CVE-2016-3088

@@ -1,112 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-  <modelVersion>4.0.0</modelVersion>
-
-  <parent>
-    <groupId>org.apache.activemq</groupId>
-    <artifactId>activemq-parent</artifactId>
-    <version>5.14.0-SNAPSHOT</version>
-  </parent>
-
-  <artifactId>activemq-fileserver</artifactId>
-  <packaging>war</packaging>
-  <name>ActiveMQ :: File Server</name>
-  <description>Web File Server for out of band large message exchange</description>
-
-  <build>
-    <plugins>
-      <plugin>
-        <groupId>org.eclipse.jetty</groupId>
-        <artifactId>jetty-maven-plugin</artifactId>
-        <configuration>
-          <connectors>
-            <connector implementation="org.eclipse.jetty.server.ServerConnector">
-              <port>${jetty.port}</port>
-              <maxIdleTime>60000</maxIdleTime>
-            </connector>
-          </connectors>
-          <scanIntervalSeconds>10</scanIntervalSeconds>
-        </configuration>
-      </plugin>
-      <plugin>
-        <artifactId>maven-surefire-plugin</artifactId>
-        <configuration>
-          <excludes>
-            <exclude>**/RestFilterTest.*</exclude>
-          </excludes>
-        </configuration>
-      </plugin>
-    </plugins>
-  </build>
-
-  <dependencies>
-    <dependency>
-      <groupId>org.slf4j</groupId>
-      <artifactId>slf4j-api</artifactId>
-    </dependency>
-
-	<!-- web container -->
-	<dependency>
-		<groupId>org.apache.tomcat</groupId>
-		<artifactId>tomcat-servlet-api</artifactId>
-		<scope>provided</scope>
-	</dependency>
-
-
-    <!-- used for testing -->
-    <dependency>
-      <groupId>junit</groupId>
-      <artifactId>junit</artifactId>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>activemq-unit-tests</artifactId>
-      <type>test-jar</type>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>activemq-broker</artifactId>
-      <type>test-jar</type>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.eclipse.jetty.aggregate</groupId>
-      <artifactId>jetty-all</artifactId>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.slf4j</groupId>
-      <artifactId>slf4j-log4j12</artifactId>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>log4j</groupId>
-      <artifactId>log4j</artifactId>
-      <optional>true</optional>
-      <scope>test</scope>
-    </dependency>
-  </dependencies>
-
-  <properties>
-    <jetty.port>8080</jetty.port>
-  </properties>
-</project>

@@ -1,96 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.activemq.util;
-
-import java.io.IOException;
-import java.nio.file.FileSystems;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-public class FilenameGuardFilter implements Filter {
-
-    private static final Logger LOG = LoggerFactory.getLogger(FilenameGuardFilter.class);
-    
-    public void destroy() {
-        // nothing to destroy
-    }
-
-    public void init(FilterConfig config) throws ServletException {
-        // nothing to init
-    }
-
-    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-        if (request instanceof HttpServletRequest) {
-            HttpServletRequest httpRequest = (HttpServletRequest)request;
-            GuardedHttpServletRequest guardedRequest = new GuardedHttpServletRequest(httpRequest);
-            chain.doFilter(guardedRequest, response);
-        } else {
-            chain.doFilter(request, response);
-        }
-    }
-
-    private static class GuardedHttpServletRequest extends HttpServletRequestWrapper {
-
-        public GuardedHttpServletRequest(HttpServletRequest httpRequest) {
-            super(httpRequest);
-        }
-
-        private String guard(String filename) {
-            String guarded = filename.replace(":", "_");
-            guarded = FileSystems.getDefault().getPath(guarded).normalize().toString();
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("guarded " + filename + " to " + guarded);
-            }
-            return guarded;
-        }
-
-        @Override
-        public String getParameter(String name) {
-            if (name.equals("Destination")) {
-                return guard(super.getParameter(name));
-            } else {
-                return super.getParameter(name);
-            }
-        }
-
-        @Override
-        public String getPathInfo() {
-            return guard(super.getPathInfo());
-        }
-
-        @Override
-        public String getPathTranslated() {
-            return guard(super.getPathTranslated());
-        }
-
-        @Override
-        public String getRequestURI() {
-            return guard(super.getRequestURI());
-        }
-    }
-}

