jetty-announce http://dev.eclipse.org/mhonarc/lists/jetty-announce/maillist.html jetty-announce en-us Tue, 17 Apr 2012 17:20:02 GMT Tue, 17 Apr 2012 17:20:02 GMT http://blogs.law.harvard.edu/tech/rss MHonArc RSS 2.0 RCFile webmaster@eclipse.org (Webmaster) webmaster@eclipse.org (Webmaster) jetty-announce http://www.eclipse.org/eclipse.org-common/themes/Phoenix/images/eclipse_home_header.jpg http://dev.eclipse.org/mhonarc/lists/jetty-announce/maillist.html [jetty-announce] Jetty 7.6.3.v20120416 and 8.1.3.v20120416 Released! http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00030.html We have finally pushed the releases out to maven central and updated all the relavent download artifacts in the download areas of eclipse and codehaus. There have been a number of issues addressed with the recent SPDY support. Below are the patch notes for... We have finally pushed the releases out to maven central and updated all the relavent download artifacts in the download areas of eclipse and codehaus. There have been a number of issues addressed with the recent SPDY support. Below are the patch notes for each of the releases! cheers, jesse jetty-7.6.3.v20120416 - 16 April 2012 + 367172 Remove detection for slf4j NOPLogger + 373269 Make ServletHandler.notFound() method impl do nothing - override to send back 404. + 373421 address potential race condition related to the nonce queue removing the same nonce twice + 373952 bind called too frequently on refresh + 374018 correctly handle requestperminuted underflow + 374252 SslConnection.onClose() does not forward to nested connection. + 374258 SPDY leaks SSLEngines. Made the test more reliable. + 374367 NPE in QueuedThreadPool.dump() with early java6 jvms + 374475 Response.sendRedirect does not encode UTF-8 characters properly + 374881 Set copyWebInf to false by default + 374891 enhancement to how ProxyServlet determines the proxy target + 375009 Filter initialization error will throw MultiException + 375083 Flow control should take in account window size changes from concurrent SETTINGS + 375096 If starting a server instance fails in osgi it is cleaned up. + 375490 NPE with --help on command line + 375509 Stalled stream stalls other streams or session control frames. Now using a "death pill" instead of a boolean in order to avoid race conditions where DataInfos were read from the queue (but the boolean not updated yet), and viceversa. + 375594 fixed SSL tests so they are not order dependent + 375709 Ensure resolveTempDirectory failure does not deadlock; improve error message + 375970 HttpServletRequest.getRemoteAddr() returns null when HTTP is over SPDY. + 376201 HalfClosed state not handled properly. Addendum to restore previous behavior, where a closed stream was also half closed. + JETTY-1504 HttpServletResponseWrapper ignored when using asyncContext? jetty-8.1.3.v20120416 - 16 April 2012 + 349110 MultiPartFilter records the content-type in request params + 367172 Remove detection for slf4j NOPLogger + 372678 Embedded Examples need updates for new LoginService requirement + 373269 Make ServletHandler.notFound() method impl do nothing - override to send back 404. + 373421 address potential race condition related to the nonce queue removing the same nonce twice + 373952 bind called too frequently on refresh + 374018 correctly handle requestperminuted underflow + 374152 jetty-all-server MANIFEST contains wrong import: javax.servlet.annotation;version="[2.6,3)" + 374252 SslConnection.onClose() does not forward to nested connection. + 374258 SPDY leaks SSLEngines. Made the test more reliable. + 374367 NPE in QueuedThreadPool.dump() with early java6 jvms + 374475 Response.sendRedirect does not encode UTF-8 characters properly + 374881 Set copyWebInf to false by default + 374891 enhancement to how ProxyServlet determines the proxy target + 375009 Filter initialization error will throw MultiException + 375083 Flow control should take in account window size changes from concurrent SETTINGS + 375096 If starting a server instance fails in osgi it is cleaned up. + 375490 NPE with --help on command line + 375509 Stalled stream stalls other streams or session control frames. Now using a "death pill" instead of a boolean in order to avoid race conditions where DataInfos were read from the queue (but the boolean not updated yet), and viceversa. + 375594 fixed SSL tests so they are not order dependent + 375709 Ensure resolveTempDirectory failure does not deadlock; improve error message + 375906 Part.getHeader method not case insensitive + 375970 HttpServletRequest.getRemoteAddr() returns null when HTTP is over SPDY. + 376201 HalfClosed state not handled properly. Addendum to restore previous behavior, where a closed stream was also half closed. + 376324 <max-file-size> is not respected in <multipart-config> + JETTY-1495 Ensure dynamic servlet addition does not cause servlets to be inited. + JETTY-1500 form parameters from multipart request not available via request.getParameter + JETTY-1504 HttpServletResponseWrapper ignored when using asyncContext? jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 16 April 2012 + JETTY-1487 umask setting for SetUID can't be set to 0 + JETTY-1497 jetty-jspc-maven-plugin