You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by em...@apache.org on 2013/07/25 08:17:57 UTC
svn commit: r1506822 -
/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
Author: ema
Date: Thu Jul 25 06:17:56 2013
New Revision: 1506822
URL: http://svn.apache.org/r1506822
Log:
[CXF-5142]:Add another doPrivileged
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java?rev=1506822&r1=1506821&r2=1506822&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java Thu Jul 25 06:17:56 2013
@@ -26,6 +26,8 @@ import java.net.Authenticator;
import java.net.PasswordAuthentication;
import java.net.URL;
import java.net.URLClassLoader;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import org.apache.cxf.common.util.ReflectionUtil;
import org.apache.cxf.helpers.IOUtils;
@@ -78,10 +80,20 @@ public class CXFAuthenticator extends Au
ReflectionUtil.setAccessible(m).invoke(loader, ReferencingAuthenticator.class.getName(),
b, 0, b.length);
Class<?> cls = loader.loadClass(ReferencingAuthenticator.class.getName());
- Authenticator auth = (Authenticator)cls.getConstructor(Authenticator.class, Authenticator.class)
+ final Authenticator auth = (Authenticator)cls.getConstructor(Authenticator.class, Authenticator.class)
.newInstance(instance, wrapped);
- Authenticator.setDefault(auth);
+ if (System.getSecurityManager() == null) {
+ Authenticator.setDefault(auth);
+ } else {
+ AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ Authenticator.setDefault(auth);
+ return true;
+ }
+ });
+
+ }
} catch (Throwable t) {
//ignore
t.printStackTrace();