You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2010/05/15 01:43:51 UTC
svn commit: r944518 - in /tomcat/trunk: TOMCAT-7-RELEASE-PLAN.txt
java/org/apache/catalina/core/StandardHostValve.java
java/org/apache/tomcat/util/net/AprEndpoint.java
java/org/apache/tomcat/util/net/JIoEndpoint.java
Author: markt
Date: Fri May 14 23:43:51 2010
New Revision: 944518
URL: http://svn.apache.org/viewvc?rev=944518&view=rev
Log:
TCK failures: Fix remaining failures with APR/native and a security Manager
Modified:
tomcat/trunk/TOMCAT-7-RELEASE-PLAN.txt
tomcat/trunk/java/org/apache/catalina/core/StandardHostValve.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java
Modified: tomcat/trunk/TOMCAT-7-RELEASE-PLAN.txt
URL: http://svn.apache.org/viewvc/tomcat/trunk/TOMCAT-7-RELEASE-PLAN.txt?rev=944518&r1=944517&r2=944518&view=diff
==============================================================================
--- tomcat/trunk/TOMCAT-7-RELEASE-PLAN.txt (original)
+++ tomcat/trunk/TOMCAT-7-RELEASE-PLAN.txt Fri May 14 23:43:51 2010
@@ -27,8 +27,7 @@
3. Implement all the new Servlet 3 features
NOTE: Status is based on a review of the specification, not the TCK tests
- - Sections 1 to 15
- - Strict spec compliance requires deployment descriptor validation
+ - Done
4. Do an initial release (from trunk)
- Create tc7.0.x\tags to hold release tags - Done
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardHostValve.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardHostValve.java?rev=944518&r1=944517&r2=944518&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/StandardHostValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardHostValve.java Fri May 14 23:43:51 2010
@@ -20,6 +20,8 @@ package org.apache.catalina.core;
import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import javax.servlet.DispatcherType;
import javax.servlet.RequestDispatcher;
@@ -126,8 +128,14 @@ final class StandardHostValve
if( context.getLoader() != null ) {
// Not started - it should check for availability first
// This should eventually move to Engine, it's generic.
- Thread.currentThread().setContextClassLoader
- (context.getLoader().getClassLoader());
+ if (Globals.IS_SECURITY_ENABLED) {
+ PrivilegedAction<Void> pa = new PrivilegedSetTccl(
+ context.getLoader().getClassLoader());
+ AccessController.doPrivileged(pa);
+ } else {
+ Thread.currentThread().setContextClassLoader
+ (context.getLoader().getClassLoader());
+ }
}
if (request.isAsyncSupported()) {
request.setAsyncSupported(context.getPipeline().isAsyncSupported());
@@ -155,8 +163,14 @@ final class StandardHostValve
}
// Restore the context classloader
- Thread.currentThread().setContextClassLoader
- (StandardHostValve.class.getClassLoader());
+ if (Globals.IS_SECURITY_ENABLED) {
+ PrivilegedAction<Void> pa = new PrivilegedSetTccl(
+ StandardHostValve.class.getClassLoader());
+ AccessController.doPrivileged(pa);
+ } else {
+ Thread.currentThread().setContextClassLoader
+ (StandardHostValve.class.getClassLoader());
+ }
}
@@ -449,5 +463,18 @@ final class StandardHostValve
}
+
+ private static class PrivilegedSetTccl implements PrivilegedAction<Void> {
+ private ClassLoader cl;
+
+ PrivilegedSetTccl(ClassLoader cl) {
+ this.cl = cl;
+ }
+
+ public Void run() {
+ Thread.currentThread().setContextClassLoader(cl);
+ return null;
+ }
+ }
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=944518&r1=944517&r2=944518&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Fri May 14 23:43:51 2010
@@ -17,10 +17,13 @@
package org.apache.tomcat.util.net;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.concurrent.RejectedExecutionException;
+import org.apache.catalina.Globals;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.Address;
@@ -36,6 +39,7 @@ import org.apache.tomcat.jni.SSLSocket;
import org.apache.tomcat.jni.Socket;
import org.apache.tomcat.jni.Status;
+
/**
* APR tailored thread pool, providing the following services:
* <ul>
@@ -759,7 +763,29 @@ public class AprEndpoint extends Abstrac
*/
protected boolean processSocket(long socket, SocketStatus status) {
try {
- getExecutor().execute(new SocketEventProcessor(socket, status));
+ if (status == SocketStatus.OPEN || status == SocketStatus.STOP ||
+ status == SocketStatus.TIMEOUT) {
+ SocketEventProcessor proc =
+ new SocketEventProcessor(socket, status);
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ try {
+ if (Globals.IS_SECURITY_ENABLED) {
+ PrivilegedAction<Void> pa = new PrivilegedSetTccl(
+ getClass().getClassLoader());
+ AccessController.doPrivileged(pa);
+ } else {
+ Thread.currentThread().setContextClassLoader(
+ getClass().getClassLoader());
+ }
+ getExecutor().execute(proc);
+ } finally {
+ if (Globals.IS_SECURITY_ENABLED) {
+ PrivilegedAction<Void> pa = new PrivilegedSetTccl(loader);
+ AccessController.doPrivileged(pa);
+ } else {
+ Thread.currentThread().setContextClassLoader(loader);
+ }
+ } }
} catch (RejectedExecutionException x) {
log.warn("Socket processing request was rejected for:"+socket,x);
return false;
@@ -1481,5 +1507,17 @@ public class AprEndpoint extends Abstrac
}
-
+ private static class PrivilegedSetTccl implements PrivilegedAction<Void> {
+
+ private ClassLoader cl;
+
+ PrivilegedSetTccl(ClassLoader cl) {
+ this.cl = cl;
+ }
+
+ public Void run() {
+ Thread.currentThread().setContextClassLoader(cl);
+ return null;
+ }
+ }
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java?rev=944518&r1=944517&r2=944518&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/JIoEndpoint.java Fri May 14 23:43:51 2010
@@ -542,8 +542,7 @@ public class JIoEndpoint extends Abstrac
protected ConcurrentLinkedQueue<SocketWrapper<Socket>> waitingRequests =
new ConcurrentLinkedQueue<SocketWrapper<Socket>>();
- private static class PrivilegedSetTccl
- implements PrivilegedAction<Void> {
+ private static class PrivilegedSetTccl implements PrivilegedAction<Void> {
private ClassLoader cl;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: svn commit: r944518 - in /tomcat/trunk: TOMCAT-7-RELEASE-PLAN.txt
java/org/apache/catalina/core/StandardHostValve.java java/org/apache/tomcat/util/net/AprEndpoint.java
java/org/apache/tomcat/util/net/JIoEndpoint.java
Posted by Mark Thomas <ma...@apache.org>.
On 15/05/2010 00:43, markt@apache.org wrote:
> Author: markt
> Date: Fri May 14 23:43:51 2010
> New Revision: 944518
>
> URL: http://svn.apache.org/viewvc?rev=944518&view=rev
> Log:
> TCK failures: Fix remaining failures with APR/native and a security Manager
The good news is that, assuming the Servlet TCK still passes for the BIO
and NIO connectors with a security manager and that the JSP & EL TCKs
pass with a security manager, that we should be ready for 7.0.0-RC2.
The bad news is I noticed that I appear to have broken automatic
deployment, probably with all the Lifecycle refactoring. I'll fix this
ASAP and then roll 7.0.0-RC. That should happen this weekend.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org