svn commit: r891310 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/loader/WebappClassLoader.java java/org/apache/catalina/security/SecurityClassLoad.java

Wed, 16 Dec 2009 08:56:47 -0800 

Author: markt
Date: Wed Dec 16 16:56:22 2009
New Revision: 891310

URL: http://svn.apache.org/viewvc?rev=891310&view=rev
Log:
* Additional fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
  1) Code cleanup: Remove use of WebappClassLoader$PrivilegedFindResource,
  because all findResourceInternal(String,String) calls are now already
  wrapped with AccessController.doPrivileged, so additional wrapping is not
  needed.
  2) Add preloading of WebappClassLoader$PrivilegedFindResourceByName,
  to fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48097#c13

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java
    
tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=891310&r1=891309&r2=891310&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Dec 16 16:56:22 2009
@@ -285,17 +285,6 @@
   -1:
   +0: markt Combined patch needs to have 834047 removed and 881765 added
 
-* Additional fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
-  1) Code cleanup: Remove use of WebappClassLoader$PrivilegedFindResource,
-  because all findResourceInternal(String,String) calls are now already
-  wrapped with AccessController.doPrivileged, so additional wrapping is not
-  needed.
-  2) Add preloading of WebappClassLoader$PrivilegedFindResourceByName,
-  to fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48097#c13
-  
http://people.apache.org/~kkolinko/patches/2009-11-12_PrivilegedFindResource_tc6.patch
-  +1: kkolinko, markt, jim
-  -1:
-
 * Update to commons-pool 1.5.4
   http://svn.apache.org/viewvc?rev=881412&view=rev
   +1: markt, jim
@@ -420,7 +409,6 @@
   http://svn.apache.org/viewvc?rev=891185&view=rev (better log messages)
   +1: markt
   -1: 
-
   
 * Add support for a connectionTimeout attribute to the JNDIRealm
   http://svn.apache.org/viewvc?rev=891186&view=rev

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java?rev=891310&r1=891309&r2=891310&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/loader/WebappClassLoader.java 
Wed Dec 16 16:56:22 2009
@@ -111,7 +111,10 @@
 
     public static final boolean ENABLE_CLEAR_REFERENCES = 
         
Boolean.valueOf(System.getProperty("org.apache.catalina.loader.WebappClassLoader.ENABLE_CLEAR_REFERENCES",
 "true")).booleanValue();
-    
+
+    /**
+     * @deprecated Not used
+     */
     protected class PrivilegedFindResource
         implements PrivilegedAction {
 
@@ -1977,8 +1980,7 @@
     }
 
     /**
-     * Find specified resource in local repositories. This block
-     * will execute under an AccessControl.doPrivilege block.
+     * Find specified resource in local repositories.
      *
      * @return the loaded resource, or null if the resource isn't found
      */
@@ -2037,13 +2039,7 @@
 
                 // Note : Not getting an exception here means the resource was
                 // found
-                 if (securityManager != null) {
-                    PrivilegedAction dp =
-                        new PrivilegedFindResource(files[i], path);
-                    entry = (ResourceEntry)AccessController.doPrivileged(dp);
-                 } else {
-                    entry = findResourceInternal(files[i], path);
-                 }
+                entry = findResourceInternal(files[i], path);
 
                 ResourceAttributes attributes =
                     (ResourceAttributes) resources.getAttributes(fullPath);

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java?rev=891310&r1=891309&r2=891310&view=diff
==============================================================================
--- 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java 
(original)
+++ 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java 
Wed Dec 16 16:56:22 2009
@@ -77,7 +77,7 @@
         String basePackage = "org.apache.catalina.";
         loader.loadClass
             (basePackage +
-             "loader.WebappClassLoader$PrivilegedFindResource");
+             "loader.WebappClassLoader$PrivilegedFindResourceByName");
     }
     
     



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to