tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Francois Arcand <jfarc...@apache.org>
Subject Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core ApplicationContextFacade.java ApplicationFilterChain.java StandardWrapper.java
Date Thu, 30 Sep 2004 19:45:23 GMT


Bill Barker wrote:
>>  @@ -1012,13 +1041,12 @@
>>                       DummyResponse res = new DummyResponse();
>>
>>                       if( System.getSecurityManager() != null) {
>>  -                        Class[] classType = new
> 
> Class[]{ServletRequest.class,
> 
>>  -
> 
> ServletResponse.class};
> 
>>  -                        Object[] args = new Object[]{req, res};
>>  +                        serviceType[0] = req;
>>  +                        serviceType[1] = res;
>>                           SecurityUtil.doAsPrivilege("service",
>>                                                      servlet,
>>  -                                                   classType,
>>  -                                                   args);
>>  +
> 
> classTypeUsedInService,
> 
>>  +                                                   serviceType);
>>                       } else {
>>                           servlet.service(req, res);
>>                       }
>>
>>
> 
> 
> This can't possibly be thread-safe (and the changes to ACF look dubious as
> well).

Hum...I did run a lot of stress tests that target the same servlet (ex: 
trade2 benchmarks) without seeing anything like that.  I will 
investigate....



> 
> 
> 
> ------------------------------------------------------------------------
> 
> 
> This message is intended only for the use of the person(s) listed above as the intended
recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL.  If you are
not an intended recipient, you may not read, copy, or distribute this message or any attachment.
If you received this communication in error, please notify us immediately by e-mail and then
delete all copies of this message and any attachments.
> 
> In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet
is not secure. Do not send confidential or sensitive information, such as social security
numbers, account numbers, personal identification numbers and passwords, to us via ordinary
(unencrypted) e-mail.
> 
> 
> 
> ------------------------------------------------------------------------
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message