Commit e837af5f authored by Jakub Adam's avatar Jakub Adam

Imported Upstream version 7.0.26

parent 9f7a6693
......@@ -14,9 +14,28 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# -----------------------------------------------------------------------------
target
logs
nbproject
output
build.properties
# Next line commented out, because test/webapp-3.0-virtual-library and
# test/webapp-3.0-virtual-webapp use it:
# target
work
logs
build.properties
mvn.properties
.checkstyle
.classpath
.fbprefs
.project
.settings
*.iml
*.asc
*.tmp
maven-ant-tasks-*.jar
thumbs.db
Thumbs.db
bin/setenv.*
java/org/apache/catalina/startup/catalina.properties
modules/jdbc-pool/bin
modules/jdbc-pool/includes
webapps/docs/jdbc-pool.xml
This diff is collapsed.
Apache Tomcat
Copyright 1999-2011 The Apache Software Foundation
Copyright 1999-2012 The Apache Software Foundation
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
......
......@@ -21,13 +21,13 @@
# modules that Tomcat depends on. Copy this file to "build.properties"
# in the top-level source directory, and customize it as needed.
#
# $Id: build.properties.default 1203301 2011-11-17 17:49:13Z markt $
# $Id: build.properties.default 1245466 2012-02-17 14:02:42Z markt $
# -----------------------------------------------------------------------------
# ----- Version Control Flags -----
version.major=7
version.minor=0
version.build=23
version.build=26
version.patch=0
version.suffix=
......@@ -46,6 +46,9 @@ test.accesslog=false
# Workaround against http://bugs.sun.com/view_bug.do?bug_id=6202721
test.jvmarg.egd=-Djava.security.egd=file:/dev/./urandom
# Location of GPG executable (used only for releases)
gpg.exec=/path/to/gpg
# ----- Default Base Path for Dependent Packages -----
# Please note this path must be absolute, not relative,
# as it is referenced with different working directory
......@@ -120,8 +123,8 @@ wsdl4j-lib.loc=${base-maven.loc}/wsdl4j/wsdl4j/${wsdl4j-lib.version}/wsdl4j-${ws
wsdl4j-lib.jar=${wsdl4j-lib.home}/wsdl4j-${wsdl4j-lib.version}.jar
# ----- Eclipse JDT, version 3.2 or later -----
jdt.version=3.7
jdt.release=R-3.7-201106131736
jdt.version=3.7.1
jdt.release=R-3.7.1-201109091335
jdt.home=${base.path}/ecj-${jdt.version}
jdt.jar=${jdt.home}/ecj-${jdt.version}.jar
# The download will be moved to the archive area eventually. We are taking care of that in advance.
......@@ -147,7 +150,7 @@ commons-dbcp-src.loc.1=${base-commons.loc.1}/dbcp/source/commons-dbcp-${commons-
commons-dbcp-src.loc.2=${base-commons.loc.2}/dbcp/source/commons-dbcp-${commons-dbcp.version}-src.tar.gz
# ----- Commons Pool, version 1.1 or later -----
commons-pool.version=1.5.6
commons-pool.version=1.5.7
commons-pool.home=${base.path}/commons-pool-${commons-pool.version}-src
commons-pool-src.loc.1=${base-commons.loc.1}/pool/source/commons-pool-${commons-pool.version}-src.tar.gz
commons-pool-src.loc.2=${base-commons.loc.2}/pool/source/commons-pool-${commons-pool.version}-src.tar.gz
......@@ -161,7 +164,7 @@ nsis.nsisdl.dll=${nsis.home}/Plugins/NSISdl.dll
nsis.loc=${base-sf.loc}/nsis/nsis-2.46.zip
# ----- Commons Daemon, version 1.0-Alpha or later -----
commons-daemon.version=1.0.7
commons-daemon.version=1.0.9
commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version}
commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar
commons-daemon.native.win.home=${commons-daemon.home}/windows
......
This diff is collapsed.
