You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/01/12 15:28:01 UTC
[tomcat] branch main updated: Remove some more SecurityManager references
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 4493b73d73 Remove some more SecurityManager references
4493b73d73 is described below
commit 4493b73d7318b7dc4c5a91d64b6970990b163673
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 12 15:27:53 2023 +0000
Remove some more SecurityManager references
---
conf/catalina.properties | 24 ---
.../catalina/security/DeployXmlPermission.java | 38 ----
.../catalina/security/SecurityClassLoad.java | 204 ---------------------
.../apache/catalina/security/SecurityConfig.java | 147 ---------------
java/org/apache/catalina/startup/Bootstrap.java | 3 -
java/org/apache/catalina/startup/Catalina.java | 12 --
java/org/apache/catalina/startup/HostConfig.java | 40 +---
java/org/apache/catalina/startup/Tomcat.java | 2 -
8 files changed, 2 insertions(+), 468 deletions(-)
diff --git a/conf/catalina.properties b/conf/catalina.properties
index 6c5cb3eae9..9e5cccc3a5 100644
--- a/conf/catalina.properties
+++ b/conf/catalina.properties
@@ -13,26 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageAccess unless the
-# corresponding RuntimePermission ("accessClassInPackage."+package) has
-# been granted.
-package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.jasper.,org.apache.tomcat.
-#
-# List of comma-separated packages that start with or equal this string
-# will cause a security exception to be thrown when
-# passed to checkPackageDefinition unless the
-# corresponding RuntimePermission ("defineClassInPackage."+package) has
-# been granted.
-#
-# by default, no packages are restricted for definition, and none of
-# the class loaders supplied with the JDK call checkPackageDefinition.
-#
-package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,\
-org.apache.jasper.,org.apache.naming.,org.apache.tomcat.
-
#
#
# List of comma-separated paths defining the contents of the "common"
@@ -209,7 +189,3 @@ tomcat.util.buf.StringCache.byte.enabled=true
#tomcat.util.buf.StringCache.char.enabled=true
#tomcat.util.buf.StringCache.trainThreshold=500000
#tomcat.util.buf.StringCache.cacheSize=5000
-
-# Disable use of some privilege blocks Tomcat doesn't need since calls to the
-# code in question are always already inside a privilege block
-org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED=false
diff --git a/java/org/apache/catalina/security/DeployXmlPermission.java b/java/org/apache/catalina/security/DeployXmlPermission.java
deleted file mode 100644
index bf8ca273c5..0000000000
--- a/java/org/apache/catalina/security/DeployXmlPermission.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.catalina.security;
-
-import java.security.BasicPermission;
-
-/**
- * Grant this permission to a docBase to permit the web application to use any
- * <code>META-INF/context.xml</code> that might be present with in the
- * application when <code>deployXML</code> has been disabled at the Host level.
- * The name of the permission should be the base name for the web application.
- */
-public class DeployXmlPermission extends BasicPermission {
-
- private static final long serialVersionUID = 1L;
-
- public DeployXmlPermission(String name) {
- super(name);
- }
-
- public DeployXmlPermission(String name, String actions) {
- super(name, actions);
- }
-}
diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java b/java/org/apache/catalina/security/SecurityClassLoad.java
deleted file mode 100644
index 67d5f37a97..0000000000
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.catalina.security;
-
-/**
- * Static class used to preload java classes when using the
- * Java SecurityManager so that the defineClassInPackage
- * RuntimePermission does not trigger an AccessControlException.
