升级Tomcat版本 apache-tomcat-7.0.77
diff --git a/tomcat-cas/webapps/manager/WEB-INF/jsp/401.jsp b/tomcat-cas/webapps/manager/WEB-INF/jsp/401.jsp
index 8b4b024..a2924d0 100644
--- a/tomcat-cas/webapps/manager/WEB-INF/jsp/401.jsp
+++ b/tomcat-cas/webapps/manager/WEB-INF/jsp/401.jsp
@@ -14,6 +14,7 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
+<%@ page session="false" trimDirectiveWhitespaces="true" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
@@ -45,7 +46,7 @@
<user username="tomcat" password="s3cret" roles="manager-gui"/>
</pre>
<p>
- Note that for Tomcat 6.0.30 onwards, the roles required to use the manager
+ Note that for Tomcat 7 onwards, the roles required to use the manager
application were changed from the single <tt>manager</tt> role to the
following four roles. You will need to assign the role(s) required for
the functionality you wish to access.
@@ -64,8 +65,6 @@
are not. To maintain the CSRF protection:
</p>
<ul>
- <li>The deprecated <tt>manager</tt> role should not be assigned to any
- user.</li>
<li>Users with the <tt>manager-gui</tt> role should not be granted either
the <tt>manager-script</tt> or <tt>manager-jmx</tt> roles.</li>
<li>If the text or jmx interfaces are accessed through a browser (e.g. for
@@ -78,4 +77,4 @@
</p>
</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/tomcat-cas/webapps/manager/WEB-INF/jsp/403.jsp b/tomcat-cas/webapps/manager/WEB-INF/jsp/403.jsp
index 3f3513d..f626814 100644
--- a/tomcat-cas/webapps/manager/WEB-INF/jsp/403.jsp
+++ b/tomcat-cas/webapps/manager/WEB-INF/jsp/403.jsp
@@ -14,6 +14,7 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
+<%@ page session="false" trimDirectiveWhitespaces="true" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
@@ -34,13 +35,13 @@
</p>
<p>
If you have already configured the Manager application to allow access and
- you have used your browser's back button, used a saved book-mark or similar
+ you have used your browsers back button, used a saved book-mark or similar
then you may have triggered the cross-site request forgery (CSRF) protection
that has been enabled for the HTML interface of the Manager application. You
- will need to reset this protection by returning to the
+ will need to reset this protection by returning to the
<a href="<%=request.getContextPath()%>/html">main Manager page</a>. Once you
return to this page, you will be able to continue using the Manager
- appliction's HTML interface normally. If you continue to see this access
+ application's HTML interface normally. If you continue to see this access
denied message, check that you have the necessary permissions to access this
application.
</p>
@@ -60,11 +61,10 @@
<user username="tomcat" password="s3cret" roles="manager-gui"/>
</pre>
<p>
- Note that for Tomcat 6.0.30 onwards, the roles required to use the manager
- application were changed from the single <tt>manager</tt> role to add the
- following four roles. (The manager role is still available but should not be
- used as it avoids the CSRF protection). You will need to assign the role(s)
- required for the functionality you wish to access.
+ Note that for Tomcat 7 onwards, the roles required to use the manager
+ application were changed from the single <tt>manager</tt> role to the
+ following four roles. You will need to assign the role(s) required for
+ the functionality you wish to access.
</p>
<ul>
<li><tt>manager-gui</tt> - allows access to the HTML GUI and the status
@@ -80,11 +80,11 @@
are not. To maintain the CSRF protection:
</p>
<ul>
- <li>users with the <tt>manager-gui</tt> role should not be granted either
+ <li>Users with the <tt>manager-gui</tt> role should not be granted either
the <tt>manager-script</tt> or <tt>manager-jmx</tt> roles.</li>
- <li>if the text or jmx interfaces are accessed through a browser (e.g. for
- testing since these interfaces are intended for tools not humans) then
- the browser must be closed afterwards to terminate the session.</li>
+ <li>If the text or jmx interfaces are accessed through a browser (e.g. for
+ testing since these interfaces are intended for tools not humans) then
+ the browser must be closed afterwards to terminate the session.</li>
</ul>
<p>
For more information - please see the
diff --git a/tomcat-cas/webapps/manager/WEB-INF/jsp/404.jsp b/tomcat-cas/webapps/manager/WEB-INF/jsp/404.jsp
new file mode 100644
index 0000000..7acd51d
--- /dev/null
+++ b/tomcat-cas/webapps/manager/WEB-INF/jsp/404.jsp
@@ -0,0 +1,63 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+--%>
+<%@ page import="org.apache.catalina.util.RequestUtil" session="false"
+ trimDirectiveWhitespaces="true" %>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+ <head>
+ <title>404 Not found</title>
+ <style type="text/css">
+ <!--
+ BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
+ H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
+ PRE, TT {border: 1px dotted #525D76}
+ A {color : black;}A.name {color : black;}
+ -->
+ </style>
+ </head>
+ <body>
+ <h1>404 Not found</h1>
+ <p>
+ The page you tried to access
+ (<%=RequestUtil.filter((String) request.getAttribute(
+ "javax.servlet.error.request_uri"))%>)
+ does not exist.
