You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/01/12 16:18:40 UTC
[tomcat] branch main updated: More SecurityManager clean-up
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 8613da855d More SecurityManager clean-up
8613da855d is described below
commit 8613da855d3639c7feb2c27b547a173193ae4602
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 12 16:18:32 2023 +0000
More SecurityManager clean-up
---
.../catalina/core/DefaultInstanceManager.java | 4 +--
.../catalina/deploy/NamingResourcesImpl.java | 4 +--
.../apache/catalina/startup/WebAnnotationSet.java | 4 +--
.../membership/cloud/CloudMembershipProvider.java | 4 +--
.../catalina/tribes/transport/ReceiverBase.java | 3 +-
.../catalina/tribes/util/TcclThreadFactory.java | 21 ++----------
java/org/apache/catalina/util/Introspection.java | 38 ----------------------
7 files changed, 10 insertions(+), 68 deletions(-)
diff --git a/java/org/apache/catalina/core/DefaultInstanceManager.java b/java/org/apache/catalina/core/DefaultInstanceManager.java
index 7c196970b2..859043ae9c 100644
--- a/java/org/apache/catalina/core/DefaultInstanceManager.java
+++ b/java/org/apache/catalina/core/DefaultInstanceManager.java
@@ -304,7 +304,7 @@ public class DefaultInstanceManager implements InstanceManager {
}
// Initialize methods annotations
- Method[] methods = Introspection.getDeclaredMethods(clazz);
+ Method[] methods = clazz.getDeclaredMethods();
Method postConstruct = null;
String postConstructFromXml = postConstructMethods.get(clazz.getName());
Method preDestroy = null;
@@ -395,7 +395,7 @@ public class DefaultInstanceManager implements InstanceManager {
if (context != null) {
// Initialize fields annotations for resource injection if
// JNDI is enabled
- Field[] fields = Introspection.getDeclaredFields(clazz);
+ Field[] fields = clazz.getDeclaredFields();
for (Field field : fields) {
Resource resourceAnnotation;
Annotation ejbAnnotation;
diff --git a/java/org/apache/catalina/deploy/NamingResourcesImpl.java b/java/org/apache/catalina/deploy/NamingResourcesImpl.java
index 1000fc5846..37f90217e2 100644
--- a/java/org/apache/catalina/deploy/NamingResourcesImpl.java
+++ b/java/org/apache/catalina/deploy/NamingResourcesImpl.java
@@ -1238,7 +1238,7 @@ public class NamingResourcesImpl extends LifecycleMBeanBase
}
private Class<?> getSetterType(Class<?> clazz, String name) {
- Method[] methods = Introspection.getDeclaredMethods(clazz);
+ Method[] methods = clazz.getDeclaredMethods();
if (methods != null && methods.length > 0) {
for (Method method : methods) {
if (Introspection.isValidSetter(method) &&
@@ -1251,7 +1251,7 @@ public class NamingResourcesImpl extends LifecycleMBeanBase
}
private Class<?> getFieldType(Class<?> clazz, String name) {
- Field[] fields = Introspection.getDeclaredFields(clazz);
+ Field[] fields = clazz.getDeclaredFields();
if (fields != null && fields.length > 0) {
for (Field field : fields) {
if (field.getName().equals(name)) {
diff --git a/java/org/apache/catalina/startup/WebAnnotationSet.java b/java/org/apache/catalina/startup/WebAnnotationSet.java
index 99e67143b4..e6459094c0 100644
--- a/java/org/apache/catalina/startup/WebAnnotationSet.java
+++ b/java/org/apache/catalina/startup/WebAnnotationSet.java
@@ -269,7 +269,7 @@ public class WebAnnotationSet {
protected static void loadFieldsAnnotation(Context context, Class<?> clazz) {
// Initialize the annotations
- Field[] fields = Introspection.getDeclaredFields(clazz);
+ Field[] fields = clazz.getDeclaredFields();
if (fields != null && fields.length > 0) {
for (Field field : fields) {
Resource annotation = field.getAnnotation(Resource.class);
@@ -285,7 +285,7 @@ public class WebAnnotationSet {
protected static void loadMethodsAnnotation(Context context, Class<?> clazz) {
// Initialize the annotations
- Method[] methods = Introspection.getDeclaredMethods(clazz);
+ Method[] methods = clazz.getDeclaredMethods();
if (methods != null && methods.length > 0) {
for (Method method : methods) {
Resource annotation = method.getAnnotation(Resource.class);
diff --git a/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java b/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java
index 8bab726f87..6b8fdf9cdf 100644
--- a/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java
+++ b/java/org/apache/catalina/tribes/membership/cloud/CloudMembershipProvider.java
@@ -19,10 +19,8 @@ package org.apache.catalina.tribes.membership.cloud;
import java.io.IOException;
import java.io.Serializable;
import java.net.InetAddress;
-import java.security.AccessController;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
-import java.security.PrivilegedAction;
