| [jetty-dev] Missing dependency |
|
Hi, in the version jetty-distribution-9.4.0.v20161208 is an check
that is only activated if an security manager is installed. The Error is in the jar file
"org.mortbay.jasper.apache-jsp-8.5.5.jar" package org.apache.jasper.security; Am 22.12.2016 um 18:00 schrieb
jetty-dev-request@xxxxxxxxxxx:
Send jetty-dev mailing list submissions to jetty-dev@xxxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://dev.eclipse.org/mailman/listinfo/jetty-dev or, via email, send a message with subject or body 'help' to jetty-dev-request@xxxxxxxxxxx You can reach the person managing the list at jetty-dev-owner@xxxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of jetty-dev digest..." Today's Topics: 1. Why DNS lookup in newSSLEngine(InetSocketAddress address)? (Johan Piculell) 2. Jetty 9.2.20 and Jetty 9.3.15 Released (Chris Walker) 3. Corrected: Jetty 9.2.20 and Jetty 9.3.15 Released! (Chris Walker) ---------------------------------------------------------------------- Message: 1 Date: Thu, 22 Dec 2016 15:55:33 +0100 From: "Johan Piculell" <johan@xxxxxxxxxxx> To: <jetty-dev@xxxxxxxxxxx> Subject: [jetty-dev] Why DNS lookup in newSSLEngine(InetSocketAddress address)? Message-ID: <1482418533620.77677.16554@webmail2> Content-Type: text/plain; charset="utf-8" Hello. The doc on this method states: * If {@link#getNeedClientAuth()} is {@codetrue}, then the host name is passed to* {@link#newSSLEngine(String, int)}, possibly incurring in a reverse DNS lookup, which takes time* and may hang the selector (since this method is usually called by the selector thread).*<p /> But why is this needed at all? I have made some tests and client authentication works just fine even if the host name cannot be resolved, so why this extra overhead? And what is worse is if I do have a DNS that does not respond for whatever reason, then my application will suffer severely since all incoming requests will be stuck. And I cannot see why we should get this penalty just because we enable client authentication. Regards /Johan -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dev.eclipse.org/mailman/private/jetty-dev/attachments/20161222/099d941d/attachment.html> ------------------------------ Message: 2 Date: Thu, 22 Dec 2016 10:30:19 -0500 From: Chris Walker <chris@xxxxxxxxxxx> To: jetty-announce@xxxxxxxxxxx, JETTY user mailing list <jetty-users@xxxxxxxxxxx>, jetty-dev@xxxxxxxxxxx Subject: [jetty-dev] Jetty 9.2.20 and Jetty 9.3.15 Released Message-ID: <CA+X3705zWtVZZ6c4ZCG-ciYwweEEnekxedB+0whx4hnhQ78sAg@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="utf-8" Hello! The Jetty team is happy to announce the release of new versions for both the 9.2.x and 9.3.x branches of Jetty. *Jetty 9.2.20.v20161216* This is a maintenance release which includes several bug fixes: *Jetty 9.3.15.v20161220* Gsads Both releases are available on the Eclipse Jetty project download page or from the Maven Central repository: - Eclipse: https://www.eclipse.org/jetty/download.html - Maven Central: http://central.maven.org/maven2/org/eclipse/jetty/ Documentation for these releases can be found on the Eclipse Jetty project site: - https://www.eclipse.org/jetty/documentation/ If you find any issues with either release, or if you want to suggest future enhancements, please file an issue on the Jetty GitHub page: - https://github.com/eclipse/jetty.project/issues/new <https://github.com/eclipse/jetty.project/issues/new> Commercial production and development support for Jetty are offered through Webtide (www.webtide.com). Please contact us <https://webtide.com/contact/> for more information or email jesse@xxxxxxxxxxx to learn more. Change logs for these releases are listed below. Best Regards, The Jetty Development Team -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dev.eclipse.org/mailman/private/jetty-dev/attachments/20161222/43ad206e/attachment.html> ------------------------------ Message: 3 Date: Thu, 22 Dec 2016 10:45:28 -0500 From: Chris Walker <chris@xxxxxxxxxxx> To: jetty-announce@xxxxxxxxxxx, JETTY user mailing list <jetty-users@xxxxxxxxxxx>, jetty-dev@xxxxxxxxxxx Subject: [jetty-dev] Corrected: Jetty 9.2.20 and Jetty 9.3.15 Released! Message-ID: <CA+X3705hDMS_8pxKLQSO3t1C32cr_VznbLVGw6zUGPuJSYU8qA@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="utf-8" Hello! The Jetty team is happy to announce the release of new versions for both the 9.2.x and 9.3.x branches