+ </p>
+ <p>
+ The Manager application has been re-structured for Tomcat 7 onwards and some
+ of URLs have changed. All URLs used to access the Manager application should
+ now start with one of the following options:
+ </p>
+ <ul>
+ <li><%=request.getContextPath()%>/html for the HTML GUI</li>
+ <li><%=request.getContextPath()%>/text for the text interface</li>
+ <li><%=request.getContextPath()%>/jmxproxy for the JMX proxy</li>
+ <li><%=request.getContextPath()%>/status for the status pages</li>
+ </ul>
+ <p>
+ Note that the URL for the text interface has changed from
+ "<%=request.getContextPath()%>" to
+ "<%=request.getContextPath()%>/text".
+ </p>
+ <p>
+ You probably need to adjust the URL you are using to access the Manager
+ application. However, there is always a chance you have found a bug in the
+ Manager application. If you are sure you have found a bug, and that the bug
+ has not already been reported, please report it to the Apache Tomcat team.
+ </p>
+ </body>
+</html>
diff --git a/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionDetail.jsp b/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
index 40e8979..0d903e6 100644
--- a/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
@@ -20,7 +20,8 @@
<%@page import="javax.servlet.http.HttpSession" %>
<%@page import="org.apache.catalina.Session" %>
<%@page import="org.apache.catalina.manager.JspHelper" %>
-<!DOCTYPE html
+<%@page import="org.apache.catalina.util.ContextName" %>
+<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%--!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
@@ -28,12 +29,20 @@
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<% String path = (String) request.getAttribute("path");
+ String version = (String) request.getAttribute("version");
+ ContextName cn = new ContextName(path, version);
Session currentSession = (Session)request.getAttribute("currentSession");
- HttpSession currentHttpSession = currentSession.getSession();
- String currentSessionId = JspHelper.escapeXml(currentSession.getId());
+ String currentSessionId = null;
+ HttpSession currentHttpSession = null;
+ if (currentSession != null) {
+ currentHttpSession = currentSession.getSession();
+ currentSessionId = JspHelper.escapeXml(currentSession.getId());
+ } else {
+ currentSessionId = "Session invalidated";
+ }
String submitUrl = JspHelper.escapeXml(response.encodeURL(
((HttpServletRequest) pageContext.getRequest()).getRequestURI() +
- "?path=" + path));
+ "?path=" + path + "&version=" + version));
%>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
@@ -42,108 +51,127 @@
<meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
<meta http-equiv="content-language" content="en"/>
<meta name="author" content="Cedrik LIME"/>
- <meta name="copyright" content="copyright 2005-2014 the Apache Software Foundation"/>
+ <meta name="copyright" content="copyright 2005-2017 the Apache Software Foundation"/>
<meta name="robots" content="noindex,nofollow,noarchive"/>
<title>Sessions Administration: details for <%= currentSessionId %></title>
</head>
<body>
-<h1>Details for Session <%= currentSessionId %></h1>
+<% if (currentHttpSession == null) { %>
+ <h1><%=currentSessionId%></h1>
+<% } else { %>
+ <h1>Details for Session <%= currentSessionId %></h1>
-<table style="text-align: left;" border="0">
- <tr>
- <th>Session Id</th>
- <td><%= currentSessionId %></td>
- </tr>
- <tr>
- <th>Guessed Locale</th>
- <td><%= JspHelper.guessDisplayLocaleFromSession(currentSession) %></td>
- </tr>
- <tr>
- <th>Guessed User</th>
- <td><%= JspHelper.guessDisplayUserFromSession(currentSession) %></td>
- </tr>
- <tr>
- <th>Creation Time</th>
- <td><%= JspHelper.getDisplayCreationTimeForSession(currentSession) %></td>
- </tr>
- <tr>
- <th>Last Accessed Time</th>
- <td><%= JspHelper.getDisplayLastAccessedTimeForSession(currentSession) %></td>
- </tr>
- <tr>
- <th>Session Max Inactive Interval</th>
- <td><%= JspHelper.secondsToTimeString(currentSession.getMaxInactiveInterval()) %></td>
- </tr>
- <tr>
- <th>Used Time</th>
- <td><%= JspHelper.getDisplayUsedTimeForSession(currentSession) %></td>
- </tr>
- <tr>
- <th>Inactive Time</th>
- <td><%= JspHelper.getDisplayInactiveTimeForSession(currentSession) %></td>
- </tr>
- <tr>
- <th>TTL</th>
- <td><%= JspHelper.getDisplayTTLForSession(currentSession) %></td>
- </tr>
-</table>
+ <table style="text-align: left;" border="0">
+ <tr>
+ <th>Session Id</th>
+ <td><%= currentSessionId %></td>
+ </tr>
+ <tr>
+ <th>Guessed Locale</th>
+ <td><%= JspHelper.guessDisplayLocaleFromSession(currentSession) %></td>
+ </tr>
+ <tr>
+ <th>Guessed User</th>
