glenn 01/12/29 17:58:21
Modified: catalina build.xml
catalina/src/share/org/apache/catalina/connector
HttpResponseBase.java
catalina/src/share/org/apache/catalina/startup
Bootstrap.java BootstrapService.java
Added: catalina/src/share/org/apache/catalina/startup
SecurityClassLoad.java
Log:
Wrap HttpResponseBase.flushBuffer() with a doPrivileged so
that org.apache.catalina.util.* classes can be used when
sending headers. This prevents an AccessControlException
when using Ajp13.
The classes getting preloaded for the Java SecurityManager
in Bootstrap.java and BootstrapService.java were out of sync.
Created a separate java class for preloading classes which
both Bootstrap.java and BootstrapService.java can share.
Revision Changes Path
1.93 +2 -2 jakarta-tomcat-4.0/catalina/build.xml
Index: build.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/build.xml,v
retrieving revision 1.92
retrieving revision 1.93
diff -u -r1.92 -r1.93
--- build.xml 26 Dec 2001 02:20:34 -0000 1.92
+++ build.xml 30 Dec 2001 01:58:20 -0000 1.93
@@ -841,7 +841,7 @@
<include name="org/apache/catalina/loader/StandardClassLoader*.class" />
<include name="org/apache/catalina/loader/Extension.class" />
<include name="org/apache/catalina/loader/Reloader.class" />
- <include name="org/apache/catalina/startup/SecurityManagerDebug.class" />
+ <include name="org/apache/catalina/startup/SecurityClassLoad.class" />
<include name="org/apache/naming/JndiPermission.class" />
</fileset>
</jar>
@@ -858,7 +858,7 @@
<exclude name="org/apache/catalina/loader/StandardClassLoader*.class" />
<exclude name="org/apache/catalina/loader/Extension.class" />
<exclude name="org/apache/catalina/loader/Reloader.class" />
- <exclude name="org/apache/catalina/startup/SecurityManagerDebug.class" />
+ <exclude name="org/apache/catalina/startup/SecurityClassLoad.class" />
<exclude name="org/apache/catalina/servlets/**" />
<exclude name="org/apache/catalina/util/ssi/**" />
</fileset>
1.42 +33 -4
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java
Index: HttpResponseBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- HttpResponseBase.java 3 Dec 2001 19:55:04 -0000 1.41
+++ HttpResponseBase.java 30 Dec 2001 01:58:20 -0000 1.42
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java,v
1.41 2001/12/03 19:55:04 remm Exp $
- * $Revision: 1.41 $
- * $Date: 2001/12/03 19:55:04 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/HttpResponseBase.java,v
1.42 2001/12/30 01:58:20 glenn Exp $
+ * $Revision: 1.42 $
+ * $Date: 2001/12/30 01:58:20 $
*
* ====================================================================
*
@@ -72,6 +72,8 @@
// import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
@@ -101,7 +103,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.41 $ $Date: 2001/12/03 19:55:04 $
+ * @version $Revision: 1.42 $ $Date: 2001/12/30 01:58:20 $
*/
public class HttpResponseBase
@@ -109,6 +111,18 @@
implements HttpResponse, HttpServletResponse {
+ protected class PrivilegedFlushBuffer
+ implements PrivilegedExceptionAction {
+
+ PrivilegedFlushBuffer() {
+ }
+
+ public Object run() throws Exception {
+ doFlushBuffer();
+ return null;
+ }
+ }
+
// ----------------------------------------------------- Instance Variables
@@ -734,6 +748,21 @@
* @exception IOException if an input/output error occurs
*/
public void flushBuffer() throws IOException {
+
+ if( System.getSecurityManager() != null ) {
+ try {
+ PrivilegedFlushBuffer dp = new PrivilegedFlushBuffer();
+ AccessController.doPrivileged(dp);
+ } catch( PrivilegedActionException pe) {
+ throw (IOException)pe.getException();
+ }
+ } else {
+ doFlushBuffer();
+ }
+
+ }
+
+ private void doFlushBuffer() throws IOException {
if (!isCommitted())
sendHeaders();
1.33 +5 -51
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Bootstrap.java
Index: Bootstrap.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Bootstrap.java,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- Bootstrap.java 25 Nov 2001 21:06:37 -0000 1.32
+++ Bootstrap.java 30 Dec 2001 01:58:20 -0000 1.33
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Bootstrap.java,v
1.32 2001/11/25 21:06:37 glenn Exp $
- * $Revision: 1.32 $
- * $Date: 2001/11/25 21:06:37 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Bootstrap.java,v
1.33 2001/12/30 01:58:20 glenn Exp $
+ * $Revision: 1.33 $
+ * $Date: 2001/12/30 01:58:20 $
*
* ====================================================================
*
@@ -85,7 +85,7 @@
* class path and therefore not visible to application level classes.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.32 $ $Date: 2001/11/25 21:06:37 $
+ * @version $Revision: 1.33 $ $Date: 2001/12/30 01:58:20 $
*/
public final class Bootstrap {
@@ -165,53 +165,7 @@
// Load our startup class and call its process() method
try {
- if( System.getSecurityManager() != null ) {
- // Pre load some classes required for SecurityManager
- // so that defineClassInPackage does not throw a
- // security exception.