has problems with spaces in classpath filenames + JETTY-1498 Add ability to put <scope>provided</scope> artifacts on system classpath for jetty-jspc-maven-plugin jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 16 April 2012 + JETTY-1487 umask setting for SetUID can't be set to 0 + JETTY-1497 jetty-jspc-maven-plugin has problems with spaces in classpath filenames + JETTY-1498 Add ability to put <scope>provided</scope> artifacts on system classpath for jetty-jspc-maven-plugin + JETTY-1499 WEB-INF/classes not scanned with mvn jetty:run-war -- jesse mcconnell jesse.mcconnell@xxxxxxxxx ]]> Tue, 17 Apr 2012 17:12:26 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00030.html jesse.mcconnell@xxxxxxx (Jesse McConnell) [jetty-announce] Jetty 7.6.2 and 8.1.2 (v20120308) Released! http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00029.html We have pushed the 7.6.2.v20120308 and 8.1.2.v20120308 releases and they are now available for download from maven central and the usual eclipse and codehaus download locations. We anticipate another release that will resolve a few lingering jsp issues rel... We have pushed the 7.6.2.v20120308 and 8.1.2.v20120308 releases and they are now available for download from maven central and the usual eclipse and codehaus download locations. We anticipate another release that will resolve a few lingering jsp issues related to OSGI usage so if your an osgi user you might want to wait for the next release before updating. cheers, jesse The following issues were resolved in both releases: + 370387 SafariWebsocketDraft0Test failure during build. + 371168 Update ClientCrossContextSessionTest + 372093 handle quotes in Require-Bundle manifest string + 372457 Big response + slow clients + pipelined requests cause Jetty spinning and eventually closing connections. Added a TODO for a method renaming that will happen in the next major release (to avoid break implementers). + 372487 JDBCSessionManager does not work with Oracle + 372806 Command line should accept relative paths for xml config files + 373037 jetty.server.Response.setContentLength(int) should not close a Writer when length=0 + 373162 add improved implementation for getParameterMap(), needs a test though and the existing setup doesn't seem like it would easily support the needed test so need to do that still + 373306 Set default user agent extraction pattern for UserAgentFilter + 373567 cert validation issue with ocsp and crldp always being enabled when validating turned on fixed + JETTY-1409 GzipFilter will double-compress application/x-gzip content + JETTY-1489 WebAppProvider attempts to deploy .svn folder + JETTY-1494 . -- jesse mcconnell jesse.mcconnell@xxxxxxxxx ]]> Fri, 09 Mar 2012 19:51:31 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00029.html jesse.mcconnell@xxxxxxx (Jesse McConnell) Re: [jetty-announce] Jetty 7.6.1 and 8.1.1 released! http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00028.html Heads up... Something I should have mentioned on this release is that we have addressed some build issues we had regarding signed jars in eclipse orbit that we had to pull in for distribution. These dependencies used to be pulled into the jetty-distribution through some ant magic and have not been what was referenced via maven transitive dependencies. If you only use the jetty-distribution or jetty-hightide, you can stop reading now. If you use jetty via maven or especially if you explode the dependencies via the maven dependency plugin you will likely see an issue about signed classes. This might come out of now where and surprise you. You should be able to just exclude the ECLIPSE.RSA and ECLIPSE.SF files and be fine. Or you can exclude the org.eclipse.jetty.orbit groupId from the transitive dependencies and track down unsigned dependencies manually. For some more history you can see this issue: https://bugs.eclipse.org/bugs/show_bug.cgi?id=371954 Thanks to bubbleguuum for pointing this out! jesse -- jesse mcconnell jesse.mcconnell@xxxxxxxxx On Fri, Feb 17, 2012 at 09:32, Jesse McConnell <jesse.mcconnell@xxxxxxxxx> wrote: > I have released an incremental update to the jetty 7.6 and 8.1 > releases from a few weeks back. > > Eclipse: > http://download.eclipse.org/jetty/ > > Codehaus: > http://dist.codehaus.org/jetty/ > > Of particular note in these releases are a fix to usage of the --exec > in the start.ini, it was largely broken in the last release generating > some incorrect paths and then a few fixes to the nosql mongo session > handling. > > cheers, > jesse > > > jetty-7.6.1.v20120215 - 15 February 2012 > Â+ 369121 simplified test > Â+ 370120 jvm arguments added via start.ini and --exec are missing spaces > Â+ 370137 SslContextFactory does not respect order for > Â [included|excluded]Protocols() and [included|excluded]CipherSuites(). > Â+ 370368 resolve stack overflow in mongo db session manager > Â+ 370386 Remove META-INF from jetty distro > Â+ 371040 nosqlsession needs to call correct super contructor for new sessions > Â+ 371041 valid was not being set to new mongo db sessions, and the call to > Â mongodb api was wrong in isIdInUse > Â+ 371162 NPE protection for nested security handlers > Â+ JETTY-1484 Add option