Author: aogburn
Date: 2014-06-02 16:45:12 -0400 (Mon, 02 Jun 2014)
New Revision: 2438
Modified:
branches/7.3.x/
branches/7.3.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java
branches/7.3.x/src/main/java/org/apache/tomcat/util/net/NioEndpoint.java
Log:
[BZ-1101472] merge fix from BZ-1027272
Property changes on: branches/7.3.x
___________________________________________________________________
Modified: svn:mergeinfo
- /branches/7.4.x:2405
+ /branches/7.4.x:2338,2405
Modified:
branches/7.3.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java
===================================================================
---
branches/7.3.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java 2014-06-02
19:40:15 UTC (rev 2437)
+++
branches/7.3.x/src/main/java/org/apache/catalina/authenticator/SingleSignOn.java 2014-06-02
20:45:12 UTC (rev 2438)
@@ -22,20 +22,26 @@
import static org.jboss.web.CatalinaMessages.MESSAGES;
import java.io.IOException;
+import java.security.AccessController;
import java.security.Principal;
+import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
+import org.apache.catalina.Context;
+import org.apache.catalina.Globals;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleListener;
+import org.apache.catalina.Manager;
import org.apache.catalina.Realm;
import org.apache.catalina.Session;
import org.apache.catalina.SessionEvent;
import org.apache.catalina.SessionListener;
+import org.apache.catalina.ThreadBindingListener;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.util.LifecycleSupport;
@@ -505,7 +511,15 @@
reverse.remove(sessions[i]);
}
// Invalidate this session
- sessions[i].expire();
+ ClassLoader oldContextClassLoader = null;
+ try {
+ oldContextClassLoader = bindThread(sessions[i]);
+ sessions[i].expire();
+ } finally {
+ if (oldContextClassLoader != null) {
+ unbindThread(sessions[i], oldContextClassLoader);
+ }
+ }
}
// NOTE: Clients may still possess the old single sign on cookie,
@@ -515,6 +529,97 @@
}
+ protected ClassLoader bindThread(Session session) {
+
+ Manager manager = session.getManager();
+ Context context = null;
+ ClassLoader contextClassLoader = null;
+ ThreadBindingListener threadBindingListener = null;
+ if (manager != null && manager.getContainer() != null
+ && manager.getContainer() instanceof Context) {
+ context = (Context) manager.getContainer();
+ }
+ if (context != null) {
+ if (context.getLoader() != null &&
context.getLoader().getClassLoader() != null) {
+ contextClassLoader = context.getLoader().getClassLoader();
+ }
+ threadBindingListener = context.getThreadBindingListener();
+ }
+ if (threadBindingListener == null || contextClassLoader == null) {
+ return null;
+ }
+
+ if (Globals.IS_SECURITY_ENABLED) {
+ return AccessController.doPrivileged(new PrivilegedBind(contextClassLoader,
threadBindingListener));
+ } else {
+ ClassLoader oldContextClassLoader =
+ Thread.currentThread().getContextClassLoader();
+ Thread.currentThread().setContextClassLoader(contextClassLoader);
+ threadBindingListener.bind();
+ return oldContextClassLoader;
+ }
+
+ }
+
+ protected class PrivilegedBind implements PrivilegedAction<ClassLoader> {
+ private ClassLoader contextClassLoader;
+ private ThreadBindingListener threadBindingListener;
+
+ PrivilegedBind(ClassLoader contextClassLoader, ThreadBindingListener
threadBindingListener) {
+ this.contextClassLoader = contextClassLoader;
+ this.threadBindingListener = threadBindingListener;
+ }
+
+ public ClassLoader run() {
+ ClassLoader oldContextClassLoader =
+ Thread.currentThread().getContextClassLoader();
+ Thread.currentThread().setContextClassLoader(contextClassLoader);
+ threadBindingListener.bind();
+ return oldContextClassLoader;
+ }
+ }
+
+ protected void unbindThread(Session session, ClassLoader oldContextClassLoader) {
+
+ Manager manager = session.getManager();
+ Context context = null;
+ ThreadBindingListener threadBindingListener = null;
+ if (manager != null && manager.getContainer() != null
+ && manager.getContainer() instanceof Context) {
+ context = (Context) manager.getContainer();
+ }
+ if (context != null) {
+ threadBindingListener = context.getThreadBindingListener();
+ }
+ if (threadBindingListener == null) {
+ return;
+ }
+
+ if (Globals.IS_SECURITY_ENABLED) {
+ AccessController.doPrivileged(new PrivilegedUnbind(oldContextClassLoader,
threadBindingListener));
+ } else {
+ threadBindingListener.unbind();
+ Thread.currentThread().setContextClassLoader(oldContextClassLoader);
+ }
+
+ }
+
+ protected class PrivilegedUnbind implements PrivilegedAction<Void> {
+ private ClassLoader oldContextClassLoader;
+ private ThreadBindingListener threadBindingListener;
+
+ PrivilegedUnbind(ClassLoader oldContextClassLoader, ThreadBindingListener
threadBindingListener) {
+ this.oldContextClassLoader = oldContextClassLoader;
+ this.threadBindingListener = threadBindingListener;
+ }
+
+ public Void run() {
+ threadBindingListener.unbind();
+ Thread.currentThread().setContextClassLoader(oldContextClassLoader);
+ return null;
+ }
+ }
+
/**
* Logout the specified single sign on identifier from all sessions.
*
Property changes on:
branches/7.3.x/src/main/java/org/apache/tomcat/util/net/NioEndpoint.java
___________________________________________________________________
Modified: svn:mergeinfo
- /branches/7.4.x/src/main/java/org/apache/tomcat/util/net/NioEndpoint.java:2405,2407
+
/branches/7.4.x/src/main/java/org/apache/tomcat/util/net/NioEndpoint.java:2338,2405,2407
Show replies by date