glenn 2002/09/23 16:53:06 Modified: jasper2/src/share/org/apache/jasper/compiler Tag: tomcat_4_branch JspRuntimeContext.java Log: Make sure the CodeSource for JSP pages is created consistently the same Revision Changes Path No revision No revision 1.4.2.3 +16 -14 jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/JspRuntimeContext.java Index: JspRuntimeContext.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/compiler/JspRuntimeContext.java,v retrieving revision 1.4.2.2 retrieving revision 1.4.2.3 diff -u -r1.4.2.2 -r1.4.2.3 --- JspRuntimeContext.java 20 Sep 2002 23:04:12 -0000 1.4.2.2 +++ JspRuntimeContext.java 23 Sep 2002 23:53:05 -0000 1.4.2.3 @@ -369,20 +369,21 @@ if( policy != null ) { try { // Get the permissions for the web app context - String contextDir = context.getRealPath("/"); - if( contextDir == null ) { - contextDir = options.getScratchDir().toString(); + String docBase = context.getRealPath("/"); + if( docBase == null ) { + docBase = options.getScratchDir().toString(); } - URL url = new URL("file:" + contextDir); + if (!docBase.endsWith(File.separator)){ + docBase = docBase + File.separator; + } + File contextDir = new File(docBase); + URL url = contextDir.getCanonicalFile().toURL(); codeSource = new CodeSource(url,null); permissionCollection = policy.getPermissions(codeSource); // Create a file read permission for web app context directory - if (contextDir.endsWith(File.separator)) { - contextDir = contextDir + "-"; - } else { - contextDir = contextDir + File.separator + "-"; - } + docBase = docBase + "-"; + permissionCollection.add(new FilePermission(docBase,"read")); // Create a file read permission for web app tempdir (work) directory String workDir = options.getScratchDir().toString(); @@ -425,7 +426,8 @@ permissionCollection.add( new FilePermission(jndiUrl,"read") ); } - } catch(MalformedURLException mfe) { + } catch(Exception e) { + context.log("Security Init for context failed",e); } } }
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>