You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tuscany.apache.org by rf...@apache.org on 2008/04/23 00:33:52 UTC
svn commit: r650681 - in /incubator/tuscany/java/sca:
itest/callablereferences/src/test/java/org/apache/tuscany/sca/itest/callableref/
itest/contribution/src/test/java/org/apache/tuscany/sca/test/contribution/
modules/binding-sca/src/main/java/org/apac...
Author: rfeng
Date: Tue Apr 22 15:33:48 2008
New Revision: 650681
URL: http://svn.apache.org/viewvc?rev=650681&view=rev
Log:
Applied patches for TUSCANY-2237 and TUSCANY-2030. Thanks Dan for contributing the patches.
Modified:
incubator/tuscany/java/sca/itest/callablereferences/src/test/java/org/apache/tuscany/sca/itest/callableref/CallableReferenceRemoteTestCase.java
incubator/tuscany/java/sca/itest/contribution/src/test/java/org/apache/tuscany/sca/test/contribution/ContributionServiceTestCase.java
incubator/tuscany/java/sca/modules/binding-sca/src/main/java/org/apache/tuscany/sca/binding/sca/SCABindingDefinitionsProvider.java
incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/TuscanyAxisConfigurator.java
incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/WSBindingDefinitionsProvider.java
incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionRepositoryImpl.java
incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionServiceImpl.java
incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ClassReferenceModelResolver.java
incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ContributionClassLoader.java
incubator/tuscany/java/sca/modules/contribution/src/main/java/org/apache/tuscany/sca/contribution/resolver/ExtensibleModelResolver.java
incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/CompositeActivatorImpl.java
incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/CallableReferenceImpl.java
incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/JDKProxyFactory.java
incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/work/Jsr237WorkScheduler.java
incubator/tuscany/java/sca/modules/databinding/src/main/java/org/apache/tuscany/sca/databinding/impl/MediatorImpl.java
incubator/tuscany/java/sca/modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java
incubator/tuscany/java/sca/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/module/JettyRuntimeModuleActivator.java
incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java
incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/module/TomcatRuntimeModuleActivator.java
incubator/tuscany/java/sca/modules/implementation-java-runtime/src/main/java/org/apache/tuscany/sca/implementation/java/injection/FieldInjector.java
incubator/tuscany/java/sca/modules/implementation-java/src/main/java/org/apache/tuscany/sca/implementation/java/introspect/impl/JavaIntrospectionHelper.java
incubator/tuscany/java/sca/modules/interface-wsdl-java2wsdl/src/main/java/org/apache/tuscany/sca/interfacedef/wsdl/java2wsdl/Java2WSDLHelper.java
Modified: incubator/tuscany/java/sca/itest/callablereferences/src/test/java/org/apache/tuscany/sca/itest/callableref/CallableReferenceRemoteTestCase.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/itest/callablereferences/src/test/java/org/apache/tuscany/sca/itest/callableref/CallableReferenceRemoteTestCase.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/itest/callablereferences/src/test/java/org/apache/tuscany/sca/itest/callableref/CallableReferenceRemoteTestCase.java (original)
+++ incubator/tuscany/java/sca/itest/callablereferences/src/test/java/org/apache/tuscany/sca/itest/callableref/CallableReferenceRemoteTestCase.java Tue Apr 22 15:33:48 2008
@@ -76,8 +76,19 @@
// get a reference to the calculator service from domainA
// which will be running this component
acomponent = nodeA.getDomain().getService(AComponent.class, "AComponent/AComponent");
- } catch (Exception ex) {
+ } catch (Throwable ex) {
System.out.println(ex.toString());
+ // Print detailed cause information.
+ ex.printStackTrace();
+ StringBuffer sb = new StringBuffer();
+ Throwable cause = ex.getCause();
+ while ( cause != null ) {
+ sb.append( " " );
+ System.out.println( sb.toString() + "Cause: " + cause );
+ if (cause instanceof java.lang.reflect.InvocationTargetException)
+ System.out.println( sb.toString() + "Target Exception: " + ((java.lang.reflect.InvocationTargetException)cause).getTargetException() );
+ cause = cause.getCause();
+ }
}
}
Modified: incubator/tuscany/java/sca/itest/contribution/src/test/java/org/apache/tuscany/sca/test/contribution/ContributionServiceTestCase.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/itest/contribution/src/test/java/org/apache/tuscany/sca/test/contribution/ContributionServiceTestCase.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/itest/contribution/src/test/java/org/apache/tuscany/sca/test/contribution/ContributionServiceTestCase.java (original)
+++ incubator/tuscany/java/sca/itest/contribution/src/test/java/org/apache/tuscany/sca/test/contribution/ContributionServiceTestCase.java Tue Apr 22 15:33:48 2008
@@ -20,8 +20,13 @@
package org.apache.tuscany.sca.test.contribution;
import java.io.File;
+import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.List;
import javax.xml.namespace.QName;
@@ -150,7 +155,7 @@
* contributionService.
*/
public void testContributeFolder() throws Exception {
- File rootContributionFolder = new File(FOLDER_CONTRIBUTION);
+ final File rootContributionFolder = new File(FOLDER_CONTRIBUTION);
String contributionId = CONTRIBUTION_001_ID;
//first rename the sca-contribution metadata file
//File calculatorMetadataFile = new File("target/classes/calculator/sca-contribution.xml");
@@ -158,8 +163,20 @@
//if (!metadataDirectory.exists()) {
// FileHelper.forceMkdir(metadataDirectory);
//}
- //FileHelper.copyFileToDirectory(calculatorMetadataFile, metadataDirectory);
- contributionService.contribute(contributionId, rootContributionFolder.toURL(), false);
+ //FileHelper.copyFileToDirectory(calculatorMetadataFile, metadataDirectory);
+
+ // Requires permission to read user.dir property. Requires PropertyPermision in security policy.
