[
https://issues.apache.org/struts/browse/TILES-324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Antonio Petrelli resolved TILES-324.
------------------------------------
Resolution: Fixed
Fix Version/s: 2.1.1
2.0.7
Now the second call to setCurrentClassloader is made only if the original was
null.
> Cannot call ClassUtil.setContextClassLoader() with SecurityManager
> ------------------------------------------------------------------
>
> Key: TILES-324
> URL: https://issues.apache.org/struts/browse/TILES-324
> Project: Tiles
> Issue Type: Bug
> Components: tiles-core
> Affects Versions: 2.0.6
> Reporter: Eddy Chan
> Assignee: Antonio Petrelli
> Priority: Critical
> Fix For: 2.0.7, 2.1.1
>
>
> In org.apache.tiles.util.ClassUtil.instantiate(String, boolean), there are
> two calls to setContextClassLoader for the currentThread. This causes an
> issue with a SecurityManager that does not grant the RuntimePermission. In
> my situation, since this class is in the webapp, the second call to
> setContextClassLoader causes an issue, since it is in the finally clause.
> Two workarounds:
> 1) Remove the calls to setContextClassLoader. (Not sure the necessity here.)
> 2) Flag whether the first call to setContextClassLoader was originally done,
> and then conditionally call setContextClassLoader if it was done.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
