[tomcat] branch master updated: Fix 64735 ServletContext.addJspFile() always fails with SecurityManager
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new e54267a Fix 64735 ServletContext.addJspFile() always fails with SecurityManager e54267a is described below commit e54267a3f71d29f9f850ed9966e7be9612f219d4 Author: Kyle Stiemann AuthorDate: Thu Sep 10 16:47:21 2020 -0400 Fix 64735 ServletContext.addJspFile() always fails with SecurityManager --- build.xml | 13 ++ .../catalina/core/ApplicationContextFacade.java| 5 + ...estApplicationContextFacadeSecurityManager.java | 148 + .../util/security/SecurityManagerBaseTest.java | 50 +++ webapps/docs/changelog.xml | 5 + 5 files changed, 221 insertions(+) diff --git a/build.xml b/build.xml index c5c79cb..1ab4af5 100644 --- a/build.xml +++ b/build.xml @@ -1978,8 +1978,21 @@ + + + + + + diff --git a/java/org/apache/catalina/core/ApplicationContextFacade.java b/java/org/apache/catalina/core/ApplicationContextFacade.java index 5dd3a37..ef004c6 100644 --- a/java/org/apache/catalina/core/ApplicationContextFacade.java +++ b/java/org/apache/catalina/core/ApplicationContextFacade.java @@ -117,6 +117,11 @@ public class ApplicationContextFacade implements ServletContext { classCache.put("getAttribute", clazz); classCache.put("log", clazz); classCache.put("setSessionTrackingModes", new Class[]{Set.class} ); +classCache.put("addJspFile", new Class[]{String.class, String.class}); +classCache.put("declareRoles", new Class[]{String[].class}); +classCache.put("setSessionTimeout", new Class[]{int.class}); +classCache.put("setRequestCharacterEncoding", new Class[]{String.class}); +classCache.put("setResponseCharacterEncoding", new Class[]{String.class}); } diff --git a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java new file mode 100644 index 000..fc5a5d5 --- /dev/null +++ b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java @@ -0,0 +1,148 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.core; + +import java.lang.reflect.Array; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; +import java.util.Arrays; +import java.util.Collection; +import java.util.stream.Collectors; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameter; + +import org.apache.catalina.security.SecurityUtil; +import org.apache.tomcat.util.security.SecurityManagerBaseTest; +import org.easymock.EasyMock; +import org.easymock.IExpectationSetters; +import org.easymock.internal.LastControl; + +@RunWith(Parameterized.class) +public final class TestApplicationContextFacadeSecurityManager extends SecurityManagerBaseTest { + +/** + * @return {@link Collection} of non-static, non-object, public {@link + * Method}s in {@link ApplicationContextFacade} to be run with the the Java + * 2 {@link SecurityManager} been enabled. + */ +@Parameterized.Parameters(name = "{index}: method={0}") +public static Collection publicApplicationContextFacadeMethods() { +return Arrays.stream(ApplicationContextFacade.class.getMethods()) +.filter(method -> !Modifier.isStatic(method.getModifiers())) +.filter(method -> { +try { +Object.class.getMethod(method.getName(), method.getParameterTypes()); +return false; +} catch (final NoSuchMethodException e) { +return true; +} +}) +
[tomcat] branch master updated: Fix 64735 ServletContext.addJspFile() always fails with SecurityManager
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new e54267a Fix 64735 ServletContext.addJspFile() always fails with SecurityManager e54267a is described below commit e54267a3f71d29f9f850ed9966e7be9612f219d4 Author: Kyle Stiemann AuthorDate: Thu Sep 10 16:47:21 2020 -0400 Fix 64735 ServletContext.addJspFile() always fails with SecurityManager --- build.xml | 13 ++ .../catalina/core/ApplicationContextFacade.java| 5 + ...estApplicationContextFacadeSecurityManager.java | 148 + .../util/security/SecurityManagerBaseTest.java | 50 +++ webapps/docs/changelog.xml | 5 + 5 files changed, 221 insertions(+) diff --git a/build.xml b/build.xml index c5c79cb..1ab4af5 100644 --- a/build.xml +++ b/build.xml @@ -1978,8 +1978,21 @@ + + + + + + diff --git a/java/org/apache/catalina/core/ApplicationContextFacade.java b/java/org/apache/catalina/core/ApplicationContextFacade.java index 5dd3a37..ef004c6 100644 --- a/java/org/apache/catalina/core/ApplicationContextFacade.java +++ b/java/org/apache/catalina/core/ApplicationContextFacade.java @@ -117,6 +117,11 @@ public class ApplicationContextFacade implements ServletContext { classCache.put("getAttribute", clazz); classCache.put("log", clazz); classCache.put("setSessionTrackingModes", new Class[]{Set.class} ); +classCache.put("addJspFile", new Class[]{String.class, String.class}); +classCache.put("declareRoles", new Class[]{String[].class}); +classCache.put("setSessionTimeout", new Class[]{int.class}); +classCache.put("setRequestCharacterEncoding", new Class[]{String.class}); +classCache.put("setResponseCharacterEncoding", new Class[]{String.class}); } diff --git a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java new file mode 100644 index 000..fc5a5d5 --- /dev/null +++ b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java @@ -0,0 +1,148 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.core; + +import java.lang.reflect.Array; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; +import java.util.Arrays; +import java.util.Collection; +import java.util.stream.Collectors; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameter; + +import org.apache.catalina.security.SecurityUtil; +import org.apache.tomcat.util.security.SecurityManagerBaseTest; +import org.easymock.EasyMock; +import org.easymock.IExpectationSetters; +import org.easymock.internal.LastControl; + +@RunWith(Parameterized.class) +public final class TestApplicationContextFacadeSecurityManager extends SecurityManagerBaseTest { + +/** + * @return {@link Collection} of non-static, non-object, public {@link + * Method}s in {@link ApplicationContextFacade} to be run with the the Java + * 2 {@link SecurityManager} been enabled. + */ +@Parameterized.Parameters(name = "{index}: method={0}") +public static Collection publicApplicationContextFacadeMethods() { +return Arrays.stream(ApplicationContextFacade.class.getMethods()) +.filter(method -> !Modifier.isStatic(method.getModifiers())) +.filter(method -> { +try { +Object.class.getMethod(method.getName(), method.getParameterTypes()); +return false; +} catch (final NoSuchMethodException e) { +return true; +} +}) +
[tomcat] branch master updated: Fix 64735 ServletContext.addJspFile() always fails with SecurityManager
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new e54267a Fix 64735 ServletContext.addJspFile() always fails with SecurityManager e54267a is described below commit e54267a3f71d29f9f850ed9966e7be9612f219d4 Author: Kyle Stiemann AuthorDate: Thu Sep 10 16:47:21 2020 -0400 Fix 64735 ServletContext.addJspFile() always fails with SecurityManager --- build.xml | 13 ++ .../catalina/core/ApplicationContextFacade.java| 5 + ...estApplicationContextFacadeSecurityManager.java | 148 + .../util/security/SecurityManagerBaseTest.java | 50 +++ webapps/docs/changelog.xml | 5 + 5 files changed, 221 insertions(+) diff --git a/build.xml b/build.xml index c5c79cb..1ab4af5 100644 --- a/build.xml +++ b/build.xml @@ -1978,8 +1978,21 @@ + + + + + + diff --git a/java/org/apache/catalina/core/ApplicationContextFacade.java b/java/org/apache/catalina/core/ApplicationContextFacade.java index 5dd3a37..ef004c6 100644 --- a/java/org/apache/catalina/core/ApplicationContextFacade.java +++ b/java/org/apache/catalina/core/ApplicationContextFacade.java @@ -117,6 +117,11 @@ public class ApplicationContextFacade implements ServletContext { classCache.put("getAttribute", clazz); classCache.put("log", clazz); classCache.put("setSessionTrackingModes", new Class[]{Set.class} ); +classCache.put("addJspFile", new Class[]{String.class, String.class}); +classCache.put("declareRoles", new Class[]{String[].class}); +classCache.put("setSessionTimeout", new Class[]{int.class}); +classCache.put("setRequestCharacterEncoding", new