Foget that email. The problem is in front of the computer, not in the
class ;-)
-- Jeanfrancois
Jean-Francois Arcand wrote:
> Hi,
>
> In StandardClassLoader, starting line 815, the SecurityManager is
> invoked:
>
> // (.5) Permission to access this class when using a
> SecurityManager
> if (securityManager != null) {
> int i = name.lastIndexOf('.');
> if (i >= 0) {
> try {
>
> securityManager.checkPackageAccess(name.substring(0,i));
> } catch (SecurityException se) {
> String error = "Security Violation, attempt to use " +
> "Restricted Class: " + name;
> System.out.println(error);
> se.printStackTrace();
> log(error);
> throw new ClassNotFoundException(error);
> }
> }
> }
>
> Why are we calling the SecurityManager.checkPackageAccess in
> StandardClassLoader? Since we give all permissions to
> org.apache.catalina, I think this call is useless. This call is
> required when invoked inside WebappClassLoader.
>
> Thanks,
>
> -- Jeanfrancois
>
>
> --
> To unsubscribe, e-mail:
> <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:tomcat-dev-help@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>
|