This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new d9c1d8e253 Additional SecurityManagter related changes for o.a.el in
the unit tests
d9c1d8e253 is described below
commit d9c1d8e253e995cc78136c3d69fc0fe8dfd1b399
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 12 17:52:25 2023 +0000
Additional SecurityManagter related changes for o.a.el in the unit tests
---
java/org/apache/jasper/Constants.java | 6 --
java/org/apache/jasper/EmbeddedServletOptions.java | 4 -
java/org/apache/jasper/JspCompilationContext.java | 3 +-
.../apache/jasper/compiler/ELFunctionMapper.java | 12 +--
.../apache/jasper/compiler/JspDocumentParser.java | 27 +----
.../apache/jasper/compiler/JspRuntimeContext.java | 115 --------------------
.../apache/jasper/compiler/TagPluginManager.java | 27 +----
java/org/apache/jasper/compiler/Validator.java | 5 +-
java/org/apache/jasper/el/ELContextImpl.java | 45 +++-----
.../jasper/resources/LocalStrings.properties | 1 -
.../jasper/resources/LocalStrings_cs.properties | 1 -
.../jasper/resources/LocalStrings_de.properties | 1 -
.../jasper/resources/LocalStrings_es.properties | 1 -
.../jasper/resources/LocalStrings_fr.properties | 1 -
.../jasper/resources/LocalStrings_ja.properties | 1 -
.../jasper/resources/LocalStrings_ko.properties | 1 -
.../jasper/resources/LocalStrings_pt_BR.properties | 1 -
.../jasper/resources/LocalStrings_zh_CN.properties | 1 -
.../jasper/runtime/JspApplicationContextImpl.java | 10 +-
java/org/apache/jasper/runtime/JspFactoryImpl.java | 117 +++------------------
.../apache/jasper/security/SecurityClassLoad.java | 64 -----------
java/org/apache/jasper/security/SecurityUtil.java | 41 --------
.../apache/jasper/servlet/JasperInitializer.java | 2 -
java/org/apache/jasper/servlet/JasperLoader.java | 43 +-------
java/org/apache/jasper/servlet/JspServlet.java | 25 +----
test/jakarta/el/TestBeanELResolver.java | 2 +-
test/jakarta/el/TestMethodReference.java | 4 +-
test/jakarta/el/TestResourceBundleELResolver.java | 2 +-
test/org/apache/el/TestELEvaluation.java | 2 +-
test/org/apache/el/TestExpressionFactory.java | 2 +-
test/org/apache/el/TestMethodExpressionImpl.java | 2 +-
test/org/apache/el/TestValueExpressionImpl.java | 18 ++--
test/org/apache/el/parser/TestELParser.java | 10 +-
test/org/apache/el/util/TestReflectionUtil.java | 2 +-
.../jasper/compiler/TestAttributeParser.java | 2 +-
35 files changed, 66 insertions(+), 535 deletions(-)
diff --git a/java/org/apache/jasper/Constants.java
b/java/org/apache/jasper/Constants.java
index 7a5f736e8c..efed51e648 100644
--- a/java/org/apache/jasper/Constants.java
+++ b/java/org/apache/jasper/Constants.java
@@ -59,12 +59,6 @@ public class Constants {
*/
public static final int MAX_POOL_SIZE = 5;
- /**
- * Has security been turned on?
- */
- public static final boolean IS_SECURITY_ENABLED =
- (System.getSecurityManager() != null);
-
/**
* Name of the system property containing
* the tomcat product installation path
diff --git a/java/org/apache/jasper/EmbeddedServletOptions.java
b/java/org/apache/jasper/EmbeddedServletOptions.java
index a0a88dea46..33156864f2 100644
--- a/java/org/apache/jasper/EmbeddedServletOptions.java
+++ b/java/org/apache/jasper/EmbeddedServletOptions.java
@@ -727,10 +727,6 @@ public final class EmbeddedServletOptions implements
Options {
* scratchdir
*/
String dir = config.getInitParameter("scratchdir");
- if (dir != null && Constants.IS_SECURITY_ENABLED) {
- log.info(Localizer.getMessage("jsp.info.ignoreSetting",
"scratchdir", dir));
- dir = null;
- }
if (dir != null) {
scratchDir = new File(dir);
} else {
diff --git a/java/org/apache/jasper/JspCompilationContext.java
b/java/org/apache/jasper/JspCompilationContext.java
index 9876c56f93..6cedf2814d 100644
--- a/java/org/apache/jasper/JspCompilationContext.java
+++ b/java/org/apache/jasper/JspCompilationContext.java
@@ -178,8 +178,7 @@ public class JspCompilationContext {
public ClassLoader getJspLoader() {
if( jspLoader == null ) {
- jspLoader = new JasperLoader(new URL[] {baseUrl}, getClassLoader(),
- basePackageName, rctxt.getPermissionCollection());
+ jspLoader = new JasperLoader(new URL[] {baseUrl},
getClassLoader(), basePackageName);
}
return jspLoader;
}
diff --git a/java/org/apache/jasper/compiler/ELFunctionMapper.java
b/java/org/apache/jasper/compiler/ELFunctionMapper.java
index a4ad003cee..37d25677cc 100644
--- a/java/org/apache/jasper/compiler/ELFunctionMapper.java
+++ b/java/org/apache/jasper/compiler/ELFunctionMapper.java
@@ -16,8 +16,6 @@
*/
package org.apache.jasper.compiler;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -27,9 +25,7 @@ import java.util.Set;
import jakarta.servlet.jsp.tagext.FunctionInfo;
-import org.apache.jasper.Constants;
import org.apache.jasper.JasperException;
-import org.apache.tomcat.util.security.PrivilegedGetTccl;
/**
* This class generates functions mappers for the EL expressions in the page.