+ <td><%= JspHelper.guessDisplayUserFromSession(currentSession) %></td>
+ </tr>
+ <tr>
+ <th>Creation Time</th>
+ <td><%= JspHelper.getDisplayCreationTimeForSession(currentSession) %></td>
+ </tr>
+ <tr>
+ <th>Last Accessed Time</th>
+ <td><%= JspHelper.getDisplayLastAccessedTimeForSession(currentSession) %></td>
+ </tr>
+ <tr>
+ <th>Session Max Inactive Interval</th>
+ <td><%= JspHelper.secondsToTimeString(currentSession.getMaxInactiveInterval()) %></td>
+ </tr>
+ <tr>
+ <th>Used Time</th>
+ <td><%= JspHelper.getDisplayUsedTimeForSession(currentSession) %></td>
+ </tr>
+ <tr>
+ <th>Inactive Time</th>
+ <td><%= JspHelper.getDisplayInactiveTimeForSession(currentSession) %></td>
+ </tr>
+ <tr>
+ <th>TTL</th>
+ <td><%= JspHelper.getDisplayTTLForSession(currentSession) %></td>
+ </tr>
+ </table>
-<form method="post" action="<%= submitUrl %>">
- <div>
- <input type="hidden" name="sessionId" value="<%= currentSessionId %>" />
- <input type="hidden" name="action" value="sessionDetail" />
- <input type="submit" value="Refresh" />
- </div>
-</form>
+ <form method="post" action="<%= submitUrl %>">
+ <div>
+ <input type="hidden" name="sessionId" value="<%= currentSessionId %>" />
+ <input type="hidden" name="action" value="sessionDetail" />
+ <%
+ if ("Primary".equals(request.getParameter("sessionType"))) {
+ %>
+ <input type="hidden" name="sessionType" value="Primary" />
+ <%
+ }
+ %> <input type="submit" value="Refresh" />
+ </div>
+ </form>
-<div class="error"><%= JspHelper.escapeXml(request.getAttribute("error")) %></div>
-<div class="message"><%= JspHelper.escapeXml(request.getAttribute("message")) %></div>
+ <div class="error"><%= JspHelper.escapeXml(request.getAttribute("error")) %></div>
+ <div class="message"><%= JspHelper.escapeXml(request.getAttribute("message")) %></div>
-<table style="text-align: left;" border="1" cellpadding="2" cellspacing="2">
-<% int nAttributes = 0;
- Enumeration attributeNamesEnumeration = currentHttpSession.getAttributeNames();
- while (attributeNamesEnumeration.hasMoreElements()) {
- attributeNamesEnumeration.nextElement();
- ++nAttributes;
- }
-%>
- <caption style="font-variant: small-caps;"><%= JspHelper.formatNumber(nAttributes) %> attributes</caption>
- <thead>
- <tr>
- <th>Remove Attribute</th>
- <th>Attribute name</th>
- <th>Attribute value</th>
- </tr>
- </thead>
- <%--tfoot>
- <tr>
- <td colspan="3" style="text-align: center;">
- TODO: set Max Inactive Interval on sessions
- </td>
- </tr>
- </tfoot--%>
- <tbody>
-<% attributeNamesEnumeration = currentHttpSession.getAttributeNames();
- while (attributeNamesEnumeration.hasMoreElements()) {
- String attributeName = (String) attributeNamesEnumeration.nextElement();
-%>
- <tr>
- <td align="center">
- <form method="post" action="<%= submitUrl %>">
- <div>
- <input type="hidden" name="action" value="removeSessionAttribute" />
- <input type="hidden" name="sessionId" value="<%= currentSessionId %>" />
- <input type="hidden" name="attributeName" value="<%= JspHelper.escapeXml(attributeName) %>" />
- <input type="submit" value="Remove" />
- </div>
- </form>
- </td>
- <td><%= JspHelper.escapeXml(attributeName) %></td>
- <td><% Object attributeValue = currentHttpSession.getAttribute(attributeName); %><span title="<%= attributeValue == null ? "" : attributeValue.getClass().toString() %>"><%= JspHelper.escapeXml(attributeValue) %></span></td>
- </tr>
-<% } // end while %>
- </tbody>
-</table>
+ <table style="text-align: left;" border="1" cellpadding="2" cellspacing="2">
+ <% int nAttributes = 0;
+ Enumeration attributeNamesEnumeration = currentHttpSession.getAttributeNames();
+ while (attributeNamesEnumeration.hasMoreElements()) {
+ attributeNamesEnumeration.nextElement();
+ ++nAttributes;
+ }
+ %>
+ <caption style="font-variant: small-caps;"><%= JspHelper.formatNumber(nAttributes) %> attributes</caption>
+ <thead>
+ <tr>
+ <th>Remove Attribute</th>
+ <th>Attribute name</th>
+ <th>Attribute value</th>
+ </tr>
+ </thead>
+ <%--tfoot>
+ <tr>
+ <td colspan="3" style="text-align: center;">
+ TODO: set Max Inactive Interval on sessions
+ </td>
+ </tr>
+ </tfoot--%>
+ <tbody>
+ <% attributeNamesEnumeration = currentHttpSession.getAttributeNames();
+ while (attributeNamesEnumeration.hasMoreElements()) {
+ String attributeName = (String) attributeNamesEnumeration.nextElement();
+ %>
+ <tr>
+ <td align="center">
+ <form method="post" action="<%= submitUrl %>">
+ <div>
+ <input type="hidden" name="action" value="removeSessionAttribute" />
+ <input type="hidden" name="sessionId" value="<%= currentSessionId %>" />
+ <input type="hidden" name="attributeName" value="<%= JspHelper.escapeXml(attributeName) %>" />
