The Jakarta Project
      The Tomcat Servlet/JSP Container

Links

User Guide

Reference

Tomcat Development

The Tomcat 5 Servlet/JSP Container

Changelog

Printer Friendly Version
print-friendly
version
Tomcat 5.0.18 (remm)
General
fix Fix packaging of the source .tar.gz (remm)
fix Fix bug in the netbuild where the script would always attempt to checkout the sources (jfclere)
fix 26162: Fix typo in the minimal config (remm)
Catalina
fix Remove CGI servlet dependency on JDK 1.4 (markt)
fix 26171: Fix NPE in AccessLogValve during a reload (yoavs)
Coyote
fix Fix memory leak when spare threads are destroyed (remm, fhanik)
Modules
fix Implemented the ability to not expire sessions on shutdown, since that will expire them across the cluster (fhanik)
fix Fix initialization of the session in delta manager (fhanik)
Tomcat 5.0.17 (remm)
General
add Add minimal server.xml (yoavs)
update Upgrade to Xerces 2.6.0 (remm)
add Add service.bat for NT service installation/uninstallation (mturk)
fix 10286: Fix license typos (markt)
update Upgrade to NSIS RC 2, and add metadata to the generated installer (remm)
update New jsvc 1.0 Unix daemon wrapper (remm)
update New procrun 1.0 Windows service wrapper (billbarker)
Catalina
fix Properly implement new API methods getLocalName and getLocalPort (jfarcand)
fix 25193: Don't attempt to parse the parameters if the request body wasn't fully read (remm)
fix 25234: isValid already expires sessions, so backgroundProcess shouldn't call expire again, submitted by Paul Harvey (remm)
fix Sync catalina.properties included in the JAR with the main one (remm)
fix Fix WebDAV servlet issues: 23999, 24001, 24005 (markt)
update Managers cleanup, add stats and JMX for the PersistentManager (remm)
fix Cache the result of getURLs, which was a major performance problem when using RMI from Tomcat (remm)
update Fix authentication and authorization compliance with the final specification; also optimize algorithm (billbarker, remm)
fix 7080: Handle a null username correctly, submitted by Tim Walsh (markt)
fix JNDI realm fixes: 23190, 16541 (funkman)
fix 23885: Strings for JAAS realm (funkman)
fix 5762: Include port in HTTP_HOST environment variable, submitted by Martin Dengler (markt)
fix 5759: CGI servlet does not support extension mapping (markt)
fix 25593: Set all common resources attributes on start, including allowLinking (remm)
fix Reset the repositories array on certain method calls, and override addURL to set hasExternalRepositories to true (remm)
fix Improve creation of cross context sessions: they will now timeout correctly and they will appear as new when created (remm)
fix 8859: Correct namespace handling for lock owners in WebDAV servlet (markt)
fix Add a minTime attribute on servlets (remm)
fix 25703: ExtendedLogValve use wrong filename after rotate or checkexits case, submitted by Peter Rossbach (funkman)
fix Allow disabling the shutdown hook, which is useful when embedding using the main class with JMX (remm)
fix 25792: Fix session timeout implementation, which could lead to incorrect invalidation in some cases, submitted by Jarno Peltoniemi (remm)
fix 9625: Stack traces are now escaped to ensure correct display (markt)
fix 25885: Incorrect addApplicationParameter test, submitted by Peter Rossbach (remm)
fix 25886: Remove the check on the maximum amount of active sessions during session creation (remm)
fix 19998: Changed StringTokenizer creation to be compatible with Windows in the CGI servlet (yoavs)
fix 11682: Deploying a webapp to the root context via an Ant task when unpackWARs is true now behaves correctly (markt)
fix 25878: Add HostConfig after new Host is created via admin and prevent duplicate errorReportValve creation after restart, submitted by Peter Rossbach (amyroh)
update 25889: Allow configuring users and passwords, and automatically reconnect if connection fails for some reason, submitted by Peter Rossbach (remm)
fix Fix array out of bounds when the docBase of a webapp is equal to "" (remm)
fix Update spanish translation, submitted by Jesus Marin (remm)
add Add backgroundProcess method on the manager (fhanik, remm)
fix Cleanup of HostConfig, and add some i18n (remm)
fix When creating a Host dynamically with JMX, the autoDeploy should be set to false (remm)
Coyote
fix Update Japanese strings, submitted by Kazuhiro Kazama (larryi)
fix Fix JkCoyote to properly handle the distinction between localName/Port and serverName/Port (billbarker)
fix 25199: Fix NPE when there's no default servlet, submitted by Torsten Fohrer (remm)
fix Port optimization from CharChunk to prevent needless allocation of byte arrays (larryi)
update Add a flag to allow using the encoding specified in the contentType or using setCharacterEncoding for the URI paramters (remm)
fix When redirecting to a folder, append the query string if not null, to avoid losing query parameters, and refactor to use the new postParseRequest processing (remm)
fix 25603: Adding a 'truststoreType' attribute, and making the trustStorePassword default to the keystorePass (billbarker)
fix Add a try/catch when adding a wrapper, similar to what is done when handling contexts (remm)
fix Fix host removal from the mapper (remm)
fix Small cleanup of a thread startup in the thread pool (billbarker)
add Repackaging ApacheConfig and friends for Tomcat 5 in the org.apache.jk.config package (billbarker)
fix Fix error-condition logging statements in MapperListener (billbarker)
fix Add a privileged action for setDateHeader (billbarker)
add 25819: Add support for the security manager in JK (billbarker)
fix Cosmetic fixes in the Mapper (remm)
fix Report an exception which occurred during a low level flush (remm)
fix Tweak thread pool according to suggestions from Dave Dice (remm)
fix Add an "allowTrace" flag on the connector, and disable TRACE by default (remm)
fix Move the call to setSocketOptions to prevent a potential DoS condition when using SSL, submitted by Alex Chan (billbarker)
Jasper
fix Avoid using deprecated Character.isSapce method in ParserController (kinman)
fix Update Japanese strings, submitted by Kazuhiro Kazama (larryi)
update Rewrite error checking when processing tag files to conform with the lastest JSP spec (kinman)
fix When a tag file includes a file, make sure the included file environment maintains the isTag and directiveOnly properties (kinman)
fix Have JspC.execute() propagate its exceptions (luehe)
fix For tag files, don't issue error for multiple definition when both are for dynamic-attributes (kinman)
fix 25263: Bad smap when template text got concatenated (kinman)
fix The spec allows an attribute to be specified in multple tag directives, if they have the same value; it is an error if not (kinman)
fix Use development mode by default: mappedFile is now true (remm)
fix 25787: Directives added to working tag files are not generated (kinman)
Webapps
fix Update Japanese admin webapp strings, submitted by Kazuhiro Kazama (larryi)
fix 25138: i18n fixes in admin, submitted by Takashi Okamoto (amyroh)
docs The Context (or DefaultContext) element should now be used to configure the file based resources (which is the default); other types of resources can have their properties set through this element (remm)
docs 25119: Remove mention of the pause attribute in Ant task (remm)
docs Update connector documentation to refer to two connectors: HTTP and AJP, in an attempt to clear confusion (remm)
fix 24771: Unable to create new connector (markt)
add Add manager statistics for each context, as well as navigation links so that this is actually useful (remm)
docs Document new HTTP connector flags (remm, larryi)
docs Add architecture documentation (yoavs)
docs 25555: Updating SSO docs, submitted by Brian Stansberry (billbarker)
docs Clustering docs update (fhanik)
docs The war attribute of the deploy task should point to a .war (remm)
docs In the appdev example, use the localWar attribute instead of war for deploying a local webapp (remm)
docs 9960: Clarify potential issues using xml context files and auto deployment (markt)
docs 25774: Added note about GNU make for daemon on FreeBSD systems (yoavs)
docs Add info that session persistence can be disabled by setting the attribute to an empty String (remm)
Modules
fix 25493: Implemented true synchronous replication (fhanik)
fix Longer read timeout, since under load it can take a while (fhanik)
add Adding in a regular io cluster listener to be used with JDK 1.3 (fhanik)
fix Fix the validator task after the digester factory refactoring (remm)
fix Fix packaging of the deployer JAR (remm)
add Implemented compression of the data sent over the wire by the cluster (fhanik)
fix Only print a message when the connection fails (fhanik)
fix Removed sychronization overhead on clustering (fhanik)
fix Status servlets tweaks, to allow extending it (remm)
fix 25948: Undeploy should be called with the displayed path to be able to work on the root context, submitted by Peter Rossbach (remm)
fix Remove incorrect className attribute in proxy HOWTO (remm)
fix Fixed 100% cpu bug with the replication listener (fhanik)
add Implemented socket pool for replication since the synchronized send became a bottleneck (fhanik)
add Implement delta replication (fhanik)
fix Clustering performance improvements (fhanik)
fix Fixed a bug in a dead lock with the pooled socket sender when a member crashes (fhanik)
add Implemented distributed expiration of sessions (fhanik)
fix Print out a warning if no socket is returned from the pool and we are still connected (fhanik)