@@ -303,13 +299,7 @@ public class ELFunctionMapper {
private String getCanonicalName(String className) throws
JasperException {
Class<?> clazz;
- ClassLoader tccl;
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl();
- tccl = AccessController.doPrivileged(pa);
- } else {
- tccl = Thread.currentThread().getContextClassLoader();
- }
+ ClassLoader tccl = Thread.currentThread().getContextClassLoader();
try {
clazz = Class.forName(className, false, tccl);
diff --git a/java/org/apache/jasper/compiler/JspDocumentParser.java
b/java/org/apache/jasper/compiler/JspDocumentParser.java
index f3ffe9bbbd..9a155e7e7e 100644
--- a/java/org/apache/jasper/compiler/JspDocumentParser.java
+++ b/java/org/apache/jasper/compiler/JspDocumentParser.java
@@ -19,7 +19,6 @@ package org.apache.jasper.compiler;
import java.io.CharArrayWriter;
import java.io.FileNotFoundException;
import java.io.IOException;
-import java.security.AccessController;
import java.util.Collection;
import javax.xml.parsers.SAXParser;
@@ -36,8 +35,6 @@ import org.apache.tomcat.Jar;
import org.apache.tomcat.util.descriptor.DigesterFactory;
import org.apache.tomcat.util.descriptor.LocalResolver;
import org.apache.tomcat.util.descriptor.tld.TldResourcePath;
-import org.apache.tomcat.util.security.PrivilegedGetTccl;
-import org.apache.tomcat.util.security.PrivilegedSetTccl;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.Locator;
@@ -1431,22 +1428,9 @@ class JspDocumentParser
JspDocumentParser jspDocParser)
throws Exception {
- ClassLoader original;
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedGetTccl pa = new PrivilegedGetTccl();
- original = AccessController.doPrivileged(pa);
- } else {
- original = Thread.currentThread().getContextClassLoader();
- }
+ ClassLoader original = Thread.currentThread().getContextClassLoader();
try {
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedSetTccl pa =
- new
PrivilegedSetTccl(JspDocumentParser.class.getClassLoader());
- AccessController.doPrivileged(pa);
- } else {
- Thread.currentThread().setContextClassLoader(
- JspDocumentParser.class.getClassLoader());
- }
+
Thread.currentThread().setContextClassLoader(JspDocumentParser.class.getClassLoader());
SAXParserFactory factory = SAXParserFactory.newInstance();
@@ -1476,12 +1460,7 @@ class JspDocumentParser
return saxParser;
} finally {
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedSetTccl pa = new PrivilegedSetTccl(original);
- AccessController.doPrivileged(pa);
- } else {
- Thread.currentThread().setContextClassLoader(original);
- }
+ Thread.currentThread().setContextClassLoader(original);
}
}
diff --git a/java/org/apache/jasper/compiler/JspRuntimeContext.java
b/java/org/apache/jasper/compiler/JspRuntimeContext.java
index 5069bf2a04..ed11a2d9f4 100644
--- a/java/org/apache/jasper/compiler/JspRuntimeContext.java
+++ b/java/org/apache/jasper/compiler/JspRuntimeContext.java
@@ -18,15 +18,9 @@ package org.apache.jasper.compiler;
import java.io.File;
import java.io.FileNotFoundException;
-import java.io.FilePermission;
-import java.io.IOException;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLClassLoader;
-import java.security.CodeSource;
-import java.security.PermissionCollection;
-import java.security.Policy;
-import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -36,7 +30,6 @@ import java.util.concurrent.atomic.AtomicInteger;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
-import org.apache.jasper.Constants;
import org.apache.jasper.JspCompilationContext;
import org.apache.jasper.Options;
import org.apache.jasper.runtime.ExceptionUtils;
@@ -110,20 +103,9 @@ public final class JspRuntimeContext {
classpath = initClassPath();
if (context instanceof org.apache.jasper.servlet.JspCServletContext) {
- codeSource = null;
- permissionCollection = null;
return;
}
- if (Constants.IS_SECURITY_ENABLED) {
- SecurityHolder holder = initSecurity();
- codeSource = holder.cs;
- permissionCollection = holder.pc;
- } else {
- codeSource = null;
- permissionCollection = null;
- }
-
// If this web application context is running from a
// directory, start the background compilation thread
String appBase = context.getRealPath("/");
@@ -153,8 +135,6 @@ public final class JspRuntimeContext {
private final ServletContext context;
private final Options options;
private final ClassLoader parentClassLoader;
- private final PermissionCollection permissionCollection;
- private final CodeSource codeSource;
private final String classpath;
private volatile long lastCompileCheck = -1L;
private volatile long lastJspQueueUpdate = System.currentTimeMillis();
@@ -264,16 +244,6 @@ public final class JspRuntimeContext {
return jsps.size();
}
- /**
- * Get the SecurityManager Policy CodeSource for this web
- * application context.
- *
- * @return CodeSource for JSP
- */
- public CodeSource getCodeSource() {
- return codeSource;
- }
-
/**
* Get the parent ClassLoader.
*
@@ -283,16 +253,6 @@ public final class JspRuntimeContext {
return parentClassLoader;
}
- /**
- * Get the SecurityManager PermissionCollection for this
- * web application context.
- *
- * @return PermissionCollection permissions
- */
- public PermissionCollection getPermissionCollection() {
- return permissionCollection;
- }
-
/**
* Process a "destroy" event for this web application context.
*/
@@ -490,81 +450,6 @@ public final class JspRuntimeContext {
return path;
}
- /**
- * Helper class to allow initSecurity() to return two items
- */
- private static class SecurityHolder{
- private final CodeSource cs;
- private final PermissionCollection pc;
- private SecurityHolder(CodeSource cs, PermissionCollection pc){
- this.cs = cs;
- this.pc = pc;
- }
- }
- /**
- * Method used to initialize SecurityManager data.
- */
- private SecurityHolder initSecurity() {
-
- // Setup the PermissionCollection for this web app context
- // based on the permissions configured for the root of the
- // web app context directory, then add a file read permission
- // for that directory.
- Policy policy = Policy.getPolicy();
- CodeSource source = null;
- PermissionCollection permissions = null;
- if( policy != null ) {
- try {
- // Get the permissions for the web app context
- String docBase = context.getRealPath("/");
- if( docBase == null ) {
- docBase = options.getScratchDir().toString();
- }
- String codeBase = docBase;
- if (!codeBase.endsWith(File.separator)){
- codeBase = codeBase + File.separator;
- }
- File contextDir = new File(codeBase);
- URL url = contextDir.getCanonicalFile().toURI().toURL();
- source = new CodeSource(url,(Certificate[])null);
- permissions = policy.getPermissions(source);
-
- // Create a file read permission for web app context directory
- if (!docBase.endsWith(File.separator)){
- permissions.add
- (new FilePermission(docBase,"read"));
- docBase = docBase + File.separator;
- } else {
- permissions.add
- (new FilePermission
- (docBase.substring(0,docBase.length() -
1),"read"));
- }
- docBase = docBase + "-";
- permissions.add(new FilePermission(docBase,"read"));
-
- // Spec says apps should have read/write for their temp
- // directory. This is fine, as no security sensitive files, at
- // least any that the app doesn't have full control of anyway,
- // will be written here.