+ <%
+ if ("Primary".equals(request.getParameter("sessionType"))) {
+ %>
+ <input type="submit" value="Remove" />
+ <input type="hidden" name="sessionType" value="Primary" />
+ <%
+ } else {
+ out.print("Primary sessions only");
+ }
+ %>
+ </div>
+ </form>
+ </td>
+ <td><%= JspHelper.escapeXml(attributeName) %></td>
+ <td><% Object attributeValue = currentHttpSession.getAttribute(attributeName); %><span title="<%= attributeValue == null ? "" : attributeValue.getClass().toString() %>"><%= JspHelper.escapeXml(attributeValue) %></span></td>
+ </tr>
+ <% } // end while %>
+ </tbody>
+ </table>
+<% } // endif%>
<form method="post" action="<%=submitUrl%>">
<p style="text-align: center;">
diff --git a/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionsList.jsp b/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionsList.jsp
index d5b83f0..da2680c 100644
--- a/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionsList.jsp
+++ b/tomcat-cas/webapps/manager/WEB-INF/jsp/sessionsList.jsp
@@ -20,104 +20,132 @@
<%@page import="java.util.Iterator" %>
<%@page import="org.apache.catalina.manager.JspHelper" %>
<%@page import="org.apache.catalina.Session" %>
-<!DOCTYPE html
+<%@page import="org.apache.catalina.ha.session.DeltaSession" %>
+<%@page import="org.apache.catalina.util.ContextName" %>
+<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+
+<%@page import="org.apache.catalina.manager.DummyProxySession"%><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<% String path = (String) request.getAttribute("path");
+ String version = (String) request.getAttribute("version");
+ ContextName cn = new ContextName(path, version);
String submitUrl = JspHelper.escapeXml(response.encodeURL(
((HttpServletRequest) pageContext.getRequest()).getRequestURI() +
- "?path=" + path));
+ "?path=" + path + "&version=" + version));
Collection activeSessions = (Collection) request.getAttribute("activeSessions");
%>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
- <meta http-equiv="pragma" content="no-cache"/><!-- HTTP 1.0 -->
- <meta http-equiv="cache-control" content="no-cache,must-revalidate"/><!-- HTTP 1.1 -->
- <meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
- <meta http-equiv="content-language" content="en"/>
- <meta name="author" content="Cedrik LIME"/>
- <meta name="copyright" content="copyright 2005-2014 the Apache Software Foundation"/>
- <meta name="robots" content="noindex,nofollow,noarchive"/>
- <title>Sessions Administration for <%= JspHelper.escapeXml(path) %></title>
+ <meta http-equiv="pragma" content="no-cache"/><!-- HTTP 1.0 -->
+ <meta http-equiv="cache-control" content="no-cache,must-revalidate"/><!-- HTTP 1.1 -->
+ <meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
+ <meta http-equiv="content-language" content="en"/>
+ <meta name="author" content="Cedrik LIME"/>
+ <meta name="copyright" content="copyright 2005-2017 the Apache Software Foundation"/>
+ <meta name="robots" content="noindex,nofollow,noarchive"/>
+ <title>Sessions Administration for <%= JspHelper.escapeXml(cn.getDisplayName()) %></title>
</head>
<body>
-<h1>Sessions Administration for <%= JspHelper.escapeXml(path) %></h1>
+<h1>Sessions Administration for <%= JspHelper.escapeXml(cn.getDisplayName()) %></h1>
<p>Tips:</p>
<ul>
- <li>Click on a column to sort.</li>
- <li>To view a session details and/or remove a session attributes, click on its id.</li>
+ <li>Click on a column to sort.</li>
+ <li>To view a session details and/or remove a session attributes, click on its id.</li>
</ul>
<div class="error"><%= JspHelper.escapeXml(request.getAttribute("error")) %></div>
<div class="message"><%= JspHelper.escapeXml(request.getAttribute("message")) %></div>
<form action="<%= submitUrl %>" method="post" id="sessionsForm">
- <fieldset><legend>Active HttpSessions informations</legend>
- <input type="hidden" name="action" id="sessionsFormAction" value="injectSessions"/>
- <input type="hidden" name="sort" id="sessionsFormSort" value="<%= JspHelper.escapeXml(request.getAttribute("sort")) %>"/>
- <% String order = (String) request.getAttribute("order");
- if (order == null || "".equals(order)) {
- order = "ASC";
- }
- %>
- <input type="hidden" name="order" id="sessionsFormSortOrder" value="<%= JspHelper.escapeXml(order) %>"/>
- <input type="submit" name="refresh" id="refreshButton" value="Refresh Sessions list" onclick="document.getElementById('sessionsFormAction').value='refreshSessions'; return true;"/>
- <%= JspHelper.formatNumber(activeSessions.size()) %> active Sessions<br/>
- <table border="1" cellpadding="2" cellspacing="2" width="100%">
- <thead>
