You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/08/11 15:10:03 UTC
cxf git commit: [CXF-7467] WSDLManagerImpl requires privileged
actions in order to work under a security manager, patch from iweiss applied,
This closes #303
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes dbe1d6f39 -> e4899b534
[CXF-7467] WSDLManagerImpl requires privileged actions in order to work under a security manager, patch from iweiss applied, This closes #303
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e4899b53
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e4899b53
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e4899b53
Branch: refs/heads/3.1.x-fixes
Commit: e4899b534040332c9d0f9b8a884c303c6fb1fccc
Parents: dbe1d6f
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Aug 11 16:09:37 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Aug 11 16:09:37 2017 +0100
----------------------------------------------------------------------
.../org/apache/cxf/wsdl11/WSDLManagerImpl.java | 87 +++++++++++++++++---
1 file changed, 75 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/e4899b53/rt/wsdl/src/main/java/org/apache/cxf/wsdl11/WSDLManagerImpl.java
----------------------------------------------------------------------
diff --git a/rt/wsdl/src/main/java/org/apache/cxf/wsdl11/WSDLManagerImpl.java b/rt/wsdl/src/main/java/org/apache/cxf/wsdl11/WSDLManagerImpl.java
index 75e3ff7..94c0ec8 100644
--- a/rt/wsdl/src/main/java/org/apache/cxf/wsdl11/WSDLManagerImpl.java
+++ b/rt/wsdl/src/main/java/org/apache/cxf/wsdl11/WSDLManagerImpl.java
@@ -19,6 +19,9 @@
package org.apache.cxf.wsdl11;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -81,7 +84,21 @@ public class WSDLManagerImpl implements WSDLManager {
}
private WSDLManagerImpl(Bus b) throws BusException {
try {
- factory = WSDLFactory.newInstance();
+ // This is needed to avoid security exceptions when running with a security manager
+ if (System.getSecurityManager() == null) {
+ factory = WSDLFactory.newInstance();
+ } else {
+ try {
+ factory = AccessController.doPrivileged(new PrivilegedExceptionAction<WSDLFactory>() {
+ @Override
+ public WSDLFactory run() throws Exception {
+ return WSDLFactory.newInstance();
+ }
+ });
+ } catch (PrivilegedActionException paex) {
+ throw new BusException(paex);
+ }
+ }
registry = factory.newPopulatedExtensionRegistry();
registry.registerSerializer(Types.class,
WSDLConstants.QNAME_SCHEMA,
@@ -167,16 +184,34 @@ public class WSDLManagerImpl implements WSDLManager {
return def;
}
- public Definition getDefinition(Element el) throws WSDLException {
+ public Definition getDefinition(final Element el) throws WSDLException {
synchronized (definitionsMap) {
if (definitionsMap.containsKey(el)) {
return definitionsMap.get(el);
}
}
- WSDLReader reader = factory.newWSDLReader();
+ final WSDLReader reader = factory.newWSDLReader();
reader.setFeature("javax.wsdl.verbose", false);
reader.setExtensionRegistry(registry);
- Definition def = reader.readWSDL("", el);
+
+ final Definition def;
+
+ // This is needed to avoid security exceptions when running with a security manager
+ if (System.getSecurityManager() == null) {
+ def = reader.readWSDL("", el);
+ } else {
+ try {
+ def = AccessController.doPrivileged(new PrivilegedExceptionAction<Definition>() {
+ @Override
+ public Definition run() throws Exception {
+ return reader.readWSDL("", el);
+ }
+ });
+ } catch (PrivilegedActionException paex) {
+ throw new WSDLException(WSDLException.PARSER_ERROR, paex.getMessage(), paex);
+ }
+ }
+
synchronized (definitionsMap) {
definitionsMap.put(el, def);
}
@@ -191,11 +226,11 @@ public class WSDLManagerImpl implements WSDLManager {
}
protected Definition loadDefinition(String url) throws WSDLException {
- WSDLReader reader = factory.newWSDLReader();
+ final WSDLReader reader = factory.newWSDLReader();
reader.setFeature("javax.wsdl.verbose", false);
reader.setFeature("javax.wsdl.importDocuments", true);
reader.setExtensionRegistry(registry);
-
+
//we'll create a new String here to make sure the passed in key is not referenced in the loading of
//the wsdl and thus would be held onto from the cached map from both the weak reference (key) and
//from the strong reference (Definition). For example, the Definition sometimes keeps the original
@@ -203,13 +238,13 @@ public class WSDLManagerImpl implements WSDLManager {
//from the definition. With this, the String the definition holds onto would be unique
url = new String(url);
CatalogWSDLLocator catLocator = new CatalogWSDLLocator(url, bus);
- ResourceManagerWSDLLocator wsdlLocator = new ResourceManagerWSDLLocator(url,
+ final ResourceManagerWSDLLocator wsdlLocator = new ResourceManagerWSDLLocator(url,
catLocator,
bus);
InputSource src = wsdlLocator.getBaseInputSource();
Definition def = null;
if (src.getByteStream() != null || src.getCharacterStream() != null) {
- Document doc;
+ final Document doc;
XMLStreamReader xmlReader = null;
try {
xmlReader = StaxUtils.createXMLStreamReader(src);
@@ -233,14 +268,42 @@ public class WSDLManagerImpl implements WSDLManager {
throw new WSDLException(WSDLException.PARSER_ERROR, ex.getMessage(), ex);
}
}
- def = reader.readWSDL(wsdlLocator, doc.getDocumentElement());
+
+ // This is needed to avoid security exceptions when running with a security manager
+ if (System.getSecurityManager() == null) {
+ def = reader.readWSDL(wsdlLocator, doc.getDocumentElement());
+ } else {
+ try {
+ def = AccessController.doPrivileged(new PrivilegedExceptionAction<Definition>() {
+ @Override
+ public Definition run() throws Exception {
+ return reader.readWSDL(wsdlLocator, doc.getDocumentElement());
+ }
+ });
+ } catch (PrivilegedActionException paex) {
+ throw new WSDLException(WSDLException.PARSER_ERROR, paex.getMessage(), paex);
+ }
+ }
} else {
- def = reader.readWSDL(wsdlLocator);
+ if (System.getSecurityManager() == null) {
+ def = reader.readWSDL(wsdlLocator);
+ } else {
+ try {
+ def = AccessController.doPrivileged(new PrivilegedExceptionAction<Definition>() {
+ @Override
+ public Definition run() throws Exception {
+ return reader.readWSDL(wsdlLocator);
+ }
+ });
+ } catch (PrivilegedActionException paex) {
+ throw new WSDLException(WSDLException.PARSER_ERROR, paex.getMessage(), paex);
+ }
+ }
}
-
+
return def;
}
-
+
public void setXMLStreamReaderWrapper(XMLStreamReaderWrapper wrapper) {
this.xmlStreamReaderWrapper = wrapper;
}