You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by em...@apache.org on 2013/07/25 08:17:57 UTC

svn commit: r1506822 - /cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java

Author: ema
Date: Thu Jul 25 06:17:56 2013
New Revision: 1506822

URL: http://svn.apache.org/r1506822
Log:
[CXF-5142]:Add another doPrivileged

Modified:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java?rev=1506822&r1=1506821&r2=1506822&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java Thu Jul 25 06:17:56 2013
@@ -26,6 +26,8 @@ import java.net.Authenticator;
 import java.net.PasswordAuthentication;
 import java.net.URL;
 import java.net.URLClassLoader;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import org.apache.cxf.common.util.ReflectionUtil;
 import org.apache.cxf.helpers.IOUtils;
@@ -78,10 +80,20 @@ public class CXFAuthenticator extends Au
                 ReflectionUtil.setAccessible(m).invoke(loader, ReferencingAuthenticator.class.getName(),
                                                        b, 0, b.length);
                 Class<?> cls = loader.loadClass(ReferencingAuthenticator.class.getName());
-                Authenticator auth = (Authenticator)cls.getConstructor(Authenticator.class, Authenticator.class)
+                final Authenticator auth = (Authenticator)cls.getConstructor(Authenticator.class, Authenticator.class)
                     .newInstance(instance, wrapped);
                 
-                Authenticator.setDefault(auth);
+                if (System.getSecurityManager() == null) {
+                    Authenticator.setDefault(auth);
+                } else {
+                    AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+                        public Boolean run() {
+                            Authenticator.setDefault(auth);
+                            return true;
+                        }
+                    });
+
+                }
             } catch (Throwable t) {
                 //ignore
                 t.printStackTrace();