+ URL contributionFolderURL;
+ try {
+ contributionFolderURL = AccessController.doPrivileged(new PrivilegedExceptionAction<URL>() {
+ public URL run() throws IOException {
+ return rootContributionFolder.toURL();
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (IOException)e.getException();
+ }
+ contributionService.contribute(contributionId, contributionFolderURL, false);
assertNotNull(contributionService.getContribution(contributionId));
}
Modified: incubator/tuscany/java/sca/modules/binding-sca/src/main/java/org/apache/tuscany/sca/binding/sca/SCABindingDefinitionsProvider.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/binding-sca/src/main/java/org/apache/tuscany/sca/binding/sca/SCABindingDefinitionsProvider.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/binding-sca/src/main/java/org/apache/tuscany/sca/binding/sca/SCABindingDefinitionsProvider.java (original)
+++ incubator/tuscany/java/sca/modules/binding-sca/src/main/java/org/apache/tuscany/sca/binding/sca/SCABindingDefinitionsProvider.java Tue Apr 22 15:33:48 2008
@@ -23,9 +23,11 @@
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
import org.apache.tuscany.sca.contribution.processor.URLArtifactProcessor;
import org.apache.tuscany.sca.contribution.processor.URLArtifactProcessorExtensionPoint;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
import org.apache.tuscany.sca.core.ExtensionPointRegistry;
import org.apache.tuscany.sca.definitions.SCADefinitions;
import org.apache.tuscany.sca.provider.SCADefinitionsProvider;
@@ -45,21 +47,25 @@
public SCADefinitions getSCADefinition() throws SCADefinitionsProviderException {
// Allow privileged access to load resource. Requires RuntimePermssion in security policy.
- URL definitionsFileUrl = AccessController.doPrivileged(new PrivilegedAction<URL>() {
+ final URL definitionsFileUrl = AccessController.doPrivileged(new PrivilegedAction<URL>() {
public URL run() {
return getClass().getClassLoader().getResource(definitionsFile);
}
- });
-
- Object scaDefn = null;
+ });
+
+ SCADefinitions scaDefn = null;
try {
- URI uri = new URI(definitionsFile);
- return (SCADefinitions)urlArtifactProcessor.read(null,
- uri,
- definitionsFileUrl);
- } catch ( Exception e ) {
+ final URI uri = new URI(definitionsFile);
+ // Allow bindings to read properties. Requires PropertyPermission read in security policy.
+ scaDefn = AccessController.doPrivileged(new PrivilegedExceptionAction<SCADefinitions>() {
+ public SCADefinitions run() throws ContributionReadException {
+ return (SCADefinitions)urlArtifactProcessor.read(null, uri, definitionsFileUrl);
+ }
+ });
+ } catch (Exception e) {
throw new SCADefinitionsProviderException(e);
}
+ return scaDefn;
}
}
Modified: incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java (original)
+++ incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java Tue Apr 22 15:33:48 2008
@@ -18,6 +18,10 @@
*/
package org.apache.tuscany.sca.binding.ws.axis2;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.List;
import javax.xml.namespace.QName;
@@ -108,14 +112,25 @@
}
protected Object invokeTarget(Message msg) throws AxisFault {
- OperationClient operationClient = createOperationClient(msg);
+ final OperationClient operationClient = createOperationClient(msg);
// ensure connections are tracked so that they can be closed by the reference binding
MessageContext requestMC = operationClient.getMessageContext(WSDLConstants.MESSAGE_LABEL_OUT_VALUE);
requestMC.getOptions().setProperty(HTTPConstants.REUSE_HTTP_CLIENT, Boolean.TRUE);
- requestMC.getOptions().setTimeOutInMilliSeconds(120000L);
+ requestMC.getOptions().setTimeOutInMilliSeconds(240000L);
- operationClient.execute(true);
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws AxisFault {
+ operationClient.execute(true);
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (AxisFault)e.getException();
+ }
MessageContext responseMC = operationClient.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE);
@@ -148,11 +163,11 @@
}
}
}
- MessageContext requestMC = new MessageContext();
+ final MessageContext requestMC = new MessageContext();
requestMC.setEnvelope(env);
// Axis2 operationClients can not be shared so create a new one for each request
- OperationClient operationClient = serviceClient.getServiceClient().createClient(wsdlOperationName);
+ final OperationClient operationClient = serviceClient.getServiceClient().createClient(wsdlOperationName);
operationClient.setOptions(options);
ReferenceParameters parameters = msg.getFrom().getReferenceParameters();
@@ -208,9 +223,19 @@
} else {
requestMC.setTo(new EndpointReference(options.getTo().getAddress()));
}
-
- operationClient.addMessageContext(requestMC);
-
+
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws AxisFault {
+ operationClient.addMessageContext(requestMC);
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (AxisFault)e.getException();
+ }
return operationClient;
}
Modified: incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java (original)
+++ incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java Tue Apr 22 15:33:48 2008
@@ -20,6 +20,11 @@
import java.io.IOException;
import java.net.URL;
+import java.net.URLClassLoader;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -79,6 +84,7 @@
import org.apache.tuscany.sca.policy.util.PolicyHandlerTuple;
import org.apache.tuscany.sca.policy.util.PolicyHandlerUtils;
import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.ws.commons.schema.XmlSchemaCollection;
import org.apache.ws.commons.schema.resolver.URIResolver;
public class Axis2ServiceClient {
@@ -249,13 +255,24 @@
String portName,
Options options) throws AxisFault {
Definition def = getDefinition(wsdlDefinition, wsdlServiceName);
- WSDL11ToAxisServiceBuilder serviceBuilder = new WSDL11ToAxisServiceBuilder(def, wsdlServiceName, portName);
+ final WSDL11ToAxisServiceBuilder serviceBuilder = new WSDL11ToAxisServiceBuilder(def, wsdlServiceName, portName);
serviceBuilder.setServerSide(false);
// [rfeng] Add a custom resolver to work around WSCOMMONS-228
serviceBuilder.setCustomResolver(new URIResolverImpl(def));
serviceBuilder.setBaseUri(def.getDocumentBaseURI());
// [rfeng]
- AxisService axisService = serviceBuilder.populateService();
+ // Allow access to read properties. Requires PropertiesPermission in security policy.
