You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by di...@apache.org on 2008/03/25 05:39:39 UTC
svn commit: r640697 - in /webservices/axis2/trunk/java/modules:
codegen/src/org/apache/axis2/wsdl/ codegen/src/org/apache/axis2/wsdl/codegen/
codegen/src/org/apache/axis2/wsdl/codegen/emitter/
jaxws/src/org/apache/axis2/jaxws/lifecycle/ kernel/src/org/...
Author: dims
Date: Mon Mar 24 21:39:33 2008
New Revision: 640697
URL: http://svn.apache.org/viewvc?rev=640697&view=rev
Log:
Fix for AXIS2-3650 - Need a scrub for J2S doPriv
Modified:
webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/WSDL2Code.java
webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/CodegenConfigLoader.java
webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/emitter/AxisServiceBasedMultiLanguageEmitter.java
webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/lifecycle/BaseLifecycleManager.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/BuilderUtil.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/XFormURLEncodedBuilder.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/ConfigurationContext.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/externalize/ObjectInputStreamWithCL.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/util/Utils.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/receivers/AbstractMessageReceiver.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/transport/jms/JMSSender.java
webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/util/Utils.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/converter/JavaClassToDBCConverter.java
webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java
Modified: webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/WSDL2Code.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/WSDL2Code.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/WSDL2Code.java (original)
+++ webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/WSDL2Code.java Mon Mar 24 21:39:33 2008
@@ -43,7 +43,7 @@
for (int i = 2; i <= 45; i++) {
System.out.println(" " + CodegenMessages.getMessage("wsdl2code.arg" + i));
}
- System.exit(0);
+ System.exit(0);//$NON-SEC-2
}
Modified: webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/CodegenConfigLoader.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/CodegenConfigLoader.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/CodegenConfigLoader.java (original)
+++ webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/CodegenConfigLoader.java Mon Mar 24 21:39:33 2008
@@ -49,13 +49,13 @@
config.setOutputLocation(outputLocationFile);
//check and create the directories
- if (outputLocationFile.exists()) {
- if (outputLocationFile.isFile()) {
+ if (outputLocationFile.exists()) {//$NON-SEC-2
+ if (outputLocationFile.isFile()) {//$NON-SEC-2
throw new RuntimeException(
CodegenMessages.getMessage("options.notADirectoryException"));
}
} else {
- outputLocationFile.mkdirs();
+ outputLocationFile.mkdirs();//$NON-SEC-2
}
config.setServerSide(loadOption(WSDL2JavaConstants.SERVER_SIDE_CODE_OPTION,
@@ -197,8 +197,8 @@
} else {
// Try loading the properties from the file specified
try {
- Properties p = new Properties();
- p.load(new FileInputStream(value));
+ Properties p = new Properties();//$NON-SEC-3
+ p.load(new FileInputStream(value));//$NON-SEC-2//$NON-SEC-3
config.setUri2PackageNameMap(p);
} catch (IOException e) {
throw new RuntimeException(
@@ -264,12 +264,12 @@
//setting http proxy host and http proxy port
commandLineOption = loadOption(null, WSDL2JavaConstants.HTTP_PROXY_HOST_OPTION_LONG, optionMap);
if (commandLineOption != null) {
- System.setProperty("http.proxyHost", commandLineOption.getOptionValue());
+ System.setProperty("http.proxyHost", commandLineOption.getOptionValue());//$NON-SEC-2
}
commandLineOption = loadOption(null, WSDL2JavaConstants.HTTP_PROXY_PORT_OPTION_LONG, optionMap);
if (commandLineOption != null) {
- System.setProperty("http.proxyPort", commandLineOption.getOptionValue());
+ System.setProperty("http.proxyPort", commandLineOption.getOptionValue());//$NON-SEC-2
}
commandLineOption = loadOption(WSDL2JavaConstants.EXCLUDE_PAKAGES_OPTION,
Modified: webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/emitter/AxisServiceBasedMultiLanguageEmitter.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/emitter/AxisServiceBasedMultiLanguageEmitter.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/emitter/AxisServiceBasedMultiLanguageEmitter.java (original)
+++ webservices/axis2/trunk/java/modules/codegen/src/org/apache/axis2/wsdl/codegen/emitter/AxisServiceBasedMultiLanguageEmitter.java Mon Mar 24 21:39:33 2008
@@ -568,7 +568,7 @@
antBuildWriter.setDatabindingFramework(codeGenConfiguration.getDatabindingType());
antBuildWriter.setOverride(codeGenConfiguration.isOverride());
writeFile(skeletonModel, antBuildWriter);
- codeGenConfiguration.addXmlFileName(antBuildWriter.getOutputFile().getAbsolutePath());