......@@ -24,7 +24,7 @@
// * Read access to the web application's document root directory
// * Read, write and delete access to the web application's working directory
//
// $Id: catalina.policy 1189147 2011-10-26 11:57:37Z kkolinko $
// $Id: catalina.policy 1220297 2011-12-17 22:55:28Z markt $
// ============================================================================
......@@ -85,6 +85,10 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "java.util.logging.config.class", "read";
permission java.util.PropertyPermission "java.util.logging.config.file", "read";
permission java.util.PropertyPermission "catalina.base", "read";
permission java.util.PropertyPermission
"org.apache.juli.logging.UserDataHelper.CONFIG", "read";
permission java.util.PropertyPermission
"org.apache.juli.logging.UserDataHelper.SUPPRESSION_TIME", "read";
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
......
......@@ -388,6 +388,20 @@
<!-- ================== Built In Filter Definitions ===================== -->
<!-- A filter that sets character encoding that is used to decode -->
<!-- parameters in a POST request -->
<!--
<filter>
<filter-name>setCharacterEncodingFilter</filter-name>
<filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<async-supported>true</async-supported>
</filter>
-->
<!-- A filter that triggers request parameters parsing and rejects the -->
<!-- request if some parameters were skipped because of parsing errors or -->
<!-- request size limitations. -->
......@@ -462,6 +476,14 @@
<!-- ==================== Built In Filter Mappings ====================== -->
<!-- The mapping for the Set Character Encoding Filter -->
<!--
<filter-mapping>
<filter-name>setCharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<!-- The mapping for the Failed Request Filter -->
<!--
<filter-mapping>
......@@ -811,6 +833,10 @@
<extension>cab</extension>
<mime-type>application/vnd.ms-cab-compressed</mime-type>
</mime-mapping>
<mime-mapping>
<extension>cap</extension>
<mime-type>application/vnd.tcpdump.pcap</mime-type>
</mime-mapping>
<mime-mapping>
<extension>car</extension>
<mime-type>application/vnd.curl.car</mime-type>
......@@ -1135,6 +1161,10 @@
<extension>dmg</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>dmp</extension>
<mime-type>application/vnd.tcpdump.pcap</mime-type>
</mime-mapping>
<mime-mapping>
<extension>dms</extension>
<mime-type>application/octet-stream</mime-type>
......@@ -1211,6 +1241,10 @@
<extension>dv</extension>
<mime-type>video/x-dv</mime-type>
</mime-mapping>
<mime-mapping>
<extension>dvb</extension>
<mime-type>video/vnd.dvb.file</mime-type>
</mime-mapping>
<mime-mapping>
<extension>dvi</extension>
<mime-type>application/x-dvi</mime-type>
......@@ -1495,6 +1529,10 @@
<extension>gac</extension>
<mime-type>application/vnd.groove-account</mime-type>
</mime-mapping>
<mime-mapping>
<extension>gbr</extension>
<mime-type>application/rpki-ghostbusters</mime-type>
</mime-mapping>
<mime-mapping>
<extension>gdl</extension>
<mime-type>model/vnd.gdl</mime-type>
......@@ -1743,6 +1781,18 @@
<extension>in</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ink</extension>
<mime-type>application/inkml+xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>inkml</extension>
<mime-type>application/inkml+xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>iota</extension>
<mime-type>application/vnd.astraea-software.iota</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ipfix</extension>
<mime-type>application/ipfix</mime-type>
......@@ -2123,6 +2173,10 @@
<extension>mfm</extension>
<mime-type>application/vnd.mfmp</mime-type>
</mime-mapping>
<mime-mapping>
<extension>mft</extension>
<mime-type>application/rpki-manifest</mime-type>
</mime-mapping>
<mime-mapping>
<extension>mgp</extension>
<mime-type>application/vnd.osgeo.mapguide.package</mime-type>
......@@ -2590,6 +2644,10 @@
<extension>ott</extension>
<mime-type>application/vnd.oasis.opendocument.text-template</mime-type>
</mime-mapping>
<mime-mapping>
<extension>oxps</extension>
<mime-type>application/oxps</mime-type>