- *
- * @author Glenn L. Nielsen
- */
-public final class SecurityClassLoad {
-
- public static void securityClassLoad(ClassLoader loader) throws Exception {
- securityClassLoad(loader, true);
- }
-
-
- static void securityClassLoad(ClassLoader loader, boolean requireSecurityManager) throws Exception {
-
- if (requireSecurityManager && System.getSecurityManager() == null) {
- return;
- }
-
- loadCorePackage(loader);
- loadCoyotePackage(loader);
- loadLoaderPackage(loader);
- loadRealmPackage(loader);
- loadServletsPackage(loader);
- loadSessionPackage(loader);
- loadUtilPackage(loader);
- loadJakartaPackage(loader);
- loadConnectorPackage(loader);
- loadTomcatPackage(loader);
- }
-
-
- private static final void loadCorePackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.core.";
- loader.loadClass(basePackage + "AccessLogAdapter");
- loader.loadClass(basePackage + "ApplicationContextFacade$PrivilegedExecuteMethod");
- loader.loadClass(basePackage + "ApplicationDispatcher$PrivilegedForward");
- loader.loadClass(basePackage + "ApplicationDispatcher$PrivilegedInclude");
- loader.loadClass(basePackage + "ApplicationPushBuilder");
- loader.loadClass(basePackage + "AsyncContextImpl");
- loader.loadClass(basePackage + "AsyncContextImpl$AsyncRunnable");
- loader.loadClass(basePackage + "AsyncContextImpl$DebugException");
- loader.loadClass(basePackage + "AsyncListenerWrapper");
- loader.loadClass(basePackage + "ContainerBase$PrivilegedAddChild");
- loader.loadClass(basePackage + "DefaultInstanceManager$AnnotationCacheEntry");
- loader.loadClass(basePackage + "DefaultInstanceManager$AnnotationCacheEntryType");
- loader.loadClass(basePackage + "DefaultInstanceManager$PrivilegedGetField");
- loader.loadClass(basePackage + "DefaultInstanceManager$PrivilegedGetMethod");
- loader.loadClass(basePackage + "DefaultInstanceManager$PrivilegedLoadClass");
- loader.loadClass(basePackage + "ApplicationHttpRequest$AttributeNamesEnumerator");
- }
-
-
- private static final void loadLoaderPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.loader.";
- loader.loadClass(basePackage + "WebappClassLoaderBase$PrivilegedFindClassByName");
- loader.loadClass(basePackage + "WebappClassLoaderBase$PrivilegedHasLoggingConfig");
- }
-
-
- private static final void loadRealmPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.realm.";
- loader.loadClass(basePackage + "LockOutRealm$LockRecord");
- }
-
-
- private static final void loadServletsPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.servlets.";
- // Avoid a possible memory leak in the DefaultServlet when running with
- // a security manager. The DefaultServlet needs to load an XML parser
- // when running under a security manager. We want this to be loaded by
- // the container rather than a web application to prevent a memory leak
- // via web application class loader.
- loader.loadClass(basePackage + "DefaultServlet");
- }
-
-
- private static final void loadSessionPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.session.";
- loader.loadClass(basePackage + "StandardSession");
- loader.loadClass(basePackage + "StandardSession$PrivilegedNewSessionFacade");
- loader.loadClass(basePackage + "StandardManager$PrivilegedDoUnload");
- }
-
-
- private static final void loadUtilPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.util.";
- loader.loadClass(basePackage + "ParameterMap");
- loader.loadClass(basePackage + "RequestUtil");
- loader.loadClass(basePackage + "TLSUtil");
- }
-
-
- private static final void loadCoyotePackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.coyote.";
- loader.loadClass(basePackage + "http11.Constants");
- // Make sure system property is read at this point
- Class<?> clazz = loader.loadClass(basePackage + "Constants");
- clazz.getConstructor().newInstance();
- loader.loadClass(basePackage + "http2.Stream$PrivilegedPush");
- }
-
-
- private static final void loadJakartaPackage(ClassLoader loader) throws Exception {
- loader.loadClass("jakarta.servlet.http.Cookie");
- }
-
-
- private static final void loadConnectorPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.catalina.connector.";
- loader.loadClass(basePackage + "RequestFacade$GetAttributePrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetParameterMapPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetRequestDispatcherPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetParameterPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetParameterNamesPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetParameterValuePrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetCharacterEncodingPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetHeadersPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetHeaderNamesPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetCookiesPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetLocalePrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetLocalesPrivilegedAction");
- loader.loadClass(basePackage + "ResponseFacade$SetContentTypePrivilegedAction");
- loader.loadClass(basePackage + "ResponseFacade$DateHeaderPrivilegedAction");
- loader.loadClass(basePackage + "RequestFacade$GetSessionPrivilegedAction");
- loader.loadClass(basePackage + "ResponseFacade$FlushBufferPrivilegedAction");
- loader.loadClass(basePackage + "OutputBuffer$PrivilegedCreateConverter");
- loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedAvailable");
- loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedClose");
- loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedRead");
- loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedReadArray");
- loader.loadClass(basePackage + "CoyoteInputStream$PrivilegedReadBuffer");
- loader.loadClass(basePackage + "CoyoteOutputStream");
- loader.loadClass(basePackage + "InputBuffer$PrivilegedCreateConverter");
- loader.loadClass(basePackage + "Response$PrivilegedDoIsEncodable");
- loader.loadClass(basePackage + "Response$PrivilegedGenerateCookieString");
- loader.loadClass(basePackage + "Response$PrivilegedEncodeUrl");
- }
-
-
- private static final void loadTomcatPackage(ClassLoader loader) throws Exception {
- final String basePackage = "org.apache.tomcat.";
- // buf
- loader.loadClass(basePackage + "util.buf.B2CConverter");
- loader.loadClass(basePackage + "util.buf.ByteBufferUtils");
- loader.loadClass(basePackage + "util.buf.C2BConverter");
- loader.loadClass(basePackage + "util.buf.HexUtils");
- loader.loadClass(basePackage + "util.buf.StringCache");
- loader.loadClass(basePackage + "util.buf.StringCache$ByteEntry");
- loader.loadClass(basePackage + "util.buf.StringCache$CharEntry");
- loader.loadClass(basePackage + "util.buf.UriUtil");
- // collections
- loader.loadClass(basePackage + "util.collections.CaseInsensitiveKeyMap");
- loader.loadClass(basePackage + "util.collections.CaseInsensitiveKeyMap$EntryImpl");
- loader.loadClass(basePackage + "util.collections.CaseInsensitiveKeyMap$EntryIterator");
- loader.loadClass(basePackage + "util.collections.CaseInsensitiveKeyMap$EntrySet");
- loader.loadClass(basePackage + "util.collections.CaseInsensitiveKeyMap$Key");
- // http
- loader.loadClass(basePackage + "util.http.CookieProcessor");
- loader.loadClass(basePackage + "util.http.NamesEnumerator");
- // Make sure system property is read at this point
- Class<?> clazz = loader.loadClass(basePackage + "util.http.FastHttpDateFormat");
- clazz.getConstructor().newInstance();
- loader.loadClass(basePackage + "util.http.parser.HttpParser");
- loader.loadClass(basePackage + "util.http.parser.MediaType");
- loader.loadClass(basePackage + "util.http.parser.MediaTypeCache");
- loader.loadClass(basePackage + "util.http.parser.SkipResult");
- // net
- loader.loadClass(basePackage + "util.net.Constants");
- loader.loadClass(basePackage + "util.net.DispatchType");
- loader.loadClass(basePackage + "util.net.NioEndpoint$NioSocketWrapper$NioOperationState");
- loader.loadClass(basePackage + "util.net.Nio2Endpoint$Nio2SocketWrapper$Nio2OperationState");
- loader.loadClass(basePackage + "util.net.SocketWrapperBase$BlockingMode");
- loader.loadClass(basePackage + "util.net.SocketWrapperBase$CompletionCheck");
- loader.loadClass(basePackage + "util.net.SocketWrapperBase$CompletionHandlerCall");
- loader.loadClass(basePackage + "util.net.SocketWrapperBase$CompletionState");
- loader.loadClass(basePackage + "util.net.SocketWrapperBase$VectoredIOCompletionHandler");
- loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor");
- loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor$ExtractorResult");
- // security
- loader.loadClass(basePackage + "util.security.PrivilegedGetTccl");
- loader.loadClass(basePackage + "util.security.PrivilegedSetTccl");
- loader.loadClass(basePackage + "util.security.PrivilegedSetAccessControlContext");
- }
-}
diff --git a/java/org/apache/catalina/security/SecurityConfig.java b/java/org/apache/catalina/security/SecurityConfig.java
deleted file mode 100644
index 85870ab71f..0000000000
--- a/java/org/apache/catalina/security/SecurityConfig.java
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.catalina.security;
-
-import java.security.Security;
-
-import org.apache.catalina.startup.CatalinaProperties;
-import org.apache.juli.logging.Log;
-import org.apache.juli.logging.LogFactory;
-
-/**
- * Util class to protect Catalina against package access and insertion.
- * The code are been moved from Catalina.java
- * @author the Catalina.java authors
- */
-public final class SecurityConfig{
-
- private static final Object singletonLock = new Object();
- private static volatile SecurityConfig singleton = null;
-
- private static final Log log = LogFactory.getLog(SecurityConfig.class);
-
-
- private static final String PACKAGE_ACCESS = "sun.,"
- + "org.apache.catalina."