update Changing the default manager to be DeltaManager (fhanik)
Tomcat 5.0.16 (remm)
Catalina
fix Catch exception in WebappLoader when there is an empty jar file (amyroh)
fix 25033: Calculating the object name should occur as early as possible, to fix a stop/start scenario based on different object instances (remm)
fix Fix JMX object name generator when there are valves with the same classname in the pipeline (remm)
fix 25079: CL.getResource will return JAR based URLs for .class files (remm)
update Make a lot of manager and session fields protected instead of private (remm)
update Add many fields in JMX for StandardContext and StandardDefaultContext (remm)
update Add managerChecksFrequency field to DefaultContext (remm)
Jasper
update General cleanup of the per thread tag handlers (luehe)
fix In XML syntax, recognize \$ escape sequence in template text (kinman)
fix Make sure that white spaces in template texts around <![CDATA[...]]> are trimmed (kinman)
Webapps
docs Balancer webapp documentation (yoavs)
docs Add back in reference to using mod_jk for serving static content (glenn)
docs Document new flags for the DefaultContext, Context and Resources elements (remm)
fix 25078: Fix serverinfo Ant task (remm)
fix The line numbers for uncommenting cgi and ssi keeps on getting out of sync with web.xml: an attempt at rewording to not have them get out of sync (funkman)
Tomcat 5.0.15 (remm)
General
fix Remove useCanonicalCaches system property from JVM startup on Windows, as Sun JDK 1.4.2_02 fixes the bad behavior (remm)
docs In the Servlet spec, add missing package Javadoc description (jfarcand)
update Update to commons-daemon 1.0 alpha (jfclere)
update Use base-jakarta.loc property to avoid hardcoding locations (jfclere)
Catalina
update Merge digester's initialization logic into one class and add schema support for parsers other than Xerces (jfarcand)
update Modify the MBean lifecycle for the containers: the MBeans will now be removed only on destroy, rather than on stop (remm)
fix 9723: Avoid unnecessary calls to RequestUtil.filter, submitted by Arvind Srinivasan (amyroh)
fix 23853: add MBean description for DatasourceRealm, based on a patch by Kyle VanderBeek (amyroh)
fix Fix unregistration of valves on stop (the objectname should be reset so that the valve is registered again) (remm)
fix Fix registration of the root context through JMX (basically, it's the usual "/" to "" conversion for the path) (remm)
update All the properties defined in catalina.properties will now be set as system properties (remm)
update Add fields to control the resources, as well as set them globally using DefaultContext (remm)
fix In PersistentManagerBase, return the object instead of a null, and throw the proper exception (jfarcand)
add Extend digester to be able to do system property replacement in server.xml and the context config files, using the ${...} syntax used by Ant (remm)
fix 24006: allow header handling in WebDAV servlet, submitted by Mark Thomas (remm)
fix 24368: Fix unhandled exception submitted by Mark Thomas (remm)
fix 23764: fix SSO logout (remm)
fix 24829: The command is the last parameter, not the first one (remm)
fix 24832: Merge code from JDBC realm, fixing the valve after a restart of the database, submitted by submitted by Peter Rossbach (remm)
update 23881: SSO in embedded Tomcat, submitted by Brian Stansberry (remm)
update When calling ServletContext.log, append the application's name so we know from which application the log is coming (jfarcand)
fix Don't throw an ISE if Session.getLastModified is called while the session is expiring, submitted by Brian Stansberry (remm)
fix 9077: When a session timeouts, it won't logout of all webapps, submitted by Brian Stansberry (remm)
Coyote
update Added support for localized messages in the thread pool (luehe)
fix 24270: NoClassDefFoundError when running in security mode (jfarcand)
update Correct any maxThreads settings < 10 in adjustLimits(), since they would result in a non functional connector (luehe)
fix 24428: No continue if not HTTP/1.1 (remm)
fix Encode address property so Connector can handle IPV6 address in ObjectName (amyroh)
fix Don't add the charset if it's the default one (remm)
fix Add getter for RequestInfo.globalProcessor - it was returning AttributeNotFoundException because of missing getter (amyroh)
update Add a limit to the size of a POST which will be processed using getParameter (remm)
update Refactor postParseRequest to avoid throwing an exception (billbarker)
fix Only set charset when it is explicitely set (billbarker)
fix Add new JMX connector attributes (remm)
update Add maxPostSize support for client cert, to allow limiting the size of the buffered data (billbarker, remm)
fix Throw exception if keyAlias does not identify key entry in connector's key store, to prevent infinite loop on org.apache.tomcat.util.net.PoolTcpEndpoint acceptSocket (luehe)
fix The KeyStore implementation ("JKS") of the SUN provider converts alias names to lower case, so we need to do the same (luehe)
fix Fix character encoding for URL parameters: char decoding should only occur after %xx decoding (remm)
fix Fixes to remote address and host resolution through JMX (amyroh)
update Add getters to the thread pool and HTTP connector (amyroh)
Jasper
fix 24186: Jasper SystemLogHandler memory leak, submitted by Matthias Ernst
update Concatenate text strings of adjacent TemplateText nodes, which may reduce code size and improve performance (kinman)
fix 10903: Generate errors for unbalanced end tags (kinman)
docs Add some javadocs in EL related classes (kinman)
fix Use ISO-8859-1 as the default encoding for <jsp:param> since it is the default encoding for the request object (kinman)
update A small performance improvement: instantiate the bean object with its constructor, if "class" attribute is specified in usebean, instead of going thru java.beans.Beans.instantiate() (kinman)
update 24506: provide an option to trim white spaces that appear in a template text between two actions/directives; this is not spec compliant, so this is disabled by default (kinman)
docs Document Jasper option "trimSpaces" (kinman, remm)
fix '<' operator used in simple Math throws an error: When used with taglib (luehe)
docs Fix JSPC classpath in the docs (remm)
fix 24904: Nested custom tag causes bogus compilation errors (kinman)
fix 24779: Jasper fails to compile a valid JSP document (xml syntax) when an EL string in template text contains a "[]" (kinman)
fix 24957: Operators are mis-treated as functions (kinman)
Webapps
fix Fix incorrect tags comments in the admin webapp (kinman)
fix 24349: Avoid NPE (which renders the HTML manager servlet unusable) if a context hasn't been started successfully, submitted by Ferenc Dobi (remm)
fix 24250: Make output compatible with JMX Ant task, submitted by Peter Rossbach (remm)
fix Fix the webapps docbase in the embed distribution, and some cleanup (remm)
update Include the manager in the embed package (remm)
docs Document new Jasper, Connector and DefaultContext attributes (remm)
docs Remove Tyrex documentation for now (remm)
fix 24787: Allow host aliases of more than 24 characters (remm)
update Update JSP examples to JSTL 1.1 (kinman)
Modules
add Add delta manager to clustering (fhanik)
fix If null is passed into the value of setAttribute to a clustered session, then remove the attribute (fhanik)
update Add more configuration options to clustering (fhanik)
update Clustering code reorganization (fhanik)
add Added in member alive time (fhanik)
add New balancer webapp, which allows redirection to cluster nodes according to simple rules (yoavs)
Tomcat 5.0.14 (remm)
General
update New procrun binaries, fixing running as a service (mturk)
update Upgrade to commons-pool 1.1 and commons-dbcp 1.1 (remm)
Catalina
update Cleanup schema validation and add a status message at startup (jfarcand)
update Small tweaks to allow to execute the bootstrap JAR (remm)
fix Explicitly add commons-logging-api on the classpath on Unix (remm)
fix 23799: Canonicalize catalinaBase and catalinaHome (remm)
fix Start/stop ContainerBackgroundProcessor thread as part of StandardContext.start()/stop(), respectively (luehe)
fix Better increment the error count value by incrementing the count everytime sendError is invoked (jfarcand)
update Add system property replacement to the Connector, to be expanded to other elements (remm)
update Added support for nesting a Context Listener and webapp Loader within a DefaultContext (glenn)
fix Remove support for Embedded.main in the shell scripts, which has been removed (jfarcand)
fix Add the caching flags even over a secure connection, due to Mozilla bugs (remm)
fix 23608: Improve setclasspath, submitted by Adam Hardy (remm)
fix Add support for resource links to DefaultContext (remm)
Coyote
add Add regexp support to check for Compression/HTTP 1.1 compatible browsers (hgomez)
fix Allow the TrustStore to have a different type from the KeyStore (billbarker)
fix Catch AccessControlException's so that unauthorized access to a socket when using the Java SecurityManager does not shutdown the worker thread (glenn)
fix Don't pretend that we are going to do something if the SSL handshake fails (billbarker)
fix Fix setting charset through a variety of methods (luehe)
fix If no keepalive, don't use chunking (remm)
fix Avoid some copying on a common case, when a JSP page is flushing its own buffer (kinman)