- String basePackage = "org.apache.catalina.";
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetRequestDispatcher");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetResource");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetResourcePaths");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogMessage");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogException");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogThrowable");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationDispatcher$PrivilegedForward");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationDispatcher$PrivilegedInclude");
- catalinaLoader.loadClass
- (basePackage +
- "core.ContainerBase$PrivilegedAddChild");
- catalinaLoader.loadClass
- (basePackage +
- "connector.HttpRequestBase$PrivilegedGetSession");
- catalinaLoader.loadClass
- (basePackage +
- "loader.WebappClassLoader$PrivilegedFindResource");
- catalinaLoader.loadClass
- (basePackage + "session.StandardSession");
- catalinaLoader.loadClass
- (basePackage + "util.CookieTools");
- catalinaLoader.loadClass
- (basePackage + "util.URL");
- catalinaLoader.loadClass(basePackage + "util.Enumerator");
- catalinaLoader.loadClass("javax.servlet.http.Cookie");
- }
+ SecurityClassLoad.securityClassLoad(catalinaLoader);
// Instantiate a startup class instance
if (debug >= 1)
1.11 +9 -97
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/BootstrapService.java
Index: BootstrapService.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/BootstrapService.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- BootstrapService.java 19 Oct 2001 05:58:57 -0000 1.10
+++ BootstrapService.java 30 Dec 2001 01:58:20 -0000 1.11
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/BootstrapService.java,v
1.10 2001/10/19 05:58:57 remm Exp $
- * $Revision: 1.10 $
- * $Date: 2001/10/19 05:58:57 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/BootstrapService.java,v
1.11 2001/12/30 01:58:20 glenn Exp $
+ * $Revision: 1.11 $
+ * $Date: 2001/12/30 01:58:20 $
*
* ====================================================================
*
@@ -86,7 +86,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.10 $ $Date: 2001/10/19 05:58:57 $
+ * @version $Revision: 1.11 $ $Date: 2001/12/30 01:58:20 $
*/
public final class BootstrapService
@@ -169,55 +169,10 @@
}
Thread.currentThread().setContextClassLoader(catalinaLoader);
-
+
+ SecurityClassLoad.securityClassLoad(catalinaLoader);
+
// Load our startup class and call its process() method
-
- if( System.getSecurityManager() != null ) {
- // Pre load some classes required for SecurityManager
- // so that defineClassInPackage does not throw a
- // security exception.
