cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2005-08-04 Thread billbarker
billbarker2005/08/03 23:07:46

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Fix CNFE when starting in a sandbox.
  
  After the last refactoring, the Jk-Java Connector no longer has need of PAs.  
If this changes, the method can always be added back.
  
  Revision  ChangesPath
  1.18  +1 -12 
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- SecurityClassLoad.java24 Jul 2004 07:07:37 -  1.17
  +++ SecurityClassLoad.java4 Aug 2005 06:07:46 -   1.18
  @@ -43,7 +43,6 @@
   loadJavaxPackage(loader);
   loadCoyotePackage(loader);
   loadHttp11Package(loader);
  -loadJkPackage(loader);
   }
   
   
  @@ -198,15 +197,5 @@
Response$3);
   }
   
  -private final static void loadJkPackage(ClassLoader loader)
  -throws Exception {
  -String basePackage = org.apache.jk.;
  -loader.loadClass
  -(basePackage +
  - server.JkCoyoteHandler$1);
  -loader.loadClass
  -(basePackage +
  - server.JkCoyoteHandler$StatusLinePrivilegedAction);
  -}
   }
   
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2005-08-04 Thread Remy Maucherat

[EMAIL PROTECTED] wrote:

billbarker2005/08/03 23:07:46

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Fix CNFE when starting in a sandbox.
  
  After the last refactoring, the Jk-Java Connector no longer has need of PAs.  If this changes, the method can always be added back.


This reminds me I need to test security more often.

I look in the preload list for HTTP, and I see a few PAs there. One of 
them is:


// End the response status line
if (System.getSecurityManager() != null){
   AccessController.doPrivileged(
new PrivilegedAction(){
public Object run(){
buf[pos++] = Constants.CR;
buf[pos++] = Constants.LF;
return null;
}
}
   );
} else {
buf[pos++] = Constants.CR;
buf[pos++] = Constants.LF;
}

I think this is fairly funny code. The contents of the PA were a bit 
different originally, but I don't see why a PA was ever needed. 
Similarly, the other PA is needed because the HttpMessages is a bundle 
which will need to be loaded, while the loading should be done during 
the init of the connector (like HttpMessages.getMessage(200)).


Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-07-24 Thread billbarker
billbarker2004/07/24 00:07:38

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Load the Connector classes from their new package, with their new names.
  
  Revision  ChangesPath
  1.17  +21 -21
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- SecurityClassLoad.java27 Feb 2004 14:58:46 -  1.16
  +++ SecurityClassLoad.java24 Jul 2004 07:07:37 -  1.17
  @@ -117,55 +117,55 @@
   
   private final static void loadCoyotePackage(ClassLoader loader)
   throws Exception {
  -String basePackage = org.apache.coyote.tomcat5.;
  +String basePackage = org.apache.catalina.connector.;
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetAttributePrivilegedAction);
  + RequestFacade$GetAttributePrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetParameterMapPrivilegedAction);
  + RequestFacade$GetParameterMapPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetRequestDispatcherPrivilegedAction);
  + RequestFacade$GetRequestDispatcherPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetParameterPrivilegedAction);
  + RequestFacade$GetParameterPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetParameterNamesPrivilegedAction);
  + RequestFacade$GetParameterNamesPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetParameterValuePrivilegedAction);
  + RequestFacade$GetParameterValuePrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetCharacterEncodingPrivilegedAction);
  + RequestFacade$GetCharacterEncodingPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetHeadersPrivilegedAction);
  + RequestFacade$GetHeadersPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetHeaderNamesPrivilegedAction);  
  + RequestFacade$GetHeaderNamesPrivilegedAction);  
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetCookiesPrivilegedAction);
  + RequestFacade$GetCookiesPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetLocalePrivilegedAction);
  + RequestFacade$GetLocalePrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetLocalesPrivilegedAction);
  + RequestFacade$GetLocalesPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteResponseFacade$SetContentTypePrivilegedAction);
  + ResponseFacade$SetContentTypePrivilegedAction);
   loader.loadClass
   (basePackage + 
  - CoyoteResponseFacade$DateHeaderPrivilegedAction);
  + ResponseFacade$DateHeaderPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteRequestFacade$GetSessionPrivilegedAction);
  + RequestFacade$GetSessionPrivilegedAction);
   loader.loadClass
   (basePackage +
  - CoyoteResponseFacade$1);
  + ResponseFacade$1);
   loader.loadClass
   (basePackage +
OutputBuffer$1);
  @@ -189,13 +189,13 @@
InputBuffer$1);
   loader.loadClass
   (basePackage +
  - CoyoteResponse$1);
  + Response$1);
   loader.loadClass
   (basePackage +
  - CoyoteResponse$2);
  + Response$2);
   loader.loadClass
   (basePackage +
  - CoyoteResponse$3);
  + Response$3);
   }
   
   private final static void loadJkPackage(ClassLoader loader)
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-01-06 Thread remm
remm2004/01/06 00:39:20

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  - I didn't test it, but I saw a typo.
  