for HashSessionManager to delete session files if it > Â can't restore them > > jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 15 February 2012 > Â+ 370386 Remove META-INF from hightide distro > Â+ JETTY-1480 jspc-maven-plugin does not find jstl tags > Â+ JETTY-1481 Change jetty-atomikos to be type jar so its dependencies can be > Â used in jetty-hightide > Â+ JETTY-1482 fix path in setuid configuration > > jetty-8.1.1.v20120215 - 15 February 2012 > Â+ 369121 simplified test > Â+ 370120 jvm arguments added via start.ini and --exec are missing spaces > Â+ 370137 SslContextFactory does not respect order for > Â [included|excluded]Protocols() and [included|excluded]CipherSuites(). > Â+ 370368 resolve stack overflow in mongo db session manager > Â+ 370386 Remove META-INF from jetty distro > Â+ 371040 nosqlsession needs to call correct super contructor for new sessions > Â+ 371041 valid was not being set to new mongo db sessions, and the call to > Â mongodb api was wrong in isIdInUse > Â+ 371162 NPE protection for nested security handlers > Â+ JETTY-1484 Add option for HashSessionManager to delete session files if it > Â can't restore them > > jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 15 February 2012 > Â+ 370386 Remove META-INF from hightide distro > Â+ JETTY-1480 jspc-maven-plugin does not find jstl tags > Â+ JETTY-1481 Change jetty-atomikos to be type jar so its dependencies can be > Â used in jetty-hightide > Â+ JETTY-1482 fix path in setuid configuration > > > > -- > jesse mcconnell > jesse.mcconnell@xxxxxxxxx ]]> Sat, 18 Feb 2012 00:14:57 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00028.html jesse.mcconnell@xxxxxxx (Jesse McConnell) [jetty-announce] Jetty 7.6.1 and 8.1.1 released! http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00027.html I have released an incremental update to the jetty 7.6 and 8.1 releases from a few weeks back. Eclipse: http://download.eclipse.org/jetty/ Codehaus: http://dist.codehaus.org/jetty/ Of particular note in these releases are a fix to usage of the --exec in th... I have released an incremental update to the jetty 7.6 and 8.1 releases from a few weeks back. Eclipse: http://download.eclipse.org/jetty/ Codehaus: http://dist.codehaus.org/jetty/ Of particular note in these releases are a fix to usage of the --exec in the start.ini, it was largely broken in the last release generating some incorrect paths and then a few fixes to the nosql mongo session handling. cheers, jesse jetty-7.6.1.v20120215 - 15 February 2012 + 369121 simplified test + 370120 jvm arguments added via start.ini and --exec are missing spaces + 370137 SslContextFactory does not respect order for [included|excluded]Protocols() and [included|excluded]CipherSuites(). + 370368 resolve stack overflow in mongo db session manager + 370386 Remove META-INF from jetty distro + 371040 nosqlsession needs to call correct super contructor for new sessions + 371041 valid was not being set to new mongo db sessions, and the call to mongodb api was wrong in isIdInUse + 371162 NPE protection for nested security handlers + JETTY-1484 Add option for HashSessionManager to delete session files if it can't restore them jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 15 February 2012 + 370386 Remove META-INF from hightide distro + JETTY-1480 jspc-maven-plugin does not find jstl tags + JETTY-1481 Change jetty-atomikos to be type jar so its dependencies can be used in jetty-hightide + JETTY-1482 fix path in setuid configuration jetty-8.1.1.v20120215 - 15 February 2012 + 369121 simplified test + 370120 jvm arguments added via start.ini and --exec are missing spaces + 370137 SslContextFactory does not respect order for [included|excluded]Protocols() and [included|excluded]CipherSuites(). + 370368 resolve stack overflow in mongo db session manager + 370386 Remove META-INF from jetty distro + 371040 nosqlsession needs to call correct super contructor for new sessions + 371041 valid was not being set to new mongo db sessions, and the call to mongodb api was wrong in isIdInUse + 371162 NPE protection for nested security handlers + JETTY-1484 Add option for HashSessionManager to delete session files if it can't restore them jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 15 February 2012 + 370386 Remove META-INF from hightide distro + JETTY-1480 jspc-maven-plugin does not find jstl tags + JETTY-1481 Change jetty-atomikos to be type jar so its dependencies can be used in jetty-hightide + JETTY-1482 fix path in setuid configuration -- jesse mcconnell jesse.mcconnell@xxxxxxxxx ]]> Fri, 17 Feb 2012 15:32:54 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00027.html jesse.mcconnell@xxxxxxx (Jesse McConnell) [jetty-announce] Jetty releases 7.6.0 and 8.1.0 http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00026.html Jetty releases 7.6.0 and 8.1.0 have been promoted to maven central and will soon be available for download via http://eclipse.org/jettyThese releases represent a major effort by the team to refactor the IO layer to handle several issues that have emerged o... Jetty releases 7.6.0 and 8.1.0 have been promoted to maven central and will soon be available for download via http://eclipse.org/jetty

