You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by di...@apache.org on 2008/02/13 16:50:02 UTC
svn commit: r627490 - in
/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2:
jaxws/description/builder/ jaxws/description/impl/ jaxws/util/
metadata/registry/
Author: dims
Date: Wed Feb 13 07:49:57 2008
New Revision: 627490
URL: http://svn.apache.org/viewvc?rev=627490&view=rev
Log:
Don't expose doPriv code to end user, it's a security risk. Note, i moved the methods i added the other day for calling JAXWS-RI during ?wsdl to the class where it is actually used.
Modified:
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/DescriptionBuilderUtils.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/JAXWSRIWSDLGenerator.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/ServiceDescriptionImpl.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/util/ClassLoaderUtils.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/metadata/registry/MetadataFactoryRegistry.java
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/DescriptionBuilderUtils.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/DescriptionBuilderUtils.java?rev=627490&r1=627489&r2=627490&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/DescriptionBuilderUtils.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/DescriptionBuilderUtils.java Wed Feb 13 07:49:57 2008
@@ -18,12 +18,14 @@
*/
package org.apache.axis2.jaxws.description.builder;
+import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.jaxws.ExceptionFactory;
-import org.apache.axis2.jaxws.util.ClassLoaderUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import javax.xml.namespace.QName;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
*
@@ -318,7 +320,7 @@
if (classLoader != null) {
// Use the specified classloader to load the class.
try {
- returnClass = ClassLoaderUtils.forName(classToLoad, false, classLoader);
+ returnClass = forName(classToLoad, false, classLoader);
}
//Catch Throwable as ClassLoader can throw an NoClassDefFoundError that
//does not extend Exception, so lets catch everything that extends Throwable
@@ -331,13 +333,13 @@
} else {
//Use the thread context class loader to load the class.
try {
- returnClass = ClassLoaderUtils.forName(classToLoad, false,
- ClassLoaderUtils.getContextClassLoader(null));
+ returnClass = forName(classToLoad, false,
+ getContextClassLoader(null));
}
catch (Throwable ex) {
//Use the default classloader to load the class.
try {
- returnClass = ClassLoaderUtils.forName(classToLoad);
+ returnClass = forName(classToLoad);
}
//Catch Throwable as ClassLoader can throw an NoClassDefFoundError that
//does not extend Exception
@@ -359,4 +361,77 @@
return qname == null || isEmpty(qname.getLocalPart());
}
+ /**
+ * Return the class for this name
+ *
+ * @return Class
+ */
+ private static Class forName(final String className, final boolean initialize,
+ final ClassLoader classloader) throws ClassNotFoundException {
+ Class cl = null;
+ try {
+ cl = (Class) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return Class.forName(className, initialize, classloader);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw (ClassNotFoundException) e.getException();
+ }
+
+ return cl;
+ }
+
+ /**
+ * Return the class for this name
+ *
+ * @return Class
+ */
+ private static Class forName(final String className) throws ClassNotFoundException {
+ Class cl = null;
+ try {
+ cl = (Class) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return Class.forName(className);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw (ClassNotFoundException) e.getException();
+ }
+
+ return cl;
+ }
+
+ /**
+ * @return ClassLoader
+ */
+ private static ClassLoader getContextClassLoader(final ClassLoader classLoader) {
+ ClassLoader cl;
+ try {
+ cl = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return classLoader != null ? classLoader : Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw ExceptionFactory.makeWebServiceException(e.getException());
+ }
+
+ return cl;
+ }
}
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/JAXWSRIWSDLGenerator.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/JAXWSRIWSDLGenerator.java?rev=627490&r1=627489&r2=627490&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/JAXWSRIWSDLGenerator.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/JAXWSRIWSDLGenerator.java Wed Feb 13 07:49:57 2008
@@ -3,14 +3,13 @@
import com.sun.tools.ws.spi.WSToolsObjectFactory;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
-import org.apache.axis2.wsdl.WSDLConstants;
import org.apache.axis2.dataretrieval.SchemaSupplier;
import org.apache.axis2.dataretrieval.WSDLSupplier;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.AxisConfiguration;
-import org.apache.axis2.jaxws.util.ClassLoaderUtils;
import org.apache.axis2.transport.http.HTTPConstants;
+import org.apache.axis2.wsdl.WSDLConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.commons.schema.XmlSchema;
@@ -27,12 +26,24 @@
import javax.xml.ws.soap.SOAPBinding;
import java.io.ByteArrayOutputStream;
import java.io.File;
+import java.io.FileFilter;
+import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
import java.util.List;
+import java.util.StringTokenizer;
+import java.util.jar.Attributes;
+import java.util.jar.JarFile;
+import java.util.jar.JarInputStream;
+import java.util.jar.Manifest;
/**
* This class will implement an interface that is defined by the
@@ -90,7 +101,7 @@
throw new WebServiceException("Axis2 Can't find ServletConfig");
}
- this.classPath = ClassLoaderUtils.getDefaultClasspath(webBase);
+ this.classPath = getDefaultClasspath(webBase);
if (log.isDebugEnabled()) {
log.debug("For implementation class " + className +
" WsGen classpath: " +
@@ -316,5 +327,218 @@
docMap.values().iterator().next();
}
return schema;
+ }
+
+ /**
+ * Expand a directory path or list of directory paths (File.pathSeparator
+ * delimited) into a list of file paths of all the jar files in those
+ * directories.