  Revision  ChangesPath
  1.13  +5 -5  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- SecurityClassLoad.java6 Jan 2004 04:27:34 -   1.12
  +++ SecurityClassLoad.java6 Jan 2004 08:39:20 -   1.13
  @@ -247,7 +247,7 @@
   String basePackage = org.apache.tomcat.util.;
   loader.loadClass
   (basePackage +
  - buff.C2BConverter);
  + buf.C2BConverter);
   }
   
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-01-06 Thread Jeanfrancois Arcand


[EMAIL PROTECTED] wrote:

billbarker2004/01/05 20:27:34

 Modified:catalina/src/share/org/apache/catalina/security
   SecurityClassLoad.java
 Log:
 Adding classes for Coyote-Jk.
 
 This addresses Bug #25819.
 
 Reported By: Dario Bonino [EMAIL PROTECTED]
 
 Revision  ChangesPath
 1.12  +13 -4 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
 
 Index: SecurityClassLoad.java
 ===
 RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
 retrieving revision 1.11
 retrieving revision 1.12
 diff -u -r1.11 -r1.12
 --- SecurityClassLoad.java	31 Oct 2003 01:30:01 -	1.11
 +++ SecurityClassLoad.java	6 Jan 2004 04:27:34 -	1.12
 @@ -90,6 +90,7 @@
  loadJavaxPackage(loader);
  loadCoyotePackage(loader);
  loadHttp11Package(loader);
 +loadJkPackage(loader);
  }
  
  
 @@ -239,6 +240,14 @@
  loader.loadClass
  (basePackage +
   CoyoteResponse$3);
 +}
 +
 +private final static void loadJkPackage(ClassLoader loader)
 +throws Exception {
 +String basePackage = org.apache.tomcat.util.;
 +loader.loadClass
 +(basePackage +
 + buff.C2BConverter);
  }
  
  }
 

-1. That breaks the way we are implementing security. The role of this 
class is to load security related inner classes. Doing this make the 
class available for all Servlet (that break the package protection 
mechanism). You should add a doPrivileged block within the jk code 
instead and load the inner class here. Also, it is now impossible to 
protect that class using the catalina.properties if you do that.

If you think C2BConverter is secure and should not be protected 
(avaiable to Servlet), add the package to the catalina.policy instead.

-- Jeanfrancois


 
 
 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-01-06 Thread Bill Barker

- Original Message -
From: Jeanfrancois Arcand [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, January 06, 2004 7:40 AM
Subject: Re: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java




 [EMAIL PROTECTED] wrote:

 billbarker2004/01/05 20:27:34
 
   Modified:catalina/src/share/org/apache/catalina/security
 SecurityClassLoad.java
   Log:
   Adding classes for Coyote-Jk.
 
   This addresses Bug #25819.
 
   Reported By: Dario Bonino [EMAIL PROTECTED]
 
   Revision  ChangesPath
   1.12  +13 -4
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/Secu
rityClassLoad.java
 
   Index: SecurityClassLoad.java
   ===
   RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/sec
urity/SecurityClassLoad.java,v
   retrieving revision 1.11
   retrieving revision 1.12
   diff -u -r1.11 -r1.12
   --- SecurityClassLoad.java 31 Oct 2003 01:30:01 - 1.11
   +++ SecurityClassLoad.java 6 Jan 2004 04:27:34 - 1.12
   @@ -90,6 +90,7 @@
loadJavaxPackage(loader);
loadCoyotePackage(loader);
loadHttp11Package(loader);
   +loadJkPackage(loader);
}
 
 
   @@ -239,6 +240,14 @@
loader.loadClass
(basePackage +
 CoyoteResponse$3);
   +}
   +
   +private final static void loadJkPackage(ClassLoader loader)
   +throws Exception {
   +String basePackage = org.apache.tomcat.util.;
   +loader.loadClass
   +(basePackage +
   + buff.C2BConverter);
}
 
}
 
 
 -1. That breaks the way we are implementing security. The role of this
 class is to load security related inner classes. Doing this make the
 class available for all Servlet (that break the package protection
 mechanism). You should add a doPrivileged block within the jk code
 instead and load the inner class here. Also, it is now impossible to
 protect that class using the catalina.properties if you do that.

 If you think C2BConverter is secure and should not be protected
 (avaiable to Servlet), add the package to the catalina.policy instead.


I'll revert it.  C2BC is pretty harmless (it's basically a glorified Writer
:), but it doesn't really need to be in catalina.policy.  It just seemed to
be over-kill to create a PA for one new statement ;).

