You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by co...@apache.org on 2001/10/13 06:25:26 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/session SessionIdGenerator.java
costin 01/10/12 21:25:26
Modified: src/share/org/apache/tomcat/modules/session
SessionIdGenerator.java
Log:
Just to be safe, same fixes as in 4114.
It may happen if a servlet calls a jsp which get a new session id. There are no
other place where we doPriviledged in normal code.
Revision Changes Path
1.7 +7 -1 jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SessionIdGenerator.java
Index: SessionIdGenerator.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SessionIdGenerator.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- SessionIdGenerator.java 2001/09/07 04:52:18 1.6
+++ SessionIdGenerator.java 2001/10/13 04:25:26 1.7
@@ -153,10 +153,16 @@
//-------------------- Tomcat context events --------------------
+ private Object accessControlContext=null;
/** Init session management stuff for this context.
*/
public void engineInit(ContextManager cm) throws TomcatException {
+ try {
+ accessControlContext=jdk11Compat.getAccessControlContext();
+ } catch(Exception ex) {
+ ex.printStackTrace();// shouldn't happen
+ }
}
@@ -178,7 +184,7 @@
// We're in a sandbox...
PriviledgedIdGenerator di = new PriviledgedIdGenerator(this, jsIdent);
try {
- newId= (String)jdk11Compat.doPrivileged(di, jdk11Compat.getAccessControlContext());
+ newId= (String)jdk11Compat.doPrivileged(di, accessControlContext);
} catch( Exception ex ) {
newId=null;
}