- String basePackage = "org.apache.catalina.";
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetRequestDispatcher");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetResource");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetResourcePaths");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogMessage");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogException");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogThrowable");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationDispatcher$PrivilegedForward");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationDispatcher$PrivilegedInclude");
- catalinaLoader.loadClass
- (basePackage +
- "connector.HttpRequestBase$PrivilegedGetSession");
- catalinaLoader.loadClass
- (basePackage +
- "loader.WebappClassLoader$PrivilegedFindResource");
- catalinaLoader.loadClass
- (basePackage + "session.StandardSession");
- catalinaLoader.loadClass
- (basePackage + "util.CookieTools");
- catalinaLoader.loadClass
- (basePackage + "util.URL");
- catalinaLoader.loadClass(basePackage + "util.Enumerator");
- catalinaLoader.loadClass("javax.servlet.http.Cookie");
- }
-
- // Instantiate a startup class instance
if (debug >= 1)
log("Loading startup class");
Class startupClass =
@@ -349,52 +304,9 @@
Thread.currentThread().setContextClassLoader(catalinaLoader);
- // Load our startup class and call its process() method
+ SecurityClassLoad.securityClassLoad(catalinaLoader);
- if( System.getSecurityManager() != null ) {
- // Pre load some classes required for SecurityManager
- // so that defineClassInPackage does not throw a
- // security exception.
- String basePackage = "org.apache.catalina.";
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetRequestDispatcher");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetResource");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedGetResourcePaths");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogMessage");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogException");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationContext$PrivilegedLogThrowable");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationDispatcher$PrivilegedForward");
- catalinaLoader.loadClass
- (basePackage +
- "core.ApplicationDispatcher$PrivilegedInclude");
- catalinaLoader.loadClass
- (basePackage +
- "connector.HttpRequestBase$PrivilegedGetSession");
- catalinaLoader.loadClass
- (basePackage +
- "loader.WebappClassLoader$PrivilegedFindResource");
- catalinaLoader.loadClass
- (basePackage + "session.StandardSession");
- catalinaLoader.loadClass
- (basePackage + "util.CookieTools");
- catalinaLoader.loadClass(basePackage + "util.Enumerator");
- catalinaLoader.loadClass("javax.servlet.http.Cookie");
- }
-
- // Instantiate a startup class instance
+ // Load our startup class and call its process() method
if (debug >= 1)
log("Loading startup class");
Class startupClass =
1.1
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/SecurityClassLoad.java
Index: SecurityClassLoad.java
===================================================================
/*
* $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/SecurityClassLoad.java,v
1.1 2001/12/30 01:58:20 glenn Exp $
* $Revision: 1.1 $
* $Date: 2001/12/30 01:58:20 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact [EMAIL PROTECTED]
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.catalina.startup;
/**
* Static class used to preload java classes when using the
* Java SecurityManager so that the defineClassInPackage
* RuntimePermission does not trigger an AccessControlException.
*
* @author Glenn L. Nielsen
* @version $Revision: 1.1 $ $Date: 2001/12/30 01:58:20 $
*/
public final class SecurityClassLoad {
static void securityClassLoad(ClassLoader loader)
throws Exception {
if( System.getSecurityManager() == null )
return;
String basePackage = "org.apache.catalina.";
loader.loadClass
(basePackage +
"core.ApplicationContext$PrivilegedGetRequestDispatcher");
loader.loadClass
(basePackage +
"core.ApplicationContext$PrivilegedGetResource");
loader.loadClass
(basePackage +
"core.ApplicationContext$PrivilegedGetResourcePaths");
loader.loadClass
(basePackage +
"core.ApplicationContext$PrivilegedLogMessage");
loader.loadClass
(basePackage +
"core.ApplicationContext$PrivilegedLogException");
loader.loadClass
(basePackage +
"core.ApplicationContext$PrivilegedLogThrowable");
loader.loadClass
(basePackage +
"core.ApplicationDispatcher$PrivilegedForward");
loader.loadClass
(basePackage +
"core.ApplicationDispatcher$PrivilegedInclude");
loader.loadClass
(basePackage +
"core.ContainerBase$PrivilegedAddChild");
loader.loadClass
(basePackage +
"connector.HttpRequestBase$PrivilegedGetSession");
loader.loadClass
(basePackage +
"connector.HttpResponseBase$PrivilegedFlushBuffer");
loader.loadClass
(basePackage +
"loader.WebappClassLoader$PrivilegedFindResource");
loader.loadClass
(basePackage + "session.StandardSession");
loader.loadClass
(basePackage + "util.CookieTools");
loader.loadClass
(basePackage + "util.URL");
loader.loadClass(basePackage + "util.Enumerator");
loader.loadClass("javax.servlet.http.Cookie");
}
}
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