@@ -1,139 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.activemq.util;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-/**
- *
- */
-public final class IOHelper {
-    protected static final int MAX_DIR_NAME_LENGTH;
-    protected static final int MAX_FILE_NAME_LENGTH;
-    private static final int DEFAULT_BUFFER_SIZE = 4096;
-    private IOHelper() {
-    }
-
-    public static String getDefaultDataDirectory() {
-        return getDefaultDirectoryPrefix() + "activemq-data";
-    }
-
-    public static String getDefaultStoreDirectory() {
-        return getDefaultDirectoryPrefix() + "amqstore";
-    }
-
-    /**
-     * Allows a system property to be used to overload the default data
-     * directory which can be useful for forcing the test cases to use a target/
-     * prefix
-     */
-    public static String getDefaultDirectoryPrefix() {
-        try {
-            return System.getProperty("org.apache.activemq.default.directory.prefix", "");
-        } catch (Exception e) {
-            return "";
-        }
-    }
-
-    public static boolean deleteFile(File fileToDelete) {
-        if (fileToDelete == null || !fileToDelete.exists()) {
-            return true;
-        }
-        boolean result = deleteChildren(fileToDelete);
-        result &= fileToDelete.delete();
-        return result;
-    }
-
-    public static boolean deleteChildren(File parent) {
-        if (parent == null || !parent.exists()) {
-            return false;
-        }
-        boolean result = true;
-        if (parent.isDirectory()) {
-            File[] files = parent.listFiles();
-            if (files == null) {
-                result = false;
-            } else {
-                for (int i = 0; i < files.length; i++) {
-                    File file = files[i];
-                    if (file.getName().equals(".")
-                            || file.getName().equals("..")) {
-                        continue;
-                    }
-                    if (file.isDirectory()) {
-                        result &= deleteFile(file);
-                    } else {
-                        result &= file.delete();
-                    }
-                }
-            }
-        }
-
-        return result;
-    }
-
-
-    public static void moveFile(File src, File targetDirectory) throws IOException {
-        if (!src.renameTo(new File(targetDirectory, src.getName()))) {
-            throw new IOException("Failed to move " + src + " to " + targetDirectory);
-        }
-    }
-
-    public static void copyFile(File src, File dest) throws IOException {
-        FileInputStream fileSrc = new FileInputStream(src);
-        FileOutputStream fileDest = new FileOutputStream(dest);
-        copyInputStream(fileSrc, fileDest);
-    }
-
-    public static void copyInputStream(InputStream in, OutputStream out) throws IOException {
-        try {
-            byte[] buffer = new byte[DEFAULT_BUFFER_SIZE];
-            int len = in.read(buffer);
-            while (len >= 0) {
-                out.write(buffer, 0, len);
-                len = in.read(buffer);
-            }
-        } finally {
-            in.close();
-            out.close();
-        }
-    }
-
-    static {
-        MAX_DIR_NAME_LENGTH = Integer.valueOf(System.getProperty("MaximumDirNameLength","200")).intValue();
-        MAX_FILE_NAME_LENGTH = Integer.valueOf(System.getProperty("MaximumFileNameLength","64")).intValue();
-    }
-
-
-    public static void mkdirs(File dir) throws IOException {
-        if (dir.exists()) {
-            if (!dir.isDirectory()) {
-                throw new IOException("Failed to create directory '" + dir +"', regular file already existed with that name");
-            }
-
-        } else {
-            if (!dir.mkdirs()) {
-                throw new IOException("Failed to create directory '" + dir+"'");
-            }
-        }
-    }
-}