 -- Jeanfrancois


 
 
 
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 
 


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



This message is intended only for the use of the person(s) listed above as the 
intended recipient(s), and may contain information that is PRIVILEGED and 
CONFIDENTIAL.  If you are not an intended recipient, you may not read, copy, or 
distribute this message or any attachment. If you received this communication in 
error, please notify us immediately by e-mail and then delete all copies of this 
message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through the 
Internet is not secure. Do not send confidential or sensitive information, such as 
social security numbers, account numbers, personal identification numbers and 
passwords, to us via ordinary (unencrypted) e-mail.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-01-06 Thread billbarker
billbarker2004/01/06 20:56:09

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  reviting patch.
  
  Revision  ChangesPath
  1.14  +4 -13 
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- SecurityClassLoad.java6 Jan 2004 08:39:20 -   1.13
  +++ SecurityClassLoad.java7 Jan 2004 04:56:09 -   1.14
  @@ -90,7 +90,6 @@
   loadJavaxPackage(loader);
   loadCoyotePackage(loader);
   loadHttp11Package(loader);
  -loadJkPackage(loader);
   }
   
   
  @@ -240,14 +239,6 @@
   loader.loadClass
   (basePackage +
CoyoteResponse$3);
  -}
  -
  -private final static void loadJkPackage(ClassLoader loader)
  -throws Exception {
  -String basePackage = org.apache.tomcat.util.;
  -loader.loadClass
  -(basePackage +
  - buf.C2BConverter);
   }
   
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-01-06 Thread billbarker
billbarker2004/01/06 21:33:28

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Preload the new PAs.
  
  Revision  ChangesPath
  1.15  +18 -4 
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- SecurityClassLoad.java7 Jan 2004 04:56:09 -   1.14
  +++ SecurityClassLoad.java7 Jan 2004 05:33:28 -   1.15
  @@ -90,6 +90,7 @@
   loadJavaxPackage(loader);
   loadCoyotePackage(loader);
   loadHttp11Package(loader);
  +loadJkPackage(loader);
   }
   
   
  @@ -204,6 +205,9 @@
   (basePackage +
CoyoteResponseFacade$SetContentTypePrivilegedAction);
   loader.loadClass
  +(basePackage + 
  + CoyoteResponseFacade$DateHeaderPrivilegedAction);
  +loader.loadClass
   (basePackage +
CoyoteRequestFacade$GetSessionPrivilegedAction);
   loader.loadClass
  @@ -241,5 +245,15 @@
CoyoteResponse$3);
   }
   
  +private final static void loadJkPackage(ClassLoader loader)
  +throws Exception {
  +String basePackage = org.apache.jk.;
  +loader.loadClass
  +(basePackage +
  + server.JkCoyoteHandler$1);
  +loader.loadClass
  +(basePackage +
  + server.JkCoyoteHandler$StatusLinePrivilegedAction);
  +}
   }
   
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2004-01-05 Thread billbarker
billbarker2004/01/05 20:27:34

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Adding classes for Coyote-Jk.
  
  This addresses Bug #25819.
  
  Reported By: Dario Bonino [EMAIL PROTECTED]
  
  Revision  ChangesPath
  1.12  +13 -4 
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- SecurityClassLoad.java31 Oct 2003 01:30:01 -  1.11
  +++ SecurityClassLoad.java6 Jan 2004 04:27:34 -   1.12
  @@ -90,6 +90,7 @@
   loadJavaxPackage(loader);
   loadCoyotePackage(loader);
   loadHttp11Package(loader);
  +loadJkPackage(loader);
   }
   
   
  @@ -239,6 +240,14 @@
   loader.loadClass
   (basePackage +
CoyoteResponse$3);
  +}
  +
  +private final static void loadJkPackage(ClassLoader loader)
  +throws Exception {
  +String basePackage = org.apache.tomcat.util.;
  +loader.loadClass
  +(basePackage +
  + buff.C2BConverter);
   }
   
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2003-09-19 Thread jfarcand
jfarcand2003/09/19 15:03:35

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Add missing doPrivileged block
  
  Revision  ChangesPath
  1.10  +13 -4 
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- SecurityClassLoad.java23 Jun 2003 19:22:26 -  1.9
  +++ SecurityClassLoad.java19 Sep 2003 22:03:35 -  1.10
  @@ -107,6 +107,9 @@
   loader.loadClass
   (basePackage +
core.ContainerBase$PrivilegedAddChild);
  +loader.loadClass
  +(basePackage +
  + core.StandardWrapper$1);
   }
   
   
  @@ -220,6 +223,12 @@
   loader.loadClass
   (basePackage +
CoyoteResponse$1);
  +loader.loadClass
  +(basePackage +
  + CoyoteResponse$2);
  +loader.loadClass
  +(basePackage +
  + CoyoteResponse$3);
   }
   
