Remove outdated SSL information from the Security documentation. This value is used to set the javax. When creating a new session, add the message handlers to the session before calling Endpoint. Make sure that stream is closed after using it in DeltaSession. Update package renamed Apache Commons File upload to r to pick up the post 1.
Patch provided by Alexandre Garnier. Patch provided by Sandra Madden. Add support for authentication in the websocket client. Patch provided by Hariprasad Manchi. This class cannot be built with Java 6. Fix MBean attribute definition of stateTransfered.
3.4. Single-Thread Model
Require RuntimePermission when introducing a new token. In order to avoid that the heartbeat thread and the background thread to run Channel. Prevent file descriptors leak and ensure that files are closed after retrieving the last modification time. Add the StatusManagerServlet to the list of Servlets that can only be loaded by privileged applications. Note that a side-effect of this change is that files with modification times in the future are treated as if they are unmodified.
Fix potential integer overflow in ConnectionPool and PooledConnection. Fix possible resource leaks by closing streams properly. Avoid logging version information in the constructor since it then gets logged at undesirable times such as when using StoreConfig. Ensure that in an embedded Tomcat the logging configuration is not lost during garbage collection. Fix inconsistencies in Windows installer, examples. Improve handing of overloaded methods and constructors in expression language implementation.
Add MIME mapping for woff2 fonts in the default web. Log a warning if a redirect fails because of an invalid location. Based on a patch by Cris Berneburg. Correct stop failure log of cluster. Correctly apply security constraints mapped to the context root using a URL pattern of .
Improve logging in AprLifecycleListener and jni. Ensure that Tomcat does not shut down if the socket waiting for the shutdown command experiences a SocketTimeoutException. Improve readability by using left alignment for the table cell containing the request information on the Manager application status page.
Ensure that a non-container thread can not change the async state until the container thread has completed. Taskdef there is not needed since Ant 1. Fix a potential resource leak in the Default Servlet reported by Coverity Scan.
Add a description of the default value of heartbeatSleeptime attribute and optionCheck attribute in the cluster channel docs. Expressions in a tag file should use the tag file's PageContext rather than that of the containing page. Log a warning message rather than an information message if it takes more than ms to initialised a SecureRandom instance for a web application to use to generate session identifiers. Ensure that clear the channel instance from channel services when stopping channel. Take account of the dispatchersUseEncodedPaths setting on the current Context when generating paths for dispatches triggered by AsyncContext.
Allow file based configuration resources user database, certificate revocation lists, keystores and trust stores to be configured using URLs as well as files. Matcher which is to filter JARs for scanning during web application start. There was no functional impact but the code was less efficient as a result of the error.
Identified by Coverity Scan. Modify the LockOutRealm logic. Improve the robustness of web application undeployment based on some code analysis triggered by the report for Clarify that the connectionTimeout may also be used as the read timeout when reading a request body if any in the documentation web application.
Reduce unnecessary nesting for acquisition of cluster instance. Use this information to provide more accurate error messages if a compilation error occurs in a declaration section. Make resources accessed via a context alias accessible via JNDI in the same way standard resources are available.
- Correct the label in the list of sessions by idle time for the bin that represents the idle time immediately below the maximum permitted idle time when using the expire command of the Manager application. Call onError if an exception is thrown calling onClose when closing a session. Fix a potential resource leak in the Default Servlet reported by Coverity Scan. Correct two regressions caused by the fix for when using BIO with an external Executor. Correct client connect logic for secure connections made through a proxy.
- Set the path for cookies created by the examples web application so they only returned to the examples application. Fix potential integer overflow in ConnectionPool and PooledConnection. Update the warnings that reference required options for running on Java 9 to use the latest syntax for those options. Ensure the ASF logo image is correctly displayed in docs and host-manager applications.
Better error message if a JAR is deleted while a web application is running. Fix a potential resource leak in the Default Servlet reported by Coverity Scan. This is primarily for use when embedding but it also fixes a rare issue when running the unit test. Fix cosmetic error log when using non standard non cacheable resources, like with the empty resources used in some tests.
When an asynchronous request is processed by the AJP connector, ensure that request processing has fully completed before starting the next request. Log a warning if running on Java 9 with this check enabled but without the command line option it requires. Allow to limit JUnit test run to a number of selected test case methods.
Correct the javadoc for o. When retrieving an object via a ResourceLink , ensure that the object obtained is of the expected type. Simplify the code of o. Recommend to copy the servlet declaration into web application instead of enabling it globally. Patch provided by Benjamin Gandon.