You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by gl...@apache.org on 2001/04/25 06:15:04 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader StandardLoader.java
glenn 01/04/24 21:15:04
Modified: catalina/src/share/org/apache/catalina/loader
StandardLoader.java
Log:
Java SecurityManager implementation changes
-------------------------------------------
Changed the naming convention for JNDI DirContextURL to
"jndi:/hostname/webappname/" and "jar:jndi:/hostname/webappname/...".
This works better with java.io.FilePermission.
Modified how permissions are granted to the codeBase for a
web application so that different permissions can be granted.
Permissions assigned to the root of a web application apply
to JSP pages. Different permissions can be assigned to the
/WEB-INF/classes/ directory, the /WEB-INF/lib/ directory,
or even to individual jar files in /WEB-INF/lib/. This allows
much finer control of permissions granted within a web
application.
Fixed Jasper so that it uses the correct codeBase for a
web application, it had been using the work dir instead
of the context dir for getting permissions from the
policy file.
Added more default read FilePermissions for classes
loaded from within a web application so that getResources()
works. Added:
"jndi:/hostname/webappname/-"
"jar:jndi:/hostname/webappname/WEB-INF/lib/-"
"file:/realcontextpath/-"
Revision Changes Path
1.23 +14 -6 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/StandardLoader.java
Index: StandardLoader.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/StandardLoader.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- StandardLoader.java 2001/04/07 23:08:45 1.22
+++ StandardLoader.java 2001/04/25 04:15:03 1.23
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/StandardLoader.java,v 1.22 2001/04/07 23:08:45 craigmcc Exp $
- * $Revision: 1.22 $
- * $Date: 2001/04/07 23:08:45 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/StandardLoader.java,v 1.23 2001/04/25 04:15:03 glenn Exp $
+ * $Revision: 1.23 $
+ * $Date: 2001/04/25 04:15:03 $
*
* ====================================================================
*
@@ -116,7 +116,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.22 $ $Date: 2001/04/07 23:08:45 $
+ * @version $Revision: 1.23 $ $Date: 2001/04/25 04:15:03 $
*/
public final class StandardLoader
@@ -621,13 +621,21 @@
((Context) container).getServletContext();
try {
URL contextURL = servletContext.getResource("/");
- if( contextURL != null )
+ if( contextURL != null ) {
((StandardClassLoader)classLoader).setPermissions
(contextURL);
+ String jarUrl = "jar:" + contextURL.toString() + "WEB-INF/lib/";
+ ((StandardClassLoader)classLoader).setPermissions
+ (jarUrl);
+ }
String contextRoot = servletContext.getRealPath("/");
- if (contextRoot != null)
+ if (contextRoot != null) {
((StandardClassLoader)classLoader).setPermissions
(contextRoot);
+ String rootUrl = "file:" + contextRoot;
+ ((StandardClassLoader)classLoader).setPermissions
+ (rootUrl);
+ }
} catch (MalformedURLException e) {
}
}