From f650c40a34806e31155bd67e2091bc8a8be97cbb Mon Sep 17 00:00:00 2001 From: kkolinko Date: Mon, 9 Nov 2009 14:29:55 +0000 Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48097 Patch by Mark Thomas. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@834080 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/catalina/loader/WebappClassLoader.java | 33 ++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/loader/WebappClassLoader.java b/java/org/apache/catalina/loader/WebappClassLoader.java index 8528f6a30..c8d76dec6 100644 --- a/java/org/apache/catalina/loader/WebappClassLoader.java +++ b/java/org/apache/catalina/loader/WebappClassLoader.java @@ -131,6 +131,23 @@ public class WebappClassLoader } + protected class PrivilegedFindResourceByName + implements PrivilegedAction { + + protected String name; + protected String path; + + PrivilegedFindResourceByName(String name, String path) { + this.name = name; + this.path = path; + } + + public ResourceEntry run() { + return findResourceInternal(name, path); + } + + } + protected final class PrivilegedGetClassLoader implements PrivilegedAction { @@ -973,7 +990,13 @@ public class WebappClassLoader ResourceEntry entry = resourceEntries.get(name); if (entry == null) { - entry = findResourceInternal(name, name); + if (securityManager != null) { + PrivilegedAction dp = + new PrivilegedFindResourceByName(name, name); + entry = AccessController.doPrivileged(dp); + } else { + entry = findResourceInternal(name, name); + } } if (entry != null) { url = entry.source; @@ -1874,7 +1897,13 @@ public class WebappClassLoader ResourceEntry entry = null; - entry = findResourceInternal(name, classPath); + if (securityManager != null) { + PrivilegedAction dp = + new PrivilegedFindResourceByName(name, classPath); + entry = AccessController.doPrivileged(dp); + } else { + entry = findResourceInternal(name, classPath); + } if (entry == null) throw new ClassNotFoundException(name); -- 2.11.0