+ AxisService axisService;
+ try {
+ axisService = AccessController.doPrivileged(new PrivilegedExceptionAction<AxisService>() {
+ public AxisService run() throws AxisFault {
+ return serviceBuilder.populateService();
+ }
+ });
+ } catch ( PrivilegedActionException e ) {
+ throw (AxisFault) e.getException();
+ }
+
AxisEndpoint axisEndpoint = (AxisEndpoint)axisService.getEndpoints().get(axisService.getEndpointName());
options.setTo(new EndpointReference(axisEndpoint.getEndpointURL()));
if (axisEndpoint != null) {
@@ -346,8 +363,17 @@
options.setTimeOutInMilliSeconds(30 * 1000); // 30 seconds
- SOAPFactory soapFactory =
- requiresSOAP12() ? OMAbstractFactory.getSOAP12Factory() : OMAbstractFactory.getSOAP11Factory();
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ SOAPFactory soapFactory = AccessController.doPrivileged(new PrivilegedAction<SOAPFactory>() {
+ public SOAPFactory run() {
+ if (requiresSOAP12())
+ return OMAbstractFactory.getSOAP12Factory();
+ else
+ return OMAbstractFactory.getSOAP11Factory();
+
+ }
+ });
QName wsdlOperationQName = new QName(operationName);
if (requiresMTOM())
{
Modified: incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java (original)
+++ incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java Tue Apr 22 15:33:48 2008
@@ -26,7 +26,10 @@
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
+import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -503,14 +506,25 @@
Definition def = getDefinition(definition, serviceQName);
- WSDLToAxisServiceBuilder builder = new WSDL11ToAxisServiceBuilder(def, serviceQName, portName);
+ final WSDLToAxisServiceBuilder builder = new WSDL11ToAxisServiceBuilder(def, serviceQName, portName);
builder.setServerSide(true);
// [rfeng] Add a custom resolver to work around WSCOMMONS-228
builder.setCustomResolver(new URIResolverImpl(def));
builder.setBaseUri(def.getDocumentBaseURI());
- // [rfeng]
- AxisService axisService = builder.populateService();
-
+ // [rfeng]
+ // AxisService axisService = builder.populateService();
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ AxisService axisService;
+ try {
+ axisService = AccessController.doPrivileged(new PrivilegedExceptionAction<AxisService>() {
+ public AxisService run() throws AxisFault {
+ return builder.populateService();
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (AxisFault)e.getException();
+ }
String path = URI.create(wsBinding.getURI()).getPath();
String name = ( path.startsWith( "/") ? path.substring(1) : path );
axisService.setName(name);
Modified: incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/TuscanyAxisConfigurator.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/TuscanyAxisConfigurator.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/TuscanyAxisConfigurator.java (original)
+++ incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/TuscanyAxisConfigurator.java Tue Apr 22 15:33:48 2008
@@ -22,6 +22,10 @@
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
@@ -39,6 +43,7 @@
import org.apache.axis2.engine.AxisConfigurator;
import org.apache.axis2.i18n.Messages;
import org.apache.axis2.util.Loader;
+import org.apache.ws.commons.schema.XmlSchemaCollection;
/**
* Helps configure Axis2 from a resource in binding.ws.axis2 instead of Axis2.xml
@@ -130,7 +135,7 @@
axisConfig.getModuleClassLoader(),
true,
(File) axisConfig.getParameterValue(Constants.Configuration.ARTIFACTS_TEMP_DIR));
- AxisModule module = new AxisModule();
+ final AxisModule module = new AxisModule();
module.setModuleClassLoader(deploymentClassLoader);
module.setParent(axisConfig);
//String moduleFile = fileUrl.substring(0, fileUrl.indexOf(".mar"));
@@ -140,7 +145,19 @@
}
populateModule(module, rampart_mar_url);
module.setFileName(rampart_mar_url);
- addNewModule(module, axisConfig);
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws IOException {
+ addNewModule(module, axisConfig);
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (AxisFault)e.getException();
+ }
+
org.apache.axis2.util.Utils.
calculateDefaultModuleVersion(axisConfig.getModules(), axisConfig);
axisConfig.validateSystemPredefinedPhases();
Modified: incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/WSBindingDefinitionsProvider.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/WSBindingDefinitionsProvider.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/WSBindingDefinitionsProvider.java (original)
+++ incubator/tuscany/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/WSBindingDefinitionsProvider.java Tue Apr 22 15:33:48 2008
@@ -21,9 +21,12 @@
import java.net.URI;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
import org.apache.tuscany.sca.contribution.processor.URLArtifactProcessor;
import org.apache.tuscany.sca.contribution.processor.URLArtifactProcessorExtensionPoint;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
import org.apache.tuscany.sca.core.ExtensionPointRegistry;
import org.apache.tuscany.sca.definitions.SCADefinitions;
import org.apache.tuscany.sca.provider.SCADefinitionsProvider;
@@ -42,16 +45,20 @@
}
public SCADefinitions getSCADefinition() throws SCADefinitionsProviderException {
- URL defintionsFileUrl = getClass().getClassLoader().getResource(definitionsFile);
- Object scaDefn = null;
+ final URL definitionsFileUrl = getClass().getClassLoader().getResource(definitionsFile);
+ SCADefinitions scaDefn = null;
try {
- URI uri = new URI(definitionsFile);
- return (SCADefinitions)urlArtifactProcessor.read(null,
- uri,
- defintionsFileUrl);
- } catch ( Exception e ) {
+ final URI uri = new URI(definitionsFile);
+ // Allow bindings to read properties. Requires PropertyPermission read in security policy.