+ *
+ * @param dirPaths The string containing the directory path or list of
+ * directory paths.
+ * @return The file paths of the jar files in the directories. This is an
+ * empty string if no files were found, and is terminated by an
+ * additional pathSeparator in all other cases.
+ */
+ public static String expandDirs(String dirPaths) {
+ StringTokenizer st = new StringTokenizer(dirPaths, File.pathSeparator);
+ StringBuffer buffer = new StringBuffer();
+ while (st.hasMoreTokens()) {
+ String d = st.nextToken();
+ File dir = new File(d);
+ if (dir.isDirectory()) {
+ File[] files = dir.listFiles(new JavaArchiveFilter());
+ for (int i = 0; i < files.length; i++) {
+ buffer.append(files[i]).append(File.pathSeparator);
+ }
+ }
+ }
+ return buffer.toString();
+ }
+
+ /**
+ * Check if this inputstream is a jar/zip
+ *
+ * @param is
+ * @return true if inputstream is a jar
+ */
+ public static boolean isJar(InputStream is) {
+ try {
+ JarInputStream jis = new JarInputStream(is);
+ if (jis.getNextEntry() != null) {
+ return true;
+ }
+ } catch (IOException ioe) {
+ }
+ return false;
+ }
+
+ /**
+ * Get the default classpath from various thingies in the message context
+ *
+ * @param msgContext
+ * @return default classpath
+ */
+ public static String getDefaultClasspath(String webBase) {
+ HashSet classpath = new HashSet();
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ fillClassPath(cl, classpath);
+
+ // Just to be safe (the above doesn't seem to return the webapp
+ // classpath in all cases), manually do this:
+ if (webBase != null) {
+ addPath(classpath, webBase + File.separatorChar + "classes");
+ try {
+ String libBase = webBase + File.separatorChar + "lib";
+ File libDir = new File(libBase);
+ String[] jarFiles = libDir.list();
+ for (int i = 0; i < jarFiles.length; i++) {
+ String jarFile = jarFiles[i];
+ if (jarFile.endsWith(".jar")) {
+ addPath(classpath, libBase +
+ File.separatorChar +
+ jarFile);
+ }
+ }
+ } catch (Exception e) {
+ // Oh well. No big deal.
+ }
+ }
+
+ // axis.ext.dirs can be used in any appserver
+ getClassPathFromDirectoryProperty(classpath, "axis.ext.dirs");
+
+ // classpath used by Jasper
+ getClassPathFromProperty(classpath, "org.apache.catalina.jsp_classpath");
+
+ // websphere stuff.
+ getClassPathFromProperty(classpath, "ws.ext.dirs");
+ getClassPathFromProperty(classpath, "com.ibm.websphere.servlet.application.classpath");
+
+ // java class path
+ getClassPathFromProperty(classpath, "java.class.path");
+
+ // Load jars from java external directory
+ getClassPathFromDirectoryProperty(classpath, "java.ext.dirs");
+
+ // boot classpath isn't found in above search
+ getClassPathFromProperty(classpath, "sun.boot.class.path");
+
+ StringBuffer path = new StringBuffer();
+ for (Iterator iterator = classpath.iterator(); iterator.hasNext();) {
+ String s = (String) iterator.next();
+ path.append(s);
+ path.append(File.pathSeparatorChar);
+ }
+ log.info(path);
+ return path.toString();
+ }
+
+ private static void addPath(HashSet classpath, String s) {
+ String path = s.replace(((File.separatorChar == '/') ? '\\' : '/'), File.separatorChar).trim();
+ File file = new File(path);
+ if (file.exists()) {
+ path = file.getAbsolutePath();
+ classpath.add(path);
+ }
+ }
+
+ /**
+ * Add all files in the specified directory to the classpath
+ *
+ * @param classpath
+ * @param property
+ */
+ private static void getClassPathFromDirectoryProperty(HashSet classpath, String property) {
+ String dirs = System.getProperty(property);
+ String path = null;
+ try {
+ path = expandDirs(dirs);
+ } catch (Exception e) {
+ // Oh well. No big deal.