These releases represent a major effort by the team to refactor the IO layer to handle several issues that have emerged over the last year with respect to the latest JVMs and browsers, such as several 100% CPU spins fixed that resulted from strangely closed SSL connection.   Furthermore, the releases contain some additional protection from some denial of service attacks that have been discovered that affect a wide range of web servers.

We recommend that you plan to evaluate and upgrade to these releases as soon as possible.  Do to the nature of these changes, it is impossible to back the most significant ones to Jetty-6 and thus these releases represent the effective EOL for jetty-6, as no more general releases are planned.

Thanks to the jetty team who have  worked extremely hard over the last few months on these releases.  We've also very much appreciate the efforts of users who have raised issues, provided debug/traces and have tried out various snapshots and RCs.


jetty-8.1.0.v20120127 - 27 January 2012
 + 368773 allow authentication to be set by non securityHandler handlers
 + 368992 avoid update key while flushing during a write
 + 369216 turned off the shared resource cache
 + 369349 replace quotes with a space escape method

jetty-8.1.0.RC5 - 20 January 2012
 + 359329 Prevent reinvocation of LoginModule.login with jaspi for already
   authed user
 + 368632 Remove superfluous removal of org.apache.catalina.jsp_file
 + 368633 fixed configure.dtd resource mappings
 + 368635 moved lifecycle state reporting from toString to dump
 + 368773 process data constraints without realm
 + 368787 always set token view to new header buffers in httpparser
 + 368821 improved test harness
 + 368920 JettyAwareLogger always formats the arguments.
 + 368948 POM for jetty-jndi references unknown version for javax.activation.
 + 368992 NPE in HttpGenerator.prepareBuffers() test case.
 + JETTY-1475 made output state fields volatile to provide memory barrier for
   non dispatched thread IO