- + ",org.apache.jasper."
- + ",org.apache.coyote."
- + ",org.apache.tomcat.";
-
- // FIX ME package "javax." was removed to prevent HotSpot
- // fatal internal errors
- private static final String PACKAGE_DEFINITION= "java.,sun."
- + ",org.apache.catalina."
- + ",org.apache.coyote."
- + ",org.apache.tomcat."
- + ",org.apache.jasper.";
- /**
- * List of protected package from conf/catalina.properties
- */
- private final String packageDefinition;
-
-
- /**
- * List of protected package from conf/catalina.properties
- */
- private final String packageAccess;
-
-
- /**
- * Create a single instance of this class.
- */
- private SecurityConfig() {
- String definition = null;
- String access = null;
- try{
- definition = CatalinaProperties.getProperty("package.definition");
- access = CatalinaProperties.getProperty("package.access");
- } catch (java.lang.Exception ex){
- if (log.isDebugEnabled()){
- log.debug("Unable to load properties using CatalinaProperties", ex);
- }
- } finally {
- packageDefinition = definition;
- packageAccess = access;
- }
- }
-
-
- /**
- * Returns the singleton instance of that class.
- * @return an instance of that class.
- */
- public static SecurityConfig newInstance(){
- if (singleton == null) {
- synchronized (singletonLock) {
- if (singleton == null) {
- singleton = new SecurityConfig();
- }
- }
- }
- return singleton;
- }
-
-
- /**
- * Set the security package.access value.
- */
- public void setPackageAccess(){
- // If catalina.properties is missing, protect all by default.
- if (packageAccess == null){
- setSecurityProperty("package.access", PACKAGE_ACCESS);
- } else {
- setSecurityProperty("package.access", packageAccess);
- }
- }
-
-
- /**
- * Set the security package.definition value.
- */
- public void setPackageDefinition(){
- // If catalina.properties is missing, protect all by default.
- if (packageDefinition == null){
- setSecurityProperty("package.definition", PACKAGE_DEFINITION);
- } else {
- setSecurityProperty("package.definition", packageDefinition);
- }
- }
-
-
- /**
- * Set the proper security property
- * @param properties the package.* property.
- */
- private final void setSecurityProperty(String properties, String packageList){
- if (System.getSecurityManager() != null){
- String definition = Security.getProperty(properties);
- if( definition != null && definition.length() > 0 ){
- if (packageList.length() > 0) {
- definition = definition + ',' + packageList;
- }
- } else {
- definition = packageList;
- }
-
- Security.setProperty(properties, definition);
- }
- }
-
-
-}
-
-
diff --git a/java/org/apache/catalina/startup/Bootstrap.java b/java/org/apache/catalina/startup/Bootstrap.java
index 461d54b304..b0c52ef1c0 100644
--- a/java/org/apache/catalina/startup/Bootstrap.java
+++ b/java/org/apache/catalina/startup/Bootstrap.java
@@ -29,7 +29,6 @@ import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
-import org.apache.catalina.security.SecurityClassLoad;
import org.apache.catalina.startup.ClassLoaderFactory.Repository;
import org.apache.catalina.startup.ClassLoaderFactory.RepositoryType;
import org.apache.juli.logging.Log;
@@ -255,8 +254,6 @@ public final class Bootstrap {
Thread.currentThread().setContextClassLoader(catalinaLoader);
- SecurityClassLoad.securityClassLoad(catalinaLoader);
-
// Load our startup class and call its process() method
if (log.isDebugEnabled()) {
log.debug("Loading startup class");
diff --git a/java/org/apache/catalina/startup/Catalina.java b/java/org/apache/catalina/startup/Catalina.java
index d1e1705434..2d71330314 100644
--- a/java/org/apache/catalina/startup/Catalina.java
+++ b/java/org/apache/catalina/startup/Catalina.java
@@ -38,7 +38,6 @@ import org.apache.catalina.LifecycleState;
import org.apache.catalina.Server;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.core.StandardContext;
-import org.apache.catalina.security.SecurityConfig;
import org.apache.juli.ClassLoaderLogManager;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -173,7 +172,6 @@ public class Catalina {
// ----------------------------------------------------------- Constructors
public Catalina() {
- setSecurityProtection();
ExceptionUtils.preload();
}
@@ -936,16 +934,6 @@ public class Catalina {
}
- /**
- * Set the security package access/protection.
