Tomcat 5.5.15

General

32081: Remove the JDK requirement from the Win32 scripts. (keith)

Catalina

37852: Fix regression where the magic role '*' was denying all access. Patch by xrcat (billbarker) 37934: Don't ask for authentication if deny-from-all is in effect. (billbarker) 15570: auth-constraint of * was interpretted as all authenticated users rather than as all roles defined in web.xml. (markt) Remove leftover static logger which was used to log application level messages in ApplicationContextFacade (remm) 38012: Where a CGI script sets a response code, use it. (markt) 37854: Extension-List checking was too strict. (markt)

Coyote

Report binding errors in the APR endpoint as strings rather than platform specific status codes (remm) 37934: Don't ask for authentication if deny-from-all is in effect. (billbarker) 38047: Handle the case where the Servlet attempts to read the Request body from the AJP/1.3 Connector, in the case that no body was sent. (billbarker) 38030: Unconditionally return EOS for an attempt to read the body of any request that doesn't send CL or TE. (remm, billbarker).

Jasper

35351: Fix problem using an inner class for a <jsp:useBean />. (kinman). 37929: Don't stop on the generic attribute methods just because the session is invalid. Patch by Pierre Delisle. (billbarker) Add system properties org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER and org.apache.jasper.runtime.JspFactoryImpl.USE_POOL to allow configuring Jasper memory usage (remm) 37933: Restrict <jsp:getAttribute /> to only look in PAGE_SCOPE. (billbarker)

Cluster

37808: Fix ArrayIndexOutOfBoundsException inside XByteBuffer. Reported by Dietmar Mueller (pero) 37896DataSender starts new Socket after IOException. (pero) Reduce memory usage at membership service. (pero)

 

http://tomcat.apache.org/tomcat-5.5-doc/changelog.html