- String workDir = options.getScratchDir().toString();
- if (!workDir.endsWith(File.separator)){
- permissions.add
- (new FilePermission(workDir,"read,write"));
- workDir = workDir + File.separator;
- }
- workDir = workDir + "-";
- permissions.add(new FilePermission(
- workDir,"read,write,delete"));
-
- // Allow the JSP to access
org.apache.jasper.runtime.HttpJspBase
- permissions.add( new RuntimePermission(
- "accessClassInPackage.org.apache.jasper.runtime") );
- } catch (RuntimeException | IOException e) {
- context.log(Localizer.getMessage("jsp.error.security"), e);
- }
- }
- return new SecurityHolder(source, permissions);
- }
private void unloadJspServletWrapper(JspServletWrapper jsw) {
removeWrapper(jsw.getJspUri());
diff --git a/java/org/apache/jasper/compiler/TagPluginManager.java
b/java/org/apache/jasper/compiler/TagPluginManager.java
index 832f2f7732..a8a282be83 100644
--- a/java/org/apache/jasper/compiler/TagPluginManager.java
+++ b/java/org/apache/jasper/compiler/TagPluginManager.java
@@ -18,7 +18,6 @@ package org.apache.jasper.compiler;
import java.io.IOException;
import java.net.URL;
-import java.security.AccessController;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
@@ -30,8 +29,6 @@ import org.apache.jasper.JasperException;
import org.apache.jasper.compiler.tagplugin.TagPlugin;
import org.apache.jasper.compiler.tagplugin.TagPluginContext;
import org.apache.tomcat.util.descriptor.tagplugin.TagPluginParser;
-import org.apache.tomcat.util.security.PrivilegedGetTccl;
-import org.apache.tomcat.util.security.PrivilegedSetTccl;
import org.xml.sax.SAXException;
/**
@@ -76,22 +73,9 @@ public class TagPluginManager {
}
TagPluginParser parser;
- ClassLoader original;
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedGetTccl pa = new PrivilegedGetTccl();
- original = AccessController.doPrivileged(pa);
- } else {
- original = Thread.currentThread().getContextClassLoader();
- }
+ ClassLoader original = Thread.currentThread().getContextClassLoader();
try {
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedSetTccl pa =
- new
PrivilegedSetTccl(TagPluginManager.class.getClassLoader());
- AccessController.doPrivileged(pa);
- } else {
- Thread.currentThread().setContextClassLoader(
- TagPluginManager.class.getClassLoader());
- }
+
Thread.currentThread().setContextClassLoader(TagPluginManager.class.getClassLoader());
parser = new TagPluginParser(ctxt, blockExternal);
@@ -109,12 +93,7 @@ public class TagPluginManager {
} catch (IOException | SAXException e) {
throw new JasperException(e);
} finally {
- if (Constants.IS_SECURITY_ENABLED) {
- PrivilegedSetTccl pa = new PrivilegedSetTccl(original);
- AccessController.doPrivileged(pa);
- } else {
- Thread.currentThread().setContextClassLoader(original);
- }
+ Thread.currentThread().setContextClassLoader(original);
}
Map<String, String> plugins = parser.getPlugins();
diff --git a/java/org/apache/jasper/compiler/Validator.java
b/java/org/apache/jasper/compiler/Validator.java
index 249460d80f..cac77c3c73 100644
--- a/java/org/apache/jasper/compiler/Validator.java
+++ b/java/org/apache/jasper/compiler/Validator.java
@@ -1376,8 +1376,7 @@ class Validator {
value, false, el, dynamic);
if (el != null) {
- ELContextImpl ctx =
- new ELContextImpl(expressionFactory);
+ ELContextImpl ctx = new ELContextImpl();
ctx.setFunctionMapper(getFunctionMapper(el));
try {
@@ -1579,7 +1578,7 @@ class Validator {
validateFunctions(el, n);
// test it out
- ELContextImpl ctx = new ELContextImpl(expressionFactory);
+ ELContextImpl ctx = new ELContextImpl();
ctx.setFunctionMapper(this.getFunctionMapper(el));
ExpressionFactory ef = this.pageInfo.getExpressionFactory();
try {
diff --git a/java/org/apache/jasper/el/ELContextImpl.java
b/java/org/apache/jasper/el/ELContextImpl.java
index 273c1f161b..7c5fb6c13b 100644
--- a/java/org/apache/jasper/el/ELContextImpl.java
+++ b/java/org/apache/jasper/el/ELContextImpl.java
@@ -26,7 +26,6 @@ import jakarta.el.CompositeELResolver;
import jakarta.el.ELContext;
import jakarta.el.ELManager;
import jakarta.el.ELResolver;
-import jakarta.el.ExpressionFactory;
import jakarta.el.FunctionMapper;
import jakarta.el.ListELResolver;
import jakarta.el.MapELResolver;
@@ -35,8 +34,6 @@ import jakarta.el.StaticFieldELResolver;
import jakarta.el.ValueExpression;
import jakarta.el.VariableMapper;
-import org.apache.jasper.Constants;
-
/**
* Implementation of ELContext
*
@@ -80,19 +77,15 @@ public class ELContextImpl extends ELContext {
private static final ELResolver DefaultResolver;
static {
- if (Constants.IS_SECURITY_ENABLED) {
- DefaultResolver = null;
- } else {
- DefaultResolver = new CompositeELResolver();
- ((CompositeELResolver) DefaultResolver).add(
- ELManager.getExpressionFactory().getStreamELResolver());
- ((CompositeELResolver) DefaultResolver).add(new
StaticFieldELResolver());
- ((CompositeELResolver) DefaultResolver).add(new MapELResolver());
- ((CompositeELResolver) DefaultResolver).add(new
ResourceBundleELResolver());
- ((CompositeELResolver) DefaultResolver).add(new ListELResolver());
- ((CompositeELResolver) DefaultResolver).add(new ArrayELResolver());
- ((CompositeELResolver) DefaultResolver).add(new BeanELResolver());
- }
+ DefaultResolver = new CompositeELResolver();
+ ((CompositeELResolver) DefaultResolver).add(
+ ELManager.getExpressionFactory().getStreamELResolver());
+ ((CompositeELResolver) DefaultResolver).add(new
StaticFieldELResolver());
+ ((CompositeELResolver) DefaultResolver).add(new MapELResolver());
+ ((CompositeELResolver) DefaultResolver).add(new
ResourceBundleELResolver());
+ ((CompositeELResolver) DefaultResolver).add(new ListELResolver());
+ ((CompositeELResolver) DefaultResolver).add(new ArrayELResolver());
+ ((CompositeELResolver) DefaultResolver).add(new BeanELResolver());
}
private final ELResolver resolver;
@@ -101,8 +94,8 @@ public class ELContextImpl extends ELContext {
private VariableMapper variableMapper;
- public ELContextImpl(ExpressionFactory factory) {
- this(getDefaultResolver(factory));
+ public ELContextImpl() {
+ this(getDefaultResolver());
}
public ELContextImpl(ELResolver resolver) {
@@ -135,19 +128,7 @@ public class ELContextImpl extends ELContext {
this.variableMapper = variableMapper;
}
- public static ELResolver getDefaultResolver(ExpressionFactory factory) {
- if (Constants.IS_SECURITY_ENABLED) {
- CompositeELResolver defaultResolver = new CompositeELResolver();
- defaultResolver.add(factory.getStreamELResolver());
- defaultResolver.add(new StaticFieldELResolver());
- defaultResolver.add(new MapELResolver());
- defaultResolver.add(new ResourceBundleELResolver());
- defaultResolver.add(new ListELResolver());
- defaultResolver.add(new ArrayELResolver());
- defaultResolver.add(new BeanELResolver());
- return defaultResolver;
- } else {
- return DefaultResolver;
- }
+ public static ELResolver getDefaultResolver() {
+ return DefaultResolver;
}
}
diff --git a/java/org/apache/jasper/resources/LocalStrings.properties
b/java/org/apache/jasper/resources/LocalStrings.properties
index 7ade331ca3..9817f4a341 100644
--- a/java/org/apache/jasper/resources/LocalStrings.properties
+++ b/java/org/apache/jasper/resources/LocalStrings.properties
@@ -252,7 +252,6 @@ jsp.error.variable.either.name=Either name-given or
name-from-attribute attribut
jsp.error.xml.badStandardAction=Invalid standard action: [{0}]
jsp.error.xml.bad_tag=No tag [{0}] defined in tag library associated with uri
[{1}]
jsp.exception=An exception occurred processing [{0}] at line [{1}]
-jsp.info.ignoreSetting=Ignored setting for [{0}] of [{1}] because a
SecurityManager was enabled
jsp.message.dont.modify.servlets=IMPORTANT: Do not modify the generated
servlets
jsp.message.jsp_added=Adding JSP for path [{0}] to queue of context [{1}]
jsp.message.jsp_queue_created=Created jsp queue with length [{0}] for context
[{1}]
diff --git a/java/org/apache/jasper/resources/LocalStrings_cs.properties
b/java/org/apache/jasper/resources/LocalStrings_cs.properties
index c5224d28d7..cfc53c63d4 100644
--- a/java/org/apache/jasper/resources/LocalStrings_cs.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_cs.properties
@@ -55,7 +55,6 @@ jsp.error.unbalanced.endtag=Ukončovací tag "</{0}" inení
symetrický
jsp.error.unknown_attribute_type=Neznámý typ atributu [{1}] pro atribut [{0}].
