https://bz.apache.org/bugzilla/show_bug.cgi?id=48928
Konstantin Kolinko <knst.koli...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
Status|NEW |RESOLVED
--- Comment #3 from Konstantin Kolinko <knst.koli...@gmail.com> ---
Closing as WONTFIX. I think there is no much interest in this feature.
In theory, heavy relying on this SecurityManager implementation will conflict
with use of 3rd party security managers (e.g. RMISecurityManager as an example,
though actually the RMISecurityManager is @deprecated since Java 8).
Also this solution does not look stable. It is more like a proof-of-concept.
Current solution that is available to users to workaround the situation when
Tomcat cannot load a system class due to SecurityManager is:
- Add the class name to "classesToInitialize" of
org.apache.catalina.core.JreMemoryLeakPreventionListener
configured in server.xml.
(I remind that the long-term solution is to patch Tomcat (by filing an item
into Bugzilla) so that the class is preloaded by one of these classes:
- org.apache.catalina.security.SecurityClassLoad
- org.apache.jasper.security.SecurityClassLoad
)
The "classesToInitialize" attribute was added to
JreMemoryLeakPreventionListener by the fix to bug 51862 and is available in all
current versions, since 6.0.34 (released 2011-12-05).
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
