JDK-8160768: LdapDnsProviderService confined to application class loader
Alan Bateman
Alan.Bateman at oracle.com
Fri Apr 17 07:22:59 UTC 2020
On 16/04/2020 11:05, Osipov, Michael wrote:
>
> That's exactly the point. I don't want to bundle it with the webapp,
> but with Tomcat only for all webapps. It will be added to
> CATALINA_HOME/lib along with a custom realm. Both are loaded with
> Tomcat's common.loader [1]. No, it does not load from common.loader
> because of the system class loader restriction. It only works when it
> is loaded along side with catalina.jar from the system class loader
> (as intended).
I don't have time to spend on the spec and security implications of what
you are requesting but it seems like this should be easily fixable by
deploying the DNS provider for LDAP searches on the class path (along
side catalina.jar). So is this mostly just a convenience issue, meaning
easier to drop the JAR file in the lib directory vs. adding it to
CLASSPAHTH?
-Alan
More information about the core-libs-dev
mailing list