release-notes-4.1.txt

《J2EE企业级应用开发》一书的配套源代码

[4.1.6] Compiler:
        Further refactoring of the compiler.

[4.1.6] #10048
        Summary: JSP forward removes ALL response wrappers
        PageContextImpl:
        Only unwrap Jasper added response wrapper.

[4.1.6] #10035
        Summary: <jsp:params> in <jsp:plugin> rejected
        Parser:
        <jsp:params> elements are now allowed.

[4.1.6] #9996
        Summary: <@%include> breaks when the included page contains non-ascii 
        encoding
        Validator:
        Fix charset handling.

[4.1.6] Generator:
        Many fixes to nested tags and scripting variables handling.

[4.1.6] Generator:
        Add synchronization of the scripting variables.

[4.1.8] #10896
        Summary: Parsing ContentType error
        ParserController:
        Fix parsing.

[4.1.8] #10713
        Summary: Backslashes quoting quotes in attributes does not work
        Parser:
        Fix parsing.

[4.1.8] #10711
        Summary: Relative filenames with ../ do not work for JSP-includes
        JspCompilationContext:
        Add back path normalization code.

[4.1.8] #10670
        Summary: Problem in JSP compilation
        Generator:
        Fix compilation problem.

[4.1.8] #10766
        Summary: <%@ page extends %> causes ClassCastException
        JspServletWrapper:
        Fix regression caused by the included JSP modification tracking.

[4.1.9] #11463
        Summary: PageContextImpl.removeAttribute do not work correctly without
        session object
        PageContextImpl:
        Add check for the existence of the session.

[4.1.9] Validator:
        Fix bug in setting the default content-type.

[4.1.9] #10949
        Summary: Jasper2 compile error with struts logic tag & jsp:include
        Generator:
        Fix generated response type to HttpServletResponse.

[4.1.9] #10629
        Summary: include directive fails when referencing Parent Path within 
        a WAR
        JspCompilationContext:
        Canonicalize URIs used for getResource and getResourceAsStream.

[4.1.10] #11891
         Summary: JspC does not work for webapps
         JspC:
         Fix -webapp option.

[4.1.10] Compiler, Generator:
         Added step to determine which scripting variables must be declared.

[4.1.10] #11942
         Summary: reassignment of variables to pagecontext attributes in body 
         loop

[4.1.10] #11552
         Summary: Iteration tags do not resynchronize scripting variables after
         doAfterBody()

[4.1.10] #12128
         Summary: JSP Comment end symbol not recognized in some cases

[4.1.11] Compiler:
         Update to work with Jikes with all features.

[4.1.11] #12387
         Compiler:
         Work around limitations of the Ant path tokenization by using files.

[4.1.11] Generator:
         For the conversion of the value used in includes and others 
         to a String, as was done in previous Tomcat releases.

[4.1.11] Generator:
         Added synchronization of NESTED and AT_BEGIN variables after call to
         doStartTag() of tag handlers implementing IterationTag, but not
         BodyTag.

[4.1.11] #12432
         Generator:
         Can't compile JSP with nested custom tags that have VariableInfo.

[4.1.11] JspServletWrapper:
         Fix Jasper when "development" option is set to "false".

[4.1.12] JspRuntimeContext:
         Add permission to allow reading the work directory.

[4.1.13] #13144
         Generator:
         Ending comment eats up line following.

[4.1.13] #13536
         Generator:
         Bad <jsp:param> value in plugin if the value is an expression.

[4.1.13] JspRuntimeContext:
         Make sure the CodeSource for JSP pages is created consistently 
         the same.

[4.1.13] #13206
         JspRuntimeLibrary:
         Invalid java bean property error message could be reported better.

[4.1.13] #13843
         JspServlet:
         Fix locking on Windows of big JSP files.

[4.1.14] Compiler:
         Add global synchronization on the javac invocation.

[4.1.15] Jspc:
         Rename "--compile" option to "-compile" (it was undocumented).

[4.1.15] #14195
         ErrorDispatcher:
         Fix NPE.

[4.1.15] #14197
         Generator:
         Allow jspDestroy to be overriden.

[4.1.15] PageContextImpl:
         Avoid flushing after processing the page.

