aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorhuangjian <huang.jian12@zte.com.cn>2016-10-24 14:44:17 +0800
committerhuangjian <huang.jian12@zte.com.cn>2016-10-24 14:44:17 +0800
commit5a0fa8ba78bf1de745b279e2cc7f09d158bbec80 (patch)
tree843935a41077bf0f0b6ce83228616889485a7bc5
parente366e9da3eec5de359ef6d3450438f2d5c9fd97b (diff)
Update tomcat version to '8.5.6'
Change-Id: I4bebc635354375d77906b0c5103499aed22cdc3a Issue-id: TOSCA-139 Signed-off-by: huangjian <huang.jian12@zte.com.cn>
-rw-r--r--catalog-core/distribution/catalog-all/src/main/assembly/shutdown.sh2
-rw-r--r--catalog-core/distribution/catalog-all/src/main/assembly/startup.sh2
-rw-r--r--catalog-core/httpserver/pom.xml1
-rw-r--r--catalog-core/httpserver/src/main/assembly/tomcat/conf/server.xml75
-rw-r--r--catalog-core/httpserver/src/main/assembly/tomcat/conf/web.xml124
-rw-r--r--catalog-parent/catalogparent/pom.xml2
6 files changed, 146 insertions, 60 deletions
diff --git a/catalog-core/distribution/catalog-all/src/main/assembly/shutdown.sh b/catalog-core/distribution/catalog-all/src/main/assembly/shutdown.sh
index 8679327d..d6bca27f 100644
--- a/catalog-core/distribution/catalog-all/src/main/assembly/shutdown.sh
+++ b/catalog-core/distribution/catalog-all/src/main/assembly/shutdown.sh
@@ -26,5 +26,7 @@ cd $RUNHOME
echo "\n\n### Starting catalog-http server"
cd ./tomcat
+export CATALINA_HOME=$RUNHOME/tomcat
+export CATALINA_BASE=$RUNHOME/tomcat
$RUNHOME/tomcat/bin/shutdown.sh &
echo "### Starting catalog end...";
diff --git a/catalog-core/distribution/catalog-all/src/main/assembly/startup.sh b/catalog-core/distribution/catalog-all/src/main/assembly/startup.sh
index d2db0773..f3b3e5fb 100644
--- a/catalog-core/distribution/catalog-all/src/main/assembly/startup.sh
+++ b/catalog-core/distribution/catalog-all/src/main/assembly/startup.sh
@@ -30,6 +30,8 @@ cd ./tomcat
if [ ! -d "$RUNHOME/tomcat/logs" ]; then
mkdir $RUNHOME/tomcat/logs
fi
+export CATALINA_HOME=$RUNHOME/tomcat
+export CATALINA_BASE=$RUNHOME/tomcat
$RUNHOME/tomcat/bin/startup.sh &
echo "### Starting catalog end...";
diff --git a/catalog-core/httpserver/pom.xml b/catalog-core/httpserver/pom.xml
index 7ac70e8e..828a9c38 100644
--- a/catalog-core/httpserver/pom.xml
+++ b/catalog-core/httpserver/pom.xml
@@ -29,7 +29,6 @@
<packaging>pom</packaging>
<properties>
- <tomcat.version>7.0.62</tomcat.version>
<packagename>http-server</packagename>
</properties>
diff --git a/catalog-core/httpserver/src/main/assembly/tomcat/conf/server.xml b/catalog-core/httpserver/src/main/assembly/tomcat/conf/server.xml
index 1d7a8e7f..43ffac43 100644
--- a/catalog-core/httpserver/src/main/assembly/tomcat/conf/server.xml
+++ b/catalog-core/httpserver/src/main/assembly/tomcat/conf/server.xml
@@ -1,20 +1,19 @@
-<?xml version='1.0' encoding='utf-8'?>
+<?xml version="1.0" encoding="UTF-8"?>
<!--
-
- Copyright 2016 ZTE Corporation.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
-->
<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
@@ -27,8 +26,6 @@
-->
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
- <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
- <Listener className="org.apache.catalina.core.JasperListener" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
@@ -64,10 +61,10 @@
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
- Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
+ Java HTTP Connector: /docs/config/http.html
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
- Define a non-SSL HTTP/1.1 Connector on port 8080
+ Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
<Connector port="8201" protocol="HTTP/1.1"
connectionTimeout="20000"
@@ -79,15 +76,35 @@
connectionTimeout="20000"
redirectPort="8443" />
-->
- <!-- Define a SSL HTTP/1.1 Connector on port 8443
- This connector uses the BIO implementation that requires the JSSE
- style configuration. When using the APR/native implementation, the
- OpenSSL style configuration is required as described in the APR/native
- documentation -->
+ <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
+ This connector uses the NIO implementation with the JSSE engine. When
+ using the JSSE engine, the JSSE configuration attributes must be used.