update In case the server needs to reinitiate SSL handshake (with client auth enabled), consume request body and buffer it, so that it does not interfere with client's handshake messages; with help from Bill Barker (luehe)
fix SocketExceptions can occur in a networked app, so reduce logging level for these during setup of the socket options (glenn)
Jasper
fix Serialize directory creating to avoid a potential race condition (kinman)
fix Quote value of 'classid' attribute (luehe)
fix 23691: Tweak the SMAP tracking code so that it works for classic custom tag and JSP fragments (kinman)
fix Make Smap's FileSection work for windows too (kinman)
fix 24019: Make sure that the "No Java compiler" error message is produced only when there is really no javac (kinman)
Webapps
fix Check connectors with the same port number under different domain (amyroh)
fix Restoring JDK 1.3.1 support to StatusTransformer (billbarker)
Modules
fix The clustered manager will now respect the distributable flag (fhanik)
fix The clustered manager will act like a standard manager if the distributable flag is not set (fhanik)
update Implemented session state transfer (fhanik)
docs Added in a clustering how to (fhanik)
update Added in the suspect feature to avoid to much error printing (fhanik)
fix Removed the session replication upon session creation, this happens at the end of the request anyway (fhanik)
fix In JMX land, the JSR 77 beans must be in the same domain as the engine; this is due to a "limitation" of JMX which prevents retrieving attributes of a bean when the unregistration event is sent (remm)
fix Add regexp to embed (remm)
Tomcat 5.0.13 (remm)
General
code Import cleanups (hgomez)
fix Fix an incorrect test in the startup script (kinman)
update Switch back to Xerces 2.5.0 (jfarcand)
update Update the J2EE 1.4 schema jsr154/src/share/dtd/j2ee_1_4.xsd to clarify that fully-qualified-classType is a binary name, submitted by Mark Roth (kinman)
update Move the commons-daemon Windows binaries to jakarta-tomcat-connectors, as they were Tomcat specific (mturk)
update Changes are synchronizing with the latest Servlet 2.4 specification, submitted by Yutaka Yoshida (jfarcand)
update New view source and many fixes in JSP examples, submitted by Mark Roth (kinman)
Catalina
fix Sessions created in the target webapp of a cross-context were invalid (luehe)
fix JMX registrations of servlets that map to the same jsp-file used the same name (luehe)
update Separated JSESSION cookie configuration into its own method, which may be overridden (luehe)
fix Add missing doPrivileged block for adding cookies and encoding URLs (jfarcand)
fix Preload additional inner classes (jfarcand)
fix Fix to properly create Loader MBean at webapp restart (amyroh, remm)
fix Fix to properly create Manager MBean at webapp restart (amyroh)
update Avoid TLD-scanning the JARs under WEB-INF lib twice per webapp (luehe)
fix Do not let the parsing error of a single TLD disrupt the parsing of remaining TLDs in the JAR (luehe)
fix Fix a problem rebuilding the context path given the context file name (remm)
fix Don't save any context files if config base doesn't exist (remm)
update Add the possibility to specify straight URLs in the repository list (= single JARs, remote repositories, etc) (remm)
fix Fix issues with wait-for-servlet-unload logic (remm)
fix 23373: Prevent clobbering the server if we already have read server.xml (billbarker)
update Make RMI/IIOP port configurable (hgomez)
update Properly implement schema validation with Xerces (jfarcand)
update Added hard-coded list of names of JARs that are known not to contain any TLDs, which can be overridden using the new TldConfig.setNoTldJars() (luehe)
fix Fix handling of root context when upacking a WAR; note that obviously using a context path with a WAR which doesn't match the name will result in the webapp being deployed twice (remm)
fix Remove debugging logs in LoggerBase (amyroh)
fix Set -Dsun.io.useCanonCaches=false for Windows, which is a Sun JDK 1.4.2 specific property, to ensure that case correct canonical paths are obtained (remm)
fix Print out a message after successful validation using the Validator task (remm)
fix Add an example on how to configure GZIP compression in the main server.xml (hgomez)
fix Minor fixes in the scripts, mirroring the new paths (jfarcand)
fix 23525: HttpSessionListener implementors are called too late (jfarcand)
fix Need to call the listener when the session is invalidated because the interval between the time the session is marked invalid and the StandardrManager expires the session can't be predicted (jfarcand)
fix In the WebDAV servlet, decode and normalize destination path before doing anything else (remm)
fix Adjust logging in the JAAS realm according to suggestions from bug 23547, submitted by Adam Hardy (remm)
fix Japanese translation update, submitted by Kazuhiro Kazama (remm)
Coyote
fix Respond 400 to requests which contain '%' with no or invalid trailing hex digits (leith)
fix 23276: Fix compatibility with Sun JDK 1.4.0, submitted by Steve Appling (remm)
fix Fix matching of the content types for which compression is allowed, submitted by Steve Appling (remm)
fix Fix logging of errors which occur in setSocketOptions, and do not process the connection in case of an error (remm)
fix Set the monitor thread as non daemon with the HTTP/1.1 connector (remm)
fix Fix trust store factory property name typo, submitted by Chris Halstaed (billbarker)
fix Fix some action descriptions (hgomez)
update Improve configuration of GZIP compression (hgomez)
fix Fix HTTP/1.1 on EBCDIC machine (jfclere)
fix Change the way to kill the thread after a server socket restart (remm)
fix In the TCP endpoint, use the appropriate exception for killing the thread, improve if block, and replace while + break with a simpler if (remm)
fix Make the TrustStore a configurable option (so different Hosts can have different TrustStores) (billbarker)
fix Set the proper default for TCP no delay in HTTP protocol (remm)
Jasper
fix For template texts that generate multiple Java lines, addidtional mapping informations are kept in the TemplateText node, to aid SMAP generation (kinman)
fix 22058: Fix bad SMAP mappings and compilation errors when using fragments (kinman)
fix When a tag handler class is an inner class, it is specified in the TLD in binary form (Outer$Inner): it needs to be converted to canonical form (Outer.Inner) when generating Java files (kinman)
fix Add missing doPrivileged block in PageContextImpl (jfarcand)
fix Package protect the Jasper classes properly (jfarcand)
fix 22833: Make sure scriptlet declarations get properly mapped (kinman)
fix Fix another SMAP bug (kinman)
fix Fixed javadocs for tldScanJar(File file) (luehe)
fix Fix a bug in Parser.isTemplateText(): Since '%' is not a delimiter in JspReader.parseToken(), an expression "<%String s;%>" after a template text would be treated as a template text when mappedfile option is set to true, and got concatenated to the template text (kinman)
fix Fixed javadocs of parseTLD, which used to return boolean but was changed to void (luehe)
fix Fix bug: \<%foo%> in template text hides expression (kinman)
fix Support java extension directories when invoking javac (kinman)
fix Fix Jasper script (kinman)
fix Some Javadoc improvements in Compiler (kinman)
Webapps
fix Use the proper conversion for MB and KB, and fix formatting errors (remm)
fix Allow undeploying webapps when docBase isn't in the host appBase: their context file will be removed, but the docBase will not be removed (remm)
docs Replace references to TC 4 with TC 5, submitted by Kazuhiro Kazama (billbarker)
fix Fixes to Japanese translation of the manager, submitted by Kazuhiro Kazama (remm)
fix Do not allow duplicate port connector creation in the admin webapp (amyroh)
update Add save command (saves either the full config, or a context config) to the manager (remm)
fix Fix for root context handling in the manager servlet (remm)
fix Fix to not display JAASRealm node since admin doesn't support editing such Realm (amyroh)
fix Package the Manager class, which is supposedly "needed" by the deployer (remm)
fix Fix JDBCRealm creation via admin (amyroh)
fix State the welcome file is index.jsp, not index.html (funkman)
fix Fix the way the tree builder was querying JAASRealm (amyroh)
docs Update SSL docs, including adding notes for the current limitations of IBM's implementation of JSSE (billbarker)
fix The Ant tasks will now decode the server messages using UTF-8, submitted by Takashi Okamoto (remm)
docs Add JAAS realm documentation, submitted by Adam Hardy (remm)
fix Admin webapp Japanese translation update, submitted by Tanaka Yoshihiro (remm)
Tomcat 5.0.12 (remm)
Catalina
fix Refactor persistent manager periodic processing (jfarcand)
fix Allow extending StandardPipeline (jfarcand)
update Refactor manager initialization, move it into ContextConfig, and remove Cluster.setDistributable (remm)
add Added in support for sending out access time pings to the cluster, and for session.invalidate to go out to the other nodes in the cluster (fhanik)
fix Remove the artificial limit of 3 for classpath creation (remm)
fix In SecurityUtil, always associate a Subject; if not created, then create a default one (jfarcand)
fix Fix security policy after move of commons-logging (remm)
fix Don't do a real flush at the end of request processing (remm)
fix Remove useless flush in the ErrorReportValve (remm)
fix Throw ThreadDeath for invalid classloader accesses (remm)
fix 23131: Fix wrong classloader binding when reloading the web application after class modifications (remm)
