Fix security exception when running under a SecurityManager

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1067147 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java b/java/org/apache/catalina/security/SecurityClassLoad.java
index f444b9d..6bc480d 100644 (file)
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -131,6 +131,9 @@ public final class SecurityClassLoad {
             throws Exception {
         final String basePackage = "org.apache.coyote.";
         loader.loadClass(basePackage + "http11.AbstractOutputBuffer$1");
+        // Make sure system property is read at this point
+        Class<?> clazz = loader.loadClass(basePackage + "Constants");
+        clazz.newInstance();
     }
 
 

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a11110f..418f27b 100644 (file)
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -51,6 +51,10 @@
        <bug>50709</bug>: Make <code>ApplicationContextFacade</code> non-final to
        enable extension. (markt)
       </fix>
+      <fix>
+        When running under a security manager, user requests may fail with a
+        security exception. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">