jetty-8.1.0.RC4 - 13 January 2012
 + 365048 jetty Http client does not send proxy authentication when requesting
   a Https-resource through a web-proxy.
 + 366774 removed XSS vulnerbility
 + 367099 Upgrade jetty-websocket for RFC 6455 - Addendum.
 + 367433 added tests to investigate
 + 367435 improved D00 test harness
 + 367485 HttpExchange canceled before response do not release connection.
 + 367502 WebSocket connections should be closed when application context is  stopped.
 + 367548 jetty-osgi-boot must not import the nested package twice
 + 367591 corrected configuration.xml version to 7.6
 + 367635 Added support for start.d directory
 + 367716 simplified maxIdleTime logic
 + 368035 WebSocketClientFactory does not invoke super.doStop().
 + 368060 do not encode sendRedirect URLs
 + 368112 NPE on <jsp-config><taglib> element parsing web.xml
 + 368113 Support servlet mapping to ""
 + 368114 Protect against non-Strings in System properties for Log
 + 368189 WebSocketClientFactory should not manage external thread pool.
 + 368240 Improve AggregateLifeCycle handling of shared lifecycles
 + 368215 Remove debug from jaspi
 + 368240 Better handling of locally created ThreadPool. Forgot to null out    field.
 + 368291 Change warning to info for NoSuchFieldException on    BeanELResolver.properties
 + 367638 limit number of form parameters to avoid DOS
 + JETTY-1467 close half closed when idle

jetty-8.1.0.RC2 - 22 December 2011
 + 359329 jetty-jaspi must exports its packages. jetty-plus must import   javax.security
 + 364638 HttpParser closes if data received while seeking EOF. Tests fixed to  cope
 + 364921 Made test less time sensitive
 + 364936 use Resource for opening URL streams
 + 365267 NullPointerException in bad Address
 + 365375 ResourceHandler should be a HandlerWrapper
 + 365750 Support WebSocket over SSL, aka wss://
 + 365932 Produce jetty-websocket aggregate jar for android use
 + 365947 Set headers for Auth failure and retry in http-spi
 + 366316 Superfluous printStackTrace on 404
 + 366342 Dont persist DosFilter trackers in http session
 + 366730 pass the time idle to onIdleExpire
 + 367048 test harness for guard on suspended requests
 + 367175 SSL 100% CPU spin in case of blocked write and RST.
 + 367219 WebSocketClient.open() fails when URI uses default ports.
 + 367383 jsp-config element must be returned for    ServletContext.getJspConfigDescriptor
 + JETTY-1460 suppress PrintWriter exceptions
 + JETTY-1463 websocket D0 parser should return progress even if no fill done
 + JETTY-1465 NPE in ContextHandler.toString

jetty-8.1.0.RC1 - 06 December 2011
 + 360245 The version of the javax.servlet packages to import is 2.6 instead of 3.0
 + 365370 ServletHandler can fall through to nested handler

jetty-8.1.0.RC0 - 30 November 2011
 + 352565 cookie httponly flag ignored
 + 353285 ServletSecurity annotation ignored
 + 357163 jetty 8 ought to proxy jetty8 javadocs
 + 357209 JSP tag listeners not called
 + 360051 SocketConnectionTest.testServerClosedConnection is excluded.
 + 361135 Allow session cookies to NEVER be marked as secure, even on HTTPS
   requests.
 + 362249 update shell scripts to jetty8
 + 363878 Add ecj compiler to jetty-8 for jsp
 + 364283 can't parse the servlet multipart-config for the web.xml
 + 364430 Support web.xml enabled state for servlets

  jetty-7.6.0.v20120127 - 27 January 2012
 + 368773 allow authentication to be set by non securityHandler handlers
 + 368992 avoid update key while flushing during a write
 + 369216 turned off the shared resource cache
 + 369349 replace quotes with a space escape method

jetty-7.6.0.RC5 - 20 January 2012
 + 359329 Prevent reinvocation of LoginModule.login with jaspi for already
   authed user
 + 368632 Remove superfluous removal of org.apache.catalina.jsp_file
 + 368633 fixed configure.dtd resource mappings
 + 368635 moved lifecycle state reporting from toString to dump
 + 368773 process data constraints without realm
 + 368787 always set token view to new header buffers in httpparser
 + 368821 improved test harness
 + 368920 JettyAwareLogger always formats the arguments.
 + 368948 POM for jetty-jndi references unknown version for javax.activation.
 + 368992 avoid non-blocking flush when writing to avoid setting !_writable
   without _writeblocked
 + JETTY-1475 made output state fields volatile to provide memory barrier for
   non dispatched thread IO

