You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by gl...@apache.org on 2001/01/23 23:22:37 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core ApplicationFilterChain.java
glenn 01/01/23 14:22:37
Modified: catalina/src/share/org/apache/catalina/core
ApplicationFilterChain.java
Log:
Implement SecurityManager
Revision Changes Path
1.4 +33 -4 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java
Index: ApplicationFilterChain.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ApplicationFilterChain.java 2000/12/17 05:18:58 1.3
+++ ApplicationFilterChain.java 2001/01/23 22:22:35 1.4
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java,v 1.3 2000/12/17 05:18:58 craigmcc Exp $
- * $Revision: 1.3 $
- * $Date: 2000/12/17 05:18:58 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java,v 1.4 2001/01/23 22:22:35 glenn Exp $
+ * $Revision: 1.4 $
+ * $Date: 2001/01/23 22:22:35 $
*
* ====================================================================
*
@@ -68,6 +68,8 @@
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
@@ -91,7 +93,7 @@
* method itself.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.3 $ $Date: 2000/12/17 05:18:58 $
+ * @version $Revision: 1.4 $ $Date: 2001/01/23 22:22:35 $
*/
final class ApplicationFilterChain implements FilterChain {
@@ -162,6 +164,33 @@
* @exception ServletException if a servlet exception occurs
*/
public void doFilter(ServletRequest request, ServletResponse response)
+ throws IOException, ServletException {
+
+ if( System.getSecurityManager() != null ) {
+ final ServletRequest req = request;
+ final ServletResponse res = response;
+ try {
+ java.security.AccessController.doPrivileged(
+ new java.security.PrivilegedExceptionAction()
+ {
+ public Object run() throws ServletException, IOException {
+ internalDoFilter(req,res);
+ return null;
+ }
+ }
+ );
+ } catch( PrivilegedActionException pe) {
+ Exception e = pe.getException();
+ if( e.getClass().getName().equals("javax.servlet.ServletException") )
+ throw (ServletException)e;
+ throw (IOException)e;
+ }
+ } else {
+ internalDoFilter(request,response);
+ }
+ }
+
+ private void internalDoFilter(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
// Construct an iterator the first time this method is called