cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1559263 - /cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
Date Fri, 17 Jan 2014 21:59:51 GMT
Author: dkulp
Date: Fri Jan 17 21:59:51 2014
New Revision: 1559263

URL: http://svn.apache.org/r1559263
Log:
Merged revisions 1559260 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes

........
  r1559260 | dkulp | 2014-01-17 16:56:58 -0500 (Fri, 17 Jan 2014) | 10 lines

  Merged revisions 1559257 via  git cherry-pick from
  https://svn.apache.org/repos/asf/cxf/trunk

  ........
    r1559257 | dkulp | 2014-01-17 16:43:42 -0500 (Fri, 17 Jan 2014) | 2 lines

    [CXF-5442] Attempt to make sure no references are in place

  ........

........

Modified:
    cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java

Modified: cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java?rev=1559263&r1=1559262&r2=1559263&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
Fri Jan 17 21:59:51 2014
@@ -67,7 +67,13 @@ public class CXFAuthenticator extends Au
             }
             
             try {
-                ClassLoader loader = new URLClassLoader(new URL[0], ClassLoader.getSystemClassLoader());
+                ClassLoader loader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
{
+                        public ClassLoader run() {
+                            return new URLClassLoader(new URL[0], ClassLoader.getSystemClassLoader());
+                        }
+                    }, null);
+                
+                
                 Method m = ClassLoader.class.getDeclaredMethod("defineClass", String.class,

                                                                byte[].class, Integer.TYPE,
Integer.TYPE);
                 
@@ -81,10 +87,26 @@ public class CXFAuthenticator extends Au
                 Authenticator auth = (Authenticator)cls.getConstructor(Authenticator.class,
Authenticator.class)
                     .newInstance(instance, wrapped);
                 
-                Authenticator.setDefault(auth);
+                if (System.getSecurityManager() == null) {
+                    Authenticator.setDefault(auth);
+                } else {
+                    AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+                        public Boolean run() {
+                            Authenticator.setDefault(auth);
+                            return true;
+                        }
+                    });
+
+                }
+                try {
+                    //clear the acc field that can hold onto the webapp classloader
+                    Field f = loader.getClass().getDeclaredField("acc");
+                    ReflectionUtil.setAccessible(f).set(loader, null);
+                } catch (Throwable t) {
+                    //ignore
+                }
             } catch (Throwable t) {
                 //ignore
-                t.printStackTrace();
             }
         }
     }



Mime
View raw message