- <tr>
- <th><a onclick="document.getElementById('sessionsFormSort').value='id'; document.getElementById('refreshButton').click(); return true;">Session Id</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='locale'; document.getElementById('refreshButton').click(); return true;">Guessed Locale</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='user'; document.getElementById('refreshButton').click(); return true;">Guessed User name</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='CreationTime'; document.getElementById('refreshButton').click(); return true;">Creation Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='LastAccessedTime'; document.getElementById('refreshButton').click(); return true;">Last Accessed Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='UsedTime'; document.getElementById('refreshButton').click(); return true;">Used Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='InactiveTime'; document.getElementById('refreshButton').click(); return true;">Inactive Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='TTL'; document.getElementById('refreshButton').click(); return true;"><span title="Time To Live">TTL</span></a></th>
- </tr>
- </thead>
- <% if (activeSessions.size() > 10) { %>
- <tfoot><%-- <tfoot> is the same as <thead> --%>
- <tr>
- <th><a onclick="document.getElementById('sessionsFormSort').value='id'; document.getElementById('refreshButton').click(); return true;">Session Id</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='locale'; document.getElementById('refreshButton').click(); return true;">Guessed Locale</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='user'; document.getElementById('refreshButton').click(); return true;">Guessed User name</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='CreationTime'; document.getElementById('refreshButton').click(); return true;">Creation Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='LastAccessedTime'; document.getElementById('refreshButton').click(); return true;">Last Accessed Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='UsedTime'; document.getElementById('refreshButton').click(); return true;">Used Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='InactiveTime'; document.getElementById('refreshButton').click(); return true;">Inactive Time</a></th>
- <th><a onclick="document.getElementById('sessionsFormSort').value='TTL'; document.getElementById('refreshButton').click(); return true;"><span title="Time To Live">TTL</span></a></th>
- </tr>
- </tfoot>
- <% } // end if %>
- <tbody>
+ <fieldset><legend>Active HttpSessions informations</legend>
+ <input type="hidden" name="action" id="sessionsFormAction" value="injectSessions"/>
+ <input type="hidden" name="sort" id="sessionsFormSort" value="<%= JspHelper.escapeXml(request.getAttribute("sort")) %>"/>
+ <% String order = (String) request.getAttribute("order");
+ if (order == null || "".equals(order)) {
+ order = "ASC";
+ }
+ %>
+ <input type="hidden" name="order" id="sessionsFormSortOrder" value="<%= JspHelper.escapeXml(order) %>"/>
+ <input type="submit" name="refresh" id="refreshButton" value="Refresh Sessions list" onclick="document.getElementById('sessionsFormAction').value='refreshSessions'; return true;"/>
+ <%= JspHelper.formatNumber(activeSessions.size()) %> active Sessions<br/>
+ <table border="1" cellpadding="2" cellspacing="2" width="100%">
+ <thead>
+ <tr>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='id'; document.getElementById('refreshButton').click(); return true;">Session Id</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='id'; document.getElementById('refreshButton').click(); return true;">Type</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='locale'; document.getElementById('refreshButton').click(); return true;">Guessed Locale</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='user'; document.getElementById('refreshButton').click(); return true;">Guessed User name</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='CreationTime'; document.getElementById('refreshButton').click(); return true;">Creation Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='LastAccessedTime'; document.getElementById('refreshButton').click(); return true;">Last Accessed Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='UsedTime'; document.getElementById('refreshButton').click(); return true;">Used Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='InactiveTime'; document.getElementById('refreshButton').click(); return true;">Inactive Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='TTL'; document.getElementById('refreshButton').click(); return true;"><span title="Time To Live">TTL</span></a></th>
