[jetty9] 74/99: Fixed the errors when requesting Java Server Pages

Jakub Adam xhaakon-guest at moszumanska.debian.org
Fri Oct 9 21:20:53 UTC 2015 

This is an automated email from the git hooks/post-receive script.

xhaakon-guest pushed a commit to branch master
in repository jetty9.

commit 7cb8edfdb6b5887d72e681f852dadf6ab1023490
Author: Emmanuel Bourg <ebourg at apache.org>
Date:   Mon Oct 6 11:26:26 2014 +0200

    Fixed the errors when requesting Java Server Pages
---
 debian/changelog                                   |  7 +++
 debian/control                                     |  4 +-
 .../fix-servletcontext-security-check.patch        | 67 ++++++++++++++++++++++
 debian/patches/initialize-tomcat-jasper.patch      | 61 ++++++++++++++++++++
 debian/patches/series                              |  2 +
 5 files changed, 139 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index b2119b6..4084abf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+jetty8 (8.1.16-2) UNRELEASED; urgency=medium
+
+  * Fixed an integration issue with the JSP compiler from Tomcat 7 causing an
+    AccessControlException when requesting a JSP.
+
+ -- Emmanuel Bourg <ebourg at apache.org>  Thu, 25 Sep 2014 13:46:54 +0200
+
 jetty8 (8.1.16-1) unstable; urgency=medium
 
