Author: kkolinko
Date: Mon May 12 22:14:19 2014
New Revision: 1594105
URL: http://svn.apache.org/r1594105
Log:
Extend token protection to either access option in NamingContextListener
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/NamingContextListener.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1593335
Merged /tomcat/tc7.0.x/trunk:r1593288,1593371
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1594105&r1=1594104&r2=1594105&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon May 12 22:14:19 2014
@@ -28,12 +28,7 @@ None
PATCHES PROPOSED TO BACKPORT:
[ New proposals should be added at the end of the list ]
-* Extend token protection to either access option in NamingContextListener
- https://svn.apache.org/r1593288
- https://svn.apache.org/r1593371
- +1: markt, fhanik
- +1: kkolinko: Added r1593371 to proposal
- -1:
+None
PATCHES/ISSUES THAT ARE STALLED:
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/NamingContextListener.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/NamingContextListener.java?rev=1594105&r1=1594104&r2=1594105&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/NamingContextListener.java
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/core/NamingContextListener.java
Mon May 12 22:14:19 2014
@@ -226,6 +226,7 @@ public class NamingContextListener
// Never happens
}
ContextAccessController.setSecurityToken(getName(), container);
+ ContextAccessController.setSecurityToken(container, container);
ContextBindings.bindContext(container, namingContext, container);
if( log.isDebugEnabled() ) {
log.debug("Bound " + container );
@@ -297,7 +298,8 @@ public class NamingContextListener
}
ContextAccessController.unsetSecurityToken(getName(), container);
-
+ ContextAccessController.unsetSecurityToken(container, container);
+
// unregister mbeans.
Collection<ObjectName> names = objectNames.values();
for (ObjectName objectName : names) {
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1594105&r1=1594104&r2=1594105&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon May 12 22:14:19 2014
@@ -114,6 +114,10 @@
requiring code to have the <code>accessClassInPackage</code> permission
when running under a security manager. (markt)
</add>
+ <fix>
+ Make the naming context tokens for containers more robust.
+ (markt/kkolinko)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
