remm 01/06/19 10:37:25
Modified: catalina/src/share/org/apache/catalina/loader
WebappClassLoader.java
Log:
- Make the call to load resource as a privileged action (file access).
- Fix the seal checking algorithm.
Revision Changes Path
1.2 +31 -20
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
Index: WebappClassLoader.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- WebappClassLoader.java 2001/06/19 02:12:39 1.1
+++ WebappClassLoader.java 2001/06/19 17:37:23 1.2
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
1.1 2001/06/19 02:12:39 remm Exp $
- * $Revision: 1.1 $
- * $Date: 2001/06/19 02:12:39 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
1.2 2001/06/19 17:37:23 remm Exp $
+ * $Revision: 1.2 $
+ * $Date: 2001/06/19 17:37:23 $
*
* ====================================================================
*
@@ -78,7 +78,6 @@
import java.net.URLStreamHandler;
import java.security.AccessControlException;
import java.security.PrivilegedAction;
-import java.security.PrivilegedExceptionAction;
import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.CodeSource;
@@ -118,7 +117,7 @@
*
* @author Remy Maucherat
* @author Craig R. McClanahan
- * @version $Revision: 1.1 $ $Date: 2001/06/19 02:12:39 $
+ * @version $Revision: 1.2 $ $Date: 2001/06/19 17:37:23 $
*/
public class WebappClassLoader
extends URLClassLoader
@@ -139,6 +138,7 @@
this.parent = getParent();
system = getSystemClassLoader();
securityManager = System.getSecurityManager();
+ accessController = AccessController.getContext();
}
@@ -154,6 +154,7 @@
this.parent = getParent();
system = getSystemClassLoader();
securityManager = System.getSecurityManager();
+ accessController = AccessController.getContext();
}
@@ -310,6 +311,12 @@
private ClassLoader system = null;
+ /**
+ * Access controller.
+ */
+ private AccessControlContext accessController;
+
+
// ------------------------------------------------------------- Properties
@@ -1259,8 +1266,21 @@
String tempPath = name.replace('.', '/');
String classPath = tempPath + ".class";
+
+ ResourceEntry entry = null;
- ResourceEntry entry = findResourceInternal(name, classPath);
+ if (securityManager != null) {
+ final String fName = name;
+ final String fClassPath = classPath;
+ entry = (ResourceEntry) AccessController.doPrivileged
+ (new PrivilegedAction() {
+ public Object run() {
+ return findResourceInternal(fName, fClassPath);
+ }
+ }, accessController);
+ } else {
+ entry = findResourceInternal(name, classPath);
+ }
if (entry == null)
throw new ClassNotFoundException(name);
@@ -1305,23 +1325,14 @@
if (pkg.isSealed()) {
sealCheck = pkg.isSealed(entry.source);
} else {
- if (entry.manifest != null)
- sealCheck = isPackageSealed
- (packageName, entry.manifest);
+ sealCheck = (entry.manifest == null)
+ || !isPackageSealed(packageName, entry.manifest);
}
if (!sealCheck)
- throw new SecurityException("sealing violation");
+ throw new SecurityException
+ ("Sealing violation loading " + name + " : Package "
+ + packageName + " is sealed.");
}
-
-/*
- clazz = (Class)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws ClassNotFoundException {
- return defineClass(name, entry.binaryContent, 0,
- entry.binaryContent.length, codeSource);
- }
- }, accessController);
-*/
}
