You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by ve...@apache.org on 2009/08/15 01:57:24 UTC

svn commit: r804411 - /webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java

Author: veithen
Date: Fri Aug 14 23:57:24 2009
New Revision: 804411

URL: http://svn.apache.org/viewvc?rev=804411&view=rev
Log:
Fixed in issue in loadClassPathModules when there is a security manager and read access to some files in the classloader hierarchy is denied.

Modified:
    webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java

Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java?rev=804411&r1=804410&r2=804411&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java Fri Aug 14 23:57:24 2009
@@ -195,8 +195,20 @@
                         // Log this?
                     }
                     File file = new File(path.replace('/', File.separatorChar).replace('|', ':'));
-                    if (file.isFile()) {
-                        if (DeploymentFileData.isModuleArchiveFile(file.getName())) {
+                    // If there is a security manager, then it is highly probable that it will deny
+                    // read access to some files in the class loader hierarchy. Therefore we first
+                    // check if the name matches that of a module archive and only then check if we
+                    // can access it. If the security manager denies access, we log a warning.
+                    if (DeploymentFileData.isModuleArchiveFile(file.getName())) {
+                        boolean isFile;
+                        try {
+                            isFile = file.isFile();
+                        } catch (SecurityException ex) {
+                            log.warn("Not deploying " + file.getName() +
+                                    " because security manager denies access", ex);
+                            isFile = false;
+                        }
+                        if (isFile) {
                             //adding modules in the class path
                             addFileToDeploy(file, deployer, WSInfo.TYPE_MODULE);
                         }