@@ -1,230 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//========================================================================
-//Copyright 2007 CSC - Scientific Computing Ltd.
-//========================================================================
-package org.apache.activemq.util;
-
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.net.URL;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.UnavailableException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-/**
- * <p>
- * Adds support for HTTP PUT, MOVE and DELETE methods. If init parameters
- * read-permission-role and write-permission-role are defined then all requests
- * are authorized using the defined roles. Also GET methods are authorized.
- * </p>
- *
- * @author Aleksi Kallio
- */
-public class RestFilter implements Filter {
-    private static final Logger LOG = LoggerFactory.getLogger(RestFilter.class);
-
-    private static final String HTTP_HEADER_DESTINATION = "Destination";
-    private static final String HTTP_METHOD_MOVE = "MOVE";
-    private static final String HTTP_METHOD_PUT = "PUT";
-    private static final String HTTP_METHOD_GET = "GET";
-    private static final String HTTP_METHOD_DELETE = "DELETE";
-
-    private String readPermissionRole;
-    private String writePermissionRole;
-    private FilterConfig filterConfig;
-
-    public void init(FilterConfig filterConfig) throws UnavailableException {
-        this.filterConfig = filterConfig;
-        readPermissionRole = filterConfig.getInitParameter("read-permission-role");
-        writePermissionRole = filterConfig.getInitParameter("write-permission-role");
-    }
-
-    private File locateFile(HttpServletRequest request) {
-        return new File(filterConfig.getServletContext().getRealPath(request.getServletPath()), request.getPathInfo());
-    }
-
-    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-        if (!(request instanceof HttpServletRequest && response instanceof HttpServletResponse)) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("request not HTTP, can not understand: " + request.toString());
-            }
-            chain.doFilter(request, response);
-            return;
-        }
-
-        HttpServletRequest httpRequest = (HttpServletRequest)request;
-        HttpServletResponse httpResponse = (HttpServletResponse)response;
-
-        if (httpRequest.getMethod().equals(HTTP_METHOD_MOVE)) {
-            doMove(httpRequest, httpResponse);
-        } else if (httpRequest.getMethod().equals(HTTP_METHOD_PUT)) {
-            doPut(httpRequest, httpResponse);
-        } else if (httpRequest.getMethod().equals(HTTP_METHOD_GET)) {
-            if (checkGet(httpRequest, httpResponse)) {
-                chain.doFilter(httpRequest, httpResponse); // actual processing
-                                                            // done elsewhere
-            }
-        } else if (httpRequest.getMethod().equals(HTTP_METHOD_DELETE)) {
-            doDelete(httpRequest, httpResponse);
-        } else {
-            chain.doFilter(httpRequest, httpResponse);
-        }
-    }
-
-    protected void doMove(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("RESTful file access: MOVE request for " + request.getRequestURI());
-        }
-
-        if (writePermissionRole != null && !request.isUserInRole(writePermissionRole)) {
-            response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
-            return;
-        }
-
-        File file = locateFile(request);
-        String destination = request.getHeader(HTTP_HEADER_DESTINATION);
-
-        if (destination == null) {
-            response.sendError(HttpURLConnection.HTTP_BAD_REQUEST, "Destination header not found");
-            return;
-        }
-
-        try {
-            URL destinationUrl = new URL(destination);
-            IOHelper.copyFile(file, new File(destinationUrl.getFile()));
-            IOHelper.deleteFile(file);
-        } catch (IOException e) {
-            response.sendError(HttpURLConnection.HTTP_INTERNAL_ERROR); // file
-                                                                        // could
-                                                                        // not
-                                                                        // be
-                                                                        // moved
-            return;
-        }
-
-        response.setStatus(HttpURLConnection.HTTP_NO_CONTENT); // we return no
-                                                                // content
-    }
-
-    protected boolean checkGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("RESTful file access: GET request for " + request.getRequestURI());
-        }
-
-        if (readPermissionRole != null && !request.isUserInRole(readPermissionRole)) {
-            response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
-            return false;
-        } else {
-            return true;
-        }
-    }
-
-    protected void doPut(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("RESTful file access: PUT request for " + request.getRequestURI());
-        }
-
-        if (writePermissionRole != null && !request.isUserInRole(writePermissionRole)) {
-            response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
-            return;
-        }
-
-        File file = locateFile(request);
-
-        if (file.exists()) {
-            boolean success = file.delete(); // replace file if it exists
-            if (!success) {
-                response.sendError(HttpURLConnection.HTTP_INTERNAL_ERROR); // file
-                                                                            // existed
-                                                                            // and
-                                                                            // could
-                                                                            // not
-                                                                            // be
-                                                                            // deleted
-                return;
-            }
-        }
-
-        FileOutputStream out = new FileOutputStream(file);
-        try {
-            IOHelper.copyInputStream(request.getInputStream(), out);
-        } catch (IOException e) {
-            LOG.warn("Exception occured" , e);
-            throw e;
-        } finally {
-            out.close();
-        }
-
-        response.setStatus(HttpURLConnection.HTTP_NO_CONTENT); // we return no
-                                                                // content
-    }
-
-    protected void doDelete(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("RESTful file access: DELETE request for " + request.getRequestURI());
-        }
-
-        if (writePermissionRole != null && !request.isUserInRole(writePermissionRole)) {
-            response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
-            return;
-        }
-
-        File file = locateFile(request);
-
-        if (!file.exists()) {
-            response.sendError(HttpURLConnection.HTTP_NOT_FOUND); // file not
-                                                                    // found
-            return;
-        }
-
-        boolean success = IOHelper.deleteFile(file); // actual delete operation
-
-        if (success) {
-            response.setStatus(HttpURLConnection.HTTP_NO_CONTENT); // we return
-                                                                    // no
-                                                                    // content
-        } else {
-            response.sendError(HttpURLConnection.HTTP_INTERNAL_ERROR); // could
-                                                                        // not
-                                                                        // be
-                                                                        // deleted
-                                                                        // due
-                                                                        // to
-                                                                        // internal
-                                                                        // error
-        }
-    }
-
-    public void destroy() {
-        // nothing to destroy
-    }
-}