+ scaDefn = AccessController.doPrivileged(new PrivilegedExceptionAction<SCADefinitions>() {
+ public SCADefinitions run() throws ContributionReadException {
+ return (SCADefinitions)urlArtifactProcessor.read(null, uri, definitionsFileUrl);
+ }
+ });
+ } catch (Exception e) {
throw new SCADefinitionsProviderException(e);
}
+ return scaDefn;
}
}
Modified: incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionRepositoryImpl.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionRepositoryImpl.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionRepositoryImpl.java (original)
+++ incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionRepositoryImpl.java Tue Apr 22 15:33:48 2008
@@ -165,17 +165,28 @@
}
}
- public URL store(String contribution, URL sourceURL, InputStream contributionStream) throws IOException {
+ public URL store(final String contribution, URL sourceURL, InputStream contributionStream) throws IOException {
// where the file should be stored in the repository
- File location = mapToFile(sourceURL);
+ final File location = mapToFile(sourceURL);
FileHelper.forceMkdir(location.getParentFile());
copy(contributionStream, location);
// add contribution to repositoryContent
- URL contributionURL = location.toURL();
- URI relative = rootFile.toURI().relativize(location.toURI());
- contributionLocations.put(contribution, relative.toString());
+ // Allow ability to read user.dir property. Requires PropertyPermission in security policy.
+ URL contributionURL;
+ try {
+ contributionURL= AccessController.doPrivileged(new PrivilegedExceptionAction<URL>() {
+ public URL run() throws IOException {
+ URL contributionURL = location.toURL();
+ URI relative = rootFile.toURI().relativize(location.toURI());
+ contributionLocations.put(contribution, relative.toString());
+ return contributionURL;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (IOException)e.getException();
+ }
saveMap();
return contributionURL;
Modified: incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionServiceImpl.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionServiceImpl.java (original)
+++ incubator/tuscany/java/sca/modules/contribution-impl/src/main/java/org/apache/tuscany/sca/contribution/service/impl/ContributionServiceImpl.java Tue Apr 22 15:33:48 2008
@@ -161,7 +161,6 @@
if (sourceURL == null) {
throw new IllegalArgumentException("Source URL for the contribution is null");
}
-
return addContribution(contributionURI, sourceURL, null, null, storeInRepository);
}
@@ -472,6 +471,7 @@
} else {
// resolve the model object
if (artifact.getModel() != null) {
+ // System.out.println("Processing Resolve Phase : " + artifact.getURI());
this.artifactProcessor.resolve(artifact.getModel(), contribution.getModelResolver());
}
}
@@ -481,7 +481,6 @@
for (Artifact artifact : composites) {
// resolve the model object
if (artifact.getModel() != null) {
- // System.out.println("Processing Resolve Phase : " + artifact.getURI());
this.artifactProcessor.resolve(artifact.getModel(), contribution.getModelResolver());
}
}
Modified: incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ClassReferenceModelResolver.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ClassReferenceModelResolver.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ClassReferenceModelResolver.java (original)
+++ incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ClassReferenceModelResolver.java Tue Apr 22 15:33:48 2008
@@ -43,11 +43,19 @@
private ModelResolver osgiResolver;
- public ClassReferenceModelResolver(Contribution contribution, ModelFactoryExtensionPoint modelFactories) {
+ public ClassReferenceModelResolver(final Contribution contribution, ModelFactoryExtensionPoint modelFactories) {
this.contribution = contribution;
if (this.contribution != null) {
- ClassLoader cl = contribution.getClassLoader();
- if (contribution.getClassLoader() == null) {
+ // Allow privileged access to get ClassLoader. Requires RuntimePermission in security policy.
+ // ClassLoader cl = contribution.getClassLoader();
+ ClassLoader cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return contribution.getClassLoader();
+ }
+ });
+
+ if (cl == null) {
+ // Allow privileged access to get ClassLoader. Requires RuntimePermission in security policy.
ClassLoader contextClassLoader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
public ClassLoader run() {
return Thread.currentThread().getContextClassLoader();
@@ -59,7 +67,14 @@
this.classLoader = new WeakReference<ClassLoader>(cl);
} else {
// This path should be used only for unit testing.
- this.classLoader = new WeakReference<ClassLoader>(this.getClass().getClassLoader());
+ // Allow privileged access to get ClassLoader. Requires RuntimePermission in security policy.
+ // this.classLoader = new WeakReference<ClassLoader>(this.getClass().getClassLoader());
+ ClassLoader cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return this.getClass().getClassLoader();
+ }
+ });
+ this.classLoader = new WeakReference<ClassLoader>( cl );
}
try {
Modified: incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ContributionClassLoader.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ContributionClassLoader.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ContributionClassLoader.java (original)
+++ incubator/tuscany/java/sca/modules/contribution-java/src/main/java/org/apache/tuscany/sca/contribution/java/impl/ContributionClassLoader.java Tue Apr 22 15:33:48 2008
@@ -37,9 +37,10 @@
public class ContributionClassLoader extends URLClassLoader {
+// public class ContributionClassLoader {
private Contribution contribution;
-
+ // private b urlClassLoader;
/**
* Constructor for contribution ClassLoader
@@ -48,7 +49,7 @@
* @param parent
* @throws MalformedURLException
*/
- public ContributionClassLoader(Contribution contribution, ClassLoader parent) {
+ public ContributionClassLoader(Contribution contribution, final ClassLoader parent) {
super(new URL[0], parent);
// Note that privileged use of getContextClassLoader have been promoted to callers.
