Author: kkolinko
Date: Tue Jan 19 12:14:39 2010
New Revision: 900750
URL: http://svn.apache.org/viewvc?rev=900750&view=rev
Log:
https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
Make WebappClassLoader to do not swallow AccessControlException
Modified:
tomcat/tc5.5.x/trunk/STATUS.txt
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
Modified: tomcat/tc5.5.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/STATUS.txt?rev=900750&r1=900749&r2=900750&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/STATUS.txt (original)
+++ tomcat/tc5.5.x/trunk/STATUS.txt Tue Jan 19 12:14:39 2010
@@ -74,10 +74,6 @@
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
There are two patches to be applied:
- 1) Make WebappClassLoader to do not swallow AccessControlException
- http://svn.apache.org/viewvc?rev=831828&view=rev
- +1: kkolinko, markt, rjung
- -1:
2) Add a new PrivilegedAction. Patch by markt
http://svn.apache.org/viewvc?rev=834080&view=rev
Modified:
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
URL:
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java?rev=900750&r1=900749&r2=900750&view=diff
==============================================================================
---
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
(original)
+++
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
Tue Jan 19 12:14:39 2010
@@ -71,7 +71,7 @@
* Specialized web application class loader.
* <p>
* This class loader is a full reimplementation of the
- * <code>URLClassLoader</code> from the JDK. It is desinged to be fully
+ * <code>URLClassLoader</code> from the JDK. It is designed to be fully
* compatible with a normal <code>URLClassLoader</code>, although its internal
* behavior may be completely different.
* <p>
@@ -892,6 +892,8 @@
throw cnfe;
}
} catch(AccessControlException ace) {
+ log.warn("WebappClassLoader.findClassInternal(" + name
+ + ") security exception: " + ace.getMessage(), ace);
throw new ClassNotFoundException(name, ace);
} catch (RuntimeException e) {
if (log.isTraceEnabled())
@@ -904,6 +906,8 @@
clazz = super.findClass(name);
}
} catch(AccessControlException ace) {
+ log.warn("WebappClassLoader.findClassInternal(" + name
+ + ") security exception: " + ace.getMessage(),
ace);
throw new ClassNotFoundException(name, ace);
} catch (RuntimeException e) {
if (log.isTraceEnabled())
Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=900750&r1=900749&r2=900750&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Tue Jan 19
12:14:39 2010
@@ -90,6 +90,10 @@
<bug>47826</bug>: Correct error in debug message in
org.apache.catalina.Bootstrap (markt)
</fix>
+ <update>
+ <bug>48097</bug>: Make WebappClassLoader to do not swallow
+ AccessControlException. (kkolinko)
+ </update>
<fix>
Add an additional permission required by JULI when running under newer
JDKs and a security manager. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
