svn commit: r1693324 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/security/SecurityUtil.java webapps/docs/changelog.xml

Wed, 29 Jul 2015 10:53:42 -0700 

Author: markt
Date: Wed Jul 29 17:52:36 2015
New Revision: 1693324

URL: http://svn.apache.org/r1693324
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58116
Fix regression in the fix for bug 57281  that broke Comet support when running 
under a security manager.
Based on a patch provided by Johno Crawford.

Modified:
    tomcat/tc8.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java
    tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java?rev=1693324&r1=1693323&r2=1693324&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java 
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/security/SecurityUtil.java 
Wed Jul 29 17:52:36 2015
@@ -35,6 +35,8 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpSession;
 
 import org.apache.catalina.Globals;
+import org.apache.catalina.comet.CometFilter;
+import org.apache.catalina.comet.CometProcessor;
 import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.res.StringManager;
 /**
@@ -146,18 +148,23 @@ public final class SecurityUtil{
                                      Principal principal)
         throws java.lang.Exception{
 
+        // CometProcessor instances must not be cached as Servlet or
+        // NoSuchMethodException will be thrown.
+        Class<? extends Servlet> targetType =
+                targetObject instanceof CometProcessor ? CometProcessor.class 
: Servlet.class;
+
         Method method = null;
         Method[] methodsCache = classCache.get(Servlet.class);
         if(methodsCache == null) {
             method = createMethodAndCacheIt(methodsCache,
-                                            Servlet.class,
+                                            targetType,
                                             methodName,
                                             targetParameterTypes);
         } else {
             method = findMethod(methodsCache, methodName);
             if (method == null) {
                 method = createMethodAndCacheIt(methodsCache,
-                                                Servlet.class,
+                                                targetType,
                                                 methodName,
                                                 targetParameterTypes);
             }
@@ -226,18 +233,23 @@ public final class SecurityUtil{
                                      Principal principal)
         throws java.lang.Exception{
 
+        // CometFilter instances must not be cached as Filter or
+        // NoSuchMethodException will be thrown.
+        Class<? extends Filter> targetType =
+                targetObject instanceof CometFilter ? CometFilter.class : 
Filter.class;
+
         Method method = null;
         Method[] methodsCache = classCache.get(Filter.class);
         if(methodsCache == null) {
             method = createMethodAndCacheIt(methodsCache,
-                                            Filter.class,
+                                            targetType,
                                             methodName,
                                             targetParameterTypes);
         } else {
             method = findMethod(methodsCache, methodName);
             if (method == null) {
                 method = createMethodAndCacheIt(methodsCache,
-                                                Filter.class,
+                                                targetType,
                                                 methodName,
                                                 targetParameterTypes);
             }
@@ -251,7 +263,7 @@ public final class SecurityUtil{
      * Perform work as a particular <code>Subject</code>. Here the work
      * will be granted to a <code>null</code> subject.
      *
-     * @param methodName the method to apply the security restriction
+     * @param method the method to apply the security restriction
      * @param targetObject the <code>Servlet</code> on which the method will
      * be called.
      * @param targetArguments <code>Object</code> array contains the

Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1693324&r1=1693323&r2=1693324&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Wed Jul 29 17:52:36 2015
@@ -78,6 +78,11 @@
         Issues reported by Coverity Scan. (violetagg)
       </fix>
       <fix>
+        <bug>58116</bug>: Fix regression in the fix for <bug>57281</bug> that
+        broke Comet support when running under a security manager. Based on a
+        patch provided by Johno Crawford. (markt)
+      </fix>
+      <fix>
         <bug>58179</bug>: Fix a thread safety issues that could mean concurrent
         threads setting the same attribute on a <code>ServletContext</code>
         could both see <code>null</code> as the old value. (markt)



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to