// super(new URL[0], parent == null?Thread.currentThread().getContextClassLoader(): null);
Modified: incubator/tuscany/java/sca/modules/contribution/src/main/java/org/apache/tuscany/sca/contribution/resolver/ExtensibleModelResolver.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/contribution/src/main/java/org/apache/tuscany/sca/contribution/resolver/ExtensibleModelResolver.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/contribution/src/main/java/org/apache/tuscany/sca/contribution/resolver/ExtensibleModelResolver.java (original)
+++ incubator/tuscany/java/sca/modules/contribution/src/main/java/org/apache/tuscany/sca/contribution/resolver/ExtensibleModelResolver.java Tue Apr 22 15:33:48 2008
@@ -85,7 +85,6 @@
* @return
*/
private ModelResolver getModelResolverInstance(Class<?> modelType) {
-
// Look up a model resolver instance for the model class or
// each implemented interface
Class<?>[] interfaces = modelType.getInterfaces();
Modified: incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/CompositeActivatorImpl.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/CompositeActivatorImpl.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/CompositeActivatorImpl.java (original)
+++ incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/CompositeActivatorImpl.java Tue Apr 22 15:33:48 2008
@@ -19,6 +19,8 @@
package org.apache.tuscany.sca.core.assembly;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -503,7 +505,7 @@
if (logger.isLoggable(Level.FINE)) {
logger.fine("Stopping composite: " + composite.getName());
}
- for (Component component : composite.getComponents()) {
+ for (final Component component : composite.getComponents()) {
stop(component);
}
}
@@ -526,9 +528,15 @@
RuntimeComponentReference runtimeRef = ((RuntimeComponentReference)reference);
runtimeRef.setComponent(runtimeComponent);
for (Binding binding : reference.getBindings()) {
- ReferenceBindingProvider bindingProvider = runtimeRef.getBindingProvider(binding);
+ final ReferenceBindingProvider bindingProvider = runtimeRef.getBindingProvider(binding);
if (bindingProvider != null) {
- bindingProvider.start();
+ // Allow bindings to add shutdown hooks. Requires RuntimePermission shutdownHooks in policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ bindingProvider.start();
+ return null;
+ }
+ });
}
}
}
@@ -539,9 +547,16 @@
}
RuntimeComponentService runtimeService = (RuntimeComponentService)service;
for (Binding binding : service.getBindings()) {
- ServiceBindingProvider bindingProvider = runtimeService.getBindingProvider(binding);
+ final ServiceBindingProvider bindingProvider = runtimeService.getBindingProvider(binding);
if (bindingProvider != null) {
- bindingProvider.start();
+ // bindingProvider.start();
+ // Allow bindings to add shutdown hooks. Requires RuntimePermission shutdownHooks in policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ bindingProvider.start();
+ return null;
+ }
+ });
}
}
}
@@ -591,9 +606,15 @@
logger.fine("Stopping component service: " + component.getURI() + "#" + service.getName());
}
for (Binding binding : service.getBindings()) {
- ServiceBindingProvider bindingProvider = ((RuntimeComponentService)service).getBindingProvider(binding);
+ final ServiceBindingProvider bindingProvider = ((RuntimeComponentService)service).getBindingProvider(binding);
if (bindingProvider != null) {
- bindingProvider.stop();
+ // Allow bindings to read properties. Requires PropertyPermission read in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ bindingProvider.stop();
+ return null;
+ }
+ });
}
}
}
@@ -603,9 +624,15 @@
}
RuntimeComponentReference runtimeRef = ((RuntimeComponentReference)reference);
for (Binding binding : reference.getBindings()) {
- ReferenceBindingProvider bindingProvider = runtimeRef.getBindingProvider(binding);
+ final ReferenceBindingProvider bindingProvider = runtimeRef.getBindingProvider(binding);
if (bindingProvider != null) {
- bindingProvider.stop();
+ // Allow bindings to read properties. Requires PropertyPermission read in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ bindingProvider.stop();
+ return null;
+ }
+ });
}
}
}
@@ -613,9 +640,15 @@
if (implementation instanceof Composite) {
stop((Composite)implementation);
} else {
- ImplementationProvider implementationProvider = ((RuntimeComponent)component).getImplementationProvider();
+ final ImplementationProvider implementationProvider = ((RuntimeComponent)component).getImplementationProvider();
if (implementationProvider != null) {
- implementationProvider.stop();
+ // Allow bindings to read properties. Requires PropertyPermission read in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ implementationProvider.stop();
+ return null;
+ }
+ });
}
}
Modified: incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/CallableReferenceImpl.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/CallableReferenceImpl.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/CallableReferenceImpl.java (original)
+++ incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/context/CallableReferenceImpl.java Tue Apr 22 15:33:48 2008
@@ -22,6 +22,8 @@
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.UUID;
import javax.xml.stream.XMLStreamReader;
@@ -338,8 +340,14 @@
if (i instanceof JavaInterface) {
JavaInterface javaInterface = (JavaInterface)i;
if (javaInterface.isUnresolved()) {
- javaInterface.setJavaClass(Thread.currentThread().getContextClassLoader()
- .loadClass(javaInterface.getName()));
+ // Allow privileged access to get ClassLoader. Requires RuntimePermission in
+ // security policy.
+ ClassLoader classLoader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ javaInterface.setJavaClass(classLoader.loadClass(javaInterface.getName()));
currentActivator.getJavaInterfaceFactory().createJavaInterface(javaInterface,
javaInterface.getJavaClass());
}
Modified: incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/JDKProxyFactory.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/JDKProxyFactory.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/JDKProxyFactory.java (original)
+++ incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/JDKProxyFactory.java Tue Apr 22 15:33:48 2008
@@ -20,6 +20,8 @@
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Proxy;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.List;
import org.apache.tuscany.sca.core.context.CallableReferenceImpl;
@@ -60,11 +62,16 @@
public <T> T createProxy(CallableReference<T> callableReference) throws ProxyCreationException {
assert callableReference != null;
- Class<T> interfaze = callableReference.getBusinessInterface();
+ final Class<T> interfaze = callableReference.getBusinessInterface();
InvocationHandler handler = new JDKInvocationHandler(messageFactory, callableReference);
- ClassLoader cl = interfaze.getClassLoader();
- Object proxy = Proxy.newProxyInstance(cl, new Class[] {interfaze}, handler);
- ((CallableReferenceImpl)callableReference).setProxy(proxy);
+ // Allow privileged access to class loader. Requires RuntimePermission in security policy.