[4.1.16] #14577
         Generator:
         Declarations should geneate a '\n' at end.

[4.1.16] #14699
         Generator:
         Scripting variables declared AT_END do not work when tag
         implements TryCatchFinally.

[4.1.17] Compiler:
         Make exception reports more detailed.


============================
KNOWN ISSUES IN THIS RELEASE:
============================

* Tomcat 4.1 and JNI Based Applications
* Tomcat 4.1 Standard APIs Available
* Tomcat 4.1 and XML Parsers
* Web application reloading and static fields in shared libraries
* JAVAC leaking memory
* Linux and Sun JDK 1.2.x - 1.3.x
* Enabling SSI and CGI Support
* Security manager URLs
* Using Jasper 1 with Tomcat 4.1
* Administrartion web application
* Symlinking static resources
* Enabling invoker servlet


-------------------------------------
Tomcat 4.1 and JNI Based Applications:
-------------------------------------

Applications that require native libraries must ensure that the libraries have
been loaded prior to use.  Typically, this is done with a call like:

  static {
    System.loadLibrary("path-to-library-file");
  }

in some class.  However, the application must also ensure that the library is
not loaded more than once.  If the above code were placed in a class inside
the web application (i.e. under /WEB-INF/classes or /WEB-INF/lib), and the
application were reloaded, the loadLibrary() call would be attempted a second
time.

To avoid this problem, place classes that load native libraries outside of the
web application, and ensure that the loadLibrary() call is executed only once
during the lifetime of a particular JVM.


----------------------------------
Tomcat 4.1 Standard APIs Available:
----------------------------------

A standard installation of Tomcat 4 makes all of the following APIs available
for use by web applications (by placing them in "common/lib" or "shared/lib"):
* activation.jar (Java Activation Framework)
* ant.jar (Apache Ant 1.5)
* commons-collections.jar (Commons Collections 2.0)
* commons-dbcp.jar (Commons DBCP 1.0)
* commons-logging-api.jar (Commons Logging 1.0.1)
* commons-pool.jar (Commons Pool 1.0)
* jasper-compiler.jar (Jasper 2 Compiler)
* jasper-runtime.jar (Jasper 2 Runtime)
* jdbc2_0-stdext.jar (JDBC 2.0 Optional Package, javax.sql.*)
* jndi.jar (JNDI 1.2 base API classes)
* jta.jar (Java Transacation API 1.0.1a)
* mail.jar (JavaMail 1.2)
* naming-common.jar (JNDI Context implementation)
* naming-factory.jar (JNDI object factories)
* naming-resources.jar (JNDI DirContext implementations)
* servlet.jar (Servlet 2.3 and JSP 1.2 APIs)

You can make additional APIs available to all of your web applications by
putting unpacked classes into a "classes" directory (not created by default),
or by placing them in JAR files in the "lib" directory.

Tomcat 4.1 also makes available Xerces 2 to web applications.


--------------------------
Tomcat 4.1 and XML Parsers:
--------------------------

As described above, Tomcat 4.1 makes an XML parser (and many other standard
APIs) available to web applications.  This parser is also used internally
to parse web.xml files and the server.xml configuration file.  If you wish,
you may replace the "xercesImpl.jar" file in "common/endorsed" with another 
XML parser, as long as it is compatible with the JAXP 1.1 APIs.


---------------------------------------------------------------
Web application reloading and static fields in shared libraries:
---------------------------------------------------------------

Some shared libraries (many are part of the JDK) keep references to objects
instantiated by the web application. To avoid class loading related problems
(ClassCastExceptions, messages indicating that the classloader 
is stopped, ...), the shared libraries state should be reinitialized.

Something which could help is to avoid putting classes which would be 
referenced by a shared static field in the web application classloader, 
and put them in the shared classloader instead (the JARs should be put in the 
"lib" folder, and classes should be put in the "classes" folder).


--------------------
JAVAC leaking memory:
--------------------

The Java compiler leaks memory each time a class is compiled. Web applications
containing hundreds of JSP files may as a result trigger out of memory errors 
once a significant number of pages have been accessed. The memory can only be 
freed by stopping Tomcat and then restarting it.