@@ -1,30 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-  
-  http://www.apache.org/licenses/LICENSE-2.0
-  
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<html>
-<head>
-<title>ActiveMQ File server</title>
-</head>
-<body>
-
-<h1>RESTful file access</h1>
-
-<p>
-	This webapp provides RESTful file access for <a href="http://activemq.apache.org/blob-messages.html">blob messages</a>. It's disabled by default, please take a look at web server configuration on how to enable it.
-</p>
-
-</body>
-</html>

@@ -1,203 +0,0 @@
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-

@@ -1,5 +0,0 @@
-Apache ActiveMQ
-Copyright 2005-2006 The Apache Software Foundation
-
-This product includes software developed by
-The Apache Software Foundation (http://www.apache.org/).

@@ -1,55 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-  
-  http://www.apache.org/licenses/LICENSE-2.0
-  
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
-      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-      version="3.0"> 
-
-  <display-name>RESTful file access application</display-name>
-
-  <filter>
-   <filter-name>RestFilter</filter-name>
-   <filter-class>org.apache.activemq.util.RestFilter</filter-class>
-  </filter>
-
-  <filter>
-   <filter-name>FilenameGuardFilter</filter-name>
-   <filter-class>org.apache.activemq.util.FilenameGuardFilter</filter-class>
-  </filter>
-
-  <filter-mapping>
-   <filter-name>FilenameGuardFilter</filter-name>
-   <url-pattern>/*</url-pattern>
-  </filter-mapping>  
-
-  <filter-mapping>
-   <filter-name>RestFilter</filter-name>
-   <url-pattern>/*</url-pattern>
-  </filter-mapping>  
-   
-  <servlet>
-    <servlet-name>DefaultServlet</servlet-name>
-    <servlet-class>org.eclipse.jetty.servlet.DefaultServlet</servlet-class>
-  </servlet>
-
-  <servlet-mapping>
-   <servlet-name>DefaultServlet</servlet-name>
-   <url-pattern>/*</url-pattern>
-  </servlet-mapping>
-  
-</web-app>

@@ -1,72 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.activemq.util;
-
-import java.io.BufferedWriter;
-import java.io.File;
-import java.io.FileWriter;
-import java.io.InputStream;
-
-import javax.jms.Message;
-import javax.jms.MessageConsumer;
-import javax.jms.MessageProducer;
-import javax.jms.Session;
-
-import org.apache.activemq.ActiveMQSession;
-import org.apache.activemq.BlobMessage;
-import org.apache.activemq.command.ActiveMQBlobMessage;
-
-public class HttpBlobTest extends HttpTestSupport {
-
-    public void testBlobFile() throws Exception {
-        // first create Message
-        File file = File.createTempFile("amq-data-file-", ".dat");
-        // lets write some data
-        String content = "hello world " + System.currentTimeMillis();
-        BufferedWriter writer = new BufferedWriter(new FileWriter(file));
-        writer.append(content);
-        writer.close();
-
-        ActiveMQSession session = (ActiveMQSession) connection.createSession(
-                false, Session.AUTO_ACKNOWLEDGE);
-        MessageProducer producer = session.createProducer(destination);
-        MessageConsumer consumer = session.createConsumer(destination);
-        BlobMessage message = session.createBlobMessage(file);
-
-        producer.send(message);
-        Thread.sleep(1000);
-
-        // check message send
-        Message msg = consumer.receive(1000);
-        assertTrue(msg instanceof ActiveMQBlobMessage);
-
-        InputStream input = ((ActiveMQBlobMessage) msg).getInputStream();
-        StringBuilder b = new StringBuilder();
-        int i = input.read();
-        while (i != -1) {
-            b.append((char) i);
-            i = input.read();
-        }
-        input.close();
-        File uploaded = new File(homeDir, msg.getJMSMessageID().toString().replace(":", "_"));
-        assertEquals(content, b.toString());
-        assertTrue(uploaded.exists());
-        ((ActiveMQBlobMessage)msg).deleteFile();
-        assertFalse(uploaded.exists());
-    }
-
-}