+ }
+ if (path != null) {
+ addPath(classpath, path);
+ }
+ }
+
+ /**
+ * Add a classpath stored in a property.
+ *
+ * @param classpath
+ * @param property
+ */
+ private static void getClassPathFromProperty(HashSet classpath, String property) {
+ String path = System.getProperty(property);
+ if (path != null) {
+ addPath(classpath, path);
+ }
+ }
+
+ /**
+ * Walk the classloader hierarchy and add to the classpath
+ *
+ * @param cl
+ * @param classpath
+ */
+ private static void fillClassPath(ClassLoader cl, HashSet classpath) {
+ while (cl != null) {
+ if (cl instanceof URLClassLoader) {
+ URL[] urls = ((URLClassLoader) cl).getURLs();
+ for (int i = 0; (urls != null) && i < urls.length; i++) {
+ String path = urls[i].getPath();
+ //If it is a drive letter, adjust accordingly.
+ if (path.length() >= 3 && path.charAt(0) == '/' && path.charAt(2) == ':')
+ path = path.substring(1);
+ addPath(classpath, URLDecoder.decode(path));
+
+ // if its a jar extract Class-Path entries from manifest
+ File file = new File(urls[i].getFile());
+ if (file.isFile()) {
+ FileInputStream fis = null;
+ try {
+ fis = new FileInputStream(file);
+ if (isJar(fis)) {
+ JarFile jar = new JarFile(file);
+ Manifest manifest = jar.getManifest();
+ if (manifest != null) {
+ Attributes attributes = manifest.getMainAttributes();
+ if (attributes != null) {
+ String s = attributes.getValue(Attributes.Name.CLASS_PATH);
+ String base = file.getParent();
+ if (s != null) {
+ StringTokenizer st = new StringTokenizer(s, " ");
+ while (st.hasMoreTokens()) {
+ String t = st.nextToken();
+ addPath(classpath, base + File.separatorChar + t);
+ }
+ }
+ }
+ }
+ }
+ } catch (IOException ioe) {
+ } finally {
+ if (fis != null) {
+ try {
+ fis.close();
+ } catch (IOException ioe2) {
+ }
+ }
+ }
+ }
+ }
+ }
+ cl = cl.getParent();
+ }
+ }
+
+ /**
+ * Filter for zip/jar
+ */
+ private static class JavaArchiveFilter implements FileFilter {
+ public boolean accept(File file) {
+ String name = file.getName().toLowerCase();
+ return (name.endsWith(".jar") || name.endsWith(".zip"));
+ }
}
}
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java?rev=627490&r1=627489&r2=627490&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java Wed Feb 13 07:49:57 2008
@@ -50,7 +50,6 @@
import org.apache.axis2.jaxws.server.config.AddressingConfigurator;
import org.apache.axis2.jaxws.server.config.MTOMConfigurator;
import org.apache.axis2.jaxws.server.config.RespectBindingConfigurator;
-import org.apache.axis2.jaxws.util.ClassLoaderUtils;
import org.apache.axis2.jaxws.util.WSDL4JWrapper;
import org.apache.axis2.wsdl.util.WSDLDefinitionWrapper;
import org.apache.commons.logging.Log;
@@ -76,11 +75,12 @@
import javax.xml.ws.soap.AddressingFeature;
import javax.xml.ws.soap.MTOMFeature;
import javax.xml.ws.soap.SOAPBinding;
-
import java.io.InputStream;
import java.lang.annotation.Annotation;
import java.net.URL;
import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
@@ -602,8 +602,8 @@
// TODO: (JLB) This is the deprecated server-side introspection code for an impl that references an SEI
try {
// TODO: Using Class forName() is probably not the best long-term way to get the SEI class from the annotation
- seiClass = ClassLoaderUtils.forName(seiClassName, false,
- ClassLoaderUtils.getContextClassLoader(this.axisService != null ? this.axisService.getClassLoader() : null));
+ seiClass = forName(seiClassName, false,
+ getContextClassLoader(this.axisService != null ? this.axisService.getClassLoader() : null));
// Catch Throwable as ClassLoader can throw an NoClassDefFoundError that
// does not extend Exception, so lets catch everything that extends Throwable
// rather than just Exception.