jetty-7.6.0.RC4 - 13 January 2012
 + 365048 jetty Http client does not send proxy authentication when requesting
   a Https-resource through a web-proxy.
 + 366774 removed XSS vulnerbility
 + 367099 Upgrade jetty-websocket for RFC 6455 - Addendum.
 + 367716 simplified maxIdleTime logic
 + 368035 WebSocketClientFactory does not invoke super.doStop().
 + 368060 do not encode sendRedirect URLs
 + 368114 Protect against non-Strings in System properties for Log
 + 368189 WebSocketClientFactory should not manage external thread pool.
 + 368215 Remove debug from jaspi
 + 368240 Improve AggregateLifeCycle handling of shared lifecycles
 + 368291 Change warning to info for NoSuchFieldException on
   BeanELResolver.properties

jetty-7.6.0.RC3 - 05 January 2012
 + 367433 added tests to investigate
 + 367435 improved D00 test harness
 + 367485 HttpExchange canceled before response do not release connection.
 + 367502 WebSocket connections should be closed when application context is
   stopped.
 + 367591 corrected configuration.xml version to 7.6
 + 367635 Added support for start.d directory
 + 367638 limit number of form parameters to avoid DOS
 + JETTY-1467 close half closed when idle

jetty-7.6.0.RC2 - 22 December 2011
 + 364638 HttpParser closes if data received while seeking EOF. Tests fixed to
   cope
 + 364921 Made test less time sensitive for ssl
 + 364936 use Resource for opening URL streams
 + 365267 NullPointerException in bad Address
 + 365375 ResourceHandler should be a HandlerWrapper
 + 365750 Support WebSocket over SSL, aka wss://
 + 365932 Produce jetty-websocket aggregate jar for android use
 + 365947 Set headers for Auth failure and retry in http-spi
 + 366316 Superfluous printStackTrace on 404
 + 366342 Dont persist DosFilter trackers in http session
 + 366730 pass the time idle to onIdleExpire
 + 367048 test harness for guard on suspended requests
 + 367175 SSL 100% CPU spin in case of blocked write and RST.
 + 367219 WebSocketClient.open() fails when URI uses default ports.
 + JETTY-1460 suppress PrintWriter exceptions
 + JETTY-1463 websocket D0 parser should return progress even if no fill done
 + JETTY-1465 NPE in ContextHandler.toString

jetty-7.6.0.RC1 - 04 December 2011
 + 352565 cookie httponly flag ignored
 + 353285 ServletSecurity annotation ignored
 + 357163 jetty 8 ought to proxy jetty8 javadocs
 + 357209 JSP tag listeners not called
 + 360051 SocketConnectionTest.testServerClosedConnection is excluded.
 + 361135 Allow session cookies to NEVER be marked as secure, even on HTTPS
   requests.
 + 362249 update shell scripts to jetty8
 + 363878 Add ecj compiler to jetty-8 for jsp
 + 364283 can't parse the servlet multipart-config for the web.xml
 + 364430 Support web.xml enabled state for servlets
 + 365370 ServletHandler can fall through to nested handler

jetty-7.6.0.RC0 - 29 November 2011
 + Refactored NIO layer for better half close handling
 + 349110 fixed bypass chunk handling
 + 360546 handle set count exceeding max integer
 + 362111 StdErrLog.isDebugEnabled() returns true too often
 + 362113 Improve Test Coverage of org.eclipse.jetty.util.log classes
 + 362407 setTrustStore(Resource) -> setTrustStoreResource(R)
 + 362447 add setMaxNonceAge() to DigestAuthenticator
 + 362468 NPE at line org.eclipse.jetty.io.BufferUtil.putHexInt
 + 362614 NPE in accepting connection
 + 362626 IllegalStateException thrown when SslContextFactory preconfigured
   with SSLContext
 + 362696 expand virtual host configuration options to ContextHandler and add
   associated test case for new behavior
 + 362742 improved UTF8 exception reason
 + 363124 improved websocket close handling
 + 363381 Throw IllegalStateException if Request uri is null on getServerName
 + 363408 GzipFilter should not attempt to compress HTTP status 204
 + 363488 ShutdownHandler use stopper thread
 + 363718 Setting java.rmi.server.hostname in jetty-jmx.xml
 + 363757 partial fix
 + 363785 StdErrLog must use system-dependent EOL.
 + 363943 ignore null attribute values
 + 363993 EOFException parsing HEAD response in HttpTester
 + 364638 SCEP does idle timestamp checking. New setCheckForIdle method
   controls onIdleExpired callback. 364921 a second onIdleExpired callback will
   result in close rather than a shutdown output.
 + 364657 Support HTTP only cookies from standard API
 + JETTY-1442 add _hostHeader setter for ProxyRule