fix Remove overriding the mapped servlet path with the jsp-file in the request dispatcher (remm)
update Add a delegate flag on the context to allow easy configuration of the delegation policy, which is easier to use with JMX embedding (remm)
Coyote
update Add support for specifying the TrustStore algorithm, with default to the keystore algorithm (billbarker)
fix Refactor thread pool logic to avoid deadlocks when no processor is available (billbarker)
fix Filter out all control chars from the response header, as mandated by the HTTP specification (remm)
fix 21763: Make certain that we don't return a bad Socket (billbarker)
update Refactor byte chunk buffering so that the written data fits inside the limit; the number of byte copies is similar to what it was before (remm)
add Add a buffer at the socket layer, configured using the socketBuffer attribute; add handling for explicit client flushes (remm)
Jasper
update Add an compilation option to generate writing char arrays instead of Strings for template texts (kinman)
fix Fix jsp-config problem (jfarcand)
fix Use out.print(expr) instead of out.write(String.valueOf(expr)) for outputting expressions in template texts (kinman)
fix Fix SMAPping for small text strings with genStrAsCharArray=false (ecarmich)
Webapps
docs Update classloader documentation to reflect the actual classloading order (luehe)
fix 21933: Add header possibly ignored if buffer is too large, submitted by Chris Kessel (funkman)
docs Update the application development documentation for changes in Tomcat 5 (remm)
update Add manager translation in German, submitted by Yann Cebron (remm)
Tomcat 5.0.11 (remm)
General
fix Update all download locations to archive.apache.org to use stable links (remm)
docs Update running and building instructions (remm)
Catalina
update Modify the commons-logging packaging (only the commons-logging API is bundled now) to resolve the classloading problems, and remove the special case handling from the webapp classloader; pivileged webapps can now use log4j (remm)
fix 22986: Fix bad canonicalization call which was causing problems when a host appBase was absolute (remm)
Coyote
docs Add documentaion on mod_jk tools (glenn)
fix Handle query string decoding as a special case, using the character encoding specified for the rest of the URI in the connector, whereas the encoding of the entity body was used; this can be UTF8 as per the W3C standard, but for interoperability, it is a one for one byte to character conversion (remm)
fix Null a busy processor in the pool array, so that the algoritm is more consistent (remm)
fix MessageBytes.toChars should set the type to chars (remm)
update Make the update of the stats an explicit call (I believe it is valid to call recycle multiple times, and it is hard to avoid with HTTP keepalive) (remm)
fix Decrease the timeout reduction ratio when the server gets loaded, and add a setStatus so an error is counted (remm)
Webapps
fix 22956: Use UTF8 encoding in the manager web application, submitted by Takashi Okamoto (remm)
Tomcat 5.0.10 (remm)
General
update JSP 2.0 specification updates, submitted by Mark Roth (kinman)
update Servlet 2.4 schema update, submitted by Yutaka Yoshida (jfarcand)
update Get ready for using JSR 160 RI (JMX Remote 1.0): copy additional, optional, JMX binaries (remm)
update Replace MX4J 1.1.1 with the Sun JMX 1.2 RI (remm)
code Major update to Japanese internationalization, submitted by Kazuhiro Kazama (remm)
fix Fix bad imports (remm)
Catalina
add Add sessions and serverinfo tasks, submitted by Vivek Chopra (remm)
fix Minor optimization: Avoid scanning duplicate JARs for TLDs (luehe)
update Expose the new connector properties in JMX (amyroh)
fix Big JDBCRealm cleanup: fix for 7116, 10623, 11929, 8091, and make authenticate synchronized since there are race conditions between the connection being opened, used and exceptions occuring (funkman)
fix Simplifying the code by hiding the arrayCopy (billbarker)
fix 22691: Wrap getCanonicalFile in a try/catch (remm)
fix Reenable validation, using Xerces 2.1 instead of Xerces 2.5 (remm)
fix 22698: Restore RealmBase.main(), allowing to compute digests (remm)
fix 22546: Fix small filter extension mapping bug, where if the extension of the request starts with the tested path, it would have been matched (remm)
fix 22695: don't check for session validity when activating and passivating (remm)
fix Do not create a new Subject everytime a Servlet/Filter is invoked, associate the same Subject to the AccessControlContext (jfarcand)
update When saving server.xml, don't save the value of properties which have their default values (remm)
fix Release all logs associated with this CL when stopping the CL, and avoid NPE in toString after stop (remm)
fix Avoid references leak: clean up and recycle all thread local resources, and reset the context CL after invoking the pipeline (remm)
fix The request dispatcher should also not log a client abort exception (remm)
fix When saving server.xml, don't print the className if it's one of the standard implementations, and add some fields to the exception list (remm)
fix Null out the reference to the resources when stopping the classloader (remm)
fix Don't save the config file attribute, as it is always useless, and don't indent context config files (remm)
update Allow overriding the Host's unpackWARs using a new unpackWAR attribute on the Context element (remm)
fix Include the pathInfo when a relative path is used to get a request dispatcher, submitted by Mark Thomas (remm)
fix 20029: fix "-force" shell script parameter handling, submitted by Christian Brensing (remm)
fix Deploy descriptors even if deployOnStartup is false, as they should be considered as if they were part of server.xml (remm)
fix Apply patch for 22857 and 22858 to CGI servlet, submitted by Mark Thomas (amyroh)
fix Get the absolute path to the work dir, so that JARs in /WEB-INF/lib can be found when using non filesystem based resources (luehe)
fix XML-escape the values when writing out the tomcat-users.xml file, submitted by Mark Thomas (billbarker)
Cluster
fix Set dirty flag gets set on setMaxInactiveInterval (fhanik)
Coyote
fix Also consider last element in comma-separated protocols list, or the case where the list contains a single element and no commas (luehe)
fix Implement getAttribute(key) in the protocol (amyroh)
fix Make certain that we are still in an https session before looking for certs, submitted by Mark Thomas (billbarker)
fix Adding accessors so that the JkCoyote connectors can play nice with the admin webapp (billbarker)
fix Fix parsing of the content-type header in Response (luehe)
Jasper
fix When an error occurs, get the file name from path instead of from the exception (kinman)
fix Don't generate code to do an instanceof when it can be done at translation time (kinman)
fix Avoid defining multiple getServletInfo() methods (one for each page directive with an 'info' attribute) (luehe)
fix Supply taglib's unique id (instead of the value of the uri argument in the directive) to the TagLibraryValidator's validate method (luehe)
fix Ensure that <jsp:root> is root element in JSP document (luehe)
fix Prepend "urn:jsptld" to uri values that represent relative paths when adding "xmlns:prefix" attribute on the root of the JSP document's XML view (see JSP.10.1.5), and make the value passed as the uri argument to TagLibraryValidator.validate() match the above (luehe)
fix When precompiling with JSPC, files that match the url-pattern specified in jsp-config should be included for compilation (kinman)
update Added support for JSP.6.2.4: fix issues with DOCTYPE validation (luehe)
fix Don't combine LineInfos from different files (ecarmich)
fix Set Node.startMark correctly in JSP document nodes created from character data: this fixes incorrect SMAPping of template text nodes containing line feeds, and incorrect error reporting for unparseable EL expression nodes (ecarmich)
fix JSP error page mechanism fails intermittently to display contents of error page, which occurred when a JSP was using a custom page context (luehe)
fix Use just the class name if package is imported, and in tag files, declare request as HttpServletRequest and response HttpServletResponse, as is the case in servlets (kinman)
Webapps
docs The Loader does not have a method to set a work dir, remove from docs (glenn)
fix Update the host properties in admin (amyroh)
update Update admin with the latest connector changes, including thread pool configuration (amyroh)
fix Fix to return null when an error response is sent, submitted by Jeff Tulley (amyroh)
fix Get rid of the maximum size of the username and password fields (amyroh)
fix 22268: allow using SHA digest (amyroh)
fix In the default page, update links to the lists, and add a link to the open bugs (remm)
docs Update for changes to jsvc from commons-daemon (remm)
add Refactor the status servlet, allowing for XML output in addition to the user friendly HTML, submitted by Peter Lin, based on code from John Turner (remm)
update Implement the XML processor state status (remm)
docs Update classloader documentation according to the current behavior (remm)
Deployer
fix In validator task, set the context classloader to avoid issues with commons-logging (remm)
fix Validate before running javac (remm)
Tomcat 5.0.9 (remm)
Catalina
fix Fix bug where no static resource over 512 bytes would get cached by default (remm)
