fix Fix to unregister valves that are other than Lifecycle - RequestDumperValve (amyroh)
fix Service.removeConnector doesn't unregister connector mbeans; call connector.destroy to unregister (amyroh)
fix Return null for objectName when initialization fails (amyroh)
update Make objectName attribute visible for j2eeType=Servlet mbean (amyroh)
fix Register valve in JMX even if it's not an instance of Lifecycle (amyroh)
update Add support for OS/400 in the Catalina shell scripts, submitted by Robert Upshall (jfclere)
fix Improve logic for setWrapper call for privileged webapps (costin)
Coyote
fix Fix access to the remote address of a request object with JMX (remm)
fix Fix CLIENT-CERT authentication when using PureTLS (billbarker)
update Allow setting arbitrary attributes on the HTTP/1.1 protocol handler (billbarker)
update Improve support for JSSE 1.1.x, and refactor introspection code in the factory (billbarker)
fix RFC 2109 cookies with quoted values are not processed properly (luehe)
fix Check for the existence of the class before trying to load the JK adapter to avoid useless error logging (funkman)
fix Fix the request state to allow the use of the request dispatcher from outside the filter pipeline (remm)
fix Commit the response even if the buffer is empty when flushing (remm)
fix ServletResponse.getLocale returns en_US instead of container (luehe)
fix Filter out CRLF from the message text (remm)
update Pass through all connector parameters to the Coyote protocol handler, which will allow custom initialization parameters for SSL, for example (billbarker)
fix Remove duplicate request field in the response object (remm)
fix Correctly handle redirects sent by the mapper (remm)
fix In the mapper, initialize the Context when the object is created (remm)
update Add removeWrapper similar to addWrapper to the mapper (remm)
update Refactor very slightly the mapping algorithm and the mapper so that it can do context level mapping (remm)
fix 19991: Make sure that the SSL-Cert Note gets recycled before processing the request (billbarker)
fix Changing to do lazy evaluation of the Servlet-Spec's SSL-attributes (billbarker)
fix 19958: IS.read() was actually accessing the char buffer, instead of using the readByte method which correctly uses the byte buffer (remm)
fix Get rid of the warning in the logs when no Client-Cert is available (jfarcand)
fix Fix the server user-agent String to be compliant with the HTTP standard (remm)
update Add new more explicit keep alive property based on the maxKeepAlive value (remm)
fix 19904: Don't search the query-string or anchor-tag for the protocol (billbarker)
fix Robustness: catch exceptions which can occur in prepareRequest (remm)
fix ServletResponse.getCharacterEncoding() doesn't return the value specified (luehe)
fix Incorrect handling of ServletResponse.setLocale (luehe)
add Add AOL Server support to JK 2, submitted by Alexander Leykekh (mturk)
code Fix javadoc generation for the connectors (costin)
Jasper
fix 20894: body-content value of "JSP" should be error if SimpleTag (kinman)
fix Switch back to JSPC forking being false by default (remm)
fix Default Jasper to not using caches for opening JAR files, which prevents caching (and subsequent locking on Windows) at the JDK level (remm)
fix Don't generate a smap for <jsp:attribute> itself, though maps are still generated for its body (kinman)
fix In a template text, the chars after '$' are not handled correctly (kinman)
update Only do the security init if there's a security manager (remm)
fix JSP caches tests failed - JSP compilation error (luehe)
fix Close JARs after parsing their TLDs, regardless of whether the JAR contains any packaged tag files (luehe)
fix In JspUtil, path is slash, even on windows (kinman)
fix Expose root cause of ELExceptions when no error page is defined (luehe)
fix Include <jsp:param> when checking if a page is scriptless, submitted by Michael Walker (kinman)
fix Set correct class path for tag files, submitted by Michael Walker (kinman)
fix EL evaluation error no longer discloses root cause (luehe)
fix Exceptions not propagated to JSP error pages (luehe)
fix Make sure that the output directory exist, in case it was removed (kinman)
fix 'xmlns' attributes that do not represent tag libraries are subject to TLD check (luehe)
fix Jasper *always* passes initial response character encoding to ServletResponse (luehe)
fix 19713: Define "request" the out of line method when there is a <jsp:param> in the body of a custom tag (kinman)
Webapps
update Add placeholder code for a complete status display in the Status servlet, including webapps statistics (remm)
fix Fix WAR handling when deploying and undeploying webapps using the HTML manager (remm)
add Add documentation on the default servlet (funkman)
fix Update information of the proxy documentation page (funkman)
update Update the manager servlet to support versioning with the deploy method, in addition to other smaller refactorings (remm)
add Add changelog, status, and developers list (remm)
update Remove checkInterval attribute since it no longer exists (amyroh)
fix Use getSession(true) in the session example (remm)
update Update documentation index, to reflect the docs structure (remm)
fix Disallow more than one SingleSignOn valve per service (amyroh)
fix Unregister context and loader mbeans if it fails due to missing directory (amyroh)
fix Fix to return an error page instead of error stack trace when a user tries to create a context without creating a directory first (amyroh)
docs Update manager documentation according to the new behavior (remm)
fix Disable realm operations for engine until JAAS realm is supported in admin (amyroh)
docs Use a book-like structure for the user related documentation (remm)
docs Add new deployer documentation (remm)
docs Fix MySQL JDBC connection example (glenn)
fix Add proper MIME types for the content the JSPX examples generate, submitted by Mark Roth (kinman)
Deployer
code Deprecate install and remove tasks (remm)
update Add new properties to the deploy task to allow for versioning and updating (remm)
add Generate minimal catalina-deployer JAR for use with the deployer (remm)
add New validator task, for use with the deployer (remm)
update Rename deploy.xml to build.xml for ease of use (remm)
Tomcat 5.0.2 (remm)
Tomcat 5.0.1 (remm)
Tomcat 5.0.0 (remm)
Tomcat 4.1.7 Beta (remm)
code Tomcat 5.0.x branch point based on the Tomcat 4.1.7 codebase (remm)

Copyright © 1999-2003, Apache Software Foundation