+ codeGenConfiguration.addXmlFileName(antBuildWriter.getOutputFile().getAbsolutePath());//$NON-SEC-3
}
/**
@@ -1911,7 +1911,7 @@
this.codeGenConfiguration.getOutputLanguage());
serviceXmlWriter.setOverride(codeGenConfiguration.isOverride());
writeFile(serviceXMLModel, serviceXmlWriter);
- codeGenConfiguration.addXmlFileName(serviceXmlWriter.getOutputFile().getAbsolutePath());
+ codeGenConfiguration.addXmlFileName(serviceXmlWriter.getOutputFile().getAbsolutePath());//$NON-SEC-3
}
@@ -2537,8 +2537,8 @@
outputDir = new File(outputDir, dir2);
}
- if (!outputDir.exists()) {
- outputDir.mkdirs();
+ if (!outputDir.exists()) {//$NON-SEC-3
+ outputDir.mkdirs();//$NON-SEC-2
}
Modified: webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/lifecycle/BaseLifecycleManager.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/lifecycle/BaseLifecycleManager.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/lifecycle/BaseLifecycleManager.java (original)
+++ webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/lifecycle/BaseLifecycleManager.java Mon Mar 24 21:39:33 2008
@@ -20,6 +20,7 @@
package org.apache.axis2.jaxws.lifecycle;
import org.apache.axis2.jaxws.i18n.Messages;
+import org.apache.axis2.java.security.AccessController;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -28,6 +29,9 @@
import java.lang.annotation.Annotation;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
public abstract class BaseLifecycleManager {
@@ -75,13 +79,17 @@
}
}
- protected void invokeMethod(Method m, Object[] params) throws LifecycleException {
+ protected void invokeMethod(final Method m, final Object[] params) throws LifecycleException {
try {
- m.invoke(instance, params);
- } catch (InvocationTargetException e) {
- throw new LifecycleException(e);
- } catch (IllegalAccessException e) {
- throw new LifecycleException(e);
+ AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws InvocationTargetException, IllegalAccessException {
+ return m.invoke(instance, params);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw new LifecycleException(e.getException());
}
}
@@ -91,8 +99,14 @@
//return Method with @PostConstruct Annotation.
if (instance != null) {
- Class endpointClazz = instance.getClass();
- Method[] methods = endpointClazz.getMethods();
+ final Class endpointClazz = instance.getClass();
+ Method[] methods = (Method[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return endpointClazz.getMethods();
+ }
+ }
+ );
for (Method method : methods) {
if (isPostConstruct(method)) {
@@ -108,8 +122,14 @@
// Plus the super class methods are not being considered
//return Method with @PreDestroy Annotation
if (instance != null) {
- Class endpointClazz = instance.getClass();
- Method[] methods = endpointClazz.getMethods();
+ final Class endpointClazz = instance.getClass();
+ Method[] methods = (Method[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return endpointClazz.getMethods();
+ }
+ }
+ );
for (Method method : methods) {
if (isPreDestroy(method)) {
@@ -120,16 +140,28 @@
return null;
}
- protected boolean isPostConstruct(Method method) {
- Annotation[] annotations = method.getDeclaredAnnotations();
+ protected boolean isPostConstruct(final Method method) {
+ Annotation[] annotations = (Annotation[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return method.getDeclaredAnnotations();
+ }
+ }
+ );
for (Annotation annotation : annotations) {
return PostConstruct.class.isAssignableFrom(annotation.annotationType());
}
return false;
}
- protected boolean isPreDestroy(Method method) {
- Annotation[] annotations = method.getDeclaredAnnotations();
+ protected boolean isPreDestroy(final Method method) {
+ Annotation[] annotations = (Annotation[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return method.getDeclaredAnnotations();
+ }
+ }
+ );
for (Annotation annotation : annotations) {
return PreDestroy.class.isAssignableFrom(annotation.annotationType());
}
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/BuilderUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/BuilderUtil.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/BuilderUtil.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/BuilderUtil.java Mon Mar 24 21:39:33 2008
@@ -44,6 +44,7 @@
import org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
+import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.deployment.DeploymentConstants;
import org.apache.axis2.description.AxisMessage;
@@ -75,8 +76,12 @@
import java.io.InputStreamReader;
import java.io.PushbackInputStream;
import java.io.Reader;
+import java.io.UnsupportedEncodingException;
import java.util.Iterator;
import java.util.Map;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
public class BuilderUtil {
private static final Log log = LogFactory.getLog(BuilderUtil.class);
@@ -233,10 +238,22 @@
* @param charSetEncoding
* @throws java.io.IOException
*/
- public static Reader getReader(InputStream is, String charSetEncoding) throws IOException {