+ </tr>
+ </thead>
+ <% if (activeSessions.size() > 10) { %>
+ <tfoot><%-- <tfoot> is the same as <thead> --%>
+ <tr>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='id'; document.getElementById('refreshButton').click(); return true;">Session Id</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='id'; document.getElementById('refreshButton').click(); return true;">Type</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='locale'; document.getElementById('refreshButton').click(); return true;">Guessed Locale</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='user'; document.getElementById('refreshButton').click(); return true;">Guessed User name</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='CreationTime'; document.getElementById('refreshButton').click(); return true;">Creation Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='LastAccessedTime'; document.getElementById('refreshButton').click(); return true;">Last Accessed Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='UsedTime'; document.getElementById('refreshButton').click(); return true;">Used Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='InactiveTime'; document.getElementById('refreshButton').click(); return true;">Inactive Time</a></th>
+ <th><a onclick="document.getElementById('sessionsFormSort').value='TTL'; document.getElementById('refreshButton').click(); return true;"><span title="Time To Live">TTL</span></a></th>
+ </tr>
+ </tfoot>
+ <% } // end if %>
+ <tbody>
<% Iterator iter = activeSessions.iterator();
while (iter.hasNext()) {
- Session currentSession = (Session) iter.next();
- String currentSessionId = JspHelper.escapeXml(currentSession.getId());
+ Session currentSession = (Session) iter.next();
+ String currentSessionId = JspHelper.escapeXml(currentSession.getId());
+ String type;
+ if (currentSession instanceof DeltaSession) {
+ if (((DeltaSession) currentSession).isPrimarySession()) {
+ type = "Primary";
+ } else {
+ type = "Backup";
+ }
+ } else if (currentSession instanceof DummyProxySession) {
+ type = "Proxy";
+ } else {
+ type = "Primary";
+ }
%>
- <tr>
- <td>
-<input type="checkbox" name="sessionIds" value="<%= currentSessionId %>" /><a href="<%= submitUrl %>&action=sessionDetail&sessionId=<%= currentSessionId %>"><%= currentSessionId %></a>
- </td>
- <td style="text-align: center;"><%= JspHelper.guessDisplayLocaleFromSession(currentSession) %></td>
- <td style="text-align: center;"><%= JspHelper.guessDisplayUserFromSession(currentSession) %></td>
- <td style="text-align: center;"><%= JspHelper.getDisplayCreationTimeForSession(currentSession) %></td>
- <td style="text-align: center;"><%= JspHelper.getDisplayLastAccessedTimeForSession(currentSession) %></td>
- <td style="text-align: center;"><%= JspHelper.getDisplayUsedTimeForSession(currentSession) %></td>
- <td style="text-align: center;"><%= JspHelper.getDisplayInactiveTimeForSession(currentSession) %></td>
- <td style="text-align: center;"><%= JspHelper.getDisplayTTLForSession(currentSession) %></td>
- </tr>
+ <tr>
+ <td><input type="checkbox" name="sessionIds" value="<%= currentSessionId %>" />
+ <%
+ if ("Proxy".equals(type)) {
+ out.print(currentSessionId);
+ } else {
+ %>
+ <a href="<%= submitUrl %>&action=sessionDetail&sessionId=<%= currentSessionId %>&sessionType=<%= type %>"><%= currentSessionId %></a>
+ <%
+ }
+ %>
+ </td>
+ <td style="text-align: center;"><%= type %></td>
+ <td style="text-align: center;"><%= JspHelper.guessDisplayLocaleFromSession(currentSession) %></td>
+ <td style="text-align: center;"><%= JspHelper.guessDisplayUserFromSession(currentSession) %></td>
+ <td style="text-align: center;"><%= JspHelper.getDisplayCreationTimeForSession(currentSession) %></td>
+ <td style="text-align: center;"><%= JspHelper.getDisplayLastAccessedTimeForSession(currentSession) %></td>
+ <td style="text-align: center;"><%= JspHelper.getDisplayUsedTimeForSession(currentSession) %></td>
+ <td style="text-align: center;"><%= JspHelper.getDisplayInactiveTimeForSession(currentSession) %></td>
+ <td style="text-align: center;"><%= JspHelper.getDisplayTTLForSession(currentSession) %></td>
+ </tr>
<% } // end while %>
- </tbody>
- </table>
- <p style="text-align: center;">
- <input type="submit" name="invalidate" value="Invalidate selected Sessions" onclick="document.getElementById('sessionsFormAction').value='invalidateSessions'; return true;"/>
- </p>
- </fieldset>
+ </tbody>
+ </table>
+ <p style="text-align: center;">