fix Ensure uniqueness of patterns across all servlets, so that it is possible to reliably override the servlets defined in the default configuration (remm)
fix Fix and improve static resource cache space allocation algorithm (remm)
Coyote
fix Revert a patch on CoyoteConnector causing a performance regression (remm)
fix When mapping to the default servlet, or mapping to a physical welcome file, String representation of the path is available, which saves some object creation (remm)
Jasper
fix Disable tag pooling when a JSP uses "extends", to avoid NPE when the pool was accessed (luehe)
Tomcat 5.0.8 (remm)
General
fix Update commons-daemon packaging for consistency and ease of use on Unix (remm)
update Servlet specification updates, submitted by Yutaka Yoshida (jfarcand)
update JSP specification updates, submitted by Mark Roth (kinman)
fix 22494: Removed logVerbosityLevel doc and init-param from JSP Servlet, as they're no longer used, submitted by Eric Carmichael (yoavs)
Catalina
fix Remove some stack trace dumping in MapperListener (remm)
fix Remove extra setLogger call in Embedded.createContext (remm)
update Add support for TLD validation, and fix bug 21917 where entities couldn't be resolved in a TLD (jfarcand)
fix Fixed logic so that iterator actually gets cloned when "clone" is set to true, and replace LinkedList with ArrayList (luehe)
fix Avoid NPE when ensuring that resource path starts with '/' (luehe)
fix Avoid reformatting constant Expires header on every request (luehe)
fix Log client abort exceptions as debug information (remm)
fix Found a way to avoid the extra restart caused by the web.xml tracker, when the webapp was deployed by an outside source, such as the manager servlet (remm)
fix Improve CL stopped error message, so that it is more explanatory (remm)
fix When using the deployer, schema validation wasn't supported (remm)
fix Fix NPE when getMessage of an exception returns null in the DefaultServlet (jfarcand)
fix Fix behavior of HttpSession.setMaxInactiveInterval() (luehe)
fix Cleanup of the XML descriptors for the model MBeans, removing old connectors and old attributes (remm)
update Update the store and persistent manager code so that both will use the container provided background processing thread, rather than using one thread per component (as much as two threads per context) (remm)
add Add new managerChecksFrequency attribute to StandardContext, allowing to configure how often the manager session expiration and passivation checks will be called, similar to the intervals used in Tomcat 4.1.x (remm)
fix Disable schema validation for now, due to persistent issues with Xerces (remm)
Coyote
update Added support for specifying alias name for server keypair and cert chain, to be used by the server to authenticate itself to SSL clients (luehe)
update Added support for specifying comma-separated list of SSL protocol variants to be enabled, which may be useful to disable the less secure SSLv2 (luehe)
fix Fixed bug in CoyoteConnector getter methods for SSL related attributes, which would always return null if SSL properties were configured directly on the Connector element (instead of its nested and now deprecated Factory element) (luehe)
update Moving the new protocols logic to the 14 Factory (billbarker)
fix Clone request attribute names iterator (luehe)
fix Fix client abort logging, and throw a client abort when an IOException occurs when writing bytes (remm)
fix Avoid a NPE when requesting the remote address between requests or before processing any request (remm)
Jasper
update Allow a taglib to be defined more than once in taglib directives, even in statically included files, and remove need for keeping a Stack for prefix bookkeeping (kinman)
fix When including a JSP document (written in the XML syntax), in the resulting XML View of the translation unit the root element of the included segment must have the default namespace reset to "" (kinman)
fix Don't merge SMAP entries in the outputStartLines aren't consecutive, which fixes IllegalArgumentException when SMAPs are generated (remm)
fix Replaced JSPC error message with localizable error code (luehe)
update Added -classpath option to JspC (luehe)
fix Beautify the insertion of the XML fragment in JSPC (remm)
fix Restoring JVM 1.3.x compatibility to Jasper, with a new split String method (billbarker)
fix Add attibutes doctype-root-element, doctype-system and doctype-public to <jsp:output> for outputing a DOCTYPE declaration in XML documents, per latest spec change (kinman)
fix Fixed buffer realloc when writing single char (luehe)
fix Spec has been changed to allow for include-prelude and include-coda in jsp-config (kinman)
fix Restored JSP default for 1.2 based tag handlers (luehe)
fix Adjust Java lines mappings for codes that are generated in buffers (kinman)
Webapps
update Add two JMX related tasks, designed to use the jmxproxy servlet, submitted by Vivek Chopra (remm)
docs Document usage of commons-daemon with Tomcat on Unix (remm)
update Add new JSP XML test in the tester, and fix the one that was already there (remm)
fix The tester should handle i18ned manager reload messages (remm)
Tomcat 5.0.7 (remm)
General
code Tomcat 5.0.x release plan was voted (remm)
update Various JSP 2.0 API updates, submitted by Mark Roth (kinman)
update Update to commons-modeler 1.1, submitted by Yoav Shapira (remm)
update Simplify the use of the Ant script shipped in the embedded package (remm)
update Bundle Xerces 2.5.0 again, due to bugs in Crimson (remm)
Catalina
update Allow putting a /META-INF/context.xml inside any WAR file deployed by the HostConfig (remm)
fix Many bugfixes in JNDI realm: 18698, 11678, 19864, 20518, with help from David DeWolf and Jeff Tulley (funkman)
fix Fix for three related request dispatcher bugs, including 22013, 4690 (cross context sessions support), and port the fix for ServletContext.getContext(...) when using the root context (remm)
update Use PropertyUtils to obtain the rootCause. This way we can also drill into nested JspExceptions or another Throwable object which has a 'rootCause' property which returns a Throwable (funkman)
update Extract all non class resources from a JAR on access to a non class resource (remm)
fix 14817: JNDIRealm SHA digest implementation incorrect (funkman)
fix NPE when an invalid web.xml is deployed and the digester throws an exception (jfarcand)
fix 22236: addAttributeValues may return null, this could trigger a NPE if debugging was turned up >=2 (funkman)
fix 22146: Use Class.forName instead of ClassLoader.loadClass (remm)
fix Split the applicationListeners array in two, for performance reasons (remm)
fix Fix bug where welcome files were not being processed in the embedded distribution (remm)
Coyote
fix 9351: parsing IPv6 hostnames (in IP form, obviously), submitted by Masashi Yamaguchi (remm)
fix Allow extending CoyoteConnector (jfarcand)
update 22192: the context mapping algorithm actually needs to be similar to the algorithm used for widcard wrapper mapping; optimize wildcard mapping: since the amount of nesting the mapping has is known, some mapping operations can be avoided (remm)
update Allow for customization of JSSE trust and key managers (luehe)
fix Added check for (keystoreType == null) before calling getKeyManagers/getTrustManagers (luehe)
fix Use less aggressive socket timout reduction when the server load increases (remm)
fix Fix calculation of a request processing time (it must not include the time waiting for data in keepalive mode, or the time waiting for data for an initial request on a connection) (remm)
fix Fixing CoyoteConnector getters for JMX; CoyoteConnector will now rely on the protocol handler for most of the values it returns (billbarker)
Jasper
fix 22090: Enable expression cache, submitted by Matthias Ernst (remm)
fix 22103: Release servlet writer after compilation, submitted by Gilles Scokart (remm)
fix 21206: Fix including a JSP, where Jasper would do weird things whenever the outer request had a non null pathInfo; it will now use the included servlet path correctly (remm)
fix Have 'isELIgnored' page directive attribute take precedence over JSP config el-ignored (luehe)
update Replaced JspServlet's "tagPoolSize" config param with the correct "tagpoolMaxSize" in web.xml, and removed getTagPoolSize() from Options, because tag pool size is no longer needed at compile time (luehe)
update Simplify the way the URLClassLoader used by JSPC gets initialized (luehe)
fix 22133: workaround for a JDK 1.3 scoping bug, submitted by Matthias Ernst (remm)
docs Added javadocs for getExtends methods (luehe)
update Refactor some code in JspDocumentParser, since startPrefixMapping got called before startElement, turn on push/pop prefixes for taglibs in XML syntax, so that proper prefix can be located (kinman)
fix Make JspFragment.getJspContext abstract (kinman)
update JSPC will now display root cause for build errors; also fix a needed side effect in classpath generation when tag files must be compiled (remm)
fix In JspDocumentParser, pop is called in the same order as push, so the Stack should be replaced by a LinkedList (remm)
fix Replaced JSPC message with more meaningful warning (luehe)
fix 22266: keep template text together with mappedfile="true", submitted by Eric Carmichael (remm)
fix 22006: Invalid SMAP line entries when running with mappedfile=true, submitted by Eric Carmichael (remm)
fix Apply workaround for failure in optimizeLineSection() when there are entries with an outputStartLine of 0, Submitted by Eric Carmichael (remm)
