This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit b7a736fb12f5e4774c63fa20f6fc437315e1b0d0
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu May 20 13:21:25 2021 +0100
Align with 10.0.x/9.0.x - avoid explicitly referenced anonymous classes
---
.../catalina/security/SecurityClassLoad.java | 2 +-
.../apache/catalina/session/StandardSession.java | 29 ++++++++++++++--------
2 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java
b/java/org/apache/catalina/security/SecurityClassLoad.java
index 2cc50bb..57abb5d 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -97,7 +97,7 @@ public final class SecurityClassLoad {
private static final void loadSessionPackage(ClassLoader loader) throws
Exception {
final String basePackage = "org.apache.catalina.session.";
loader.loadClass(basePackage + "StandardSession");
- loadAnonymousInnerClasses(loader, basePackage + "StandardSession");
+ loader.loadClass(basePackage +
"StandardSession$PrivilegedNewSessionFacade");
loader.loadClass(basePackage + "StandardManager$PrivilegedDoUnload");
}
diff --git a/java/org/apache/catalina/session/StandardSession.java
b/java/org/apache/catalina/session/StandardSession.java
index effbc88..7ba0fcb 100644
--- a/java/org/apache/catalina/session/StandardSession.java
+++ b/java/org/apache/catalina/session/StandardSession.java
@@ -621,16 +621,9 @@ public class StandardSession implements HttpSession,
Session, Serializable {
*/
@Override
public HttpSession getSession() {
- if (facade == null){
- if (SecurityUtil.isPackageProtectionEnabled()){
- final StandardSession fsession = this;
- facade = AccessController.doPrivileged(
- new PrivilegedAction<StandardSessionFacade>(){
- @Override
- public StandardSessionFacade run(){
- return new StandardSessionFacade(fsession);
- }
- });
+ if (facade == null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
+ facade = AccessController.doPrivileged(new
PrivilegedNewSessionFacade(this));
} else {
facade = new StandardSessionFacade(this);
}
@@ -1861,6 +1854,22 @@ public class StandardSession implements HttpSession,
Session, Serializable {
}
}
}
+
+
+ private static class PrivilegedNewSessionFacade implements
+ PrivilegedAction<StandardSessionFacade> {
+
+ private final HttpSession session;
+
+ public PrivilegedNewSessionFacade(HttpSession session) {
+ this.session = session;
+ }
+
+ @Override
+ public StandardSessionFacade run(){
+ return new StandardSessionFacade(session);
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
