Amending the fix for

https://issues.apache.org/bugzilla/show_bug.cgi?id=49669
Do not depend on the deprecated class. Use reflection instead.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1004868 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index 9af75ca..1949677 100644 (file)
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -25,7 +25,6 @@ import java.net.URL;
 import java.net.URLConnection;
 
 import javax.imageio.ImageIO;
-import javax.security.auth.Policy;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 
@@ -233,10 +232,24 @@ public class JreMemoryLeakPreventionListener implements LifecycleListener {
              */
             if (securityPolicyProtection) {
                 try {
-                    Policy.getPolicy();
+                    // Policy.getPolicy();
+                    Class<?> policyClass = Class
+                            .forName("javax.security.auth.Policy");
+                    Method method = policyClass.getMethod("getPolicy");
+                    method.invoke(null);
+                } catch(ClassNotFoundException e) {
+                    // Ignore. The class is deprecated.
                 } catch(SecurityException e) {
                     // Ignore. Don't need call to getPolicy() to be successful,
                     // just need to trigger static initializer.
+                } catch (NoSuchMethodException e) {
+                    log.warn(sm.getString("jreLeakListener.authPolicyFail"), e);
+                } catch (IllegalArgumentException e) {
+                    log.warn(sm.getString("jreLeakListener.authPolicyFail"), e);
+                } catch (IllegalAccessException e) {
+                    log.warn(sm.getString("jreLeakListener.authPolicyFail"), e);
+                } catch (InvocationTargetException e) {
+                    log.warn(sm.getString("jreLeakListener.authPolicyFail"), e);
                 }
             }
 

diff --git a/java/org/apache/catalina/core/LocalStrings.properties b/java/org/apache/catalina/core/LocalStrings.properties
index 9a993b0..45b59ce 100644 (file)
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -80,6 +80,7 @@ jreLeakListener.keepAliveFail=Failed to trigger creation of the sun.net.www.http
 jreLeakListener.gcDaemonFail=Failed to trigger creation of the GC Daemon thread during Tomcat start to prevent possible memory leaks. This is expected on non-Sun JVMs.
 jreLeakListener.jarUrlConnCacheFail=Failed to disable Jar URL connection caching by default
 jreLeakListener.xmlParseFail=Error whilst attempting to prevent memory leaks during XML parsing
+jreLeakListener.authPolicyFail=Error whilst attempting to prevent memory leak in javax.security.auth.Policy class
 naming.wsdlFailed=Failed to find wsdl file: {0}
 naming.bindFailed=Failed to bind object: {0}
 naming.jmxRegistrationFailed=Failed to register in JMX: {0}

diff --git a/webapps/docs/config/listeners.xml b/webapps/docs/config/listeners.xml
index 2890919..713d1ff 100644 (file)
--- a/webapps/docs/config/listeners.xml
+++ b/webapps/docs/config/listeners.xml
@@ -271,8 +271,8 @@ service:jmx:rmi://<hostname>:10002/jndi/rmi://<hostname>:10001/jmxrm
       </attribute>
 
       <attribute name="securityPolicyProtection" required="false">
-        <p>Enables protection so that usage of
-        <code>javax.security.auth.Policy</code> by a web application does not
+        <p>Enables protection so that usage of the deprecated
+        <code>javax.security.auth.Policy</code> class by a web application does not
         result in a memory leak. The first access of this class will trigger the
         static initializer that will retain a static reference to the context
         class loader. The protection calls the <code>getPolicy()</code> method