fix The "out" in the Fragment helper functions is now JspWriter instead of java.io.Writer, so that it won't trigger errors when a fragment contains include actions (kinman)
Webapps
docs Update the documentation to reflect the fact that the Factory element is no longer required to setup a stand-alone SSL Connector (billbarker)
update The status servlet will now also display wrapper mappings (remm)
fix Allow passing a regular path instead of an URL for the WAR to upload to the DeployTask; also pass the right URL String so that the "update" flag is no longer ignored (remm)
fix Fixes to the manager servlet: cleanup URL handling, to be consistent with the HTML manager; don't send extra "OK" messages; fix update flag; make sure configFile is null if there's no context XML file (remm)
fix Fix webapp tagging and redeployment from a tag (remm)
fix Display byte sizes and times using sensible units (KB and MB, s and ms) in the status servlet (remm)
fix Display the remote host when in keepalive status, as well as the elapsed time (it corresponds mostly to the amount of time since the start of the previous request) (remm)
Tomcat 5.0.6 (remm)
General
update Synchronize the server.xml used by the Windows installer with the main default server.xml (remm)
update Update to Xerces 2.5.0 (remm)
update Add additional information in the welcome HTML for the release download (remm)
fix 21999: Typo fix, submitted by Liu Kang (remm)
Catalina
update Remove welcome file processing from the default servlet (funkman)
fix Search for TLDs in all subdirectories of WEB-INF, except classes and lib (luehe)
fix Fix possible file descriptor leaks in the code responsible for unpacking a WAR (remm)
fix 21908: Fix Unix startup script bug (bad AS/400 condition), submitted by Jason Corley (funkman)
update Remove useless casts in AccessLogValve (remm)
fix The default socket factory class name is now the Coyote factory (remm)
add Add a new digester rule using the IntrospectionTools so that all attributes are passed to the connector, including those which have no explicit setters (in which case the setProperty method is called) (remm)
update Simplify the connector configuration in server.xml (remm, billbarker)
update Expose the ServletWrapper statistics through JMX (remm)
update The connectors default configuration are now similar to the HTTPd 2.0 default configuration, submitted by Henri Gomez (remm)
update Send JSR 77 spec required notifications for J2EE mbeans (amyroh)
update Put the CSS used by various Tomcat components in a separate class in the util package (remm)
fix Remove path normalization in the default servlet (remm)
fix Copy jk2.properties to conf folder (remm)
fix Remove some attributes from the default JK 2 configuration, which should instead be configured through jk2.properties (remm)
update Remove unneeded fields in the CoyoteConnector (remm)
fix Make the SingleSignOn methods protected so it is possible to extend that class and have a customized version (jfarcand)
add Add code allowing configuring the resource cache size for a context (remm)
update Refactor extension handling; available and required extensions are now consistently NULL if not present (luehe)
fix System resources were identified but then ignored when checking if an app's dependencies could be resolved (luehe)
add Add the sslProtocol property on the connector to define the protocol used in SSL (luehe)
update Synchronize the startup scripts based on the Tomcat 4.1 code (funkman)
fix Close JarInputStream after reading manifest (luehe)
update Use commons-logging and the existing StringManager in the extension validator (luehe)
fix 22032: missing security-policy in default configuration; precompiled JSPs running under the security manager always have to access org.apache.jasper.runtime.* classes (jfarcand)
update Remove old reload code, now replaced with a simpler stop/start sequence (remm)
fix Tomcat will now ignore a non existent classpath JAR (remm)
fix Some steps of start shouldn't be executed if the context startup has previously encountered errors (remm)
fix Temporary fix for running SSL without a SocketFactory (billbarker)
code Remove apparently useless wrapper classes (remm)
Coyote
fix Fix welcome file mapping, so that the order of the welcomes specified in web.xml is respected, whereas previously servlet mapped welcomes would have a priority over physical welcome files (funkman)
fix When shutting down the endpoint's server socket, close the unlocking socket inside a finally block (remm)
fix Fix configuration of the maxThreads attribute of the thread pool (remm)
update Add a new protocol attribute on the Coyote connector, which can be used rather than using the protocol handler classname; acceptable values are either "HTTP/1.1" or "AJP/1.3" (remm)
update Improve the thread names and numbering, based on the associated connector name and the number of existing threads, so that reading a thread dump is significantly easier (remm)
fix Fix a bug redirecting to a folder: the context path was lost (remm)
fix Fix incorrect URL normalization of the "///" sequence, due to a bad port of the String based algorithm to arrays (remm)
add The HTTP/1.1 connector will now automatically scale down the timeout and disable connection keepalive should the server start getting low on processors (remm)
fix Make certain that we tell Apache that we have finished with the request; If the Adapter throws an exception before entering the Pipeline, we end up with both Apache and Tomcat trying to read the Channel and hence not serving requests (billbarker)
Jasper
fix 21823: Compiler uses invoking page's PageInfo for handling tag files, submitted by Eric Carmichael (luehe)
fix 21978: Certain tag file pathnames lead to compile errors, submitted by Eric Carmichael; also add check for Java keywords in package names (kinman)
fix Remove useless check if the security manager is not present (jfclere)
update Refactor getDerivedPackageName and eliminate some duplicate code (kinman)
fix 21168: Incorrect paths in generated SMAP file entries, submitted Eric Carmichael (luehe)
fix 20155: The strutsel-exercise-taglib application can not be compiled with jspc, because the correct class loader was not being set (kinman)
update Make JspProperty constructor public, to allow for user supplied JspConfig (kinman)
update Removed unused methods and instance variables in Collector and PageInfo (luehe)
fix 22084: Fix incorrect indentation of generated code, submitted by Eric Carmichael (remm)
Webapps
add Display contexts and servlets stats in the status servlet, so that the administrator can get a complete view of the server (remm)
update Beautify the status servlet, and integrate it with the HTML manager, through links (remm)
fix In the status servlet scoreboard, add missing whitespace between method and URI (remm)
docs Update the connectors documentation (remm)
docs Manager, HTML manager and deployer docs update (remm)
docs Document the background processing feature, and the configuration of the resource cache (remm)
fix Add a legend for the status servlet scoreboard (remm)
fix Fix typo in the Struts definition of the default context forms, submitted by Jeff Tulley (remm)
docs Initialize filter so that the release notes of the docs look right (remm)
Tomcat 5.0.5 (remm)
General
add Update the tester web application for Tomcat 5, and make a tester run part of the release process (remm)
fix In the checkout target, only checkout modeler from commons instead of all of commons (funkman)
fix Add the catalina-optional JAR in the embed package (remm)
fix Fix obscure JAXP related CL problem in embedded mode, by preloading some descriptors (remm)
fix Release notes updates (funkman)
Catalina
update Added Embedded.createConnector() methods that take address of type String (luehe)
fix Don't set the no-caching headers for protected POSTed pages. This makes the "back" button in the browser works as expected. (billbarker)
fix 21341: Fix error page forwarding (remm)
fix In the extended log valve, if bytes are requested, then print bytes, not the date (funkman)
update Add a Container.getPipeline() to allow bypassing the (useless) invoke method (remm)
add Add code to allow printing partial stack traces for exceptions in HTML report pages, as well as add a note about the full stack trace of the root cause being available in the logs (remm)
update Logs will now contain the root cause of ServletExceptions (remm)
fix Fix a problem where the Strings weren't escaped in the same way for chars such as '. This caused problems for localization in French. (remm)
fix Add leading + to timezone offset in the access logs (funkman)
update Merge ErrorDispacherValve functionality back into StadardHostValve, and remove associated hacks from StandardServer and StandardHost (remm)
fix Like some of the other resources, application parameters must not be reset on a context stop, as they come from a Context element. Regular parameters read from web.xml should be fine. (remm)
fix Correctly update the mapper. The previous code was not compatible with the invoker servlet and its dynamically added wrappers. (remm)
fix Use the context logger for all webapp related error messages (remm)
update Remove RequestListenerValve and merge it into StandardContextValve (remm)
fix Fix NPE exception when instances attribute is null (jfarcand)
fix 21822: Valves should only be registered and unregistered when: addValve or removeValve is called and the associated pipeline is started or on start and stop of the pipeline (remm)
