1.2. Changes in this release

JON Plugin

865460 - Cannot add a Group to tomcat's UserDatabase

Due to missing parameters a public class, adding a group to Tomcat’s UserDatabase using the JBoss Operations Network (JON) interface displays an error:

DEBUG [ResourceFactory.executor-1] (rhq.core.pc.inventory.CreateResourceRunner)- Throwable was found in creation report for request [10083].
java.lang.IllegalStateException: Name [roles] specified for parameter of operation [createGroup] on MBean [Users:type=UserDatabase,database=UserDatabase] is invalid. The MBean operation does not take a parameter by that name..

Copy to Clipboard Toggle word wrap

A fix is applied to add the missing parameters. As a result, adding a group to Tomcat’s UserDatabase works as expected in JBoss Enterprise Web Server 2.0.1.

865459 - Cannot add a User to tomcat's UserDatabase

Due to missing parameters in the public class, adding a user to Tomcat’s UserDatabase using the JBoss Operations Network (JON) interface in JBoss Enterprise Web Server displays an error in agent’s log indicating that the MBean parameters are invalid.

A fix is applied to add the missing parameters. As a result, adding users to Tomcat’s UserDatabase using JBoss Operations Network (JON) works as expected in JBoss Operations Network (JON).

688358 - [JBPAPP-6104] JON 2.4.1: User Database "Save" operation fails, but reports Success

The add, modify and remove operations in tomcat 6 and 7 do not manipulate the user database as expected. As a result, the JBoss Operations Network interface fails. The plugin logic is now fixed. To ensure JBoss Operations Network works as expected, set readonly="false" in the UserDatabase resource in the server.xml file.

921194 - [tomcat] Connectors are not properly discovered and therefore are unavailable along with all their content

Due to an issue in the JBoss Enterprise Web Server plug in, the connectors ?-8080 and ?-8009 are down. As a result, Tomcat 7 can not be monitored or managed. The bug in the JBoss Enterprise Web Server plug in is now fixed. As a result, the connectors are now discoverable and are named http-bio-8080 and ajp-bio-8009 as expected and Tomcat 7 can be managed and monitored successfully.

921261 - WebModule is reported as DOWN or UNAVAILABLE due to plug-in expecting stateName to return 1 instead of STARTED

The missing MBean for the //localhost/my-simple-webapp WAR file causes all the web applications deployed on Tomcat 7 to be unavailable. The Tomcat 7 support patch contains the updated MBean names. The relevant MBean names are now correct and discoverable as expected.

httpd

947579 - httpd 2.2.22 init script does not properly make use of the pid file

OpenShift Enterprise contains a cartridge that requires a JBoss Enterprise Application Platform subscription. The JBoss Enterprise Application Platform channel provides an Apache init script that is incompatible with the httpd 2.2.22 init script in the OpenShift Enterprise cartridge. The JBoss httpd service script does not pass the "-p pidfile" flag to killproc resulting in killing openshift-console and openshift-broker services along with all the end user applications that use httpd. The bug in the init script is now fixed. The patch in the httpd 2.2.22 init script now kills the process using its process ID as expected.

973189 - EWS httpd keeps writing logs to old log file after rotated by logrotate

JBoss Enterprise Web Server httpd does not write logs to new log file after after it is rotated by logrotate. Expected behavior is to write logs to new log file after rotated by logrotate. This occurs because the httpd.pid file path is incorrect in /etc/logrotate.d/httpd script.

This issue is fixed in JBoss Enterprise Web Server 2.0.1. The httpd.pid file path is now corrected in /etc/logrotate.d/httpd script. JBoss Enterprise Server httpd now writes logs to new log file after rotated by log rotate.

900827 - Apache httpd returns 500 status code instead of custom status code when using mod_proxy

An issue with Apache http produces wrong status code when using mod_proxy http as a loadbalancer/proxy and a JSP with a custom status code. Instead of custom status code, 500 status code is returned.

The bug in the Apache http has now been fixed. Using mod_proxy http as a loadbalancer/proxy and a JSP with a custom status code now returns the custom status code.

901126 - Update postinstall script to check for check for conf file before editing

JBoss Enterprise Web Server 2.0 contained mod_snmp and mod_cluster. However, JBoss Enterprise Application Platform does not require these dependencies and therefore the commands that manipulate mod_snmp and mod_cluster in the .postinstall file are not suitable for JBoss Enterprise Application Platform. As a result, the .postinstall file included with JBoss Enterprise Application Platform 2.0 did not work as expected. This is fixed so that the .postinstall file now includes condition tests in mod_cluster and mod_snmp. As a result, the .postinstall file shipped with JBoss Enterprise Application Platform works as expected.

971861 - Multiple Issues with OCSP

OCSP (mod_ssl) mishandles responses for responders in specific situations. For example, if a responder sends NULL or blank data but does not close the connection, mod_ssl unexpectedly ends the response.

