2011年4月 6日

[installer 2749] Apache Tomcat 7.0.12

Apache Tomcat 7.0.12 出ています。

☆ Apache Tomcat 7.0.12
http://tomcat.apache.org/
http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.12/src/apache-tomcat-7.0.12-src.tar.gz

Tomcat 7.0.12 (markt)
Catalina

* Automatically correct invalid paths when specified for Context
elements inside server.xml and log a warning that the configuration
has been corrected. (markt)
* Don't unpack WAR files if they are not located in the Host's
appBase. (markt)
* Don't log to standard out in SSLValve. (markt)
* Handle the case where a web crawler provides an invalid session ID
in the CrawlerSessionManagerValve. (markt)
* Update pattern used in CrawlerSessionManagerValve to that used by
the ASF infrastructure team. (markt)
* Remove unnecessary whitespace from MIME mapping entries in global
web.xml file. (markt)
* When using parallel deployment, correctly handle the scenario when
the client sends multiple JSESSIONID cookies. (markt)
* 12428: Add support (disabled by default) for preemptive
authentication. This can be configured per context. Based on a patch
suggested by Werner Donn. (markt)
* 50929: When wrapping an exception, include the root cause. Patch
provided by sebb. (markt)
* Make the CSRF nonce cache serializable so that it can be replicated
across a cluster and/or persisted across Tomcat restarts. (markt)
* Resolve some refactoring TODOs in the implementation of the new
Context attribute "swallowAbortedUploads". (markt)
* Include the seed time when calculating the time taken to create
SecureRandom instances for session ID generation, report excessive
times (greater than 100ms) at INFO level and provide a value for the
message key so a meaningful message appears in the logs. (markt)
* Don't register Contexts that fail to start with the Mapper. (markt)
* 48685: Add initial support for SPNEGO/Kerberos authentication also
referred to as integrated Windows authentication. This includes user
authentication, authorisation via the directory using the user's
delegated credentials and exposing the user's delegated credentials
via a request attribute so applications can make use of the to
impersonate the current user when accessing third-party systems that
use a compatible authentication mechanism. Based on a patch provided
by Michael Osipov. (markt)
* HTTP range requests cannot be reliably served when a Writer is in
use so prevent the DefaultServlet from attempting to do so. (kkolinko)
* Protect the DefaultServlet from Valves, Filters and Wrappers that
write content to the response. Prevent partial responses to partial
GET requests in this case since the range cannot be reliably
determined. Also prevent the DefaultServlet from setting a content
length header since this too cannot be reliably determined. (markt)
* 50991: Fix regression in fix for 25060 that called close on a JNDI
resource while it was still available to the application. (markt)
* Provide a configuration option that lets the close method to be used
for a JNDI Resource to be defined by the user. This change also
disables using the close method unless one is explicitly defined for
the resource and limits it to singleton resources. (markt)
* Correctly track changes to context.xml files and trigger
redeployment when copyXML is set to false. (markt)
* 50997: Relax the requirement that directories must have a name
ending in .jar to be treated as an expanded JAR file by the default
JarScanner. Based on patch by Rodion Zhitomirsky. (markt)
* Don't append the jvmRoute to a session ID if the jvmRoute is a zero
length string. (markt)
* Don't register non-singelton DataSource resources with JMX. (markt)
* Provide additional configuration options for the DIGEST
authenticator. (markt)
* Provide a workaround for Tomcat hanging during shutdown when running
the unit tests. (markt)

Coyote
* 50887: Add support for configuring the JSSE provider used to convert
client certificates. Based on a patch by pknopp. (markt)
* 50903: When a connector is stopped, ensure that requests that are
currently in a keep-alive state and waiting for client data are not
processed. Requests where processing has started will continue to
completion. (markt)
* 50927: Improve error message when SSLCertificateFile is not
specified when using APR with SSL. Based on a patch provided by
sebb. (markt)
* 50928: Don't ignore keyPass attribute for HTTP BIO and NIO
connectors. Based on a patch provided by sebb. (markt)

Cluster
* Securely seed the SecureRandom instance used for UUID generation and
report excessive creation time (greater than 100ms) at INFO
level. (markt)

Web applications
* 50924: Clean-up HTTP connector comparison table. (markt)
* Slightly expanded the documentation of the Host element to clarify
the relationship between host name and DNS name. (markt)
* 50925: Update SSL how-to to take account of keyPass connector
attribute. (markt)
* Improve Tomcat Logging documentation. (kkolinko)
* Align the authenticator documentation and MBean descriptors with the
implementation. (markt)
* Prevent the custom error pages for the Manager and Host Manager
applications from being accessed directly. (markt)
* 50984: When using the Manager application ensure that undeployment
fails if a file cannot be deleted. (markt)

Other
* Update Eclipse JDT complier to 3.6.2. (markt)
* Update WSDL4J library to 1.6.2 (used by JSR 109 support in the
extras package). (markt)
* Update optional CheckStyle library to 5.3. (markt)
* 50911: Reduce noise generated during the build of the Windows
installer so warnings are more obvious. Patch provided by
sebb. (markt)
* Further work to reduce compiler and validation warnings across the
code base. (markt)

----
こがよういちろう


投稿者 xml-rpc : 2011年4月 6日 13:05
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/102963
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。