jfarcand 2002/12/13 13:50:21
Modified: catalina/src/share/org/apache/catalina/session
ManagerBase.java
Log:
This class implementation doesn't work under the Security Manager. Fix the problem.
Note: Always run watchdogs with the Security Manager before doing a commit ;-)
Revision Changes Path
1.7 +39 -15
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/ManagerBase.java
Index: ManagerBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/ManagerBase.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ManagerBase.java 9 Dec 2002 19:07:36 -0000 1.6
+++ ManagerBase.java 13 Dec 2002 21:50:21 -0000 1.7
@@ -71,8 +71,10 @@
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
+import java.security.AccessController;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Random;
@@ -221,6 +223,24 @@
* The property change support for this component.
*/
protected PropertyChangeSupport support = new PropertyChangeSupport(this);
+
+ // ------------------------------------------------------------- Security
classes
+ private class PrivilegedSetRandomFile implements PrivilegedAction{
+
+ public Object run(){
+ try {
+ File f=new File( devRandomSource );
+ if( ! f.exists() ) return null;
+ randomIS= new DataInputStream( new FileInputStream(f));
+ randomIS.readLong();
+ if( log.isDebugEnabled() )
+ log.debug( "Opening " + devRandomSource );
+ return randomIS;
+ } catch (IOException ex){
+ return null;
+ }
+ }
+ }
// ------------------------------------------------------------- Properties
@@ -478,17 +498,21 @@
public void setRandomFile( String s ) {
// as a hack, you can use a static file - and genarate the same
// session ids ( good for strange debugging )
- try {
- devRandomSource=s;
- File f=new File( devRandomSource );
- if( ! f.exists() ) return;
- randomIS= new DataInputStream( new FileInputStream(f));
- randomIS.readLong();
- if( log.isDebugEnabled() )
- log.debug( "Opening " + devRandomSource );
- } catch( IOException ex ) {
- randomIS=null;
- }
+ if (System.getSecurityManager() != null){
+ randomIS = (DataInputStream)AccessController.doPrivileged(new
PrivilegedSetRandomFile());
+ } else {
+ try{
+ devRandomSource=s;
+ File f=new File( devRandomSource );
+ if( ! f.exists() ) return;
+ randomIS= new DataInputStream( new FileInputStream(f));
+ randomIS.readLong();
+ if( log.isDebugEnabled() )
+ log.debug( "Opening " + devRandomSource );
+ } catch( IOException ex ) {
+ randomIS=null;
+ }
+ }
}
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