@@ -1888,6 +1888,52 @@
return cls.getAnnotation(annotation);
}
});
+ }
+
+ /**
+ * Return the class for this name
+ *
+ * @return Class
+ */
+ private static Class forName(final String className, final boolean initialize,
+ final ClassLoader classloader) throws ClassNotFoundException {
+ Class cl = null;
+ try {
+ cl = (Class) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return Class.forName(className, initialize, classloader);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw (ClassNotFoundException) e.getException();
+ }
+
+ return cl;
+ }
+
+ private static ClassLoader getContextClassLoader(final ClassLoader classLoader) {
+ ClassLoader cl;
+ try {
+ cl = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return classLoader != null ? classLoader : Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw ExceptionFactory.makeWebServiceException(e.getException());
+ }
+
+ return cl;
}
}
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/ServiceDescriptionImpl.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/ServiceDescriptionImpl.java?rev=627490&r1=627489&r2=627490&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/ServiceDescriptionImpl.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/ServiceDescriptionImpl.java Wed Feb 13 07:49:57 2008
@@ -18,9 +18,6 @@
*/
package org.apache.axis2.jaxws.description.impl;
-import static org.apache.axis2.jaxws.description.builder.MDQConstants.RETURN_TYPE_FUTURE;
-import static org.apache.axis2.jaxws.description.builder.MDQConstants.RETURN_TYPE_RESPONSE;
-
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.description.AxisService;
@@ -36,13 +33,14 @@
import org.apache.axis2.jaxws.description.ServiceRuntimeDescription;
import org.apache.axis2.jaxws.description.builder.DescriptionBuilderComposite;
import org.apache.axis2.jaxws.description.builder.MDQConstants;
+import static org.apache.axis2.jaxws.description.builder.MDQConstants.RETURN_TYPE_FUTURE;
+import static org.apache.axis2.jaxws.description.builder.MDQConstants.RETURN_TYPE_RESPONSE;
import org.apache.axis2.jaxws.description.builder.MethodDescriptionComposite;
import org.apache.axis2.jaxws.description.builder.ParameterDescriptionComposite;
import org.apache.axis2.jaxws.description.xml.handler.HandlerChainsType;
import org.apache.axis2.jaxws.i18n.Messages;
import org.apache.axis2.jaxws.util.WSDL4JWrapper;
import org.apache.axis2.jaxws.util.WSDLWrapper;
-import org.apache.axis2.jaxws.util.ClassLoaderUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -53,14 +51,9 @@
import javax.wsdl.Service;
import javax.wsdl.WSDLException;
import javax.wsdl.extensions.ExtensibilityElement;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.Unmarshaller;
import javax.xml.namespace.QName;
import javax.xml.ws.WebServiceClient;
import javax.xml.ws.soap.SOAPBinding;
-
-import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
@@ -69,6 +62,8 @@
import java.net.URL;
import java.net.UnknownHostException;
import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -816,7 +811,7 @@
// Try the context class loader
if(url == null){
- ClassLoader classLoader = ClassLoaderUtils.getContextClassLoader(null);
+ ClassLoader classLoader = getContextClassLoader(null);
if(classLoader != loader){
url = classLoader.getResource(wsdlLocation);
}
@@ -2010,5 +2005,25 @@
return cls.getAnnotation(annotation);
}
});
+ }
+
+ private static ClassLoader getContextClassLoader(final ClassLoader classLoader) {
+ ClassLoader cl;
+ try {
+ cl = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return classLoader != null ? classLoader : Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw ExceptionFactory.makeWebServiceException(e.getException());
+ }
+
+ return cl;
}
}
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/util/ClassLoaderUtils.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/util/ClassLoaderUtils.java?rev=627490&r1=627489&r2=627490&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/util/ClassLoaderUtils.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/util/ClassLoaderUtils.java Wed Feb 13 07:49:57 2008
@@ -42,6 +42,10 @@
import java.util.jar.JarInputStream;
import java.util.jar.Manifest;
+/**
+ * @deprecated - Security Risk. Please don't use this class, As a general rule
+ * end user code should not be able to access AccessController.doPrivileged
+ */
public class ClassLoaderUtils {
private static final Log log = LogFactory.getLog(ClassLoaderUtils.class);
@@ -143,216 +147,4 @@
return cl;
}
- /**
- * Expand a directory path or list of directory paths (File.pathSeparator
- * delimited) into a list of file paths of all the jar files in those
- * directories.