</mime-mapping>
<mime-mapping>
<extension>oxt</extension>
<mime-type>application/vnd.openofficeorg.extension</mime-type>
......@@ -2646,6 +2704,10 @@
<extension>pbm</extension>
<mime-type>image/x-portable-bitmap</mime-type>
</mime-mapping>
<mime-mapping>
<extension>pcap</extension>
<mime-type>application/vnd.tcpdump.pcap</mime-type>
</mime-mapping>
<mime-mapping>
<extension>pcf</extension>
<mime-type>application/x-font-pcf</mime-type>
......@@ -3006,6 +3068,10 @@
<extension>rnc</extension>
<mime-type>application/relax-ng-compact-syntax</mime-type>
</mime-mapping>
<mime-mapping>
<extension>roa</extension>
<mime-type>application/rpki-roa</mime-type>
</mime-mapping>
<mime-mapping>
<extension>roff</extension>
<mime-type>text/troff</mime-type>
......@@ -3248,6 +3314,10 @@
<extension>smil</extension>
<mime-type>application/smil+xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>smzip</extension>
<mime-type>application/vnd.stepmania.package</mime-type>
</mime-mapping>
<mime-mapping>
<extension>snd</extension>
<mime-type>audio/basic</mime-type>
......@@ -3350,7 +3420,7 @@
</mime-mapping>
<mime-mapping>
<extension>sub</extension>
<mime-type>image/vnd.dvb.subtitle</mime-type>
<mime-type>text/vnd.dvb.subtitle</mime-type>
</mime-mapping>
<mime-mapping>
<extension>sus</extension>
......@@ -3424,6 +3494,10 @@
<extension>t</extension>
<mime-type>text/troff</mime-type>
</mime-mapping>
<mime-mapping>
<extension>taglet</extension>
<mime-type>application/vnd.mynfc</mime-type>
</mime-mapping>
<mime-mapping>
<extension>tao</extension>
<mime-type>application/vnd.tao.intent-module-archive</mime-type>
......@@ -3712,10 +3786,22 @@
<extension>uvvx</extension>
<mime-type>application/vnd.dece.unspecified</mime-type>
</mime-mapping>
<mime-mapping>
<extension>uvvz</extension>
<mime-type>application/vnd.dece.zip</mime-type>
</mime-mapping>
<mime-mapping>
<extension>uvx</extension>
<mime-type>application/vnd.dece.unspecified</mime-type>
</mime-mapping>
<mime-mapping>
<extension>uvz</extension>
<mime-type>application/vnd.dece.zip</mime-type>
</mime-mapping>
<mime-mapping>
<extension>vcard</extension>
<mime-type>text/vcard</mime-type>
</mime-mapping>
<mime-mapping>
<extension>vcd</extension>
<mime-type>application/x-cdlink</mime-type>
......
......@@ -19,6 +19,7 @@ package javax.servlet;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
......@@ -107,11 +108,16 @@ public class ServletSecurityElement extends HttpConstraintElement {
}
public Collection<HttpMethodConstraintElement> getHttpMethodConstraints() {
return methodConstraints.values();
Collection<HttpMethodConstraintElement> result =
new HashSet<HttpMethodConstraintElement>();
result.addAll(methodConstraints.values());
return result;
}
public Collection<String> getMethodNames() {
return methodConstraints.keySet();
Collection<String> result = new HashSet<String>();
result.addAll(methodConstraints.keySet());
return result;
}
private void addHttpMethodConstraints(
......
......@@ -116,8 +116,8 @@ public interface HttpSession {
/**
* Specifies the time, in seconds, between client requests before the
* servlet container will invalidate this session. A negative time indicates
* the session should never timeout.
* servlet container will invalidate this session. A zero or negative time
* indicates that the session should never timeout.
*
* @param interval
* An integer specifying the number of seconds
......@@ -129,7 +129,7 @@ public interface HttpSession {
* will keep this session open between client accesses. After this interval,
* the servlet container will invalidate the session. The maximum time
* interval can be set with the <code>setMaxInactiveInterval</code> method.
* A negative time indicates the session should never timeout.
* A zero or negative time indicates that the session should never timeout.
*
* @return an integer specifying the number of seconds this session remains
* open between client requests
......
......@@ -32,11 +32,26 @@ import org.apache.catalina.deploy.LoginConfig;
* provides some sort of authentication service.