Further information about this issue is available at http://openssl.6102.n7.nabble.com/Decoding-OCSP-response-data-ASN1-D2I-READ-BIO-not-enough-data-td24437.html

Additionally, OCSP does not work as expected when used in conjunction with an intermediate CA (Certification Authority), for example when a CA is used for Apache configuration.

Further information about this issue is available at https://issues.apache.org/bugzilla/show_bug.cgi?id=46037

As a result of these problems, cretin OCSP responders do not work as expected with JBoss Enterprise Web Server and intermediary CAs also do not work as expected. These problems are fixed in JBoss Enterprise Web Server 2.0.1 using a patch. As a result of the fix, third party OCSP responders and intermediary CAs work as expected with JBoss Enterprise Web Server.

896674 - Solaris .postinstall.httpd script fails to configure OPTIONS for apachectl

The post-installation script included in jboss-ews-httpd-2.0.0-sun10.sparc64.zip incorrectly configured the OPTIONS parameter in the apachectl script. As a result, installing httpd in a directory other than the default directory (/opt/jboss-ews-2.0/), apachectl fails to launch httpd as it cannot locate the httpd.conf file. The following error message is displayed:

httpd.worker: Could not open configuration file /opt/jboss-ews-2.0/etc/httpd/conf/httpd.conf: No such file or directory

Copy to Clipboard Toggle word wrap

A fix is added to JBoss Enterprise Web Server 2.0.1. As a result, httpd locates the configuration files in $INSTALL_DIR/jboss-ews-2.0/etc/httpd/conf/ and is launched successfully.

mod_cluster

901145 - mod_cluster returns HTTP 502 or (500 Proxy Error) with https connector

An HTTP error 502 (Bad Gateway) is displayed after a period of inactivity when only HTTPS connector is enabled for balancer-worker communication for mod_cluster with https. Httpd tries to re-use a connection that have been closed already. SSL handshake fails resulting in HTTP error. The bug in mod_cluster has now been fixed. mod_cluster works as expected and does not return an HTTP error 502 (Bad Gateway) after a period of inactivity when only HTTPS connector is enabled for balancer-worker communication.

900997 - mod_cluster: advertising doesn't work in mixed IPv4/IPv6 setting

An issue in the apr library for Red Hat Enterprise Linux 5 and 6 causes an error to be displayed in the error_log for advertising using mod_cluster. The error message is displayed when IPv6 or a mixed protocol setting (IPv4 and IPv6) is used for advertising using mod_cluster.

The bug in the apr library has now been fixed. The latest updated version of the apr library can be downloaded from the RHN channel.

mod_jk

899449 - Upgrade mod_jk to 1.2.3x

Attempts to manage multiple nodes using the status manager URL fails due to an issue with mod_jk version shipped with JBoss Enterprise Web Server 2.0. JBoss Enterprise Web Server 2.0.1 contains the updated mod_jk version 1.2.37. As a result, the status manager URL manages multiple nodes as expected.

900793 - JK status manager - mass nodes handling works strange

Due to an issue with the mod_jk version shipped with the JBoss Enterprise Web Server, multiple nodes using status manager URL were not managed properly.

The updated version of mod_jk in JBoss Enterprise Web Server 2.0.1 uses the status manager to manage multiple nodes as expected.

tomcat6

927930 - java.security.AccessControlException: access denied on tomcat6 rpm running with security manager

Some symbolic links in the JBoss Enterprise Web Server RPM do not work correctly under java security manager. Specifically the links require going one level up (for example, they start with the symbolic address ../) but the security manager’s java does not allow this. Additionally, a required Constant subclass was inaccessible to JBoss Enterprise Web Server. As a result, the following instructions fail to compile under the security manager:

<jsp:include page="PageName" flush="true"/>

Copy to Clipboard Toggle word wrap

The following error appears as a result of the compile failure:

java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.org.apache.jasper

Copy to Clipboard Toggle word wrap

The symbolic links are now changed in the relevant files and the previously inaccessible Constant classes are instanced in a calling class. As a result, these problems are now fixed and JBoss Enterprise Web Server 2.0.1 works as expected.

tomcat6,tomcat7

969002 - [EWS-2.0.1-ER2] Error in postinstall scriptlet for tomcat6 and tomcat7 rpm

The tomcat6 and tomcat7 postinstall scripts included in JBoss Enterprise Web Server do not work as expected. This is because the SEModule is expected to be in the /usr/bin/semodule directory, which does not exist. SEModule is available at /usr/sbin/semodule instead, which is the correct location. Additionally, the provided module installation path (%/selinux/packages/tomcat…) is incorrect.

A fix is added for tomcat6 and tomcat7 in JBoss Enterprise Web Server 2.0.1. This fix ensures that the expected path for SEModule is correct and that the installation path is correct. As a result, the module now works as expected.

