billbarker 2002/10/11 23:01:28
Modified: src/facade22/org/apache/tomcat/facade
Servlet22Interceptor.java
Log:
Don't set TCCL if called from Servlet code.
The previous patch could result in a SecurityException if this is called from the
Servlet code with a sandbox. The current check should be enough to avoid the SE,
without requiring a ProtectedAction.
Revision Changes Path
1.21 +6 -2
jakarta-tomcat/src/facade22/org/apache/tomcat/facade/Servlet22Interceptor.java
Index: Servlet22Interceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/Servlet22Interceptor.java,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- Servlet22Interceptor.java 12 Oct 2002 05:34:53 -0000 1.20
+++ Servlet22Interceptor.java 12 Oct 2002 06:01:28 -0000 1.21
@@ -200,8 +200,12 @@
Vector removed=null; // lazy
Enumeration e = sess.getAttributeNames();
ClassLoader clSave = jdk11Compat.getContextClassLoader();
- jdk11Compat.setContextClassLoader(sess.getContext().
- getClassLoader());
+ ClassLoader cxCL = sess.getContext().getClassLoader();
+ if( clSave != cxCL ) {
+ jdk11Compat.setContextClassLoader(cxCL);
+ } else {
+ clSave = null;
+ }
// announce all values with listener that we'll remove them
while( e.hasMoreElements() ) {
String key = (String) e.nextElement();
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