- */
- protected void setSecurityProtection(){
- SecurityConfig securityConfig = SecurityConfig.newInstance();
- securityConfig.setPackageDefinition();
- securityConfig.setPackageAccess();
- }
-
-
protected void generateLoader() {
String loaderClassName = "DigesterGeneratedCodeLoader";
StringBuilder code = new StringBuilder();
diff --git a/java/org/apache/catalina/startup/HostConfig.java b/java/org/apache/catalina/startup/HostConfig.java
index 4f079b58a3..937332291b 100644
--- a/java/org/apache/catalina/startup/HostConfig.java
+++ b/java/org/apache/catalina/startup/HostConfig.java
@@ -22,14 +22,7 @@ import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
import java.nio.file.Files;
-import java.security.CodeSource;
-import java.security.Permission;
-import java.security.PermissionCollection;
-import java.security.Policy;
-import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -54,7 +47,6 @@ import javax.management.ObjectName;
import org.apache.catalina.Container;
import org.apache.catalina.Context;
import org.apache.catalina.DistributedManager;
-import org.apache.catalina.Globals;
import org.apache.catalina.Host;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
@@ -62,7 +54,6 @@ import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Manager;
import org.apache.catalina.core.StandardContext;
import org.apache.catalina.core.StandardHost;
-import org.apache.catalina.security.DeployXmlPermission;
import org.apache.catalina.util.ContextName;
import org.apache.catalina.util.IOTools;
import org.apache.juli.logging.Log;
@@ -210,33 +201,6 @@ public class HostConfig implements LifecycleListener {
}
- private boolean isDeployThisXML(File docBase, ContextName cn) {
- boolean deployThisXML = isDeployXML();
- if (Globals.IS_SECURITY_ENABLED && !deployThisXML) {
- // When running under a SecurityManager, deployXML may be overridden
- // on a per Context basis by the granting of a specific permission
- Policy currentPolicy = Policy.getPolicy();
- if (currentPolicy != null) {
- URL contextRootUrl;
- try {
- contextRootUrl = docBase.toURI().toURL();
- CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null);
- PermissionCollection pc = currentPolicy.getPermissions(cs);
- Permission p = new DeployXmlPermission(cn.getBaseName());
- if (pc.implies(p)) {
- deployThisXML = true;
- }
- } catch (MalformedURLException e) {
- // Should never happen
- log.warn(sm.getString("hostConfig.docBaseUrlInvalid"), e);
- }
- }
- }
-
- return deployThisXML;
- }
-
-
/**
* @return the copy XML config file flag for this component.
*/
@@ -863,7 +827,7 @@ public class HostConfig implements LifecycleListener {
}
Context context = null;
- boolean deployThisXML = isDeployThisXML(war, cn);
+ boolean deployThisXML = this.deployXML;
try {
if (deployThisXML && useXml && !copyXML) {
@@ -1087,7 +1051,7 @@ public class HostConfig implements LifecycleListener {
DeployedApplication deployedApp;
boolean copyThisXml = isCopyXML();
- boolean deployThisXML = isDeployThisXML(dir, cn);
+ boolean deployThisXML = this.deployXML;
try {
if (deployThisXML && xml.exists()) {
diff --git a/java/org/apache/catalina/startup/Tomcat.java b/java/org/apache/catalina/startup/Tomcat.java
index 39142b6b06..a41f96433a 100644
--- a/java/org/apache/catalina/startup/Tomcat.java
+++ b/java/org/apache/catalina/startup/Tomcat.java
@@ -66,7 +66,6 @@ import org.apache.catalina.core.StandardService;
import org.apache.catalina.core.StandardWrapper;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.realm.RealmBase;
-import org.apache.catalina.security.SecurityClassLoad;
import org.apache.catalina.util.ContextName;
import org.apache.catalina.util.IOTools;
import org.apache.tomcat.util.ExceptionUtils;
@@ -1304,7 +1303,6 @@ public class Tomcat {
break;
}
}
- SecurityClassLoad.securityClassLoad(Thread.currentThread().getContextClassLoader());
org.apache.catalina.startup.Tomcat tomcat = new org.apache.catalina.startup.Tomcat();
// Create a Catalina instance and let it parse the configuration files
// It will also set a shutdown hook to stop the Server when needed
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org