959841 - Update Tomcat 6 and 7 for EWS 2.0.1

JBoss Enterprise Web Server’s included Tomcat 6 and 7 packages were out of date. The most recent versions of Tomcat 6 (6.0.37) and Tomcat 7 (7.0.40) are now included in JBoss Enterprise 2.0.1. As a result, both versions of Tomcat now work as expected.

971429 - Postinstall scriptlet for tomcat6 and tomcat7 not executed in update

When an existing package was upgraded in JBoss Enterprise Web Server, the postinstall script for tomcat6 and tomcat7 were not run. As a result, selinux policies were not updated after the upgrade.

A fix is included in JBoss Enterprise Web Server 2.0.1 to address this problem. As a result, the postinstall script is run after an upgrade as expected and selinux policies update.

910479 - Need to include full implementation of tomcat-juli.jar and tomcat-juli-adapters.jar

Tomcat (6 and 7) includes a version of the tomcat-juli.jar file that is hard coded to use java.util.logging instead of log4j, which is preferred for JBoss Enterprise Web Server 2. As a result, Tomcat cannot be configured to use log4j unless the complete version of tomcat-juli.jar and tomcat-juli-adapters.jar are downloaded.

JBoss Enterprise Web Server 1.x included the full version of tomcat-juli.jar and tomcat-juli-adapters.jar to configure log4j successfully. JBoss Enterprise Web Server 2.0 did not include the full version of tomcat-juli.jar and excluded tomcat-juli-adapters.jar. As a result, log4j could not be configured with JBoss Enterprise 2.0 as expected.

JBoss Enterprise Web Server 2.0.1 now contains the correct versions of the tomcat-juli.jar and tomcat-juli-adapters.jar to configure log4j. As a result, log4j configuration now works as expected.

959871 - postinstall.tomcat.bat

The post-installation BAT files for JBoss Enterprise Web Server for Windows and Solaris contain a typo in one of the file names. The file named commons-daemon-1.0.15-redhat-1.jar is listed as commons-daemon-1.0.10.jar in the mklink command line.

A fix is applied for JBoss Enterprise Web Server 2.0.1 to ensure that the commons-daemon file contains the correct version. As a result, the post-installation BAT files for the Windows and Solaris versions of JBoss Enterprise Web Server 2.0.1 work as expected.

899477 - EWS: decide if jsvc should have capability support

JBoss Enterprise Web Server 2.0’s version of jsvc did not include libcap support. Additionally, CVE-2011-2729 prevents the use of libcap support as expected when included. As a result, it is not possible to start Tomcat as a root user and then downgrade it using the Linux capabilities library. The commons daemon code is now fixed and JBoss Enterprise Web Server 2.0.1 includes libcap. As a result, using jsvc now works as expected.

901134 - jasper-jdt.jar

The jaspter-jdt.jar file is packaged in JBoss Enterprise Web Server’s Tomcat 7 library for Windows and Solaris and Red Hat Enterprise Linux 6 ZIP installation files. Additionally, in the Red Hat Enterprise Linux 5 ZIP files, the file is included in both the Tomcat 6 and 7 libraries. This file’s name contains a typo, which prevents it from working as expected.

The spelling error is corrected and the file is now named jasper-jdt.jar. As a result, the file works as expected in JBoss Enterprise Web Server 2.0.1.

tomcat7

961617 - Tomcat7 - possible memory leak when stopping it

JBoss Enterprise Web Server’s Tomcat 7 did not stop correctly when used with the Windows operating system and instead displayed an error in the catalina.out file.

This issue is fixed in JBoss Enterprise Web Server 2.0.1. As a result, when Tomcat 7 is used with Windows, it stops as expected and does not display any errors.

923825 - Cannot create virtual host for tomcat7 rpm

Due to permissions issues in the JBoss Enterprise Web Server RPM installation, a virtual host can not be created as expected. This occurs when the user tomcat is created in the tomcat-users.xml file and then navigating to localhost:8080/host-manager/html to sign in as user tomcat, then attempting to create a virtual host. This task fails with the following error:

FAIL - Failed to create appBase [/usr/share/tomcat7/testwebapps] for host [test]

Copy to Clipboard Toggle word wrap

A fix is applied in JBoss Enterprise Web Server 2.0.1 to create a virtual host as expected.

969023 - Tomcat7: ClassNotFoundException: org.apache.commons.dbcp.BasicDataSourceFactory

Due to incorrect naming for packages (o.a.tomcatdbcp instead of o.a.commons.dbcp) in the Red Hat Enterprise Linux distribution of the JBoss Enterprise Web Server files, an exception displayed when a lookup is attempted for a Tomcat JNDI datasource:

ClassNotFoundException: org.apache.commons.dbcp.BasicDataSourceFactory

Copy to Clipboard Toggle word wrap

The naming is now corrected and the correct class is located as expected in JBoss Enterprise Web Server 2.0.1.