*
* @author Craig R. McClanahan
* @version $Id: Authenticator.java 1200156 2011-11-10 05:30:28Z kkolinko $
* @version $Id: Authenticator.java 1241170 2012-02-06 20:45:52Z markt $
*/
public interface Authenticator {
/**
* Authenticate the user making this request, based on the login
* configuration of the {@link Context} with which this Authenticator is
* associated. Return <code>true</code> if any specified constraint has
* been satisfied, or <code>false</code> if we have created a response
* challenge already.
*
* @param request Request we are processing
* @param response Response we are populating
*
* @exception IOException if an input/output error occurs
*/
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException;
/**
* Authenticate the user making this request, based on the specified
* login configuration. Return <code>true</code> if any specified
......@@ -49,7 +64,12 @@ public interface Authenticator {
* should be performed
*
* @exception IOException if an input/output error occurs
*
* @deprecated Use {@link #authenticate(Request, HttpServletResponse)}.
* This will be removed / have reduced visibility in Tomcat
* 8.0.x
*/
@Deprecated
public boolean authenticate(Request request, HttpServletResponse response,
LoginConfig config) throws IOException;
......
......@@ -26,7 +26,8 @@ import org.apache.catalina.core.StandardPipeline;
* there is demand it can be extended to support alternative factories and/or
* alternative defaults.
*
* TODO: Create the other standard components via this factory
* @deprecated There was no demand for this capability and it will be removed in
* Tomact 8.0.x
*/
public class CatalinaFactory {
......@@ -40,6 +41,10 @@ public class CatalinaFactory {
// Hide the default constructor
}
/**
* @deprecated Unused. Will be removed in Tomcat 8.0.x.
*/
@Deprecated
public String getDefaultPipelineClassName() {
return StandardPipeline.class.getName();
}
......
......@@ -80,7 +80,7 @@ import org.apache.juli.logging.Log;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
* @version $Id: Container.java 1200158 2011-11-10 05:32:22Z kkolinko $
* @version $Id: Container.java 1238006 2012-01-30 20:57:00Z markt $
*/
public interface Container extends Lifecycle {
......@@ -99,7 +99,9 @@ public interface Container extends Lifecycle {
/**
* The ContainerEvent event type sent when a Mapper is added
* by <code>addMapper()</code>.
* @deprecated Unused. Will be removed in Tomcat 8.0.x.
*/
@Deprecated
public static final String ADD_MAPPER_EVENT = "addMapper";
......@@ -120,7 +122,9 @@ public interface Container extends Lifecycle {
/**
* The ContainerEvent event type sent when a Mapper is removed
* by <code>removeMapper()</code>.
* @deprecated Unused. Will be removed in Tomcat 8.0.x.
*/
@Deprecated
public static final String REMOVE_MAPPER_EVENT = "removeMapper";
......@@ -415,7 +419,10 @@ public interface Container extends Lifecycle {
* processing
* @exception ServletException if a ServletException was thrown
* while processing this request
*
* @deprecated Unused. Will be removed in Tomcat 8.0.x.
*/
@Deprecated
public void invoke(Request request, Response response)
throws IOException, ServletException;
......
......@@ -23,7 +23,7 @@ package org.apache.catalina;
* Global constants that are applicable to multiple packages within Catalina.
*
* @author Craig R. McClanahan
* @version $Id: Globals.java 1200218 2011-11-10 08:44:03Z kkolinko $
* @version $Id: Globals.java 1239263 2012-02-01 18:51:14Z markt $
*/
public final class Globals {
......@@ -118,7 +118,9 @@ public final class Globals {
/**
* The servlet context attribute under which the managed bean Registry
* will be stored for privileged contexts (if enabled).
* @deprecated Unused. Will be removed in Tomcat 8.0.x.
*/
@Deprecated
public static final String MBEAN_REGISTRY_ATTR =
"org.apache.catalina.Registry";
......@@ -126,7 +128,9 @@ public final class Globals {
/**
* The servlet context attribute under which the MBeanServer will be stored
* for privileged contexts (if enabled).
* @deprecated Unused. Will be removed in Tomcat 8.0.x.
*/
@Deprecated
public static final String MBEAN_SERVER_ATTR =
"org.apache.catalina.MBeanServer";
......
