Author: violetagg Date: Thu Aug 15 19:37:45 2013 New Revision: 1514455 URL: http://svn.apache.org/r1514455 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55357 Merged revision 1514281 from tomcat/trunk: Set the web app classloader as a context classloader before reading the object data.
Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/FileStore.java tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/JDBCStore.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ ------------------------------------------------------------------------------ Merged /tomcat/trunk:r1514281 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/FileStore.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/FileStore.java?rev=1514455&r1=1514454&r2=1514455&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/FileStore.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/FileStore.java Thu Aug 15 19:37:45 2013 @@ -266,6 +266,7 @@ public final class FileStore extends Sto ObjectInputStream ois = null; Loader loader = null; ClassLoader classLoader = null; + ClassLoader oldThreadContextCL = Thread.currentThread().getContextClassLoader(); try { fis = new FileInputStream(file.getAbsolutePath()); bis = new BufferedInputStream(fis); @@ -274,10 +275,18 @@ public final class FileStore extends Sto loader = container.getLoader(); if (loader != null) classLoader = loader.getClassLoader(); - if (classLoader != null) + if (classLoader != null) { + Thread.currentThread().setContextClassLoader(classLoader); ois = new CustomObjectInputStream(bis, classLoader); - else + } else { ois = new ObjectInputStream(bis); + } + + StandardSession session = + (StandardSession) manager.createEmptySession(); + session.readObjectData(ois); + session.setManager(manager); + return (session); } catch (FileNotFoundException e) { if (manager.getContainer().getLogger().isDebugEnabled()) manager.getContainer().getLogger().debug("No persisted data file found"); @@ -298,21 +307,16 @@ public final class FileStore extends Sto } } throw e; - } - - try { - StandardSession session = - (StandardSession) manager.createEmptySession(); - session.readObjectData(ois); - session.setManager(manager); - return (session); } finally { - // Close the input stream - try { - ois.close(); - } catch (IOException f) { - // Ignore + if (ois != null) { + // Close the input stream + try { + ois.close(); + } catch (IOException f) { + // Ignore + } } + Thread.currentThread().setContextClassLoader(oldThreadContextCL); } } Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/JDBCStore.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/JDBCStore.java?rev=1514455&r1=1514454&r2=1514455&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/JDBCStore.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/session/JDBCStore.java Thu Aug 15 19:37:45 2013 @@ -620,6 +620,7 @@ public class JDBCStore extends StoreBase return (null); } + ClassLoader oldThreadContextCL = Thread.currentThread().getContextClassLoader(); try { if (preparedLoadSql == null) { String loadSql = "SELECT " + sessionIdCol + ", " @@ -642,6 +643,7 @@ public class JDBCStore extends StoreBase classLoader = loader.getClassLoader(); } if (classLoader != null) { + Thread.currentThread().setContextClassLoader(classLoader); ois = new CustomObjectInputStream(bis, classLoader); } else { @@ -680,6 +682,7 @@ public class JDBCStore extends StoreBase // Ignore } } + Thread.currentThread().setContextClassLoader(oldThreadContextCL); release(_conn); } numberOfTries--; Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1514455&r1=1514454&r2=1514455&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Thu Aug 15 19:37:45 2013 @@ -108,6 +108,10 @@ ServletContext. (markt) </fix> <fix> + <bug>55357</bug>: Ensure the web application class loader is set as a + thread context class loader during session deserialization. (violetagg) + </fix> + <fix> <bug>55404</bug>: Log warnings about using security roles in web.xml without defining them as warnings. (markt) </fix> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org