of Jetty. *Jetty 9.2.20.v20161216* This is a maintenance release which includes several bug fixes. Changes for this release include: + 295 Ensure Jetty Client use of Deflater / Inflater calls .end() to avoidmemory leak+ Reset Response buffer size + 1051 NCSARequestLog/RolloverFileOutputStream does not roll day after DSTends+ 1057 Improve WebSocketUpgradeFilter fast path performance + 1090 Allow WebSocketUpgradeFilter to be used by WEB-INF/web.xml + 1124 Allow configuration of WebSocket mappings from Spring + 1130 PROXY protocol support reports incorrect remote address + Reset Response buffer size *Jetty 9.3.15.v20161220* This release includes several bug fixes as well as enhancements to SSL. Changes for this release include: + 240 Missing content for multipart request after upgrade to Jetty > 9.2.7+ 905 Jetty terminates SSL connections too early with Connection: close + 1020 Java Util Logging properties in wrong location + 1050 Add multiple FilterHolder to a ServletContextHandler may cause problems + 1051 NCSARequestLog/RolloverFileOutputStream does not roll day after DST ends + 1054 Using WebSocketPingPongListener with empty PING payload results in NullPointerException + 1057 Improve WebSocketUpgradeFilter fast path performance + 1062 Jetty allows requests to hang under PUT load + 1063 HostPortHttpField should handle port-only values + 1064 HttpClient sets chunked transfer-encoding + 1065 Response.setBufferSize checks for written content. + 1069 Host header should be sent with HTTP/1.0 + 1072 InetAccessHandler needs InetAddress & Path based restrictions like IPAccessHandler did + 1078 DigestAuthentication should use realm from server, even if unknown in advance + 1081 DigestAuthenticator does not check the realm sent by the client + 1090 Allow WebSocketUpgradeFilter to be used by WEB-INF/web.xml + 1092 jetty-runner jstl support + 1098 MimeTypes.getCharsetFromContentType() unable parse "application/pdf;;; charset=UTF-8" + 1099 PushCacheFilter pushes POST requests + 1108 Please improve logging in SslContextFactory when there are no approved cipher suites + 1114 Add testcase for WSUF for stop/start of the Server + 1118 Filter.destroy() conflicts with ContainerLifeCycle.destroy() in WebSocketUpgradeFilter + 1123 Broken lifecycle for WebSocket's mappings + 1124 Allow configuration of WebSocket mappings from Spring + 1130 PROXY protocol support reports incorrect remote address + 1134 Jetty HTTP/2 client problems + 1135 Avoid allocations from Method.getParameterTypes() if possible + 1146 jetty.server.HttpInput deadlock + 1161 HttpClient and WebSocketClient should not remove all cookies on stop + 1169 HTTP/2 reset on a stalled write does not unblock writer thread + 1171 jetty-client throws NPE for request to IDN hosts only when `HttpClient#send(...)` is called + 1175 Reading HttpServletRequest InputStream from a Filter then accessing getParameterNames() results in java.io.IOException: Missing content for multipart request + 1181 Review buffer underflow cases in SslConnection + 1186 Where can i find SocketConnector .java and BlockingChannelConnector.java etc?Both releases are available on the Eclipse Jetty project download page or from the Maven Central repository: - Eclipse: https://www.eclipse.org/jetty/download.html - Maven Central: http://central.maven.org/maven2/org/eclipse/jetty/ Documentation for these releases can be found on the Eclipse Jetty project site: - https://www.eclipse.org/jetty/documentation/ If you find any issues with either release, or if you want to suggest future enhancements, please file an issue on the Jetty GitHub page: - https://github.com/eclipse/jetty.project/issues/new <https://github.com/eclipse/jetty.project/issues/new> Commercial production and development support for Jetty are offered through Webtide (www.webtide.com). Please contact us <https://webtide.com/contact/> for more information or email jesse@xxxxxxxxxxx to learn more. Change logs for these releases are listed below. Best Regards, The Jetty Development Team-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dev.eclipse.org/mailman/private/jetty-dev/attachments/20161222/9eb171a0/attachment.html> ------------------------------ _______________________________________________ jetty-dev mailing list jetty-dev@xxxxxxxxxxx To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-dev End of jetty-dev Digest, Vol 94, Issue 7 **************************************** |