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2003-06-23 Thread jfarcand
jfarcand2003/06/23 12:22:26

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Put the method call under the proper method :-)
  
  Revision  ChangesPath
  1.9   +7 -7  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- SecurityClassLoad.java23 Jun 2003 19:14:41 -  1.8
  +++ SecurityClassLoad.java23 Jun 2003 19:22:26 -  1.9
  @@ -116,9 +116,6 @@
   loader.loadClass
   (basePackage +
loader.WebappClassLoader$PrivilegedFindResource);
  -loader.loadClass
  -(basePackage +
  - session.StandardManager$PrivilegedDoUnload);
   }
   
   
  @@ -130,6 +127,9 @@
   loader.loadClass
   (basePackage +
session.StandardSession$1);
  +loader.loadClass
  +(basePackage +
  + session.StandardManager$PrivilegedDoUnload);
   }
   
   
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2003-06-16 Thread remm
remm2003/06/16 14:42:40

  Modified:catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  - AFAIK, CookieTools is no longer used.
  - For compat, it is placed in catalina-optional, but I don't see a need to preload 
it.
  
  Revision  ChangesPath
  1.7   +4 -6  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- SecurityClassLoad.java11 Mar 2003 20:51:12 -  1.6
  +++ SecurityClassLoad.java16 Jun 2003 21:42:40 -  1.7
  @@ -134,8 +134,6 @@
   throws Exception {
   String basePackage = org.apache.catalina.;
   loader.loadClass
  -(basePackage + util.CookieTools);
  -loader.loadClass
   (basePackage + util.URL);
   loader.loadClass(basePackage + util.Enumerator);
   }
  
  
  

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security SecurityClassLoad.java

2002-10-18 Thread jfarcand
jfarcand2002/10/18 14:29:29

  Added:   catalina/src/share/org/apache/catalina/security
SecurityClassLoad.java
  Log:
  Move the class from the startup dir. Remove unused inner classes.
  
  Revision  ChangesPath
  1.1  
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java
  
  Index: SecurityClassLoad.java
  ===
  /*
   * $Header: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityClassLoad.java,v
 1.1 2002/10/18 21:29:29 jfarcand Exp $
   * $Revision: 1.1 $
   * $Date: 2002/10/18 21:29:29 $
   *
   * 
   *
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 1999 The Apache Software Foundation.  All rights
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *notice, this list of conditions and the following disclaimer in
   *the documentation and/or other materials provided with the
   *distribution.
   *
   * 3. The end-user documentation included with the redistribution, if
   *any, must include the following acknowlegement:
   *   This product includes software developed by the
   *Apache Software Foundation (http://www.apache.org/).
   *Alternately, this acknowlegement may appear in the software itself,
   *if and wherever such third-party acknowlegements normally appear.
   *
   * 4. The names The Jakarta Project, Tomcat, and Apache Software
   *Foundation must not be used to endorse or promote products derived
   *from this software without prior written permission. For written
   *permission, please contact [EMAIL PROTECTED]
   *
   * 5. Products derived from this software may not be called Apache
   *nor may Apache appear in their names without prior written
   *permission of the Apache Group.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * 
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation.  For more
   * information on the Apache Software Foundation, please see
   * http://www.apache.org/.
   *
   * [Additional notices, if required by prior licensing conditions]
   *
   */
  
  
  package org.apache.catalina.security;
  
  /**
   * Static class used to preload java classes when using the
   * Java SecurityManager so that the defineClassInPackage
   * RuntimePermission does not trigger an AccessControlException.
   *
   * @author Glenn L. Nielsen
   * @version $Revision: 1.1 $ $Date: 2002/10/18 21:29:29 $
   */
  
  public final class SecurityClassLoad {
  
  public static void securityClassLoad(ClassLoader loader)
  throws Exception {
  
  if( System.getSecurityManager() == null )
  return;
  
  String basePackage = org.apache.catalina.;
  loader.loadClass
  (basePackage +
   core.ApplicationContext$PrivilegedGetRequestDispatcher);
  loader.loadClass
  (basePackage +
   core.ApplicationContext$PrivilegedGetResource);
  loader.loadClass
  (basePackage +
   core.ApplicationContext$PrivilegedGetResourcePaths);
  loader.loadClass
  (basePackage +
   core.ApplicationContext$PrivilegedLogMessage);
  loader.loadClass
  (basePackage +
   core.ApplicationContext$PrivilegedLogException);
  loader.loadClass
  (basePackage +
   core.ApplicationContext$PrivilegedLogThrowable);
  loader.loadClass
  (basePackage +
   core.ApplicationDispatcher$PrivilegedForward);