Class[]{String.class}); +classCache.put("setResponseCharacterEncoding", new Class[]{String.class}); } diff --git a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java new file mode 100644 index 000..fc5a5d5 --- /dev/null +++ b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java @@ -0,0 +1,148 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.core; + +import java.lang.reflect.Array; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; +import java.util.Arrays; +import java.util.Collection; +import java.util.stream.Collectors; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameter; + +import org.apache.catalina.security.SecurityUtil; +import org.apache.tomcat.util.security.SecurityManagerBaseTest; +import org.easymock.EasyMock; +import org.easymock.IExpectationSetters; +import org.easymock.internal.LastControl; + +@RunWith(Parameterized.class) +public final class TestApplicationContextFacadeSecurityManager extends SecurityManagerBaseTest { + +/** + * @return {@link Collection} of non-static, non-object, public {@link + * Method}s in {@link ApplicationContextFacade} to be run with the the Java + * 2 {@link SecurityManager} been enabled. + */ +@Parameterized.Parameters(name = "{index}: method={0}") +public static Collection publicApplicationContextFacadeMethods() { +return Arrays.stream(ApplicationContextFacade.class.getMethods()) +.filter(method -> !Modifier.isStatic(method.getModifiers())) +.filter(method -> { +try { +Object.class.getMethod(method.getName(), method.getParameterTypes()); +return false; +} catch (final NoSuchMethodException e) { +return true; +} +}) +
[tomcat] branch master updated: Fix 64735 ServletContext.addJspFile() always fails with SecurityManager
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new e54267a Fix 64735 ServletContext.addJspFile() always fails with SecurityManager e54267a is described below commit e54267a3f71d29f9f850ed9966e7be9612f219d4 Author: Kyle Stiemann AuthorDate: Thu Sep 10 16:47:21 2020 -0400 Fix 64735 ServletContext.addJspFile() always fails with SecurityManager --- build.xml | 13 ++ .../catalina/core/ApplicationContextFacade.java| 5 + ...estApplicationContextFacadeSecurityManager.java | 148 + .../util/security/SecurityManagerBaseTest.java | 50 +++ webapps/docs/changelog.xml | 5 + 5 files changed, 221 insertions(+) diff --git a/build.xml b/build.xml index c5c79cb..1ab4af5 100644 --- a/build.xml +++ b/build.xml @@ -1978,8 +1978,21 @@ + + + + + + diff --git a/java/org/apache/catalina/core/ApplicationContextFacade.java b/java/org/apache/catalina/core/ApplicationContextFacade.java index 5dd3a37..ef004c6 100644 --- a/java/org/apache/catalina/core/ApplicationContextFacade.java +++ b/java/org/apache/catalina/core/ApplicationContextFacade.java @@ -117,6 +117,11 @@ public class ApplicationContextFacade implements ServletContext { classCache.put("getAttribute", clazz); classCache.put("log", clazz); classCache.put("setSessionTrackingModes", new Class[]{Set.class} ); +classCache.put("addJspFile", new Class[]{String.class, String.class}); +classCache.put("declareRoles", new Class[]{String[].class}); +classCache.put("setSessionTimeout", new Class[]{int.class}); +classCache.put("setRequestCharacterEncoding", new Class[]{String.class}); +classCache.put("setResponseCharacterEncoding", new Class[]{String.class}); } diff --git a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java new file mode 100644 index 000..fc5a5d5 --- /dev/null +++ b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java @@ -0,0 +1,148 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.core; + +import java.lang.reflect.Array; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; +import java.util.Arrays; +import java.util.Collection; +import java.util.stream.Collectors; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameter; + +import org.apache.catalina.security.SecurityUtil; +import org.apache.tomcat.util.security.SecurityManagerBaseTest; +import org.easymock.EasyMock; +import org.easymock.IExpectationSetters; +import