+ -->
+ <!--
+ <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
+ maxThreads="150" SSLEnabled="true">
+ <SSLHostConfig>
+ <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
+ type="RSA" />
+ </SSLHostConfig>
+ </Connector>
+ -->
+ <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
+ This connector uses the APR/native implementation. When using the
+ APR/native implementation or the OpenSSL engine with NIO or NIO2 then
+ the OpenSSL configuration attributes must be used.
+ -->
<!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- clientAuth="false" sslProtocol="TLS" />
+ <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
+ maxThreads="150" SSLEnabled="true" >
+ <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
+ <SSLHostConfig>
+ <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
+ certificateFile="conf/localhost-rsa-cert.pem"
+ certificateChainFile="conf/localhost-rsa-chain.pem"
+ type="RSA" />
+ </SSLHostConfig>
+ </Connector>
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
@@ -136,7 +153,7 @@
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
- prefix="localhost_access_log." suffix=".txt"
+ prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t &quot;%r&quot; %s %b" />
</Host>
diff --git a/catalog-core/httpserver/src/main/assembly/tomcat/conf/web.xml b/catalog-core/httpserver/src/main/assembly/tomcat/conf/web.xml
index 7a6c7b25..acaeaa50 100644
--- a/catalog-core/httpserver/src/main/assembly/tomcat/conf/web.xml
+++ b/catalog-core/httpserver/src/main/assembly/tomcat/conf/web.xml
@@ -1,26 +1,25 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
+<?xml version="1.0" encoding="UTF-8"?>
<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
- Copyright 2016 ZTE Corporation.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
-->
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
- version="3.0">
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
+ http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
+ version="3.1">
<!-- ======================== Introduction ============================== -->
<!-- This document defines default values for *all* web applications -->
@@ -43,7 +42,8 @@
<!-- parameters (default values are in square brackets): -->
<!-- -->
<!-- debug Debugging detail level for messages logged -->
- <!-- by this servlet. [0] -->
+ <!-- by this servlet. Useful values are 0, 1, and -->
+ <!-- 11 where higher values mean more detail. [0] -->
<!-- -->
<!-- fileEncoding Encoding to be used to read static resources -->
<!-- [platform default] -->
@@ -138,9 +138,9 @@
<!-- pages. See the jasper documentation for more -->
<!-- information. -->
<!-- -->
- <!-- compilerSourceVM Compiler source VM. [1.6] -->
+ <!-- compilerSourceVM Compiler source VM. [1.7] -->
<!-- -->
- <!-- compilerTargetVM Compiler target VM. [1.6] -->
+ <!-- compilerTargetVM Compiler target VM. [1.7] -->
<!-- -->
<!-- development Is Jasper used in development mode? If true, -->
<!-- the frequency at which JSPs are checked for -->
@@ -163,6 +163,8 @@
<!-- engineOptionsClass Allows specifying the Options class used to -->
<!-- configure Jasper. If not present, the default -->
<!-- EmbeddedServletOptions will be used. -->
+ <!-- This option is ignored when running under a -->
+ <!-- SecurityManager. -->
<!-- -->
<!-- errorOnUseBeanInvalidClassAttribute -->
<!-- Should Jasper issue an error when the value of -->
@@ -224,6 +226,8 @@
<!-- scratchdir What scratch directory should we use when -->
<!-- compiling JSP pages? [default work directory -->
<!-- for the current web application] -->
+ <!-- This option is ignored when running under a -->
+ <!-- SecurityManager. -->
<!-- -->
<!-- suppressSmap Should the generation of SMAP info for JSR45 -->
<!-- debugging be suppressed? [false] -->
@@ -233,6 +237,16 @@
<!-- -->
<!-- xpoweredBy Determines whether X-Powered-By response -->
<!-- header is added by generated servlet. [false] -->
+ <!-- -->
+ <!-- strictQuoteEscaping When scriptlet expressions are used for -->
+ <!-- attribute values, should the rules in JSP.1.6 -->
+ <!-- for the escaping of quote characters be -->
+ <!-- strictly applied? [true] -->
+ <!-- -->
+ <!-- quoteAttributeEL When EL is used in an attribute value on a -->
+ <!-- JSP page should the rules for quoting of -->
+ <!-- attributes described in JSP.1.6 be applied to -->
