Author: kkolinko
Date: Thu Dec 17 14:53:21 2015
New Revision: 1720568
URL: http://svn.apache.org/viewvc?rev=1720568&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57906
Suppress log messages when running with a security manager on Java 6,
caused by java.beans.Introspector.findExplicitBeanInfo() calls during
evaluation of EL expressions.
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1720568&r1=1720567&r2=1720568&view=diff
==============================================================================
---
tomcat/tc7.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
Thu Dec 17 14:53:21 2015
@@ -1792,7 +1792,13 @@ public abstract class WebappClassLoaderB
} catch (SecurityException se) {
String error = "Security Violation, attempt to use " +
"Restricted Class: " + name;
- log.info(error, se);
+ if (name.endsWith("BeanInfo")) {
+ // BZ 57906: suppress logging for calls from
+ // java.beans.Introspector.findExplicitBeanInfo()
+ log.debug(error, se);
+ } else {
+ log.info(error, se);
+ }
throw new ClassNotFoundException(error, se);
}
}
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1720568&r1=1720567&r2=1720568&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Thu Dec 17 14:53:21 2015
@@ -66,6 +66,12 @@
session IDs may be rejected if validation is enabled. (markt)
</fix>
<fix>
+ <bug>57906</bug>: Suppress WebappClassLoader log messages when running
+ with a security manager on Java 6, caused by
+ <code>java.beans.Introspector.findExplicitBeanInfo()</code> calls
+ during evaluation of EL expressions. (kkolinko)
+ </fix>
+ <fix>
<bug>58701</bug>: Reset the <code>instanceInitialized</code> field in
<code>StandardWrapper</code> when unloading a Servlet so that a new
instance may be correctly initialized. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