jsp.error.variable.either.name=Direktiva proměnné musí specifikovat zadané
jméno nebo jméno z atributu
jsp.exception=Při zpracování se vyskytla výjimka [{0}] na řádku [{1}]
-jsp.info.ignoreSetting=Ignorováno nastavení pro [{0}] z [{1}], protože byl
aktivní SecurityManager
jsp.message.jsp_queue_update=Aktualizuji JSP na cestě [{0}] ve frontě kontextu
[{1}]
jsp.message.jsp_removed_excess=Odstraňuji přístup JSP na cestě [{0}] pro
frontu z kontextu [{1}]
jsp.message.jsp_unload_check=Kontroluji JSP pro odebrání z kontextu [{0}],
počet JSP: [{1}] délka fronty: [{2}]
diff --git a/java/org/apache/jasper/resources/LocalStrings_de.properties
b/java/org/apache/jasper/resources/LocalStrings_de.properties
index aad46a9393..1d5f23bcf9 100644
--- a/java/org/apache/jasper/resources/LocalStrings_de.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_de.properties
@@ -68,7 +68,6 @@ jsp.error.unavailable=JSP wurde als nicht verfügbar markiert
jsp.error.unknown_attribute_type=Unbekannter Attributstyp [{1}] für Attribut
[{0}].
jsp.error.xml.badStandardAction=Ungültige Standard Aktion: [{0}]
jsp.exception=Beim Verarbeiten von [{0}] ist in Zeile [{1}] eine Ausnahme
erzeugt worden
-jsp.info.ignoreSetting=Ignoriere Einstellung für [{0}] von [{1}], da ein
SecurityManager eingeschaltet war
jsp.message.jsp_queue_update=Passe Queue im Kontext [{1}] für JSP mit Pfad
[{0}] an
jsp.message.jsp_removed_excess=Lösche überschüssige JSP für Pfad [{0}] aus der
Warteschlange für Context [{1}]
jsp.tldCache.tldInDir=TLD-Dateien wurden gefunden im Verzeichnis [{0}].
diff --git a/java/org/apache/jasper/resources/LocalStrings_es.properties
b/java/org/apache/jasper/resources/LocalStrings_es.properties
index 1fac658ba9..0235b22a0d 100644
--- a/java/org/apache/jasper/resources/LocalStrings_es.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_es.properties
@@ -212,7 +212,6 @@ jsp.error.variable.either.name=O el atributo name-given o
name-from-attribute de
jsp.error.xml.badStandardAction=Acción estándar incorrecta: [{0}]
jsp.error.xml.bad_tag=No se ha definido el tag [{0}] en la biblioteca tag
asociada con uri [{1}]
jsp.exception=Ha sucedido una excepción al procesar la página JSP [{0}] en
línea [{1}]
-jsp.info.ignoreSetting=Valor de configuración ignorado para [{0}] de [{1}]
debido a que SecurityManager estaba habilitado
jsp.message.dont.modify.servlets=IMPORTANTE: No modifique los servlets
generados
jsp.message.jsp_added=Añadiendo JSP para ruta [{0}] a cola de contexto [{1}]
jsp.message.jsp_queue_created=Creada cola jsp con tamaño [{0}] para el
contexto [{1}]
diff --git a/java/org/apache/jasper/resources/LocalStrings_fr.properties
b/java/org/apache/jasper/resources/LocalStrings_fr.properties
index 070414d5cd..f92027acc1 100644
--- a/java/org/apache/jasper/resources/LocalStrings_fr.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_fr.properties
@@ -252,7 +252,6 @@ jsp.error.variable.either.name=Un attribut "name-given" ou
"name-from-attribute"
jsp.error.xml.badStandardAction=Action standard invalide : [{0}]
jsp.error.xml.bad_tag=Aucun tag [{0}] n''est défini dans la bibliothèque de
tags associée à l''URI [{1}]
jsp.exception=Une exception s''est produite lors du traitement de [{0}] à la
ligne [{1}]
-jsp.info.ignoreSetting=Le paramètre [{0}] avec valeur [{1}] a été ignoré parce
que le gestionnaire de sécurité est activé
jsp.message.dont.modify.servlets=IMPORTANT : Ne pas modifier les servlets
générées
jsp.message.jsp_added=Ajout du JSP au chemin [{0}] à la queue du contexte [{1}]
jsp.message.jsp_queue_created=Création d''une queue de jsp avec une longueur
de [{0}] pour le contexte [{1}]
diff --git a/java/org/apache/jasper/resources/LocalStrings_ja.properties
b/java/org/apache/jasper/resources/LocalStrings_ja.properties
index ee7e163e36..8d5989c5bb 100644
--- a/java/org/apache/jasper/resources/LocalStrings_ja.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_ja.properties
@@ -253,7 +253,6 @@
jsp.error.variable.either.name=name-givenまたはname-from-attribute属性の
jsp.error.xml.badStandardAction=無効な標準アクションです: [{0}]
jsp.error.xml.bad_tag=URI [{1}] に関連付けられたタグライブラリの中にはタグ [{0}] は定義されていません
jsp.exception=[{0}] の処理中に行番号 [{1}] で例外が発生しました。
-jsp.info.ignoreSetting=SecurityManager が有効なため [{1}] の設定 [{0}] を無視しました
jsp.message.dont.modify.servlets=重要: 生成されたサーブレットを変更してはいけません
jsp.message.jsp_added=コンテキスト [{1}] のキューにパス [{0}] のJSPを追加しています
jsp.message.jsp_queue_created=コンテキスト [{1}] の長さ [{0}] の作成されたJSPキュー
diff --git a/java/org/apache/jasper/resources/LocalStrings_ko.properties
b/java/org/apache/jasper/resources/LocalStrings_ko.properties
index f4a3f69505..d3bfed46bb 100644
--- a/java/org/apache/jasper/resources/LocalStrings_ko.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_ko.properties
@@ -250,7 +250,6 @@ jsp.error.variable.either.name=name-given 또는
name-from-attribute 속성 둘
jsp.error.xml.badStandardAction=유효하지 않은 표준 액션: [{0}]
jsp.error.xml.bad_tag=URI [{1}]와(과) 연관된 태그 라이브러리 내에, 태그 [{0}]이(가) 정의되지 않았습니다.
