https://issues.apache.org/bugzilla/show_bug.cgi?id=47214
Summary: Inner classes that are explicitly referenced - should
not be anonymous
Product: Tomcat 6
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Catalina
AssignedTo: dev@tomcat.apache.org
ReportedBy: knst.koli...@gmail.com
Classes
o.a.catalina.security.SecurityClassLoad
o.a.catalina.jasper.SecurityClassLoad
perform preloading of certain classes of Tomcat.
My concern is that some of those preloaded classes are anonymous ones, e.g.
loader.loadClass
(basePackage + "session.StandardSession");
loader.loadClass
(basePackage + "session.StandardSession$1");
Referencing anonymous classes by their numbers is too fragile. It can be broken
by any code modification that will cause their renumbering. Also, it is hard to
review patches to SecurityClassLoad when they contain such references. See e.g.
r721704 ( https://svn.apache.org/viewcvs.cgi?view=rev&rev=721704 )
I suggest that all such classes were explicitly named. See classes referenced
in o.a.catalina.security.SecurityClassLoad for an example (e.g.:
o.a.c.core.ApplicationDispatcher with inner classes PrivilegedForward,
PrivilegedInclude).
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