+ ClassLoader cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return interfaze.getClassLoader();
+ }
+ });
+ Object proxy = Proxy.newProxyInstance(cl, new Class[] {interfaze}, handler);
+ ((CallableReferenceImpl)callableReference).setProxy(proxy);
return interfaze.cast(proxy);
}
Modified: incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/work/Jsr237WorkScheduler.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/work/Jsr237WorkScheduler.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/work/Jsr237WorkScheduler.java (original)
+++ incubator/tuscany/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/work/Jsr237WorkScheduler.java Tue Apr 22 15:33:48 2008
@@ -18,6 +18,9 @@
*/
package org.apache.tuscany.sca.core.work;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
import javax.naming.InitialContext;
import javax.naming.NamingException;
@@ -108,7 +111,14 @@
public void destroy() {
if (jsr237WorkManager instanceof ThreadPoolWorkManager) {
- ((ThreadPoolWorkManager)jsr237WorkManager).destroy();
+ // Allow privileged access to modify threads. Requires RuntimePermission in security
+ // policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ ((ThreadPoolWorkManager)jsr237WorkManager).destroy();
+ return null;
+ }
+ });
}
}
Modified: incubator/tuscany/java/sca/modules/databinding/src/main/java/org/apache/tuscany/sca/databinding/impl/MediatorImpl.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/databinding/src/main/java/org/apache/tuscany/sca/databinding/impl/MediatorImpl.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/databinding/src/main/java/org/apache/tuscany/sca/databinding/impl/MediatorImpl.java (original)
+++ incubator/tuscany/java/sca/modules/databinding/src/main/java/org/apache/tuscany/sca/databinding/impl/MediatorImpl.java Tue Apr 22 15:33:48 2008
@@ -18,6 +18,8 @@
*/
package org.apache.tuscany.sca.databinding.impl;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.List;
import java.util.Map;
@@ -99,7 +101,14 @@
Object.class, targetDataType.getLogical());
//FIXME The ClassLoader should be passed in
- ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
+ // Allow privileged access to get ClassLoader. Requires RuntimePermission in security
+ // policy.
+ ClassLoader classLoader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+
TransformationContext context = new TransformationContextImpl(sourceType, targetType, classLoader, metadata);
return context;
}
Modified: incubator/tuscany/java/sca/modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java (original)
+++ incubator/tuscany/java/sca/modules/host-embedded/src/main/java/org/apache/tuscany/sca/host/embedded/impl/ReallySmallRuntime.java Tue Apr 22 15:33:48 2008
@@ -341,7 +341,7 @@
}
}
- private void stopModules(ExtensionPointRegistry registry, List<ModuleActivator> modules) {
+ private void stopModules(final ExtensionPointRegistry registry, List<ModuleActivator> modules) {
boolean debug = logger.isLoggable(Level.FINE);
for (ModuleActivator module : modules) {
long start = 0L;
Modified: incubator/tuscany/java/sca/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/module/JettyRuntimeModuleActivator.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/module/JettyRuntimeModuleActivator.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/module/JettyRuntimeModuleActivator.java (original)
+++ incubator/tuscany/java/sca/modules/host-jetty/src/main/java/org/apache/tuscany/sca/http/jetty/module/JettyRuntimeModuleActivator.java Tue Apr 22 15:33:48 2008
@@ -19,6 +19,9 @@
package org.apache.tuscany.sca.http.jetty.module;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
import org.apache.tuscany.sca.core.ExtensionPointRegistry;
import org.apache.tuscany.sca.core.ModuleActivator;
import org.apache.tuscany.sca.host.http.ServletHostExtensionPoint;
@@ -37,13 +40,24 @@
// Register a Jetty Servlet host
ServletHostExtensionPoint servletHosts =
extensionPointRegistry.getExtensionPoint(ServletHostExtensionPoint.class);
- WorkScheduler workScheduler = extensionPointRegistry.getExtensionPoint(WorkScheduler.class);
- server = new JettyServer(workScheduler);
+ final WorkScheduler workScheduler = extensionPointRegistry.getExtensionPoint(WorkScheduler.class);
+ // Allow privileged access to start MBeans. Requires MBeanPermission in security policy.