- PushbackInputStream is2 = getPushbackInputStream(is);
- String encoding = getCharSetEncoding(is2, charSetEncoding);
- return new BufferedReader(new InputStreamReader(is2, encoding));
+ public static Reader getReader(final InputStream is, final String charSetEncoding) throws IOException {
+ final PushbackInputStream is2 = getPushbackInputStream(is);
+ final String encoding = getCharSetEncoding(is2, charSetEncoding);
+ InputStreamReader inputStreamReader = null;
+ try {
+ inputStreamReader = (InputStreamReader) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws UnsupportedEncodingException {
+ return new InputStreamReader(is2, encoding);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (UnsupportedEncodingException) e.getException();
+ }
+ return new BufferedReader(inputStreamReader);
}
/**
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/XFormURLEncodedBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/XFormURLEncodedBuilder.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/XFormURLEncodedBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/builder/XFormURLEncodedBuilder.java Mon Mar 24 21:39:33 2008
@@ -26,6 +26,7 @@
import org.apache.axiom.soap.SOAPFactory;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
+import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.AxisBinding;
@@ -44,6 +45,9 @@
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
public class XFormURLEncodedBuilder implements Builder {
@@ -123,8 +127,8 @@
protected void extractParametersFromRequest(MultipleEntryHashMap parameterMap,
String query,
String queryParamSeparator,
- String charsetEncoding,
- InputStream inputStream)
+ final String charsetEncoding,
+ final InputStream inputStream)
throws AxisFault {
if (query != null && !"".equals(query)) {
@@ -144,7 +148,18 @@
if (inputStream != null) {
try {
InputStreamReader inputStreamReader =
- new InputStreamReader(inputStream, charsetEncoding);
+ null;
+ try {
+ inputStreamReader = (InputStreamReader) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws UnsupportedEncodingException {
+ return new InputStreamReader(inputStream, charsetEncoding);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (UnsupportedEncodingException) e.getException();
+ }
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
while (true) {
String line = bufferedReader.readLine();
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/ConfigurationContext.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/ConfigurationContext.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/ConfigurationContext.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/ConfigurationContext.java Mon Mar 24 21:39:33 2008
@@ -24,6 +24,7 @@
import org.apache.axiom.om.util.UUIDGenerator;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
+import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.clustering.ClusterManager;
import org.apache.axis2.clustering.ClusteringConstants;
import org.apache.axis2.clustering.configuration.ConfigurationManager;
@@ -49,6 +50,7 @@
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
+import java.security.PrivilegedAction;
/**
* <p>Axis2 states are held in two information models, called description hierarchy
@@ -758,19 +760,46 @@
File tempFile = (File) axisConfiguration.getParameterValue(
Constants.Configuration.ARTIFACTS_TEMP_DIR);
if (tempFile == null) {
- tempFile = new File(System.getProperty("java.io.tmpdir"), "_axis2");
+ String property = (String) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty("java.io.tmpdir");
+ }
+ }
+ );
+ tempFile = new File(property, "_axis2");
}
deleteTempFiles(tempFile);
}
- private void deleteTempFiles(File dir) {
- if (dir.isDirectory()) {
- String[] children = dir.list();
+ private void deleteTempFiles(final File dir) {
+ Boolean isDir = (Boolean) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return new Boolean(dir.isDirectory());
+ }
+ }
+ );
+ if (isDir.booleanValue()) {
+ String[] children = (String[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return dir.list();
+ }
+ }
+ );
for (int i = 0; children != null && i < children.length; i++) {
deleteTempFiles(new File(dir, children[i]));
}
}
- dir.delete();
+ AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ dir.delete();
+ return null;
+ }
+ }
+ );
}
/**
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/externalize/ObjectInputStreamWithCL.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/externalize/ObjectInputStreamWithCL.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/externalize/ObjectInputStreamWithCL.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/context/externalize/ObjectInputStreamWithCL.java Mon Mar 24 21:39:33 2008
@@ -26,6 +26,8 @@
import java.lang.reflect.Proxy;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
import java.util.HashMap;
/**
@@ -185,15 +187,35 @@
// NOTE: Looking up current classloader is only a tactical solution,
// and could be deprecated in future.