jsp.exception=행 [{1}]에서 [{0}]을(를) 처리하는 중 예외 발생
-jsp.info.ignoreSetting=SecurityManager가 사용 가능 상태로 설정되었기 때문에, [{1}]의 [{0}]을(를)
위한 설정은 무시됩니다.
jsp.message.dont.modify.servlets=중요사항: 코드 생성된 서블릿들을 변경하지 마시오.
jsp.message.jsp_added=컨텍스트 [{1}]의 큐에, 경로 [{0}]을(를) 위한 JSP를 추가합니다.
jsp.message.jsp_queue_created=컨텍스트 [{1}]을(를) 위해 길이가 [{0}]인 JSP 큐를 생성했습니다.
diff --git a/java/org/apache/jasper/resources/LocalStrings_pt_BR.properties
b/java/org/apache/jasper/resources/LocalStrings_pt_BR.properties
index 58de142979..dc8a2dde3c 100644
--- a/java/org/apache/jasper/resources/LocalStrings_pt_BR.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_pt_BR.properties
@@ -24,7 +24,6 @@ jsp.error.prolog_pagedir_encoding_mismatch=O encoding de
página especificado no
jsp.error.taglibDirective.absUriCannotBeResolved=A uri absoluta [{0}] não pode
ser resolvida pelo web.xml ou pelos arquivos jar instalados com esta aplicação
jsp.error.tld.mandatory.element.missing=Elemento TLD mandatório [{0}] faltando
ou vazio no TLD [{1}]
jsp.error.unknown_attribute_type=Tipo de atributo [{1}] inválido para atributo
[{0}]
-jsp.info.ignoreSetting=Ignorada configuraçõ para [{0}] de [{1}] porque um
SecurityManager foi habilitado
jsp.message.jsp_removed_excess=Removendo excesso de JSP para o caminho [{0}]
da fila de contexto [{1}].
jsp.warning.enablePooling=Aviso: valor inválido para o initParam
enablePooling. Será usado o valor padrão "true"
diff --git a/java/org/apache/jasper/resources/LocalStrings_zh_CN.properties
b/java/org/apache/jasper/resources/LocalStrings_zh_CN.properties
index 94583da6ec..8190078e18 100644
--- a/java/org/apache/jasper/resources/LocalStrings_zh_CN.properties
+++ b/java/org/apache/jasper/resources/LocalStrings_zh_CN.properties
@@ -251,7 +251,6 @@ jsp.error.variable.either.name=必须在变量指令中指定 name-given 或 nam
jsp.error.xml.badStandardAction=无效、标准的action: [{0}]
jsp.error.xml.bad_tag=在与uri[{1}]关联的标记库中未定义标记[{0}]
jsp.exception=在 [{1}] 行处理 [{0}] 时发生异常
-jsp.info.ignoreSetting=因为 SecurityManager 被启用,忽略 [{1}] 的 [{0}] 的设置
jsp.message.dont.modify.servlets=重要提示:不要修改生成的servlet
jsp.message.jsp_added=增加JSP 为路径[{0}]为上下文[{1}]的队列
jsp.message.jsp_queue_created=用长度[{0}]上下文[{1}]创建了jsp队列
diff --git a/java/org/apache/jasper/runtime/JspApplicationContextImpl.java
b/java/org/apache/jasper/runtime/JspApplicationContextImpl.java
index 82aa1abe22..ccc443fd74 100644
--- a/java/org/apache/jasper/runtime/JspApplicationContextImpl.java
+++ b/java/org/apache/jasper/runtime/JspApplicationContextImpl.java
@@ -16,8 +16,6 @@
*/
package org.apache.jasper.runtime;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
@@ -31,7 +29,6 @@ import jakarta.servlet.ServletContext;
import jakarta.servlet.jsp.JspApplicationContext;
import jakarta.servlet.jsp.JspContext;
-import org.apache.jasper.Constants;
import org.apache.jasper.compiler.Localizer;
import org.apache.jasper.el.ELContextImpl;
import org.apache.jasper.el.JasperELResolver;
@@ -88,12 +85,7 @@ public class JspApplicationContextImpl implements
JspApplicationContext {
// create ELContext for JspContext
final ELResolver r = this.createELResolver();
- ELContextImpl ctx;
- if (Constants.IS_SECURITY_ENABLED) {
- ctx =
AccessController.doPrivileged((PrivilegedAction<ELContextImpl>) () -> new
ELContextImpl(r));
- } else {
- ctx = new ELContextImpl(r);
- }
+ ELContextImpl ctx = new ELContextImpl(r);
ctx.putContext(JspContext.class, context);
// alert all ELContextListeners
diff --git a/java/org/apache/jasper/runtime/JspFactoryImpl.java
b/java/org/apache/jasper/runtime/JspFactoryImpl.java
index 6e288019de..db15ca1965 100644
--- a/java/org/apache/jasper/runtime/JspFactoryImpl.java
+++ b/java/org/apache/jasper/runtime/JspFactoryImpl.java
@@ -17,8 +17,6 @@
package org.apache.jasper.runtime;
import java.io.IOException;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import jakarta.servlet.Servlet;
import jakarta.servlet.ServletContext;
@@ -46,50 +44,6 @@ public class JspFactoryImpl extends JspFactory {
ServletResponse response, String errorPageURL, boolean
needsSession,
int bufferSize, boolean autoflush) {
- if( Constants.IS_SECURITY_ENABLED ) {
- PrivilegedGetPageContext dp = new PrivilegedGetPageContext(
- this, servlet, request, response, errorPageURL,
- needsSession, bufferSize, autoflush);
- return AccessController.doPrivileged(dp);
- } else {
- return internalGetPageContext(servlet, request, response,
- errorPageURL, needsSession,
- bufferSize, autoflush);
- }
- }
-
- @Override
- public void releasePageContext(PageContext pc) {
- if( pc == null ) {
- return;
- }
- if( Constants.IS_SECURITY_ENABLED ) {
- PrivilegedReleasePageContext dp = new PrivilegedReleasePageContext(
- this,pc);
- AccessController.doPrivileged(dp);
- } else {
- internalReleasePageContext(pc);
- }
- }
-
- @Override
- public JspEngineInfo getEngineInfo() {
- return new JspEngineInfo() {
- @Override
- public String getSpecificationVersion() {
- return Constants.SPEC_VERSION;
- }
- };
- }
-
- public void setPoolSize(int poolSize) {
- this.poolSize = poolSize;
- }
-
- private PageContext internalGetPageContext(Servlet servlet, ServletRequest
request,
- ServletResponse response, String errorPageURL, boolean
needsSession,
- int bufferSize, boolean autoflush) {
-
PageContext pc;
if (poolSize > 0) {