+ server = AccessController.doPrivileged(new PrivilegedAction<JettyServer>() {
+ public JettyServer run() {
+ return new JettyServer(workScheduler);
+ }
+ });
servletHosts.addServletHost(server);
}
public void stop(ExtensionPointRegistry registry) {
- server.stop();
+ // Allow privileged access to stop MBeans. Requires MBeanPermission in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ server.stop();
+ return null;
+ }
+ });
}
}
Modified: incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java (original)
+++ incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/TomcatServer.java Tue Apr 22 15:33:48 2008
@@ -24,6 +24,10 @@
import java.net.URI;
import java.net.URL;
import java.net.UnknownHostException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -41,6 +45,7 @@
import org.apache.catalina.Container;
import org.apache.catalina.Context;
import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleException;
import org.apache.catalina.Loader;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.core.StandardContext;
@@ -211,26 +216,38 @@
if (scheme == null) {
scheme = "http";
}
- int portNumber = uri.getPort();
- if (portNumber == -1) {
- portNumber = defaultPortNumber;
- }
+ final int portNumber = (uri.getPort() == -1 ? defaultPortNumber : uri.getPort() );
// Get the port object associated with the given port number
Port port = ports.get(portNumber);
if (port == null) {
// Create an engine
- StandardEngine engine = new StandardEngine();
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ final StandardEngine engine =
+ AccessController.doPrivileged(new PrivilegedAction<StandardEngine>() {
+ public StandardEngine run() {
+ return new StandardEngine();
+ }
+ });
+
engine.setBaseDir("");
engine.setDefaultHost("localhost");
engine.setName("engine/" + portNumber);
// Create a host
- StandardHost host = new StandardHost();
+ final StandardHost host = new StandardHost();
host.setAppBase("");
host.setName("localhost");
- engine.addChild(host);
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ engine.addChild(host);
+ return null;
+ }
+ });
// Create the root context
StandardContext context = new StandardContext();
@@ -244,18 +261,36 @@
host.addChild(context);
// Install an HTTP connector
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws LifecycleException {
+ engine.start();
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ // throw (LifecycleException)e.getException();
+ throw new ServletMappingException(e);
+ }
Connector connector;
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
try {
- engine.start();
- connector = new CustomConnector();
- connector.setPort(portNumber);
- connector.setContainer(engine);
- connector.initialize();
- connector.start();
+ connector = AccessController.doPrivileged(new PrivilegedExceptionAction<CustomConnector>() {
+ public CustomConnector run() throws Exception {
+ CustomConnector customConnector = new CustomConnector();
+ customConnector.setPort(portNumber);
+ customConnector.setContainer(engine);
+ customConnector.initialize();
+ customConnector.start();
+ return customConnector;
+ }
+ });
} catch (Exception e) {
throw new ServletMappingException(e);
}
-
// Keep track of the running server
port = new Port(engine, host, connector);
ports.put(portNumber, port);
@@ -392,12 +427,19 @@
mapping = contextPath + mapping;
}
- Context context = port.getHost().map(mapping);
- MappingData md = new MappingData();
- MessageBytes mb = MessageBytes.newInstance();
+ final Context context = port.getHost().map(mapping);
+ final MappingData md = new MappingData();
+ final MessageBytes mb = MessageBytes.newInstance();
mb.setString(mapping);
try {
- context.getMapper().map(mb, md);
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws Exception {
+ context.getMapper().map(mb, md);
+ return null;
+ }
+ });
} catch (Exception e) {
return null;
}
@@ -434,12 +476,19 @@
mapping = contextPath + mapping;
}
- Context context = port.getHost().map(mapping);
- MappingData md = new MappingData();
- MessageBytes mb = MessageBytes.newInstance();
+ final Context context = port.getHost().map(mapping);
+ final MappingData md = new MappingData();
+ final MessageBytes mb = MessageBytes.newInstance();
mb.setString(mapping);
try {
- context.getMapper().map(mb, md);
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws Exception {
+ context.getMapper().map(mb, md);
+ return null;
+ }
+ });
} catch (Exception e) {
return null;
}
Modified: incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/module/TomcatRuntimeModuleActivator.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/module/TomcatRuntimeModuleActivator.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/module/TomcatRuntimeModuleActivator.java (original)
+++ incubator/tuscany/java/sca/modules/host-tomcat/src/main/java/org/apache/tuscany/sca/http/tomcat/module/TomcatRuntimeModuleActivator.java Tue Apr 22 15:33:48 2008
@@ -19,6 +19,9 @@
package org.apache.tuscany.sca.http.tomcat.module;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
import org.apache.tuscany.sca.core.ExtensionPointRegistry;
import org.apache.tuscany.sca.core.ModuleActivator;
import org.apache.tuscany.sca.host.http.ServletHostExtensionPoint;
@@ -37,13 +40,23 @@
// Register a Tomcat Servlet host
ServletHostExtensionPoint servletHosts =
extensionPointRegistry.getExtensionPoint(ServletHostExtensionPoint.class);
- WorkScheduler workScheduler = extensionPointRegistry.getExtensionPoint(WorkScheduler.class);
- server = new TomcatServer(workScheduler);
+ final WorkScheduler workScheduler = extensionPointRegistry.getExtensionPoint(WorkScheduler.class);
+ // Allow privileged access to start MBeans. Requires MBeanPermission in security policy.