]]> Sat, 28 Jan 2012 21:50:53 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00026.html gregw@xxxxxxx (Greg Wilkins) [jetty-announce] Jetty 7.6.0.RC0 and 8.1.0RC0 http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00025.html Release Candidates for 7.6.0.RC0 and 8.1.0RC0 are now available via http://eclipse.org/jetty http://jetty.codehaus.org These releases have a significant re factoring of the NIO layer to better cope with the features added over recent years and to better de... Release Candidates for 7.6.0.RC0 and 8.1.0RC0 are now available via http://eclipse.org/jetty http://jetty.codehaus.org These releases have a significant re factoring of the NIO layer to better cope with the features added over recent years and to better deal with some of the instability that was introduced in the 7.5.x releases (specially with regards to half closed SSL connections). We would appreciate as much feedback as you can give (positive or negative) on your testing/usage of these releases. jetty-8.1.0.RC0 - 30 November 2011 + 352565 cookie httponly flag ignored + 353285 ServletSecurity annotation ignored + 357163 jetty 8 ought to proxy jetty8 javadocs + 357209 JSP tag listeners not called + 360051 SocketConnectionTest.testServerClosedConnection is excluded. + 361135 Allow session cookies to NEVER be marked as secure, even on HTTPS requests. + 362249 update shell scripts to jetty8 + 363878 Add ecj compiler to jetty-8 for jsp + 364283 can't parse the servlet multipart-config for the web.xml + 364430 Support web.xml enabled state for servlets jetty-7.6.0.RC0 - 29 November 2011 + Refactored NIO layer for better half close handling + 349110 fixed bypass chunk handling + 360546 handle set count exceeding max integer + 362111 StdErrLog.isDebugEnabled() returns true too often + 362113 Improve Test Coverage of org.eclipse.jetty.util.log classes + 362407 setTrustStore(Resource) -> setTrustStoreResource(R) + 362447 add setMaxNonceAge() to DigestAuthenticator + 362468 NPE at line org.eclipse.jetty.io.BufferUtil.putHexInt + 362614 NPE in accepting connection + 362626 IllegalStateException thrown when SslContextFactory preconfigured with SSLContext + 362696 expand virtual host configuration options to ContextHandler and add associated test case for new behavior + 362742 improved UTF8 exception reason + 363124 improved websocket close handling + 363381 Throw IllegalStateException if Request uri is null on getServerName + 363408 GzipFilter should not attempt to compress HTTP status 204 + 363488 ShutdownHandler use stopper thread + 363718 Setting java.rmi.server.hostname in jetty-jmx.xml + 363757 partial fix + 363785 StdErrLog must use system-dependent EOL. + 363943 ignore null attribute values + 363993 EOFException parsing HEAD response in HttpTester + 364638 SCEP does idle timestamp checking. New setCheckForIdle method controls onIdleExpired callback. 364921 a second onIdleExpired callback will result in close rather than a shutdown output. + 364657 Support HTTP only cookies from standard API + JETTY-1442 add _hostHeader setter for ProxyRule ]]> Wed, 30 Nov 2011 22:31:26 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00025.html gregw@xxxxxxx (Greg Wilkins) Re: [jetty-announce] Need "ServerAuthentication" info... http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00024.html Is it necessary to post this to [jetty-announce?
Please choose *one* dedicated mailing list for questions of that kind…
R.

On 10/31/2011 09:55 AM, gopinath nallamolu wrote:
Hi All,

FormAuthModule which is present in org.eclipse.jetty.security.jaspi.modules has been deprecated. In API doc it was mentioned to use *ServerAuthentication. But i can't find this class "ServerAuthentication".

Can any one please let me know what "ServerAuthentication" is and where i can find this class.

what does * represents in "*ServerAuthentication". 

Regards,
gopi



_______________________________________________
jetty-announce mailing list
jetty-announce@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-announce

]]> Mon, 31 Oct 2011 09:00:11 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00024.html rkrell@xxxxxxx (René Krell) [jetty-announce] Need "ServerAuthentication" info... http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00023.html Hi All, FormAuthModule which is present in org.eclipse.jetty.security.jaspi.modules has been&#xA0;deprecated. In API doc it was mentioned to use *ServerAuthentication. But i can&#39;t find this class &quot;ServerAuthentication&quot;. Can any one please let me know what ;Serv...
Hi All,

FormAuthModule which is present in org.eclipse.jetty.security.jaspi.modules has been deprecated. In API doc it was mentioned to use *ServerAuthentication. But i can't find this class "ServerAuthentication".