@@ -1,127 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.activemq.util;
-
-import java.io.File;
-import java.net.Socket;
-import java.net.URL;
-
-import javax.jms.Connection;
-import javax.jms.Destination;
-import javax.jms.MessageProducer;
-import javax.jms.Session;
-import javax.net.SocketFactory;
-
-import junit.framework.TestCase;
-
-import org.apache.activemq.ActiveMQConnectionFactory;
-import org.apache.activemq.broker.BrokerService;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.webapp.WebAppContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public abstract class HttpTestSupport extends TestCase {
-    private static final Logger LOG = LoggerFactory.getLogger(HttpTestSupport.class);
-
-    BrokerService broker;
-    Server server;
-    ActiveMQConnectionFactory factory;
-    Connection connection;
-    Session session;
-    MessageProducer producer;
-    Destination destination;
-
-    protected boolean createBroker = true;
-
-    final File homeDir = new File("src/main/webapp/uploads/");
-    int port;
-
-    private int getPort(Object o) throws Exception {
-        return (Integer)o.getClass().getMethod("getLocalPort").invoke(o);
-    }
-    @Override
-    protected void setUp() throws Exception {
-
-        server = new Server(0);
-        WebAppContext context = new WebAppContext();
-
-        context.setResourceBase("src/main/webapp");
-        context.setContextPath("/");
-        context.setServer(server);
-        server.setHandler(context);
-        server.start();
-
-        port = getPort(server.getConnectors()[0]);
-
-        waitForJettySocketToAccept("http://localhost:" + port);
-
-        if (createBroker) {
-            broker = new BrokerService();
-            broker.setPersistent(false);
-            broker.setUseJmx(true);
-            broker.addConnector("vm://localhost");
-            broker.start();
-            broker.waitUntilStarted();
-
-            factory = new ActiveMQConnectionFactory("vm://localhost");
-            factory.getBlobTransferPolicy().setDefaultUploadUrl("http://localhost:" + port + "/uploads/");
-            connection = factory.createConnection();
-            connection.start();
-            session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);
-            destination = session.createQueue("test");
-            producer = session.createProducer(destination);
-
-            IOHelper.deleteFile(homeDir);
-            homeDir.mkdir();
-        }
-    }
-
-
-
-    @Override
-    protected void tearDown() throws Exception {
-        server.stop();
-        if (createBroker) {
-            session.close();
-            connection.close();
-            broker.stop();
-            broker.waitUntilStopped();
-            IOHelper.deleteFile(homeDir);
-        }
-    }
-
-    public void waitForJettySocketToAccept(String bindLocation) throws Exception {
-        final URL url = new URL(bindLocation);
-        assertTrue("Jetty endpoint is available", Wait.waitFor(new Wait.Condition() {
-
-            @Override
-            public boolean isSatisified() throws Exception {
-                boolean canConnect = false;
-                try {
-                    Socket socket = SocketFactory.getDefault().createSocket(url.getHost(), url.getPort());
-                    socket.close();
-                    canConnect = true;
-                } catch (Exception e) {
-                    LOG.warn("verify jetty available, failed to connect to " + url + e);
-                }
-                return canConnect;
-            }}, 60 * 1000));
-    }
-
-}
-

@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.activemq.util;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.HttpURLConnection;
-import java.net.URL;
-
-import org.eclipse.jetty.util.IO;
-
-public class RestFilterTest extends HttpTestSupport {
-
-    protected boolean createBroker = false;
-
-    public void testFilter() throws Exception {
-        byte[] fileContents = new byte[] {
-            'a', 'b', 'c'
-        };
-        URL url = new URL("http://localhost:" + port + "/uploads/file.txt");
-
-        // 1. upload
-        HttpURLConnection connection = (HttpURLConnection)url.openConnection();
-        connection.setRequestMethod("PUT");
-        connection.setDoOutput(true);
-        connection.setChunkedStreamingMode(fileContents.length);
-        OutputStream os = connection.getOutputStream();
-        IO.copy(new ByteArrayInputStream(fileContents), os);
-        os.close();
-        assertTrue(isSuccessfulCode(connection.getResponseCode()));
-        connection.disconnect();
-
-        // 2. download
-        connection = (HttpURLConnection)url.openConnection();
-        InputStream is = connection.getInputStream();
-        ByteArrayOutputStream baos = new ByteArrayOutputStream();
-        IO.copy(is, baos);
-        is.close();
-        assertTrue(isSuccessfulCode(connection.getResponseCode()));
-        connection.disconnect();
-        assertEquals(fileContents.length, baos.size());
-
-        // 3. remove
-        connection = (HttpURLConnection)url.openConnection();
-        connection.setRequestMethod("DELETE");
-        is = connection.getInputStream();
-        is.close();
-        assertTrue(isSuccessfulCode(connection.getResponseCode()));
-    }
-
-    private boolean isSuccessfulCode(int responseCode) {
-        return responseCode >= 200 && responseCode < 300; // 2xx => successful
-    }
-}