PageContextPool pool = localPool.get();
@@ -116,62 +70,30 @@ public class JspFactoryImpl extends JspFactory {
return pc;
}
- private void internalReleasePageContext(PageContext pc) {
+ @Override
+ public void releasePageContext(PageContext pc) {
+ if( pc == null ) {
+ return;
+ }
+
pc.release();
if (poolSize > 0 && (pc instanceof PageContextImpl)) {
localPool.get().put(pc);
}
}
- private static class PrivilegedGetPageContext
- implements PrivilegedAction<PageContext> {
-
- private JspFactoryImpl factory;
- private Servlet servlet;
- private ServletRequest request;
- private ServletResponse response;
- private String errorPageURL;
- private boolean needsSession;
- private int bufferSize;
- private boolean autoflush;
-
- PrivilegedGetPageContext(JspFactoryImpl factory, Servlet servlet,
- ServletRequest request, ServletResponse response, String
errorPageURL,
- boolean needsSession, int bufferSize, boolean autoflush) {
- this.factory = factory;
- this.servlet = servlet;
- this.request = request;
- this.response = response;
- this.errorPageURL = errorPageURL;
- this.needsSession = needsSession;
- this.bufferSize = bufferSize;
- this.autoflush = autoflush;
- }
-
- @Override
- public PageContext run() {
- return factory.internalGetPageContext(servlet, request, response,
- errorPageURL, needsSession, bufferSize, autoflush);
- }
+ @Override
+ public JspEngineInfo getEngineInfo() {
+ return new JspEngineInfo() {
+ @Override
+ public String getSpecificationVersion() {
+ return Constants.SPEC_VERSION;
+ }
+ };
}
- private static class PrivilegedReleasePageContext
- implements PrivilegedAction<Void> {
-
- private JspFactoryImpl factory;
- private PageContext pageContext;
-
- PrivilegedReleasePageContext(JspFactoryImpl factory,
- PageContext pageContext) {
- this.factory = factory;
- this.pageContext = pageContext;
- }
-
- @Override
- public Void run() {
- factory.internalReleasePageContext(pageContext);
- return null;
- }
+ public void setPoolSize(int poolSize) {
+ this.poolSize = poolSize;
}
private static final class PageContextPool {
@@ -205,11 +127,6 @@ public class JspFactoryImpl extends JspFactory {
@Override
public JspApplicationContext getJspApplicationContext(
final ServletContext context) {
- if (Constants.IS_SECURITY_ENABLED) {
- return AccessController.doPrivileged(
- (PrivilegedAction<JspApplicationContext>) () ->
JspApplicationContextImpl.getInstance(context));
- } else {
- return JspApplicationContextImpl.getInstance(context);
- }
+ return JspApplicationContextImpl.getInstance(context);
}
}
diff --git a/java/org/apache/jasper/security/SecurityClassLoad.java
b/java/org/apache/jasper/security/SecurityClassLoad.java
deleted file mode 100644
index 3642847fdc..0000000000
--- a/java/org/apache/jasper/security/SecurityClassLoad.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jasper.security;
-
-import org.apache.jasper.compiler.Localizer;
-import org.apache.juli.logging.Log;
-import org.apache.juli.logging.LogFactory;
-
-/**
- * Static class used to preload java classes when using the
- * Java SecurityManager so that the defineClassInPackage
- * RuntimePermission does not trigger an AccessControlException.
- */
-public final class SecurityClassLoad {
-
- public static void securityClassLoad(ClassLoader loader) {
-
- if (System.getSecurityManager() == null) {
- return;
- }
-
- final String basePackage = "org.apache.jasper.";
- try {
- // Ensure XMLInputFactory is loaded with Tomcat's class loader
- loader.loadClass(basePackage + "compiler.EncodingDetector");
-
- loader.loadClass(basePackage + "runtime.JspContextWrapper");
- loader.loadClass(basePackage +
"runtime.JspFactoryImpl$PrivilegedGetPageContext");
- loader.loadClass(basePackage +
"runtime.JspFactoryImpl$PrivilegedReleasePageContext");
- loader.loadClass(basePackage + "runtime.JspFragmentHelper");
-
- Class<?> clazz = loader.loadClass(basePackage +
"runtime.JspRuntimeLibrary");
- clazz.getConstructor().newInstance();
-
- loader.loadClass(basePackage + "runtime.PageContextImpl");
-
- loader.loadClass(basePackage + "runtime.ProtectedFunctionMapper");
- loader.loadClass(basePackage +
"runtime.ServletResponseWrapperInclude");
- loader.loadClass(basePackage + "runtime.TagHandlerPool");
-
- // Trigger loading of class and reading of property
- SecurityUtil.isPackageProtectionEnabled();
-
- loader.loadClass(basePackage + "servlet.JspServletWrapper");
- } catch (Exception ex) {
- Log log = LogFactory.getLog(SecurityClassLoad.class);
- log.error(Localizer.getMessage("jsp.error.securityPreload"), ex);
- }
- }
-}
diff --git a/java/org/apache/jasper/security/SecurityUtil.java
b/java/org/apache/jasper/security/SecurityUtil.java
deleted file mode 100644
index 5b6f69de64..0000000000
--- a/java/org/apache/jasper/security/SecurityUtil.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jasper.security;
-
-import org.apache.jasper.Constants;
-
-/**
- * Util class for Security related operations.
- */
-
-public final class SecurityUtil{
-
- private static final boolean packageDefinitionEnabled =
- System.getProperty("package.definition") == null ? false : true;
-
- /**
- * Return the <code>SecurityManager</code> only if Security is enabled AND
- * package protection mechanism is enabled.