   * Team upload.
diff --git a/debian/control b/debian/control
index da2a8b4..fd84619 100644
--- a/debian/control
+++ b/debian/control
@@ -19,7 +19,7 @@ Build-Depends: ant-optional,
                libmaven-javadoc-plugin-java,
                libmockito-java,
                libservlet3.0-java (>= 7.0.40-2),
-               libtomcat7-java (>= 7.0.28),
+               libtomcat7-java (>= 7.0.56-1~),
                maven-debian-helper,
                maven-repo-helper
 Standards-Version: 3.9.5
@@ -61,7 +61,7 @@ Depends: libasm3-java,
          libjetty8-java (>= ${source:Version}),
          libjstl1.1-java,
          libservlet3.0-java,
-         libtomcat7-java (>= 7.0.28),
+         libtomcat7-java (>= 7.0.56-1~),
          ${misc:Depends}
 Suggests: jetty8
 Description: Java servlet engine and webserver -- extra libraries
diff --git a/debian/patches/fix-servletcontext-security-check.patch b/debian/patches/fix-servletcontext-security-check.patch
new file mode 100644
index 0000000..7a5a31b
--- /dev/null
+++ b/debian/patches/fix-servletcontext-security-check.patch
@@ -0,0 +1,67 @@
+Description: ServletContext.getClassLoader should only check privileges if a SecurityManager exists.
+ This modification is required to use the JSP compiler from Tomcat 7
+Origin: backport, https://eclipse.googlesource.com/jetty/org.eclipse.jetty.project/+/d4368d1%5E!/#F0
+Bug: https://bugs.eclipse.org/427068
+--- a/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ContextHandler.java
++++ b/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ContextHandler.java
+@@ -21,6 +21,8 @@
+ import java.io.File;
+ import java.io.IOException;
+ import java.io.InputStream;
++import java.lang.reflect.InvocationTargetException;
++import java.lang.reflect.Method;
+ import java.net.MalformedURLException;
+ import java.net.URL;
+ import java.net.URLClassLoader;
+@@ -2384,11 +2386,46 @@
+             }
+         }
+ 
+-        @Override
+-        public ClassLoader getClassLoader()
+-        {
+-            AccessController.checkPermission(new RuntimePermission("getClassLoader"));
+-            return _classLoader;
++       @Override
++       public ClassLoader getClassLoader()
++       {
++           if (!_enabled)
++               throw new UnsupportedOperationException();
++           
++           //no security manager just return the classloader
++           if (System.getSecurityManager() == null)
++               return _classLoader;
++           else
++           {
++               //check to see if the classloader of the caller is the same as the context
++               //classloader, or a parent of it
++               try
++               {
++                   Class reflect = Loader.loadClass(getClass(), "sun.reflect.Reflection");
++                   Method getCallerClass = reflect.getMethod("getCallerClass", Integer.TYPE);
++                   Class caller = (Class)getCallerClass.invoke(null, 2);
++
++                   boolean ok = false;
++                   ClassLoader callerLoader = caller.getClassLoader();
++                   while (!ok && callerLoader != null)
++                   {
++                       if (callerLoader == _classLoader) 
++                           ok = true;
++                       else
++                           callerLoader = callerLoader.getParent();    
++                   }
++
++                   if (ok)
++                       return _classLoader;
++               }
++               catch (Exception e)      
++               {
++                   LOG.warn("Unable to check classloader of caller",e);
++               }
++              
++               AccessController.checkPermission(new RuntimePermission("getClassLoader"));
++               return _classLoader;
++           }
+         }
+ 
+         @Override
diff --git a/debian/patches/initialize-tomcat-jasper.patch b/debian/patches/initialize-tomcat-jasper.patch
new file mode 100644
index 0000000..cedfa53
--- /dev/null
+++ b/debian/patches/initialize-tomcat-jasper.patch
@@ -0,0 +1,61 @@
+Description: Add an InstanceManager in the ServletContext to integrate Tomcat Jasper with Jetty.
+Author: Emmanuel Bourg <ebourg at apache.org>
+Forwarded: not-needed
+--- a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java
++++ b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java
+@@ -196,6 +196,8 @@
+         _scontext=new Context();
+         setErrorHandler(new ErrorPageErrorHandler());
+         setProtectedTargets(__dftProtectedTargets);
++
++        initializeJasper();
+     }
+ 
+     /* ------------------------------------------------------------ */
+@@ -211,6 +213,8 @@
+         setWar(webApp);
+         setErrorHandler(new ErrorPageErrorHandler());
+         setProtectedTargets(__dftProtectedTargets);
++
++        initializeJasper();
+     }
+ 
+     /* ------------------------------------------------------------ */
+@@ -226,6 +230,8 @@
+         setWar(webApp);
+         setErrorHandler(new ErrorPageErrorHandler());
+         setProtectedTargets(__dftProtectedTargets);
++
++        initializeJasper();
+     }
+ 
+     /* ------------------------------------------------------------ */
+@@ -243,6 +249,28 @@
+         _scontext = new Context();
+         setErrorHandler(errorHandler != null ? errorHandler : new ErrorPageErrorHandler());
+         setProtectedTargets(__dftProtectedTargets);
++
++        initializeJasper();
++    }
++
++    private void initializeJasper() {
++        // check if Jasper is on the classpath
++        boolean jasperFound = false;
++        try {
++            Class.forName("org.apache.jasper.servlet.JspServlet");
++            jasperFound = true;
++        } catch (ClassNotFoundException e) {
++        }
++
++        // initialize an InstanceManager required by Jasper
++        if (jasperFound) {
++            try {
++                Object instanceManager = Class.forName("org.apache.tomcat.SimpleInstanceManager").newInstance();
++                setAttribute("org.apache.tomcat.InstanceManager", instanceManager);
++            } catch (Exception e) {
++                LOG.warn("Couldn't initialize the InstanceManager required by Tomcat Jasper", e);
++            }
++        }
+     }
+ 
+     /* ------------------------------------------------------------ */
diff --git a/debian/patches/series b/debian/patches/series
index e92cb49..c4e9a09 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,5 @@ maven-bundle-plugin-version.patch
 disable-modules.patch
 aggregate-doc.patch
 adjust-configuration.patch
+fix-servletcontext-security-check.patch
+initialize-tomcat-jasper.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/jetty9.git

More information about the pkg-java-commits mailing list