- *
- * @param dirPaths The string containing the directory path or list of
- * directory paths.
- * @return The file paths of the jar files in the directories. This is an
- * empty string if no files were found, and is terminated by an
- * additional pathSeparator in all other cases.
- */
- public static String expandDirs(String dirPaths) {
- StringTokenizer st = new StringTokenizer(dirPaths, File.pathSeparator);
- StringBuffer buffer = new StringBuffer();
- while (st.hasMoreTokens()) {
- String d = st.nextToken();
- File dir = new File(d);
- if (dir.isDirectory()) {
- File[] files = dir.listFiles(new JavaArchiveFilter());
- for (int i = 0; i < files.length; i++) {
- buffer.append(files[i]).append(File.pathSeparator);
- }
- }
- }
- return buffer.toString();
- }
-
- /**
- * Check if this inputstream is a jar/zip
- *
- * @param is
- * @return true if inputstream is a jar
- */
- public static boolean isJar(InputStream is) {
- try {
- JarInputStream jis = new JarInputStream(is);
- if (jis.getNextEntry() != null) {
- return true;
- }
- } catch (IOException ioe) {
- }
- return false;
- }
-
- /**
- * Get the default classpath from various thingies in the message context
- *
- * @param msgContext
- * @return default classpath
- */
- public static String getDefaultClasspath(String webBase) {
- HashSet classpath = new HashSet();
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
- fillClassPath(cl, classpath);
-
- // Just to be safe (the above doesn't seem to return the webapp
- // classpath in all cases), manually do this:
- if (webBase != null) {
- addPath(classpath, webBase + File.separatorChar + "classes");
- try {
- String libBase = webBase + File.separatorChar + "lib";
- File libDir = new File(libBase);
- String[] jarFiles = libDir.list();
- for (int i = 0; i < jarFiles.length; i++) {
- String jarFile = jarFiles[i];
- if (jarFile.endsWith(".jar")) {
- addPath(classpath, libBase +
- File.separatorChar +
- jarFile);
- }
- }
- } catch (Exception e) {
- // Oh well. No big deal.
- }
- }
-
- // axis.ext.dirs can be used in any appserver
- getClassPathFromDirectoryProperty(classpath, "axis.ext.dirs");
-
- // classpath used by Jasper
- getClassPathFromProperty(classpath, "org.apache.catalina.jsp_classpath");
-
- // websphere stuff.
- getClassPathFromProperty(classpath, "ws.ext.dirs");
- getClassPathFromProperty(classpath, "com.ibm.websphere.servlet.application.classpath");
-
- // java class path
- getClassPathFromProperty(classpath, "java.class.path");
-
- // Load jars from java external directory
- getClassPathFromDirectoryProperty(classpath, "java.ext.dirs");
-
- // boot classpath isn't found in above search
- getClassPathFromProperty(classpath, "sun.boot.class.path");
-
- StringBuffer path = new StringBuffer();
- for (Iterator iterator = classpath.iterator(); iterator.hasNext();) {
- String s = (String) iterator.next();
- path.append(s);
- path.append(File.pathSeparatorChar);
- }
- log.info(path);
- return path.toString();
- }
-
- private static void addPath(HashSet classpath, String s) {
- String path = s.replace(((File.separatorChar == '/') ? '\\' : '/'), File.separatorChar).trim();
- File file = new File(path);
- if (file.exists()) {
- path = file.getAbsolutePath();
- classpath.add(path);
- }
- }
-
- /**
- * Add all files in the specified directory to the classpath
- *
- * @param classpath
- * @param property
- */
- private static void getClassPathFromDirectoryProperty(HashSet classpath, String property) {
- String dirs = System.getProperty(property);
- String path = null;
- try {
- path = expandDirs(dirs);
- } catch (Exception e) {
- // Oh well. No big deal.