Can any one please let me know what "ServerAuthentication" is and where i can find this class.

what does * represents in "*ServerAuthentication". 

Regards,
gopi

]]> Mon, 31 Oct 2011 08:56:11 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00023.html gopinath511@xxxxxxx (gopinath nallamolu) [jetty-announce] Need "ServerAuthentication" info... http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00022.html Hi All, FormAuthModule which is present in org.eclipse.jetty.security.jaspi.modules has been&#xA0;deprecated. In API doc it was mentioned to use *ServerAuthentication. But i can&#39;t find this class &quot;ServerAuthentication&quot;. Can any one please let me know what ;Serv...
Hi All,

FormAuthModule which is present in org.eclipse.jetty.security.jaspi.modules has been deprecated. In API doc it was mentioned to use *ServerAuthentication. But i can't find this class "ServerAuthentication".

Can any one please let me know what "ServerAuthentication" is and where i can find this class.

what does * represents in "*ServerAuthentication". 

Regards,
gopi

]]> Mon, 31 Oct 2011 08:55:15 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00022.html gopinath511@xxxxxxx (gopinath nallamolu) [jetty-announce] Jetty 7.5.4.v20111024 and Jetty 8.0.4.v20111024 Released http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00021.html I have released a new minor bugfix release for Jetty. The artifacts are already in maven central. Eclipse: http://download.eclipse.org/jetty Codehaus: http://dist.codehaus.org/jetty Deb: http://dist.codehaus.org/jetty/deb Rpm: http://dist.codehaus.org/jett... I have released a new minor bugfix release for Jetty. The artifacts are already in maven central. Eclipse: http://download.eclipse.org/jetty Codehaus: http://dist.codehaus.org/jetty Deb: http://dist.codehaus.org/jetty/deb Rpm: http://dist.codehaus.org/jetty/rpm cheers, jesse jetty-7.5.4.v20111024 - 24 October 2011 + 358263 JDBCSessionIdManager add setDatasource(DataSource) method + 358649 Replace existing StdErrLog system properties for DEBUG/IGNORED with LEVEL instead. + 360836 Accept parameters with bad UTF-8. Use replacement character + 360912 CrossOriginFilter does not send Access-Control-Allow-Origin on responses. 355103 Make allowCredentials default to true in CrossOriginFilter. + 360938 Connections closed after a while. + 361319 Log initialization does not catch correct exceptions on all jvms + 361325 359292 Allow KeyStore to be set + 361456 release timer task on connection failed + 361655 ExecutorThreadPool.isLowOnThreads() returns wrong value. + JETTY-1444 start threadpool before selector manager jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 24 October 2011 + JETTY-1443 Corrected property names in jetty-setuid.xml + JETTY-1446 jetty-setuid is not unpacked to jetty-hightide jetty-8.0.4.v20111024 - 24 October 2011 + 358263 JDBCSessionIdManager add setDatasource(DataSource) method + 358649 Replace existing StdErrLog system properties for DEBUG/IGNORED with LEVEL instead. + 360836 Accept parameters with bad UTF-8. Use replacement character + 360912 CrossOriginFilter does not send Access-Control-Allow-Origin on responses. 355103 Make allowCredentials default to true in CrossOriginFilter. + 360938 Connections closed after a while. + 361135 secure cookies for sessions + 361319 Log initialization does not catch correct exceptions on all jvms + 361325 359292 Allow KeyStore to be set + 361456 release timer task on connection failed + 361655 ExecutorThreadPool.isLowOnThreads() returns wrong value. + JETTY-1444 start threadpool before selector manager jetty@xxxxxxxxxxxxxxxxxxxxxxxx - 24 October 2011 + JETTY-1443 Corrected property names in jetty-setuid.xml + JETTY-1446 jetty-setuid is not unpacked to jetty-hightide -- jesse mcconnell jesse.mcconnell@xxxxxxxxx ]]> Tue, 25 Oct 2011 16:20:15 GMT http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00021.html jesse.mcconnell@xxxxxxx (Jesse McConnell)