tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <>
Subject Re: svn commit: r1001698 [1/2] - in /tomcat/trunk: java/org/apache/catalina/connector/ java/org/apache/catalina/core/ java/org/apache/catalina/security/ java/org/apache/coyote/ java/org/apache/coyote/ajp/ java/org/apache/coyote/http11/ java/org/apache/tomc...
Date Mon, 27 Sep 2010 21:10:16 GMT
I'd really appreciate your taking a look at the following issues before 7.0.3, in this order
of priority.

49952 ServletContainerInitializer can't actually add listeners 
this is an obvious bug with a simple fix and a new testcase.

50015 dynamic servlet security incomplete and badly distributed 
There's some major application logic in ApplicationServletRegistration and there aren't enough
notifications to  StandardContext for createServlet and addServlet calls to ServletContext
to easily implement the spec required behavior for @ServletSecurity annotation scanning for
dynamically added servlets.  This patch doesn't implement much missing behavior but puts in
some methods in ServletContext that allow subclasses to implement the spec behavior easily.
 If someone expresses some interest and there are a couple days I could try to provide a tomcat
implementation of the missing beahvior.

50016 bad division of responsibility around isUserInRole and new Request login and logout
There's some code in Request that I think should be in Realm, the authenticators, or Wrapper.

49916 use an init-param for jspFile on explicit jsp servlets
This provides what I think is a significant code simplification and has a better division
of responsibility for proecessing and running jsps.

49937 Problems with AsyncListener and resource injection
This one is probably controversial since the spec is contradictory on the subject.

david jencks

On Sep 27, 2010, at 5:16 AM, Mark Thomas wrote:

> On 27/09/2010 13:13, wrote:
>> Author: markt
>> Date: Mon Sep 27 12:13:32 2010
>> New Revision: 1001698
> <snip/>
>> The following work remains:
>> - Testing all connectors (HTTP and AJP) with TCK + security manager and fixing whatever
is broken
> Just as soon as I get this done, I plan to roll a 7.0.3 release.
> Hopefully this week although given how long it took me to get this
> commit ready...
> Mark
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message