From 2f912d706808dc32b38d0302ac4430d61463f30e Mon Sep 17 00:00:00 2001 From: samskivert Date: Tue, 9 Feb 2010 21:08:37 +0000 Subject: [PATCH] ClassLoader creation apparently must be run as a privileged action so that if unprivileged code calls into privileged code, the security manager "does the right thing" (I'd explain this better if I understood it better). git-svn-id: https://samskivert.googlecode.com/svn/trunk@2724 6335cc39-0255-0410-8fd6-9bcaacd3b74c --- .../com/samskivert/servlet/SiteResourceLoader.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/java/com/samskivert/servlet/SiteResourceLoader.java b/src/java/com/samskivert/servlet/SiteResourceLoader.java index 27c6e74b..cd8f7c41 100644 --- a/src/java/com/samskivert/servlet/SiteResourceLoader.java +++ b/src/java/com/samskivert/servlet/SiteResourceLoader.java @@ -24,6 +24,8 @@ import java.io.File; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.jar.JarEntry; import java.util.jar.JarFile; @@ -160,13 +162,17 @@ public class SiteResourceLoader // create one if we've not if (loader == null) { - SiteResourceBundle bundle = getBundle(siteId); + final SiteResourceBundle bundle = getBundle(siteId); if (bundle == null) { // no bundle... no classloader. return null; } - loader = new SiteClassLoader(bundle); + loader = AccessController.doPrivileged(new PrivilegedAction() { + public SiteClassLoader run () { + return new SiteClassLoader(bundle); + } + }); _loaders.put(siteId, loader); }