ASF Bugzilla – Attachment 32897 Details for
Bug 58125
java.lang.ClassCircularityError can occur if Tomcat is run with a Java Security Manager
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
Hand crafted test case which provokes similar error
perm.java (text/x-java), 3.19 KB, created by
Richard Evans
on 2015-07-11 19:01:55 UTC
(
hide
)
Description:
Hand crafted test case which provokes similar error
Filename:
MIME Type:
Creator:
Richard Evans
Created:
2015-07-11 19:01:55 UTC
Size:
3.19 KB
patch
obsolete
>package rde.tests.security; > >import java.net.URL; >import java.net.URLClassLoader; >import java.security.Principal; >import java.security.PrivilegedAction; > >import javax.security.auth.Subject; > >/** > * Hand crafted test to demonstrate the <code> java.lang.ClassCircularityError</code> issue. > * > * Run with -Djava.security.manager -Djava.security.policy==all.policy > * > * where all.policy contains: > * > * grant codeBase "file:/-" { > * permission java.security.AllPermission; > * }; > * > * grant principal javax.management.remote.JMXPrincipal "jmx" { > * permission java.security.AllPermission; > * }; > * > * @author Richard Evans > */ > >public class perm { > > /** > * Entry point. > * > * @param args Command line args, none required. > */ > > public static void main(String ... args) { > Subject s = new Subject(); > > s.getPrincipals().add(new P()); > > // Set thread's context class loader to a class loader which imitates behaviour of loadClass in > // org.apache.catalina.loader.WebappClassLoaderBase > > Thread.currentThread().setContextClassLoader(new C(perm.class.getClassLoader())); > > // Run action as a subject with at least one principal. Action contains code which requires a security > // check. > > Subject.doAs(s, new PrivilegedAction<Void>() { > public Void run() { > System.getProperties(); > return null; > } > }); > } > > /** > * Trivial Principal implementation. > */ > > private static final class P implements Principal { > > /** > * Internal constructor. > */ > > private P() { > } > > /** > * Get principal name. > * > * @return The name > */ > > @Override > public String getName() { > return "hello"; > } > } > > /** > * ClassLoader imitating org.apache.catalina.loader.WebappClassLoaderBase > */ > > private static final class C extends URLClassLoader { > > private ClassLoader parent; > private ClassLoader sys; > > /** > * Constructor. > * > * @param parent Parent class loader > */ > > private C(ClassLoader parent) { > super(new URL[0], parent); > this.parent = parent; > > // Get system class loader > > sys = getSystemClassLoader(); > while (sys.getParent() != null) { > sys = sys.getParent(); > } > } > > /** > * Load a class. > * > * @param name The class 'binary' name > * @param resolve <code>true</code> to resolve the class > * > * @return The class > * > * @throws ClassNotFoundException If the class could not be found anywhere > */ > > protected synchronized Class<?> loadClass(String name, boolean resolve) throws ClassNotFoundException { > > // Check cache first > > Class<?> c = findLoadedClass(name); > > if (c == null) { > try { > > // Mimic this line 1230 from WebappClassLoaderBase: > // > // if (javaseLoader.getResource(resourceName) != null) { > // > // This will trigger the recursive load of the principal class. > > sys.getResource(name.replace(".", "/") + ".class"); > c = findClass(name); > } catch (ClassNotFoundException e) { > c = parent.loadClass(name); > } > } > > if (resolve) { > resolveClass(c); > } > > return c; > } > } >}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=32897">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 58125
: 32897 |
32898