- * @return <code>true</code> if package protection is enabled
- */
- public static boolean isPackageProtectionEnabled(){
- if (packageDefinitionEnabled && Constants.IS_SECURITY_ENABLED){
- return true;
- }
- return false;
- }
-}
diff --git a/java/org/apache/jasper/servlet/JasperInitializer.java
b/java/org/apache/jasper/servlet/JasperInitializer.java
index f444040ffa..a39f015348 100644
--- a/java/org/apache/jasper/servlet/JasperInitializer.java
+++ b/java/org/apache/jasper/servlet/JasperInitializer.java
@@ -28,7 +28,6 @@ import org.apache.jasper.Constants;
import org.apache.jasper.compiler.Localizer;
import org.apache.jasper.compiler.TldCache;
import org.apache.jasper.runtime.JspFactoryImpl;
-import org.apache.jasper.security.SecurityClassLoad;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.InstanceManager;
@@ -49,7 +48,6 @@ public class JasperInitializer implements
ServletContainerInitializer {
*/
static {
JspFactoryImpl factory = new JspFactoryImpl();
-
SecurityClassLoad.securityClassLoad(factory.getClass().getClassLoader());
if (JspFactory.getDefaultFactory() == null) {
JspFactory.setDefaultFactory(factory);
}
diff --git a/java/org/apache/jasper/servlet/JasperLoader.java
b/java/org/apache/jasper/servlet/JasperLoader.java
index 2fda7a67b4..939a76004f 100644
--- a/java/org/apache/jasper/servlet/JasperLoader.java
+++ b/java/org/apache/jasper/servlet/JasperLoader.java
@@ -20,8 +20,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLClassLoader;
-import java.security.CodeSource;
-import java.security.PermissionCollection;
/**
* Class loader for loading servlet class files (corresponding to JSP files)
@@ -32,15 +30,10 @@ import java.security.PermissionCollection;
*/
public class JasperLoader extends URLClassLoader {
- private final PermissionCollection permissionCollection;
- private final SecurityManager securityManager;
private final String packageName;
- public JasperLoader(URL[] urls, ClassLoader parent,
- String packageName, PermissionCollection permissionCollection) {
+ public JasperLoader(URL[] urls, ClassLoader parent, String packageName) {
super(urls, parent);
- this.permissionCollection = permissionCollection;
- this.securityManager = System.getSecurityManager();
this.packageName = packageName;
}
@@ -98,24 +91,6 @@ public class JasperLoader extends URLClassLoader {
return clazz;
}
- // (.5) Permission to access this class when using a SecurityManager
- if (securityManager != null) {
- int dot = name.lastIndexOf('.');
- if (dot >= 0) {
- try {
- // Do not call the security manager since by default, we
grant that package.
- if
(!"org.apache.jasper.runtime".equalsIgnoreCase(name.substring(0,dot))){
-
securityManager.checkPackageAccess(name.substring(0,dot));
- }
- } catch (SecurityException se) {
- String error = "Security Violation, attempt to use " +
- "Restricted Class: " + name;
- se.printStackTrace();
- throw new ClassNotFoundException(error);
- }
- }
- }
-
if( !name.startsWith(packageName + '.') ) {
// Class is not in org.apache.jsp, therefore, have our
// parent load it
@@ -150,20 +125,4 @@ public class JasperLoader extends URLClassLoader {
}
return is;
}
-
-
- /**
- * Get the Permissions for a CodeSource.
- *
- * Since this ClassLoader is only used for a JSP page in
- * a web application context, we just return our preset
- * PermissionCollection for the web app context.
- *
- * @param codeSource Code source where the code was loaded from
- * @return PermissionCollection for CodeSource
- */
- @Override
- public final PermissionCollection getPermissions(CodeSource codeSource) {
- return permissionCollection;
- }
}
diff --git a/java/org/apache/jasper/servlet/JspServlet.java
b/java/org/apache/jasper/servlet/JspServlet.java
index c356082197..cdd6e6a52a 100644
--- a/java/org/apache/jasper/servlet/JspServlet.java
+++ b/java/org/apache/jasper/servlet/JspServlet.java
@@ -20,9 +20,6 @@ import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.net.MalformedURLException;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
import jakarta.servlet.RequestDispatcher;
import jakarta.servlet.ServletConfig;
@@ -32,13 +29,11 @@ import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
-import org.apache.jasper.Constants;
import org.apache.jasper.EmbeddedServletOptions;
import org.apache.jasper.Options;
import org.apache.jasper.compiler.JspRuntimeContext;
import org.apache.jasper.compiler.Localizer;
import org.apache.jasper.runtime.ExceptionUtils;
-import org.apache.jasper.security.SecurityUtil;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.PeriodicEventListener;
@@ -89,11 +84,6 @@ public class JspServlet extends HttpServlet implements
PeriodicEventListener {
// Initialize the JSP Runtime Context
// Check for a custom Options implementation
String engineOptionsName =
config.getInitParameter("engineOptionsClass");
- if (Constants.IS_SECURITY_ENABLED && engineOptionsName != null) {
- log.info(Localizer.getMessage(
- "jsp.info.ignoreSetting", "engineOptionsClass",
engineOptionsName));
- engineOptionsName = null;
- }
if (engineOptionsName != null) {
// Instantiate the indicated Options implementation
try {
@@ -126,22 +116,9 @@ public class JspServlet extends HttpServlet implements
PeriodicEventListener {
throw new
ServletException(Localizer.getMessage("jsp.error.no.jsp", jspFile), e);
}
try {
- if (SecurityUtil.isPackageProtectionEnabled()){
-
AccessController.doPrivileged((PrivilegedExceptionAction<Object>) () -> {
- serviceJspFile(null, null, jspFile, true);
- return null;
- });
- } else {
- serviceJspFile(null, null, jspFile, true);
- }
+ serviceJspFile(null, null, jspFile, true);
} catch (IOException e) {
throw new
ServletException(Localizer.getMessage("jsp.error.precompilation", jspFile), e);
- } catch (PrivilegedActionException e) {
- Throwable t = e.getCause();
- if (t instanceof ServletException) {
- throw (ServletException)t;
- }
- throw new
ServletException(Localizer.getMessage("jsp.error.precompilation", jspFile), e);
}
}
diff --git a/test/jakarta/el/TestBeanELResolver.java
b/test/jakarta/el/TestBeanELResolver.java
index f4eb5103ee..073ce4798e 100644
--- a/test/jakarta/el/TestBeanELResolver.java
+++ b/test/jakarta/el/TestBeanELResolver.java
@@ -41,7 +41,7 @@ public class TestBeanELResolver {
@Test
public void testBug53421() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
Bean bean = new Bean();
diff --git a/test/jakarta/el/TestMethodReference.java
b/test/jakarta/el/TestMethodReference.java
index c9b524f717..29845e87b4 100644
--- a/test/jakarta/el/TestMethodReference.java
+++ b/test/jakarta/el/TestMethodReference.java
@@ -29,7 +29,7 @@ public class TestMethodReference {
public void testGetAnnotationInfo01() {
// None
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBean bean = new TesterBean("myBean");
@@ -49,7 +49,7 @@ public class TestMethodReference {
public void testGetAnnotationInfo02() {
// @BeanProperty with defaults
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBean bean = new TesterBean("myBean");