@@ -140,11 +140,6 @@
       <groupId>${project.groupId}</groupId>
       <artifactId>activemq-console</artifactId>
     </dependency>
-    <dependency>
-      <groupId>${project.groupId}</groupId>
-      <artifactId>activemq-fileserver</artifactId>
-      <type>war</type>
-    </dependency>
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>activemq-jms-pool</artifactId>

@@ -102,23 +102,6 @@
       <fileMode>0644</fileMode>
       <directoryMode>0755</directoryMode>
     </fileSet>
-
-    <!-- the file server -->
-    <fileSet>
-      <directory>../activemq-fileserver/src/main/webapp</directory>
-      <outputDirectory>/webapps/fileserver</outputDirectory>
-      <fileMode>0644</fileMode>
-      <directoryMode>0755</directoryMode>
-    </fileSet>
-    <fileSet>
-      <directory>../activemq-fileserver/target/classes</directory>
-      <outputDirectory>/webapps/fileserver/WEB-INF/classes</outputDirectory>
-      <includes>
-        <include>**/*.class</include>
-      </includes>
-      <fileMode>0644</fileMode>
-      <directoryMode>0755</directoryMode>
-    </fileSet>
   </fileSets>
 
   <dependencySets>

@@ -67,11 +67,6 @@
 					<property name="resourceBase" value="${activemq.home}/webapps/admin" />
 					<property name="logUrlOnStart" value="true" />
 				</bean>
-				<!-- Enable embedded file server for Blob messages -->
-				<!-- <bean class="org.eclipse.jetty.webapp.WebAppContext"> <property name="contextPath" 
-					value="/fileserver" /> <property name="resourceBase" value="${activemq.home}/webapps/fileserver" 
-					/> <property name="logUrlOnStart" value="true" /> <property name="parentLoaderPriority" 
-					value="true" /> </bean> -->
 				<bean class="org.eclipse.jetty.webapp.WebAppContext">
 					<property name="contextPath" value="/api" />
 					<property name="resourceBase" value="${activemq.home}/webapps/api" />

@@ -67,12 +67,6 @@
 					<property name="resourceBase" value="${activemq.home}/webapps/admin" />
 					<property name="logUrlOnStart" value="true" />
 				</bean>
-				<bean class="org.eclipse.jetty.webapp.WebAppContext">
-					<property name="contextPath" value="/fileserver" />
-					<property name="resourceBase" value="${activemq.home}/webapps/fileserver" />
-					<property name="logUrlOnStart" value="true" />
-					<property name="parentLoaderPriority" value="true" />
-				</bean>
 				<bean class="org.eclipse.jetty.webapp.WebAppContext">
 					<property name="contextPath" value="/demo" />
 					<property name="resourceBase" value="${activemq.home}/webapps-demo/demo" />

@@ -240,7 +240,6 @@
     <module>activemq-all</module>
     <module>activemq-camel</module>
     <module>activemq-console</module>
-    <module>activemq-fileserver</module>
     <module>activemq-jaas</module>
     <module>activemq-karaf</module>
     <module>activemq-jms-pool</module>
@@ -432,12 +431,6 @@
         <artifactId>activemq-console</artifactId>
         <version>${project.version}</version>
       </dependency>
-      <dependency>
-        <groupId>org.apache.activemq</groupId>
-        <artifactId>activemq-fileserver</artifactId>
-        <version>${project.version}</version>
-        <type>war</type>
-      </dependency>
       <dependency>
         <groupId>org.apache.activemq</groupId>
         <artifactId>activemq-ra</artifactId>