+ <input type="submit" name="invalidate" value="Invalidate selected Sessions" onclick="document.getElementById('sessionsFormAction').value='invalidateSessions'; return true;"/>
+ </p>
+ </fieldset>
</form>
<form method="get" action="<%=request.getContextPath()%>/html">
@@ -128,15 +156,15 @@
<%--div style="display: none;">
<p>
- <a href="http://validator.w3.org/check?uri=referer"><img
- src="http://www.w3.org/Icons/valid-html401"
- alt="Valid HTML 4.01!" height="31" width="88"></a>
- <a href="http://validator.w3.org/check?uri=referer"><img
- src="http://www.w3.org/Icons/valid-xhtml10"
- alt="Valid XHTML 1.0!" height="31" width="88" /></a>
- <a href="http://validator.w3.org/check?uri=referer"><img
- src="http://www.w3.org/Icons/valid-xhtml11"
- alt="Valid XHTML 1.1!" height="31" width="88" /></a>
+ <a href="http://validator.w3.org/check?uri=referer"><img
+ src="http://www.w3.org/Icons/valid-html401"
+ alt="Valid HTML 4.01!" height="31" width="88"></a>
+ <a href="http://validator.w3.org/check?uri=referer"><img
+ src="http://www.w3.org/Icons/valid-xhtml10"
+ alt="Valid XHTML 1.0!" height="31" width="88" /></a>
+ <a href="http://validator.w3.org/check?uri=referer"><img
+ src="http://www.w3.org/Icons/valid-xhtml11"
+ alt="Valid XHTML 1.1!" height="31" width="88" /></a>
</p>
</div--%>
diff --git a/tomcat-cas/webapps/manager/WEB-INF/web.xml b/tomcat-cas/webapps/manager/WEB-INF/web.xml
index 3d7fefe..4dd97ce 100644
--- a/tomcat-cas/webapps/manager/WEB-INF/web.xml
+++ b/tomcat-cas/webapps/manager/WEB-INF/web.xml
@@ -17,9 +17,11 @@
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
- version="2.5">
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+ version="3.0"
+ metadata-complete="true">
<display-name>Tomcat Manager Application</display-name>
<description>
@@ -42,6 +44,19 @@
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
+ <!-- Uncomment this to show proxy sessions from the Backup manager or a
+ StoreManager in the sessions list for an application
+ <init-param>
+ <param-name>showProxySessions</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ -->
+ <multipart-config>
+ <!-- 50MB max -->
+ <max-file-size>52428800</max-file-size>
+ <max-request-size>52428800</max-request-size>
+ <file-size-threshold>0</file-size-threshold>
+ </multipart-config>
</servlet>
<servlet>
<servlet-name>Status</servlet-name>
@@ -60,63 +75,7 @@
<!-- Define the Manager Servlet Mapping -->
<servlet-mapping>
<servlet-name>Manager</servlet-name>
- <url-pattern>/list</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/expire</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/sessions</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/start</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/stop</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/install</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/remove</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/deploy</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/undeploy</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/reload</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/save</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/serverinfo</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/roles</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/resources</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Manager</servlet-name>
- <url-pattern>/findleaks</url-pattern>
+ <url-pattern>/text/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Status</servlet-name>
@@ -132,11 +91,25 @@
</servlet-mapping>
<filter>
+ <filter-name>SetCharacterEncoding</filter-name>
+ <filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class>
+ <init-param>
+ <param-name>encoding</param-name>
+ <param-value>UTF-8</param-value>
+ </init-param>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>SetCharacterEncoding</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
+ <filter>
<filter-name>CSRF</filter-name>
<filter-class>org.apache.catalina.filters.CsrfPreventionFilter</filter-class>
<init-param>
<param-name>entryPoints</param-name>
- <param-value>/html,/html/,/html/list</param-value>
+ <param-value>/html,/html/,/html/list,/index.jsp</param-value>
</init-param>
</filter>
@@ -145,107 +118,48 @@
<servlet-name>HTMLManager</servlet-name>
</filter-mapping>
- <!-- Define reference to the user database for looking up roles -->
- <resource-env-ref>
- <description>
- Link to the UserDatabase instance from which we request lists of
- defined role names. Typically, this will be connected to the global
- user database with a ResourceLink element in server.xml or the context
- configuration file for the Manager web application.