diff --git a/test/jakarta/el/TestResourceBundleELResolver.java
b/test/jakarta/el/TestResourceBundleELResolver.java
index 5d0f9ff020..3732acb751 100644
--- a/test/jakarta/el/TestResourceBundleELResolver.java
+++ b/test/jakarta/el/TestResourceBundleELResolver.java
@@ -30,7 +30,7 @@ public class TestResourceBundleELResolver {
@Test
public void bug53001() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
ResourceBundle rb = new TesterResourceBundle();
diff --git a/test/org/apache/el/TestELEvaluation.java
b/test/org/apache/el/TestELEvaluation.java
index fe9e9d3386..eb036238f0 100644
--- a/test/org/apache/el/TestELEvaluation.java
+++ b/test/org/apache/el/TestELEvaluation.java
@@ -254,7 +254,7 @@ public class TestELEvaluation {
private String evaluateExpression(String expression) {
ExpressionFactoryImpl exprFactory = new ExpressionFactoryImpl();
- ELContextImpl ctx = new ELContextImpl(exprFactory);
+ ELContextImpl ctx = new ELContextImpl();
ctx.setFunctionMapper(new TesterFunctions.FMapper());
ValueExpression ve = exprFactory.createValueExpression(ctx, expression,
String.class);
diff --git a/test/org/apache/el/TestExpressionFactory.java
b/test/org/apache/el/TestExpressionFactory.java
index 3f7e2e7f4b..8df864603c 100644
--- a/test/org/apache/el/TestExpressionFactory.java
+++ b/test/org/apache/el/TestExpressionFactory.java
@@ -40,7 +40,7 @@ public class TestExpressionFactory {
ExpressionFactory factory = ExpressionFactory.newInstance();
Assert.assertNotNull(factory);
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
Assert.assertNotNull(context);
factory.createValueExpression(context, "foo", null);
diff --git a/test/org/apache/el/TestMethodExpressionImpl.java
b/test/org/apache/el/TestMethodExpressionImpl.java
index 2ad619e1ca..4575866012 100644
--- a/test/org/apache/el/TestMethodExpressionImpl.java
+++ b/test/org/apache/el/TestMethodExpressionImpl.java
@@ -43,7 +43,7 @@ public class TestMethodExpressionImpl {
@Before
public void setUp() {
factory = ExpressionFactory.newInstance();
- context = new ELContextImpl(factory);
+ context = new ELContextImpl();
TesterBeanA beanA = new TesterBeanA();
beanA.setName("A");
diff --git a/test/org/apache/el/TestValueExpressionImpl.java
b/test/org/apache/el/TestValueExpressionImpl.java
index db966a08c6..b81ae5e76a 100644
--- a/test/org/apache/el/TestValueExpressionImpl.java
+++ b/test/org/apache/el/TestValueExpressionImpl.java
@@ -37,7 +37,7 @@ public class TestValueExpressionImpl {
@Test
public void testGetValueReference() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanB beanB = new TesterBeanB();
beanB.setName("Tomcat");
@@ -63,7 +63,7 @@ public class TestValueExpressionImpl {
@Test
public void testGetValueReferenceVariable() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanB beanB = new TesterBeanB();
beanB.setName("Tomcat");
@@ -91,7 +91,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug49345() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanA beanA = new TesterBeanA();
TesterBeanB beanB = new TesterBeanB();
@@ -120,7 +120,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug50105() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterEnum testEnum = TesterEnum.APPLE;
@@ -143,7 +143,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug51177ObjectMap() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
Object o1 = "String value";
Object o2 = Integer.valueOf(32);
@@ -170,7 +170,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug51177ObjectList() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
Object o1 = "String value";
Object o2 = Integer.valueOf(32);
@@ -201,7 +201,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug51544Bean() throws Exception {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanA beanA = new TesterBeanA();
beanA.setValList(Collections.emptyList());
@@ -224,7 +224,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug51544Direct() throws Exception {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
List<?> list = Collections.emptyList();
@@ -243,7 +243,7 @@ public class TestValueExpressionImpl {
@Test
public void testBug56522SetNullValue() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanB beanB = new TesterBeanB();
beanB.setName("Tomcat");
diff --git a/test/org/apache/el/parser/TestELParser.java
b/test/org/apache/el/parser/TestELParser.java
index 23a0f964d2..dfbe757e82 100644
--- a/test/org/apache/el/parser/TestELParser.java
+++ b/test/org/apache/el/parser/TestELParser.java
@@ -64,7 +64,7 @@ public class TestELParser {
@Test
public void testJavaKeyWordSuffix() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanA beanA = new TesterBeanA();
beanA.setInt("five");
@@ -86,7 +86,7 @@ public class TestELParser {
@Test
public void testJavaKeyWordIdentifier() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanA beanA = new TesterBeanA();
beanA.setInt("five");
@@ -177,7 +177,7 @@ public class TestELParser {
private void doTestBug56179(int parenthesesCount, String innerExpr) {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
ValueExpression var =
factory.createValueExpression(Boolean.TRUE, Boolean.class);
@@ -203,7 +203,7 @@ public class TestELParser {
@Test
public void bug56185() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
TesterBeanC beanC = new TesterBeanC();
ValueExpression var =
@@ -222,7 +222,7 @@ public class TestELParser {
private void testExpression(String expression, String expected) {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
ValueExpression ve = factory.createValueExpression(
context, expression, String.class);
diff --git a/test/org/apache/el/util/TestReflectionUtil.java
b/test/org/apache/el/util/TestReflectionUtil.java
index 4362fc255e..5d81babba7 100644
--- a/test/org/apache/el/util/TestReflectionUtil.java
+++ b/test/org/apache/el/util/TestReflectionUtil.java
@@ -70,7 +70,7 @@ public class TestReflectionUtil {
@Test
public void testStaticMethodOnInstance() {
ExpressionFactory factory = ExpressionFactory.newInstance();
- ELContext context = new ELContextImpl(factory);
+ ELContext context = new ELContextImpl();
MethodExpression methodExpression =
factory.createMethodExpression(context, "${\"1\".format(2)}", String.class, new
Class<?>[] {});
diff --git a/test/org/apache/jasper/compiler/TestAttributeParser.java
b/test/org/apache/jasper/compiler/TestAttributeParser.java
index 7164628332..7fc0d29813 100644
--- a/test/org/apache/jasper/compiler/TestAttributeParser.java
+++ b/test/org/apache/jasper/compiler/TestAttributeParser.java
@@ -162,7 +162,7 @@ public class TestAttributeParser {
private String evalAttr(String expression, char quote) {
ExpressionFactoryImpl exprFactory = new ExpressionFactoryImpl();
- ELContextImpl ctx = new ELContextImpl(exprFactory);
+ ELContextImpl ctx = new ELContextImpl();
ctx.setFunctionMapper(new TesterFunctions.FMapper());
ValueExpression ve = exprFactory.createValueExpression(ctx,
AttributeParser.getUnquoted(expression, quote, false, false,
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