+ <!-- the expression? [true] -->
<servlet>
<servlet-name>jsp</servlet-name>
@@ -321,12 +335,18 @@
<!-- If not set, then webAppRootDir is used. -->
<!-- Recommended value: WEB-INF/cgi -->
<!-- -->
- <!-- debug Debugging detail level for messages logged -->
- <!-- by this servlet. [0] -->
- <!-- -->
<!-- executable Name of the executable used to run the -->
<!-- script. [perl] -->
<!-- -->
+ <!-- envHttpHeaders A regular expression used to select the HTTP -->
+ <!-- headers passed to the CGI process as -->
+ <!-- environment variables. Note that headers are -->
+ <!-- converted to upper case before matching and -->
+ <!-- that the entire header name must match the -->
+ <!-- pattern. -->
+ <!-- [ACCEPT[-0-9A-Z]*|CACHE-CONTROL|COOKIE|HOST| -->
+ <!-- IF-[-0-9A-Z]*|REFERER|USER-AGENT] -->
+ <!-- -->
<!-- parameterEncoding Name of parameter encoding to be used with -->
<!-- CGI servlet. -->
<!-- [System.getProperty("file.encoding","UTF-8")] -->
@@ -343,14 +363,10 @@
<servlet-name>cgi</servlet-name>
<servlet-class>org.apache.catalina.servlets.CGIServlet</servlet-class>
<init-param>
- <param-name>debug</param-name>
- <param-value>0</param-value>
- </init-param>
- <init-param>
<param-name>cgiPathPrefix</param-name>
<param-value>WEB-INF/cgi</param-value>
</init-param>
- <load-on-startup>5</load-on-startup>
+ <load-on-startup>5</load-on-startup>
</servlet>
-->
@@ -396,6 +412,46 @@
<!-- ================== Built In Filter Definitions ===================== -->
+ <!-- A filter that sets various security related HTTP Response headers. -->
+ <!-- This filter supports the following initialization parameters -->
+ <!-- (default values are in square brackets): -->
+ <!-- -->
+ <!-- hstsEnabled Should the HTTP Strict Transport Security -->
+ <!-- (HSTS) header be added to the response? See -->
+ <!-- RFC 6797 for more information on HSTS. [true] -->
+ <!-- -->
+ <!-- hstsMaxAgeSeconds The max age value that should be used in the -->
+ <!-- HSTS header. Negative values will be treated -->
+ <!-- as zero. [0] -->
+ <!-- -->
+ <!-- hstsIncludeSubDomains -->
+ <!-- Should the includeSubDomains parameter be -->
+ <!-- included in the HSTS header. -->
+ <!-- -->
+ <!-- antiClickJackingEnabled -->
+ <!-- Should the anti click-jacking header -->
+ <!-- X-Frame-Options be added to every response? -->
+ <!-- [true] -->
+ <!-- -->
+ <!-- antiClickJackingOption -->
+ <!-- What value should be used for the header. Must -->
+ <!-- be one of DENY, SAMEORIGIN, ALLOW-FROM -->
+ <!-- (case-insensitive). [DENY] -->
+ <!-- -->
+ <!-- antiClickJackingUri IF ALLOW-FROM is used, what URI should be -->
+ <!-- allowed? [] -->
+ <!-- -->
+ <!-- blockContentTypeSniffingEnabled -->
+ <!-- Should the header that blocks content type -->
+ <!-- sniffing be added to every response? [true] -->
+<!--
+ <filter>
+ <filter-name>httpHeaderSecurity</filter-name>
+ <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
+ <async-supported>true</async-supported>
+ </filter>
+-->
+
<!-- A filter that sets character encoding that is used to decode -->
<!-- parameters in a POST request -->
<!--
@@ -484,6 +540,15 @@
<!-- ==================== Built In Filter Mappings ====================== -->
+ <!-- The mapping for the HTTP header security Filter -->
+<!--
+ <filter-mapping>
+ <filter-name>httpHeaderSecurity</filter-name>
+ <url-pattern>/*</url-pattern>
+ <dispatcher>REQUEST</dispatcher>
+ </filter-mapping>
+-->
+
<!-- The mapping for the Set Character Encoding Filter -->
<!--
<filter-mapping>
@@ -524,6 +589,7 @@
<!-- based on these mappings. Additional mappings can be added here (to -->
<!-- apply to all web applications), or in your own application's web.xml -->
<!-- deployment descriptor. -->
+ <!-- Note: Extensions are always matched in a case-insensitive manner. -->
<mime-mapping>
<extension>123</extension>
diff --git a/catalog-parent/catalogparent/pom.xml b/catalog-parent/catalogparent/pom.xml
index 81094dba..a4bac251 100644
--- a/catalog-parent/catalogparent/pom.xml
+++ b/catalog-parent/catalogparent/pom.xml
@@ -49,7 +49,7 @@
<org.mockito.version>1.9.5</org.mockito.version>
<h2database.version>1.4.182</h2database.version>
<org.apache.ant.version>1.8.2</org.apache.ant.version>
- <tomcat.version>7.0.62</tomcat.version>
+ <tomcat.version>8.5.6</tomcat.version>
</properties>
<dependencyManagement>