update Update security constraints processing to be compliant with the new behavior specified in the Servlet 2.4 specification, where security constraints must now be combined. SecurityConstraint Realm.findSecurityConstraint is changed to SecurityConstraint[] findSecurityConstraints, and implemented in RealmBase. (billbarker)
fix Fix problems updating a WAR for a context which had a context file (it would be ignored) (remm)
fix Do not redeploy a context when a context file is added, and the context wasn't deployed with the auto deployer (remm)
fix The SetDocBaseRule will not throw a NPE, and will attempt to guess the context docbase if not set (remm)
Coyote
fix Slight re-factoring of the JSSE SSL implementation to allow it to work with non-Sun vendor's 1.4.x JVMs. (billbarker)
add Added support for X-Powered-By response header, as defined by the Servlet 2.4 and JSP 2.0 specs (luehe)
fix Fix context removal from the mapper when Tomcat is used as embedded (jfarcand)
fix As mandated by the specs, the mapper will always redirect for physical directories, and will always process physical welcome files mapping (billbarker)
Jasper
fix 21753: Fix comment generation, submitted by Eric Carmichael (billbarker)
update Hide all taglib and XML namespace management in PageInfo (luehe)
fix Forgive duplicate attribute values on static include (luehe)
fix Fixed typos and formatting of JspC help message (luehe)
fix Changed "jsp:usebean" to "jsp:useBean", submitted by Petr Jiricka (luehe)
update Preparation work for new 'static include' rules (luehe)
update Ignore default settings for "extends" and "language" when checking for multiple page directive attributes with conflicting values (luehe)
fix Do not unconditionally use "JSP" as the default body-content type, because it is illegal for SimpleTag handlers (luehe)
Webapps
fix Fix many tests (see bug 21731), partially submitted by Peter Rossbach (remm)
docs Added link to FAQ and Wiki on the introduction page of the docs (funkman)
docs Update docs for AccessLogValve (funkman)
docs Update docs index according to the menu changes (remm)
docs Add some Windows setup documentation (remm)
update Allow a WAR uploaded using the HTML manager to contain a META-INF/context.xml context file, for consistency with the Ant deploy task (remm)
fix Remove work directory when undeploying a web application using the manager (remm)
Tomcat 5.0.4 (remm)
General
code 19912, 19939, 19940, 19941: Many small typo fixes in resources, submitted by Chris Pepper (yoavs)
update Upgrade to commons-fileupload 1.0 (remm)
update Upgrade to Struts 1.1 (remm)
code Improve packaging to reduce total size of the Tomcat download (remm)
Catalina
code Cleanup Catalina and subcomponents Javadoc generation (remm)
fix Fix NPE in ApplicationHttpRequest when the object is created by a named dispatcher (jfarcand)
fix Escape '/' in the configFile name of a context, and strip out leading '/' (remm)
fix Initialize the context mapper after starting the context so that the welcome files are correctly set (remm)
fix 19607: Remove Context XML descriptor on undeploy (remm)
update 4829: Improve deployer so that the unpackWARs flag value is respected regardless of how the context is deployed (remm)
fix If a context XML file is added for an existing context, or if the context XML file is updated, the context will be redeployed (remm)
update Add logging on initialization of the URL stream handler (remm)
fix Add some Coyote inner classes to the preload list (jfarcand)
update Remove session recycling, which was previously disabled after security concerns were raised (remm)
update Implement proper handling of the context docBase when it is deployed from a context XML descriptor, using a new custom digester rule (remm)
fix 21419: Fix failure to start context when the Context element is included in server.xml, submitted by Torsten Fohrer (remm)
fix The pathinfo needs to be set in the ErrorDispatcherValve when sreq.getAttribute(Globals.EXCEPTION_ATTR) returns null and also non null (jfarcand)
fix 21045: Update the message keys of the manager servlet (remm)
fix In the manager servlet, use the configFile when undeploying, to properly remove the config file even if it does not match the context path (remm)
Coyote
fix Allow '*' as a valid URL (keith)
add Add support for enabling subset of supported SSL cipher suites (luehe)
add Add support for enabling subset of supported SSL cipher suites in JSSE implementation (luehe)
fix Wrap encodeURL method call inside a doPrivileged block (jfarcand)
update Add support for mapping host aliases (remm)
update 21219: Close the HTTP connection after certain error codes, or an unexpected exception, similar to HTTPd behavior (billbarker)
add Add support for enabling subset of supported SSL cipher suites in PureTLS implementation (billbarker)
Jasper
fix Improve web.xml insertion code so that the order of elements is respected (remm)
update 19622: Add encoding configuration to JspC (yoavs)
fix Remove comments generation when JspC is including mappings into web.xml, so that character coding issues are avoided (remm)
fix Support regenerating the web.xml with JspC without manually removing the generated servlet mappings (remm)
update Add detailed message about a likely Javac configuration problem whenever compilation fails and all messages and traces are empty (remm)
fix Allow the "value" attribute of <jsp:param> action to be non- String types (kinman)
fix Improve rare error message when static including fails (remm)
fix 21067: EL expression that returns an array causes compilation error (kinman)
fix 21440: Partial fix for <jsp:include> whose target performing a 'forward' does not behave as expected (luehe)
Webapps
fix Remove parallel initialization of the admin webapp, which is not a best practice pattern (remm)
docs Add deployer documentation (remm)
docs Add some documentation on the JMXProxy servlet (funkman)
fix Fix broken Javadocs links (remm)
update Add a bugzilla query for all open TC 5 bugs, hoping people will help address them (remm)
docs Update Host documentation based on the new and updated flags (remm)
Tomcat 5.0.3 (remm)
General
update Upgrade to commons-el 1.0 (remm)
update Split main Catalina JAR, and move i18n related resource files to separate JARs (remm)
fix 19808: Add the sit MIME mapping (funkman)
fix 20263: Fix problems running Tomcat with procrun as a Windows service, submitted by Mladen Turk (remm)
update Package Unix source from commons-daemon in the Tomcat distribution, so that the Unix wrapper can easily be used if needed (remm)
update Upgrade to commons-fileupload 1.0 RC 1, submitted by Martin Cooper (billbarker)
code Fix the netbuild (remm)
update Specification schema changes, submitted by Mark Roth (kinman)
update Many tag handling specification clarifications, submitted by Mark Roth (kinman)
Catalina
fix Fix JMX registration order again during context startup: the object name is constructed before the pipeline initialization, but the JMX registration only occurs after the context is started (remm)
fix Properly close WARs after expanding them in the deployer (remm)
update Fix handling of invalid WARs during auto deploy, which will be logged as a simple WARN without a stack trace, and reattempt deployment later (remm)
fix Dig as deep as possible to display possible nesting of ServletExceptions (funkman)
fix Fix NPE exception in classloader when an invalid war file is deployed (jfarcand)
fix Container incorrectly processes invalid URL patterns in jsp-property-groups (jfarcand)
add Add optional XSL processing to the output of the default servlet, as well the ability to include a readme file, similar to Apache (funkman)
code Remove bundled support for Tyrex (remm)
fix Comment out invoker servlet declaration (remm)
update Move context descriptors to $CATALINA_BASE/conf/[engine name]/[host name] to make the feature more secure (remm)
update Update the host properties: liveDeploy becomes autoDeploy (dynamically deploy and update web applications), and autoDeploy becomes deployOnStartup (deploy webapps from appBase on startup) (remm)
fix Remove thread local caching in the default servlet, which was causing a memory leak (remm)
add Add a mechanism to allow the classloader to release JAR file handles periodically (remm)
fix 20758: Remove a number of leaked references to the context object, so it can be properly garbage collected when the application is removed (remm)
fix Do JMX registration of the context before starting the pipeline (remm)
update Replace Catalina TLD-inside-JAR parsing code with a file based algorithm (remm)
update ServletContext.getResource for a JAR resource located inside /WEB-INF/lib will return a file based URL (remm)
update The special directories /WEB-INF/classes and /WEB-INF/lib are now considered to be non cacheable, in order to conserve cache space (remm)
fix Clear out constructs used for classloading, after a class has been successfully loaded (remm)
update Generalize WAR unpacking, based on the unpackWARs flag (remm)
update Track WARs for changes when WARs are unpacked: if the WAR is updated the web application will be redeployed (remm)
code Remove CertificatesValve, as it is useless with Coyote, and introduces a hard dependency on JSSE (billbarker)
update Add caching mechanism for invocation of methods using privileged actions (jfarcand)
fix 20380: AccessLogValve incorrectly calculates timezone, 16374: Date in file name configurable, 16400: Allow logging to be conditional (funkman)