......@@ -69,7 +69,7 @@ import org.apache.tomcat.util.res.StringManager;
* requests. Requests of any other type will simply be passed through.
*
* @author Craig R. McClanahan
* @version $Id: AuthenticatorBase.java 1162838 2011-08-29 14:42:49Z markt $
* @version $Id: AuthenticatorBase.java 1241170 2012-02-06 20:45:52Z markt $
*/
......@@ -602,6 +602,27 @@ public abstract class AuthenticatorBase extends ValveBase
}
/**
* Authenticate the user making this request, based on the login
* configuration of the {@link Context} with which this Authenticator is
* associated. Return <code>true</code> if any specified constraint has
* been satisfied, or <code>false</code> if we have created a response
* challenge already.
*
* @param request Request we are processing
* @param response Response we are populating
*
* @exception IOException if an input/output error occurs
*/
@Override
public boolean authenticate(Request request, HttpServletResponse response)
throws IOException {
if (context == null || context.getLoginConfig() == null) {
return true;
}
return authenticate(request, response, context.getLoginConfig());
}
/**
* Authenticate the user making this request, based on the specified
* login configuration. Return <code>true</code> if any specified
......
......@@ -5,9 +5,9 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
*
* http://www.apache.org/licenses/LICENSE-2.0
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
......@@ -20,9 +20,11 @@ package org.apache.catalina.authenticator;
import java.io.IOException;
import java.security.Principal;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Session;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
......@@ -33,7 +35,7 @@ import org.apache.catalina.deploy.LoginConfig;
* only security constraints not involving user authentication.
*
* @author Craig R. McClanahan
* @version $Id: NonLoginAuthenticator.java 1005834 2010-10-08 14:02:05Z markt $
* @version $Id: NonLoginAuthenticator.java 1225469 2011-12-29 08:09:40Z markt $
*/
public final class NonLoginAuthenticator
......@@ -68,16 +70,44 @@ public final class NonLoginAuthenticator
/**
* Authenticate the user making this request, based on the specified
* login configuration. Return <code>true</code> if any specified
* constraint has been satisfied, or <code>false</code> if we have
* created a response challenge already.
* <p>Authenticate the user making this request, based on the fact that no
* <code>login-config</code> has been defined for the container.</p>
*
* <p>This implementation means "login the user even though there is no
* self-contained way to establish a security Principal for that user".</p>
*
* @param request Request we are processing
* @param response Response we are populating
* @param config Login configuration describing how authentication
* should be performed
* <p>This method is called by the AuthenticatorBase super class to
* establish a Principal for the user BEFORE the container security
* constraints are examined, i.e. it is not yet known whether the user
* will eventually be permitted to access the requested resource.
* Therefore, it is necessary to always return <code>true</code> to
* indicate the user has not failed authentication.</p>
*
* <p>There are two cases:
* <ul>
* <li>without SingleSignon: a Session instance does not yet exist
* and there is no <code>auth-method</code> to authenticate the
* user, so leave Request's Principal as null.
* Note: AuthenticatorBase will later examine the security constraints
* to determine whether the resource is accessible by a user
* without a security Principal and Role (i.e. unauthenticated).
* </li>
* <li>with SingleSignon: if the user has already authenticated via
* another container (using its own login configuration), then
* associate this Session with the SSOEntry so it inherits the
* already-established security Principal and associated Roles.
* Note: This particular session will become a full member of the
* SingleSignOnEntry Session collection and so will potentially
* keep the SSOE "alive", even if all the other properly
* authenticated Sessions expire first... until it expires too.
* </li>
* </ul></p>
*
* @param request Request we are processing
* @param response Response we are creating
* @param config Login configuration describing how authentication
* should be performed
* @return boolean to indicate whether the user is authenticated
* @exception IOException if an input/output error occurs
*/
@Override
......@@ -86,23 +116,53 @@ public final class NonLoginAuthenticator
LoginConfig config)
throws IOException {
/* Associating this request's session with an SSO would allow
coordinated session invalidation, but should the session for
a webapp that the user didn't log into be invalidated when
another session is logged out?
String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
if (ssoId != null)
associate(ssoId, getSession(request, true));