The JSP command line compiler (JSPC) can also be used to precompile the JSPs.


-------------------------------
Linux and Sun JDK 1.2.x - 1.3.x:
-------------------------------

Virtual machine crashes can be experienced when using certain combinations of
kernel / glibc under Linux with Sun Hotspot 1.2 to 1.3. The crashes were 
reported to occur mostly on startup. Sun JDK 1.4 does not exhibit the problems,
and neither does IBM JDK for Linux.

The problems can be fixed by reducing the default stack size. At bash shell, 
do "ulimit -s 2048"; use "limit stacksize 2048" for tcsh.

GLIBC 2.2 / Linux 2.4 users should also define an environment variable:
export LD_ASSUME_KERNEL=2.2.5


----------------------------
Enabling SSI and CGI Support:
----------------------------

Having CGI and SSI available to web applications created security problems when
using a security manager (as a malicious web application could use them to 
sidestep the security manager access control). In Tomcat 4.1, they have been
disabled by default, as our goal is to provide a fully secure default 
configuration. However, CGI and SSI remain available.

On Windows:
* rename the file %CATALINA_HOME%\server\lib\servlets-cgi.renametojar to
  %CATALINA_HOME%\server\lib\servlets-cgi.jar.
* rename the file %CATALINA_HOME%\server\lib\servlets-ssi.renametojar to
  %CATALINA_HOME%\server\lib\servlets-ssi.jar.
* in %CATALINA_HOME%\conf\web.xml, uncomment the servlet declarations starting
  line 165 and 213, as well as the associated servlet mappings 
  line 265 and 274. Alternately, these servlet declarations and mappings can
  be added to your web application deployment descriptor.

On Unix:
* rename the file $CATALINA_HOME/server/lib/servlets-cgi.renametojar to
  $CATALINA_HOME/server/lib/servlets-cgi.jar.
* rename the file $CATALINA_HOME/server/lib/servlets-ssi.renametojar to
  $CATALINA_HOME/server/lib/servlets-ssi.jar.
* in $CATALINA_HOME/conf/web.xml, uncomment the servlet declarations starting
  line 165 and 213, as well as the associated servlet mappings 
  line 265 and 274. Alternately, these servlet declarations and mappings can
  be added to your web application deployment descriptor.


---------------------
Security manager URLs:
---------------------

The URLs to be used in the policy file to grant permissions to JARs located
inside the web application repositories have changed in Tomcat 4.1.

In Tomcat 4.0, codeBase URLs for JARs loaded from web application 
repositories were:
jar:file:${catalina.home}/webapps/examples/WEB-INF/lib/driver.jar!/-

In Tomcat 4.1, they should be:
file:${catalina.home}/webapps/examples/WEB-INF/lib/driver.jar


------------------------------
Using Jasper 1 with Tomcat 4.1:
------------------------------

It is possible to use Jasper 1 (included in Tomcat 4.0.x) with Tomcat 4.1, as
it has the same API and supports the same JSP API.

To use Jasper 1 instead of Jasper 2, copy the two following JARs to
$CATALINA_HOME/common/lib (overwriting the two existing JARs):
* $TOMCAT40_HOME/lib/jasper-runtime.jar
* $TOMCAT40_HOME/lib/jasper-compiler.jar

However, users are urged to use the version of Jasper included with Tomcat 4.1
(Jasper 2), as it has much higher performance and scalability than Jasper 1.


-------------------------------
Administrartion web application:
-------------------------------

The administration web application should currently be considered beta quality
code, but is supported as an official component of Tomcat 4.1.

A finalized version will be delivered in an upcoming Tomcat 4.1 release.


---------------------------
Symlinking static resources:
---------------------------

Unix symlinks will not work when used in a web application to link resources 
located outside the web application root directory.

This behavior is optional, and the "allowLinking" flag may be used to disable
the check.


------------------------
Enabling invoker servlet:
------------------------

Starting with Tomcat 4.1.12, the invoker servlet is no longer available by 
default in all webapp. Enabling it for all webapps is possible by editing
$CATALINA_HOME/conf/web.xml to uncomment the "/servlet/*" servlet-mapping
definition.

Using the invoker servlet in a production environment is not recommended and
is unsupported.