add W3C Extended Log File Format support (funkman)
update Refactor FORM using a forward, based on the patch by Jeff Tulley (remm)
fix Properly set the wrapped request dispatcher state, submitted by Jan Luehe (remm)
update Have all contexts inherit Embedded's logger (luehe)
update Add logging of unexpected exceptions occuring during reference resolution (remm)
fix unbindClassLoader was throwing NPE when newly added context was removed (amyroh)
fix Fix Gump failure by copying the Ant JAR manually (jfarcand)
update Update confidential HTTPS redirection without using an actual URL, which has a hard JSSE dependency (remm)
add Include updated clustering code (fhanik, remm)
update Remove useless typecasts in the main processing pipeline, and make critical methods final, to enforce the Catalina design pattern (remm)
update Request dispatcher optimizations, based on the belief that wrapping is only needed (if at all) for the special attributes (remm)
update Major filter mapping optimization, using simple String region matching, as well as synchronization removal (remm)
add Add new callback on the container interface to process any background task the container may have (backgroundProcess), as well as a new backgroundProcessor attribute (default value: 10s for the engine container, and -1 for all others, so that only the engine has an associated thread) (remm)
add Refactor application reloading, deployment handling and session expiration to be able to use a single thread per Catalina engine, opposed to one thread per feature per webapp or virtual host; this should save resources and make Tomcat suitable for large scale web hosting; individual containers can still "own" their own reloading thread if they need to (remm)
fix Fix a bug where the context is not registered again in JMX after a stop/start, which would break mapping (remm)
update Implement context reloading as stop, followed by start, in an attempt to avoid code duplication and clear user confusion on what a reload exactly does (remm)
update Pass the request URI as a parameter to the request dispatcher, as this avoids rebuilding it (remm)
fix Unify the way we shutdown the server, and fix a classloading problem when the digester files are under common/lib instead of server/lib (jfarcand)
fix Do not register a StandardContext instance when the context is stopped (undeployed) (remm)
code Remove the old Catalina mapper (remm)
update Switch to the "new" mapper for request dispatcher mapping (remm)
fix 20018: ErrorPage directive doesn't work for HTTP error codes (400,500,..) (remm)
update Remove synchronized block on the request dispatcher wrapper request, submitted by Remy Maucherat (jfarcand)
fix Allow the getAttribute() method access to the wrapped request object (like setAttribute/removeAttribute) (jfarcand)
update Add the rest of missing attributes for j2eeType=WebModule and Servlet (amyroh)
code Remove redundant commons-beanutils JAR (remm)
update Isolate the validating digester creation so that the code can be reused (remm)
fix Fix to unregister valves that are other than Lifecycle - RequestDumperValve (amyroh)
fix Service.removeConnector doesn't unregister connector mbeans; call connector.destroy to unregister (amyroh)
fix Return null for objectName when initialization fails (amyroh)
update Make objectName attribute visible for j2eeType=Servlet mbean (amyroh)
fix Register valve in JMX even if it's not an instance of Lifecycle (amyroh)
update Add support for OS/400 in the Catalina shell scripts, submitted by Robert Upshall (jfclere)
fix Improve logic for setWrapper call for privileged webapps (costin)
Coyote
fix Fix access to the remote address of a request object with JMX (remm)
fix Fix CLIENT-CERT authentication when using PureTLS (billbarker)
update Allow setting arbitrary attributes on the HTTP/1.1 protocol handler (billbarker)
update Improve support for JSSE 1.1.x, and refactor introspection code in the factory (billbarker)
fix RFC 2109 cookies with quoted values are not processed properly (luehe)
fix Check for the existence of the class before trying to load the JK adapter to avoid useless error logging (funkman)
fix Fix the request state to allow the use of the request dispatcher from outside the filter pipeline (remm)
fix Commit the response even if the buffer is empty when flushing (remm)
fix ServletResponse.getLocale returns en_US instead of container (luehe)
fix Filter out CRLF from the message text (remm)
update Pass through all connector parameters to the Coyote protocol handler, which will allow custom initialization parameters for SSL, for example (billbarker)
fix Remove duplicate request field in the response object (remm)
fix Correctly handle redirects sent by the mapper (remm)
fix In the mapper, initialize the Context when the object is created (remm)
update Add removeWrapper similar to addWrapper to the mapper (remm)
update Refactor very slightly the mapping algorithm and the mapper so that it can do context level mapping (remm)
fix 19991: Make sure that the SSL-Cert Note gets recycled before processing the request (billbarker)
fix Changing to do lazy evaluation of the Servlet-Spec's SSL-attributes (billbarker)
fix 19958: IS.read() was actually accessing the char buffer, instead of using the readByte method which correctly uses the byte buffer (remm)
fix Get rid of the warning in the logs when no Client-Cert is available (jfarcand)
fix Fix the server user-agent String to be compliant with the HTTP standard (remm)
update Add new more explicit keep alive property based on the maxKeepAlive value (remm)
fix 19904: Don't search the query-string or anchor-tag for the protocol (billbarker)
fix Robustness: catch exceptions which can occur in prepareRequest (remm)
fix ServletResponse.getCharacterEncoding() doesn't return the value specified (luehe)
fix Incorrect handling of ServletResponse.setLocale (luehe)
add Add AOL Server support to JK 2, submitted by Alexander Leykekh (mturk)
code Fix javadoc generation for the connectors (costin)
Jasper
fix 20894: body-content value of "JSP" should be error if SimpleTag (kinman)
fix Switch back to JSPC forking being false by default (remm)
fix Default Jasper to not using caches for opening JAR files, which prevents caching (and subsequent locking on Windows) at the JDK level (remm)
fix Don't generate a smap for <jsp:attribute> itself, though maps are still generated for its body (kinman)
fix In a template text, the chars after '$' are not handled correctly (kinman)
update Only do the security init if there's a security manager (remm)
fix JSP caches tests failed - JSP compilation error (luehe)
fix Close JARs after parsing their TLDs, regardless of whether the JAR contains any packaged tag files (luehe)
fix In JspUtil, path is slash, even on windows (kinman)
fix Expose root cause of ELExceptions when no error page is defined (luehe)
fix Include <jsp:param> when checking if a page is scriptless, submitted by Michael Walker (kinman)
fix Set correct class path for tag files, submitted by Michael Walker (kinman)
fix EL evaluation error no longer discloses root cause (luehe)
fix Exceptions not propagated to JSP error pages (luehe)
fix Make sure that the output directory exist, in case it was removed (kinman)
fix 'xmlns' attributes that do not represent tag libraries are subject to TLD check (luehe)
fix Jasper *always* passes initial response character encoding to ServletResponse (luehe)
fix 19713: Define "request" the out of line method when there is a <jsp:param> in the body of a custom tag (kinman)
Webapps
update Add placeholder code for a complete status display in the Status servlet, including webapps statistics (remm)
fix Fix WAR handling when deploying and undeploying webapps using the HTML manager (remm)
add Add documentation on the default servlet (funkman)
fix Update information of the proxy documentation page (funkman)
update Update the manager servlet to support versioning with the deploy method, in addition to other smaller refactorings (remm)
add Add changelog, status, and developers list (remm)
update Remove checkInterval attribute since it no longer exists (amyroh)
fix Use getSession(true) in the session example (remm)
update Update documentation index, to reflect the docs structure (remm)
fix Disallow more than one SingleSignOn valve per service (amyroh)
fix Unregister context and loader mbeans if it fails due to missing directory (amyroh)
fix Fix to return an error page instead of error stack trace when a user tries to create a context without creating a directory first (amyroh)
docs Update manager documentation according to the new behavior (remm)
fix Disable realm operations for engine until JAAS realm is supported in admin (amyroh)
docs Use a book-like structure for the user related documentation (remm)
docs Add new deployer documentation (remm)
docs Fix MySQL JDBC connection example (glenn)
fix Add proper MIME types for the content the JSPX examples generate, submitted by Mark Roth (kinman)
Deployer
code Deprecate install and remove tasks (remm)
update Add new properties to the deploy task to allow for versioning and updating (remm)
add Generate minimal catalina-deployer JAR for use with the deployer (remm)
add New validator task, for use with the deployer (remm)
update Rename deploy.xml to build.xml for ease of use (remm)
Tomcat 5.0.2 (remm)
Tomcat 5.0.1 (remm)
Tomcat 5.0.0 (remm)
Tomcat 4.1.7 Beta (remm)
code Tomcat 5.0.x branch point based on the Tomcat 4.1.7 codebase (remm)

Copyright © 1999-2003, Apache Software Foundation