[Bug 3490] New: JNLPClassLoader adds Jars from ProtectionDomains
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Mon Nov 6 13:51:14 UTC 2017
https://icedtea.classpath.org/bugzilla/show_bug.cgi?id=3490
Bug ID: 3490
Summary: JNLPClassLoader adds Jars from ProtectionDomains
Product: IcedTea-Web
Version: unspecified
Hardware: x86_64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: NetX (javaws)
Assignee: jvanek at redhat.com
Reporter: icedtea at white-hawk.de
CC: unassigned at icedtea.classpath.org
Our web starter loads its initial resources from a single jar. Additional
resources are being fetched with a URLClassLoader which uses
AccessController.doPrivileged in its findClass method. This adds another
ProtectionDomain to the AccessControlContext retrieved by
AccessController.getStackAccessControlContext().
The problem is that this ProtectionDomain is used to add new Jars to the
JNLPClassLoader in getAccessControlContextForClassLoading(). Thus we have the
issue of some classes being loaded by our URLClassLoader and some by the
JNLPClassLoader, making them incompatible.
This does not occur when using the JNLPClassLoader of the Oracle JDK, the
classpath is not changed here.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20171106/c498a55a/attachment.html>
More information about the distro-pkg-dev
mailing list