+ server = AccessController.doPrivileged(new PrivilegedAction<TomcatServer>() {
+ public TomcatServer run() {
+ return new TomcatServer(workScheduler);
+ }
+ });
servletHosts.addServletHost(server);
}
public void stop(ExtensionPointRegistry registry) {
- server.stop();
+ // Allow privileged access to stop MBeans. Requires MBeanPermission in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ server.stop();
+ return null;
+ }
+ });
}
-
}
Modified: incubator/tuscany/java/sca/modules/implementation-java-runtime/src/main/java/org/apache/tuscany/sca/implementation/java/injection/FieldInjector.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/implementation-java-runtime/src/main/java/org/apache/tuscany/sca/implementation/java/injection/FieldInjector.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/implementation-java-runtime/src/main/java/org/apache/tuscany/sca/implementation/java/injection/FieldInjector.java (original)
+++ incubator/tuscany/java/sca/modules/implementation-java-runtime/src/main/java/org/apache/tuscany/sca/implementation/java/injection/FieldInjector.java Tue Apr 22 15:33:48 2008
@@ -19,6 +19,8 @@
package org.apache.tuscany.sca.implementation.java.injection;
import java.lang.reflect.Field;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import org.apache.tuscany.sca.core.factory.ObjectCreationException;
import org.apache.tuscany.sca.core.factory.ObjectFactory;
@@ -38,9 +40,17 @@
* Create an injector and have it use the given <code>ObjectFactory</code> to inject a value on the instance using
* the reflected <code>Field</code>
*/
- public FieldInjector(Field field, ObjectFactory<?> objectFactory) {
- this.field = field;
- this.field.setAccessible(true);
+ public FieldInjector(Field pField, ObjectFactory<?> objectFactory) {
+ field = pField;
+ // Allow privileged access to set accessibility. Requires ReflectPermission
+ // in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ field.setAccessible(true); // ignore Java accessibility
+ return null;
+ }
+ });
+
this.objectFactory = objectFactory;
}
Modified: incubator/tuscany/java/sca/modules/implementation-java/src/main/java/org/apache/tuscany/sca/implementation/java/introspect/impl/JavaIntrospectionHelper.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/implementation-java/src/main/java/org/apache/tuscany/sca/implementation/java/introspect/impl/JavaIntrospectionHelper.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/implementation-java/src/main/java/org/apache/tuscany/sca/implementation/java/introspect/impl/JavaIntrospectionHelper.java (original)
+++ incubator/tuscany/java/sca/modules/implementation-java/src/main/java/org/apache/tuscany/sca/implementation/java/introspect/impl/JavaIntrospectionHelper.java Tue Apr 22 15:33:48 2008
@@ -84,10 +84,17 @@
}
fields = getAllPublicAndProtectedFields(clazz.getSuperclass(), fields, validating);
Field[] declaredFields = clazz.getDeclaredFields();
- for (Field field : declaredFields) {
+ for (final Field field : declaredFields) {
int modifiers = field.getModifiers();
if ((Modifier.isPublic(modifiers) || Modifier.isProtected(modifiers)) && !Modifier.isStatic(modifiers)) {
- field.setAccessible(true); // ignore Java accessibility
+ // Allow privileged access to set accessibility. Requires ReflectPermission
+ // in security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ field.setAccessible(true); // ignore Java accessibility
+ return null;
+ }
+ });
fields.add(field);
} else {
if (validating) {
Modified: incubator/tuscany/java/sca/modules/interface-wsdl-java2wsdl/src/main/java/org/apache/tuscany/sca/interfacedef/wsdl/java2wsdl/Java2WSDLHelper.java
URL: http://svn.apache.org/viewvc/incubator/tuscany/java/sca/modules/interface-wsdl-java2wsdl/src/main/java/org/apache/tuscany/sca/interfacedef/wsdl/java2wsdl/Java2WSDLHelper.java?rev=650681&r1=650680&r2=650681&view=diff
==============================================================================
--- incubator/tuscany/java/sca/modules/interface-wsdl-java2wsdl/src/main/java/org/apache/tuscany/sca/interfacedef/wsdl/java2wsdl/Java2WSDLHelper.java (original)
+++ incubator/tuscany/java/sca/modules/interface-wsdl-java2wsdl/src/main/java/org/apache/tuscany/sca/interfacedef/wsdl/java2wsdl/Java2WSDLHelper.java Tue Apr 22 15:33:48 2008
@@ -25,6 +25,9 @@
import java.lang.reflect.Method;
import java.net.URI;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -124,15 +127,15 @@
register(pkg2nsMap, outputType);
}
- Definition def = createDefinition(pkg2nsMap, iface.getJavaClass(), requiresSOAP12);
+ final Definition def = createDefinition(pkg2nsMap, iface.getJavaClass(), requiresSOAP12);
- DefaultWSDLFactory wsdlFactory = new DefaultWSDLFactory();
+ final DefaultWSDLFactory wsdlFactory = new DefaultWSDLFactory();
WSDLInterfaceContract wsdlContract = wsdlFactory.createWSDLInterfaceContract();
WSDLInterface wsdlInterface = wsdlFactory.createWSDLInterface();
wsdlContract.setInterface(wsdlInterface);
- WSDLDefinition wsdlDefinition = new DefaultWSDLFactory().createWSDLDefinition();
+ final WSDLDefinition wsdlDefinition = new DefaultWSDLFactory().createWSDLDefinition();
wsdlDefinition.setDefinition(def);
wsdlInterface.setWsdlDefinition(wsdlDefinition);
wsdlInterface.setRemotable(true);
@@ -142,7 +145,14 @@
PortType portType = (PortType)def.getAllPortTypes().values().iterator().next();
wsdlInterface.setPortType(portType);
- readInlineSchemas(wsdlFactory, wsdlDefinition, def, new XmlSchemaCollection());
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ readInlineSchemas(wsdlFactory, wsdlDefinition, def, new XmlSchemaCollection());
+ return null;
+ }
+ });
try {
for (Operation op : iface.getOperations()) {
@@ -274,21 +284,41 @@
/**
* Create a WSDL4J Definition object from a Java interface
*/
- protected static Definition createDefinition(Map map, Class<?> javaInterface, boolean requiresSOAP12) {
+ protected static Definition createDefinition(Map map, final Class<?> javaInterface, boolean requiresSOAP12) {
- String className = javaInterface.getName();
- ClassLoader cl = javaInterface.getClassLoader();
- ByteArrayOutputStream os = new ByteArrayOutputStream();
- Java2WSDLBuilder builder = new Java2WSDLBuilder(os, className, cl);
+ final String className = javaInterface.getName();
+ // Allow privileged access to get ClassLoader. Requires RuntimePermission read in security
+ // policy.
+ final ClassLoader cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return javaInterface.getClassLoader();
+ }
+ });
+ final ByteArrayOutputStream os = new ByteArrayOutputStream();
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
+ final Java2WSDLBuilder builder = AccessController.doPrivileged(new PrivilegedAction<Java2WSDLBuilder>() {
+ public Java2WSDLBuilder run() {
+ return new Java2WSDLBuilder(os, className, cl);
+ }
+ });
if (map != null) {
builder.setPkg2nsMap(map);
}
+ // builder.generateWSDL();
+ // Allow privileged access to read properties. Requires PropertiesPermission read in
+ // security policy.
try {
- builder.generateWSDL();
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws Exception {
+ builder.generateWSDL();
+ return null;
+ }
+ });
} catch (Exception e) {
throw new RuntimeException(e);
- }
+ }
try {