- </description>
- <resource-env-ref-name>users</resource-env-ref-name>
- <resource-env-ref-type>
- org.apache.catalina.UserDatabase
- </resource-env-ref-type>
- </resource-env-ref>
-
<!-- Define a Security Constraint on this Application -->
+ <!-- NOTE: None of these roles are present in the default users file -->
<security-constraint>
<web-resource-collection>
- <web-resource-name>Manager commands</web-resource-name>
- <url-pattern>/list</url-pattern>
- <url-pattern>/expire</url-pattern>
- <url-pattern>/sessions</url-pattern>
- <url-pattern>/start</url-pattern>
- <url-pattern>/stop</url-pattern>
- <url-pattern>/install</url-pattern>
- <url-pattern>/remove</url-pattern>
- <url-pattern>/deploy</url-pattern>
- <url-pattern>/undeploy</url-pattern>
- <url-pattern>/reload</url-pattern>
- <url-pattern>/save</url-pattern>
- <url-pattern>/serverinfo</url-pattern>
- <url-pattern>/roles</url-pattern>
- <url-pattern>/resources</url-pattern>
- <url-pattern>/findleaks</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <!-- NOTE: 1. These roles are not present in the default users file
- 2. The manager role is deprecated, it will be removed in
- Tomcat 7.
- 3. Use the manager-script role to take advantage of the new
- CSRF protection. Using the manager role or assigning both
- the manager-script and manager-gui roles to the same user
- will bypass the CSRF protection. -->
- <role-name>manager-script</role-name>
- <role-name>manager</role-name>
- </auth-constraint>
- </security-constraint>
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>HTML Manager commands</web-resource-name>
+ <web-resource-name>HTML Manager interface (for humans)</web-resource-name>
<url-pattern>/html/*</url-pattern>
</web-resource-collection>
<auth-constraint>
- <!-- NOTE: 1. These roles are not present in the default users file
- 2. The manager role is deprecated, it will be removed in
- Tomcat 7.
- 3. Use just the manager-gui role to take advantage of the new
- CSRF protection. Assigning the manager role or manager-gui
- role along with either the manager-script or manager-jmx
- roles to the same user will bypass the CSRF protection. -->
<role-name>manager-gui</role-name>
- <role-name>manager</role-name>
</auth-constraint>
</security-constraint>
-
<security-constraint>
<web-resource-collection>
- <web-resource-name>JMX proxy</web-resource-name>
+ <web-resource-name>Text Manager interface (for scripts)</web-resource-name>
+ <url-pattern>/text/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>manager-script</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>JMX Proxy interface</web-resource-name>
<url-pattern>/jmxproxy/*</url-pattern>
</web-resource-collection>
<auth-constraint>
- <!-- NOTE: 1. These roles are not present in the default users file
- 2. The manager role is deprecated, it will be removed in
- Tomcat 7.
- 3. Use the manager-jmx role to take advantage of the new
- CSRF protection. Using the manager role or assigning both
- the manager-jmx and manager-gui roles to the same user
- will bypass the CSRF protection. -->
<role-name>manager-jmx</role-name>
- <role-name>manager</role-name>
</auth-constraint>
</security-constraint>
-
<security-constraint>
<web-resource-collection>
- <web-resource-name>Status</web-resource-name>
+ <web-resource-name>Status interface</web-resource-name>
<url-pattern>/status/*</url-pattern>
</web-resource-collection>
<auth-constraint>
- <!-- NOTE: 1. These roles are not present in the default users file
- 2. The manager role is deprecated, it will be removed in
- Tomcat 7. -->
- <role-name>manager-status</role-name>
<role-name>manager-gui</role-name>
<role-name>manager-script</role-name>
<role-name>manager-jmx</role-name>
- <role-name>manager</role-name>
+ <role-name>manager-status</role-name>
</auth-constraint>
</security-constraint>
-
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
@@ -273,16 +187,10 @@
</security-role>
<security-role>
<description>
- The role that is required to access to the Manager Status pages
+ The role that is required to access to the Manager Status pages
</description>
<role-name>manager-status</role-name>
</security-role>
- <security-role>
- <description>
- Deprecated role that can access all Manager functionality
- </description>
- <role-name>manager</role-name>
- </security-role>
<error-page>
<error-code>401</error-code>
@@ -292,5 +200,9 @@
<error-code>403</error-code>
<location>/WEB-INF/jsp/403.jsp</location>
</error-page>
+ <error-page>
+ <error-code>404</error-code>
+ <location>/WEB-INF/jsp/404.jsp</location>
+ </error-page>
</web-app>