- }
- if (path != null) {
- addPath(classpath, path);
- }
- }
-
- /**
- * Add a classpath stored in a property.
- *
- * @param classpath
- * @param property
- */
- private static void getClassPathFromProperty(HashSet classpath, String property) {
- String path = System.getProperty(property);
- if (path != null) {
- addPath(classpath, path);
- }
- }
-
- /**
- * Walk the classloader hierarchy and add to the classpath
- *
- * @param cl
- * @param classpath
- */
- private static void fillClassPath(ClassLoader cl, HashSet classpath) {
- while (cl != null) {
- if (cl instanceof URLClassLoader) {
- URL[] urls = ((URLClassLoader) cl).getURLs();
- for (int i = 0; (urls != null) && i < urls.length; i++) {
- String path = urls[i].getPath();
- //If it is a drive letter, adjust accordingly.
- if (path.length() >= 3 && path.charAt(0) == '/' && path.charAt(2) == ':')
- path = path.substring(1);
- addPath(classpath, URLDecoder.decode(path));
-
- // if its a jar extract Class-Path entries from manifest
- File file = new File(urls[i].getFile());
- if (file.isFile()) {
- FileInputStream fis = null;
- try {
- fis = new FileInputStream(file);
- if (isJar(fis)) {
- JarFile jar = new JarFile(file);
- Manifest manifest = jar.getManifest();
- if (manifest != null) {
- Attributes attributes = manifest.getMainAttributes();
- if (attributes != null) {
- String s = attributes.getValue(Attributes.Name.CLASS_PATH);
- String base = file.getParent();
- if (s != null) {
- StringTokenizer st = new StringTokenizer(s, " ");
- while (st.hasMoreTokens()) {
- String t = st.nextToken();
- addPath(classpath, base + File.separatorChar + t);
- }
- }
- }
- }
- }
- } catch (IOException ioe) {
- } finally {
- if (fis != null) {
- try {
- fis.close();
- } catch (IOException ioe2) {
- }
- }
- }
- }
- }
- }
- cl = cl.getParent();
- }
- }
-
- /**
- * Filter for zip/jar
- */
- private static class JavaArchiveFilter implements FileFilter {
- public boolean accept(File file) {
- String name = file.getName().toLowerCase();
- return (name.endsWith(".jar") || name.endsWith(".zip"));
- }
- }
}
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/metadata/registry/MetadataFactoryRegistry.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/metadata/registry/MetadataFactoryRegistry.java?rev=627490&r1=627489&r2=627490&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/metadata/registry/MetadataFactoryRegistry.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/metadata/registry/MetadataFactoryRegistry.java Wed Feb 13 07:49:57 2008
@@ -18,15 +18,9 @@
*/
package org.apache.axis2.metadata.registry;
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.InputStreamReader;
-import java.net.URL;
-import java.util.Hashtable;
-import java.util.Map;
-
+import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.jaxws.ClientConfigurationFactory;
-import org.apache.axis2.jaxws.util.ClassLoaderUtils;
+import org.apache.axis2.jaxws.ExceptionFactory;
import org.apache.axis2.jaxws.util.Constants;
import org.apache.axis2.jaxws.wsdl.WSDLReaderConfigurator;
import org.apache.axis2.jaxws.wsdl.WSDLReaderConfiguratorImpl;
@@ -34,6 +28,15 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import java.util.Hashtable;
+import java.util.Map;
+
public class MetadataFactoryRegistry {
private static Log log = LogFactory.getLog(MetadataFactoryRegistry.class);
@@ -90,7 +93,7 @@
private static void loadConfigFromFile() {
String pairSeparator = "|";
try {
- ClassLoader classLoader = ClassLoaderUtils.getContextClassLoader(null);
+ ClassLoader classLoader = getContextClassLoader(null);
URL url = null;
url = classLoader.getResource(configurationFileLoc);
if(url == null) {
@@ -174,4 +177,24 @@
configurationFileLoc = configFileLoc;
loadConfigFromFile();
}
+
+ private static ClassLoader getContextClassLoader(final ClassLoader classLoader) {
+ ClassLoader cl;
+ try {
+ cl = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return classLoader != null ? classLoader : Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Exception thrown from AccessController: " + e.getMessage(), e);
+ }
+ throw ExceptionFactory.makeWebServiceException(e.getException());
+ }
+
+ return cl;
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org