Author: markt
Date: Fri Jan 25 11:07:05 2019
New Revision: 1852106
URL: http://svn.apache.org/viewvc?rev=1852106&view=rev
Log:
When running under a SecurityManager, ensure that the ServiceLoader look-up for
the default javax.websocket.server.ServerEndpointConfig.Configurator
implementation completes correctly rather than silently using the hard-coded
fall-back.
Modified:
tomcat/trunk/java/javax/websocket/server/ServerEndpointConfig.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/javax/websocket/server/ServerEndpointConfig.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/javax/websocket/server/ServerEndpointConfig.java?rev=1852106&r1=1852105&r2=1852106&view=diff
==============================================================================
--- tomcat/trunk/java/javax/websocket/server/ServerEndpointConfig.java
(original)
+++ tomcat/trunk/java/javax/websocket/server/ServerEndpointConfig.java Fri Jan
25 11:07:05 2019
@@ -16,6 +16,8 @@
*/
package javax.websocket.server;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
@@ -149,7 +151,12 @@ public interface ServerEndpointConfig ex
if (defaultImpl == null) {
synchronized (defaultImplLock) {
if (defaultImpl == null) {
- defaultImpl = loadDefault();
+ if (System.getSecurityManager() == null) {
+ defaultImpl = loadDefault();
+ } else {
+ defaultImpl =
+ AccessController.doPrivileged(new
PrivilegedLoadDefault());
+ }
}
}
}
@@ -184,6 +191,16 @@ public interface ServerEndpointConfig ex
return result;
}
+
+ private static class PrivilegedLoadDefault implements
PrivilegedAction<Configurator> {
+
+ @Override
+ public Configurator run() {
+ return Configurator.loadDefault();
+ }
+ }
+
+
public String getNegotiatedSubprotocol(List<String> supported,
List<String> requested) {
return
fetchContainerDefaultConfigurator().getNegotiatedSubprotocol(supported,
requested);
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1852106&r1=1852105&r2=1852106&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 25 11:07:05 2019
@@ -175,6 +175,13 @@
<bug>63019</bug>: Use payload remaining bytes rather than limit when
writing. Submitted by Benoit Courtilly. (remm)
</fix>
+ <fix>
+ When running under a <code>SecurityManager</code>, ensure that the
+ <code>ServiceLoader</code> look-up for the default
+ <code>javax.websocket.server.ServerEndpointConfig.Configurator</code>
+ implementation completes correctly rather than silently using the
+ hard-coded fall-back. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Web applications">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