org.easymock.internal.LastControl; + +@RunWith(Parameterized.class) +public final class TestApplicationContextFacadeSecurityManager extends SecurityManagerBaseTest { + +/** + * @return {@link Collection} of non-static, non-object, public {@link + * Method}s in {@link ApplicationContextFacade} to be run with the the Java + * 2 {@link SecurityManager} been enabled. + */ +@Parameterized.Parameters(name = "{index}: method={0}") +public static Collection publicApplicationContextFacadeMethods() { +return Arrays.stream(ApplicationContextFacade.class.getMethods()) +.filter(method -> !Modifier.isStatic(method.getModifiers())) +.filter(method -> { +try { +Object.class.getMethod(method.getName(), method.getParameterTypes()); +return false; +} catch (final NoSuchMethodException e) { +return true; +} +}) +
[tomcat] branch master updated: Fix 64735 ServletContext.addJspFile() always fails with SecurityManager
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new e54267a Fix 64735 ServletContext.addJspFile() always fails with SecurityManager e54267a is described below commit e54267a3f71d29f9f850ed9966e7be9612f219d4 Author: Kyle Stiemann AuthorDate: Thu Sep 10 16:47:21 2020 -0400 Fix 64735 ServletContext.addJspFile() always fails with SecurityManager --- build.xml | 13 ++ .../catalina/core/ApplicationContextFacade.java| 5 + ...estApplicationContextFacadeSecurityManager.java | 148 + .../util/security/SecurityManagerBaseTest.java | 50 +++ webapps/docs/changelog.xml | 5 + 5 files changed, 221 insertions(+) diff --git a/build.xml b/build.xml index c5c79cb..1ab4af5 100644 --- a/build.xml +++ b/build.xml @@ -1978,8 +1978,21 @@ + + + + + + diff --git a/java/org/apache/catalina/core/ApplicationContextFacade.java b/java/org/apache/catalina/core/ApplicationContextFacade.java index 5dd3a37..ef004c6 100644 --- a/java/org/apache/catalina/core/ApplicationContextFacade.java +++ b/java/org/apache/catalina/core/ApplicationContextFacade.java @@ -117,6 +117,11 @@ public class ApplicationContextFacade implements ServletContext { classCache.put("getAttribute", clazz); classCache.put("log", clazz); classCache.put("setSessionTrackingModes", new Class[]{Set.class} ); +classCache.put("addJspFile", new Class[]{String.class, String.class}); +classCache.put("declareRoles", new Class[]{String[].class}); +classCache.put("setSessionTimeout", new Class[]{int.class}); +classCache.put("setRequestCharacterEncoding", new Class[]{String.class}); +classCache.put("setResponseCharacterEncoding", new Class[]{String.class}); } diff --git a/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java new file mode 100644 index 000..fc5a5d5 --- /dev/null +++ b/test/org/apache/catalina/core/TestApplicationContextFacadeSecurityManager.java @@ -0,0 +1,148 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.catalina.core; + +import java.lang.reflect.Array; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; +import java.util.Arrays; +import java.util.Collection; +import java.util.stream.Collectors; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameter; + +import org.apache.catalina.security.SecurityUtil; +import org.apache.tomcat.util.security.SecurityManagerBaseTest; +import org.easymock.EasyMock; +import org.easymock.IExpectationSetters; +import org.easymock.internal.LastControl; + +@RunWith(Parameterized.class) +public final class TestApplicationContextFacadeSecurityManager extends SecurityManagerBaseTest { + +/** + * @return {@link Collection} of non-static, non-object, public {@link + * Method}s in {@link ApplicationContextFacade} to be run with the the Java + * 2 {@link SecurityManager} been enabled. + */ +@Parameterized.Parameters(name = "{index}: method={0}") +public static Collection publicApplicationContextFacadeMethods() { +return Arrays.stream(ApplicationContextFacade.class.getMethods()) +.filter(method -> !Modifier.isStatic(method.getModifiers())) +.filter(method -> { +try { +Object.class.getMethod(method.getName(), method.getParameterTypes()); +return false; +} catch (final NoSuchMethodException e) { +return true; +} +}) +