0 Replies Latest reply on Oct 31, 2001 6:50 PM by Jules Gosnell

    JBoss 2.4.3 / Jetty 3.1.3 released...

    Jules Gosnell Novice

      Sorry about the delay guys - I've been very busy.

      This brings the JBoss/Jetty bundle up to date with the latest Jetty.

      You can find it at :


      I shall update the JBoss website shortly....

      Problems to:

      jboss-user@lists.sf.net and jetty-discuss@yahoogroups.com - please.



      Release Candidate 1. (30/10/2001)

      Jetty - Jetty-3.1.3
      JettyExtra/jmx - JettyExtra-1.0.1
      JBoss - JBoss-2.4.3
      JBoss-Jetty - JBoss/contrib/jetty (cvs update -d -p -r Branch_2_4 -D 'October 30, 2001 11:59pm BST')

      - upgrade Jetty component
      - reworking of JBossUserRealm
      - for Jetty changes see jetty/VERSION.TXT (3.1.2 & 3.1.3)

      and the Jetty VERSION.TXT says :

      Jetty-3.1.3 - 26 Oct 2001
      + Fix security problem with trailing special characters.
      Trailing %00 enabled JSP source to be viewed or other
      servlets to be bypassed.
      + Fixed several problems with external role authentication.
      Role authentication in JBoss was not working correctly and
      there were possible object leaks. The fix required an API
      change to UserPrinciple and UserRealm.
      + Allow a per context UserRealm instance.
      + Upgraded JSSE to 1.0.2
      + Improved FORM auth handling of role failure.
      + Improved Jasper debug output.
      + Improved ThreadedServer timeout defaults
      + Fixed binary files in CVS
      + Fixed Virtual hosts to case insensitive.
      + PathMap spec separator changed from ',' to ':'. May be set with
      org.mortbay.http.PathMap.separators system property.
      + Correct dispatch to error pages with javax attributes set.

      Jetty-3.1.2 - 13 Oct 2001
      + Fixed double entry on PathMap.getMatches
      + Fixed servlet handling of non session url params.
      + Fixed attr handling in XmlParser.toString
      + Fixed request log date formatting
      + Fixed NotFoundHandler handling of unknown methods
      + Fixed FORM Authentication username.
      + Fixed authentication role handling in FORM auth.
      + FORM authentication passes query params.
      + Added short delay to shutdown hook for JVM bug.
      + Added ServletHandler.sessionCount()
      + Added run target to ant
      + Changed 304 responses for Opera browser.
      + Changed JSESSIONID to jsessionid
      + Log OK state after thread low warnings.
      + Changed unsatisfiable range warnings to debug.
      + Further improvements in handling of shutdown.