import java.time.Instant;
import java.util.HashMap;
import java.util.Map;
@@ -74,7 +72,7 @@ public abstract class CloudMembershipProvider extends MembershipProviderBase imp
protected static String getEnv(String... keys) {
String val = null;
for (String key : keys) {
- val = AccessController.doPrivileged((PrivilegedAction<String>) () -> System.getenv(key));
+ val = System.getenv(key);
if (val != null) {
break;
}
diff --git a/java/org/apache/catalina/tribes/transport/ReceiverBase.java b/java/org/apache/catalina/tribes/transport/ReceiverBase.java
index 31d84d48b3..8ad1d2e688 100644
--- a/java/org/apache/catalina/tribes/transport/ReceiverBase.java
+++ b/java/org/apache/catalina/tribes/transport/ReceiverBase.java
@@ -588,8 +588,7 @@ public abstract class ReceiverBase implements ChannelReceiver, ListenCallback, R
final String namePrefix;
TaskThreadFactory(String namePrefix) {
- SecurityManager s = System.getSecurityManager();
- group = (s != null) ? s.getThreadGroup() : Thread.currentThread().getThreadGroup();
+ group = Thread.currentThread().getThreadGroup();
this.namePrefix = namePrefix;
}
diff --git a/java/org/apache/catalina/tribes/util/TcclThreadFactory.java b/java/org/apache/catalina/tribes/util/TcclThreadFactory.java
index de46faa62b..4fbbc44069 100644
--- a/java/org/apache/catalina/tribes/util/TcclThreadFactory.java
+++ b/java/org/apache/catalina/tribes/util/TcclThreadFactory.java
@@ -16,8 +16,6 @@
*/
package org.apache.catalina.tribes.util;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.atomic.AtomicInteger;
@@ -31,8 +29,6 @@ import java.util.concurrent.atomic.AtomicInteger;
public class TcclThreadFactory implements ThreadFactory {
private static final AtomicInteger poolNumber = new AtomicInteger(1);
- private static final boolean IS_SECURITY_ENABLED =
- (System.getSecurityManager() != null);
private final ThreadGroup group;
private final AtomicInteger threadNumber = new AtomicInteger(1);
@@ -43,28 +39,15 @@ public class TcclThreadFactory implements ThreadFactory {
}
public TcclThreadFactory(String namePrefix) {
- SecurityManager s = System.getSecurityManager();
- group = (s != null) ? s.getThreadGroup() : Thread.currentThread().getThreadGroup();
+ group = Thread.currentThread().getThreadGroup();
this.namePrefix = namePrefix;
}
@Override
public Thread newThread(Runnable r) {
final Thread t = new Thread(group, r, namePrefix + threadNumber.getAndIncrement());
-
- if (IS_SECURITY_ENABLED) {
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- @Override
- public Void run() {
- t.setContextClassLoader(this.getClass().getClassLoader());
- return null;
- }
- });
- } else {
- t.setContextClassLoader(this.getClass().getClassLoader());
- }
+ t.setContextClassLoader(this.getClass().getClassLoader());
t.setDaemon(true);
return t;
}
-
}
diff --git a/java/org/apache/catalina/util/Introspection.java b/java/org/apache/catalina/util/Introspection.java
index 5c9bc2bcfd..cff56d0878 100644
--- a/java/org/apache/catalina/util/Introspection.java
+++ b/java/org/apache/catalina/util/Introspection.java
@@ -17,14 +17,10 @@
package org.apache.catalina.util;
import java.beans.Introspector;
-import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.apache.catalina.Context;
-import org.apache.catalina.Globals;
import org.apache.juli.logging.Log;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.res.StringManager;
@@ -90,40 +86,6 @@ public class Introspection {
return true;
}
- /**
- * Obtain the declared fields for a class taking account of any security
- * manager that may be configured.
- * @param clazz The class to introspect
- * @return the class fields as an array
- */
- public static Field[] getDeclaredFields(final Class<?> clazz) {
- Field[] fields = null;
- if (Globals.IS_SECURITY_ENABLED) {
- fields = AccessController.doPrivileged((PrivilegedAction<Field[]>) clazz::getDeclaredFields);
- } else {
- fields = clazz.getDeclaredFields();
- }
- return fields;
- }
-
-
- /**
- * Obtain the declared methods for a class taking account of any security
- * manager that may be configured.
- * @param clazz The class to introspect
- * @return the class methods as an array
- */
- public static Method[] getDeclaredMethods(final Class<?> clazz) {
- Method[] methods = null;
- if (Globals.IS_SECURITY_ENABLED) {
- methods = AccessController.doPrivileged((PrivilegedAction<Method[]>) clazz::getDeclaredMethods);
- } else {
- methods = clazz.getDeclaredMethods();
- }
- return methods;
- }
-
-
/**
* Attempt to load a class using the given Container's class loader. If the
* class cannot be loaded, a debug level log message will be written to the
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org