This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit b7a736fb12f5e4774c63fa20f6fc437315e1b0d0 Author: Mark Thomas <ma...@apache.org> AuthorDate: Thu May 20 13:21:25 2021 +0100 Align with 10.0.x/9.0.x - avoid explicitly referenced anonymous classes --- .../catalina/security/SecurityClassLoad.java | 2 +- .../apache/catalina/session/StandardSession.java | 29 ++++++++++++++-------- 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java b/java/org/apache/catalina/security/SecurityClassLoad.java index 2cc50bb..57abb5d 100644 --- a/java/org/apache/catalina/security/SecurityClassLoad.java +++ b/java/org/apache/catalina/security/SecurityClassLoad.java @@ -97,7 +97,7 @@ public final class SecurityClassLoad { private static final void loadSessionPackage(ClassLoader loader) throws Exception { final String basePackage = "org.apache.catalina.session."; loader.loadClass(basePackage + "StandardSession"); - loadAnonymousInnerClasses(loader, basePackage + "StandardSession"); + loader.loadClass(basePackage + "StandardSession$PrivilegedNewSessionFacade"); loader.loadClass(basePackage + "StandardManager$PrivilegedDoUnload"); } diff --git a/java/org/apache/catalina/session/StandardSession.java b/java/org/apache/catalina/session/StandardSession.java index effbc88..7ba0fcb 100644 --- a/java/org/apache/catalina/session/StandardSession.java +++ b/java/org/apache/catalina/session/StandardSession.java @@ -621,16 +621,9 @@ public class StandardSession implements HttpSession, Session, Serializable { */ @Override public HttpSession getSession() { - if (facade == null){ - if (SecurityUtil.isPackageProtectionEnabled()){ - final StandardSession fsession = this; - facade = AccessController.doPrivileged( - new PrivilegedAction<StandardSessionFacade>(){ - @Override - public StandardSessionFacade run(){ - return new StandardSessionFacade(fsession); - } - }); + if (facade == null) { + if (SecurityUtil.isPackageProtectionEnabled()) { + facade = AccessController.doPrivileged(new PrivilegedNewSessionFacade(this)); } else { facade = new StandardSessionFacade(this); } @@ -1861,6 +1854,22 @@ public class StandardSession implements HttpSession, Session, Serializable { } } } + + + private static class PrivilegedNewSessionFacade implements + PrivilegedAction<StandardSessionFacade> { + + private final HttpSession session; + + public PrivilegedNewSessionFacade(HttpSession session) { + this.session = session; + } + + @Override + public StandardSessionFacade run(){ + return new StandardSessionFacade(session); + } + } } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org