changelog.xml

markt Wed, 11 Nov 2009 01:18:17 -0800

Author: markt
Date: Wed Nov 11 09:17:43 2009
New Revision: 834814

URL: http://svn.apache.org/viewvc?rev=834814&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
Avoid throwing an AccessControlException which can lead to a 
NoClassDefFoundError on first access of first jsp.


Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=834814&r1=834813&r2=834814&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Nov 11 09:17:43 2009
@@ -190,15 +190,6 @@
   +1: fhanik, kkolinko, rjung
   -1:
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
-  Alternative patch that adds a new PrivilegedAction. The test case provided
-  passes with this patch
-  http://people.apache.org/~markt/patches/2009-11-06-bug48097-alt.patch
-  +1: markt, funkman, billbarker, kkolinko
-  -1: 
-  kkolinko: Confirming that testcase passes. Applied to trunk as
-    http://svn.apache.org/viewvc?rev=834080&view=rev
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47893
   Use StringBuilder instead of StringBuffer
   -0: markt for all SBuilder->SBuffer patches. Code cleanup is fine in trunk 
but

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java?rev=834814&r1=834813&r2=834814&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java 
Wed Nov 11 09:17:43 2009
@@ -129,6 +129,23 @@
 
     }
 
+    protected class PrivilegedFindResourceByName
+        implements PrivilegedAction<ResourceEntry> {
+
+        protected String name;
+        protected String path;
+
+        PrivilegedFindResourceByName(String name, String path) {
+            this.name = name;
+            this.path = path;
+        }
+
+        public ResourceEntry run() {
+            return findResourceInternal(name, path);
+        }
+
+    }
+
     
     protected final class PrivilegedGetClassLoader
         implements PrivilegedAction<ClassLoader> {
@@ -968,7 +985,13 @@
 
         ResourceEntry entry = (ResourceEntry) resourceEntries.get(name);
         if (entry == null) {
-            entry = findResourceInternal(name, name);
+            if (securityManager != null) {
+                PrivilegedAction<ResourceEntry> dp =
+                    new PrivilegedFindResourceByName(name, name);
+                entry = AccessController.doPrivileged(dp);
+            } else {
+                entry = findResourceInternal(name, name);
+            }
         }
         if (entry != null) {
             url = entry.source;
@@ -1860,7 +1883,13 @@
 
         ResourceEntry entry = null;
 
-        entry = findResourceInternal(name, classPath);
+        if (securityManager != null) {
+            PrivilegedAction<ResourceEntry> dp =
+                new PrivilegedFindResourceByName(name, classPath);
+            entry = AccessController.doPrivileged(dp);
+        } else {
+            entry = findResourceInternal(name, classPath);
+        }
 
         if (entry == null)
             throw new ClassNotFoundException(name);

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=834814&r1=834813&r2=834814&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Wed Nov 11 09:17:43 2009
@@ -172,6 +172,11 @@
         <bug>48097</bug>: Make WebappClassLoader to do not swallow
         AccessControlException. (kkolinko)
       </update>
+      <fix>
+        <bug>48097</bug>: Avoid throwing an AccessControlException which can
+        lead to a NoClassDefFoundError on first access of first jsp.
+        (kkolinko/markt)
+      </fix>
       <update>
         Deprecate the <code>caseSensitive</code> option on the
         <code>StandardContext</code> which will be removed in Tomcat 7 onwards.



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r834814 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/loader/WebappClassLoader.java webapps/docs/changelog.xml

Reply via email to