You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by jd...@apache.org on 2008/06/01 10:14:00 UTC
svn commit: r662163 - in /geronimo/gshell/trunk:
gshell-core/src/main/java/org/apache/geronimo/gshell/security/
gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/
Author: jdillon
Date: Sun Jun 1 01:14:00 2008
New Revision: 662163
URL: http://svn.apache.org/viewvc?rev=662163&view=rev
Log:
Using real proxy, setup applicaiton security manager as it was before
Added:
geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java (contents, props changed)
- copied, changed from r661968, geronimo/gshell/trunk/gshell-core/src/main/java/org/apache/geronimo/gshell/security/ShellSecurityManager.java
Removed:
geronimo/gshell/trunk/gshell-core/src/main/java/org/apache/geronimo/gshell/security/
Modified:
geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/DefaultApplicationManager.java
Copied: geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java (from r661968, geronimo/gshell/trunk/gshell-core/src/main/java/org/apache/geronimo/gshell/security/ShellSecurityManager.java)
URL: http://svn.apache.org/viewvc/geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java?p2=geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java&p1=geronimo/gshell/trunk/gshell-core/src/main/java/org/apache/geronimo/gshell/security/ShellSecurityManager.java&r1=661968&r2=662163&rev=662163&view=diff
==============================================================================
--- geronimo/gshell/trunk/gshell-core/src/main/java/org/apache/geronimo/gshell/security/ShellSecurityManager.java (original)
+++ geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java Sun Jun 1 01:14:00 2008
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.geronimo.gshell.security;
+package org.apache.geronimo.gshell.application;
import java.security.Permission;
@@ -26,18 +26,18 @@
*
* @version $Rev$ $Date$
*/
-public class ShellSecurityManager
+public class ApplicationSecurityManager
extends SecurityManager
{
private final SecurityManager parent;
- public ShellSecurityManager(final SecurityManager parent) {
- assert parent != null;
+ public ApplicationSecurityManager(final SecurityManager parent) {
+ // parent may be null if there is no installed secrutiy manager
this.parent = parent;
}
- public ShellSecurityManager() {
+ public ApplicationSecurityManager() {
this(System.getSecurityManager());
}
@@ -48,19 +48,16 @@
}
/**
- * Always throws {@link SecurityException}.
+ * Prevent any command or component from forcing the VM to exit.
+ *
+ * @throws SecurityException Always throws {@link SecurityException}.
*/
public void checkExit(final int code) {
throw new SecurityException("Use of System.exit() is forbidden!");
}
- /*
- public void checkPermission(final Permission perm) {
- assert perm != null;
-
- if (perm.getName().equals("exitVM")) {
- System.out.println("exitVM");
- }
- }
- */
+ //
+ // TODO: Never allow application to change ${gshell.home}
+ //
+
}
\ No newline at end of file
Propchange: geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Propchange: geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/ApplicationSecurityManager.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/DefaultApplicationManager.java
URL: http://svn.apache.org/viewvc/geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/DefaultApplicationManager.java?rev=662163&r1=662162&r2=662163&view=diff
==============================================================================
--- geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/DefaultApplicationManager.java (original)
+++ geronimo/gshell/trunk/gshell-plugin/src/main/java/org/apache/geronimo/gshell/application/DefaultApplicationManager.java Sun Jun 1 01:14:00 2008
@@ -58,6 +58,7 @@
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
+import java.lang.reflect.InvocationTargetException;
import java.net.URL;
import java.util.HashSet;
import java.util.LinkedHashSet;
@@ -324,14 +325,34 @@
InvocationHandler handler = new InvocationHandler()
{
+ //
+ // FIXME: Need to resolve how to handle the security manager for the application,
+ // the SM is not thread-specific, but VM specific... so not sure this is
+ // the right approache at all :-(
+ //
+
+ private final ApplicationSecurityManager securityManager = new ApplicationSecurityManager();
+
public Object invoke(final Object proxy, final Method method, final Object[] args) throws Throwable {
+ assert proxy != null;
+ assert method != null;
+ // args may be null
+
if (method.getDeclaringClass() == Object.class) {
- return method.invoke(proxy, args);
+ return method.invoke(this, args);
}
- // TODO: Add security handling?
-
- return method.invoke(shell, args);
+ SecurityManager previous = System.getSecurityManager();
+ System.setSecurityManager(securityManager);
+ try {
+ return method.invoke(shell, args);
+ }
+ catch (InvocationTargetException e) {
+ throw e.getTargetException();
+ }
+ finally {
+ System.setSecurityManager(previous);
+ }
}
};