//
- private java.lang.Class loadClass(String name, ClassLoader loader) throws ClassNotFoundException
+ private java.lang.Class loadClass(final String name, final ClassLoader loader) throws ClassNotFoundException
{
try
{
- return Class.forName(name, true, loader);
+ try {
+ return (Class) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return Class.forName(name, true, loader);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (ClassNotFoundException) e.getException();
+ }
}
catch (ClassNotFoundException cnf)
{
- return Class.forName(name);
+ try {
+ return (Class) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return Class.forName(name);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (ClassNotFoundException) e.getException();
+ }
}
}
@@ -210,7 +232,7 @@
Class nonPublicClass = null;
- Class[] classes = new Class[interfaces.length];
+ final Class[] classes = new Class[interfaces.length];
for (int i = 0; i < interfaces.length; i++)
{
classes[i] = resolveClass(interfaces[i]);
@@ -239,14 +261,20 @@
// Call getClassLoader() on either the non-public class (if any) or the
// first class.
proxyClass = nonPublicClass != null ? nonPublicClass : classes[0];
- ClassLoader loader = (ClassLoader) AccessController.doPrivileged(proxyClassLoaderAction);
+ final ClassLoader loader = (ClassLoader) AccessController.doPrivileged(proxyClassLoaderAction);
// "If Proxy.getProxyClass throws an IllegalArgumentException,
// resolveProxyClass will throw a ClassNotFoundException containing the
// IllegalArgumentException."
try
{
- return Proxy.getProxyClass(loader, classes);
+ return (Class) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return Proxy.getProxyClass(loader, classes);
+ }
+ }
+ );
}
catch (IllegalArgumentException ex)
{
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/util/Utils.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/util/Utils.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/util/Utils.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/util/Utils.java Mon Mar 24 21:39:33 2008
@@ -74,14 +74,18 @@
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
+import java.io.FileNotFoundException;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
+import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLClassLoader;
import java.net.URLDecoder;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
@@ -108,32 +112,39 @@
for (int j = 0; j < count; j++) {
HandlerDescription handlermd = flow.getHandler(j);
- Class handlerClass;
Handler handler;
- handlerClass = getHandlerClass(handlermd.getClassName(), clsLoader);
+ final Class handlerClass = getHandlerClass(handlermd.getClassName(), clsLoader);
- try {
- handler = (Handler) handlerClass.newInstance();
- handler.init(handlermd);
- handlermd.setHandler(handler);
- } catch (InstantiationException e) {
- throw AxisFault.makeFault(e);
- } catch (IllegalAccessException e) {
- throw AxisFault.makeFault(e);
- }
- }
- }
+ try {
+ handler = (Handler) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws InstantiationException, IllegalAccessException {
+ return handlerClass.newInstance();
+ }
+ }
+ );
+ handler.init(handlermd);
+ handlermd.setHandler(handler);
+ } catch (PrivilegedActionException e) {
+ throw AxisFault.makeFault(e);
+ }
+ }
+ }
public static void loadHandler(ClassLoader loader1, HandlerDescription desc)
throws DeploymentException {
String handlername = desc.getClassName();
Handler handler;
- Class handlerClass;
-
try {
- handlerClass = Loader.loadClass(loader1, handlername);
- Package aPackage = handlerClass.getPackage();
+ final Class handlerClass = Loader.loadClass(loader1, handlername);
+ Package aPackage = (Package) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return handlerClass.getPackage();
+ }
+ }
+ );
if (aPackage != null && aPackage.getName().equals(
"org.apache.axis2.engine")) {
String name = handlerClass.getName();
@@ -147,7 +158,13 @@
+ "and replace with the same class in org.apache.axis2.dispatchers package");
}
}
- handler = (Handler) handlerClass.newInstance();
+ handler = (Handler) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws InstantiationException, IllegalAccessException {
+ return handlerClass.newInstance();
+ }
+ }
+ );
handler.init(desc);
desc.setHandler(handler);
} catch (ClassNotFoundException e) {
@@ -169,9 +186,15 @@
if (index != -1) {
fileName = fileName.substring(index + 1);
}
- File f = createTempFile(fileName, in, tmpDir);
+ final File f = createTempFile(fileName, in, tmpDir);
- fin = new FileInputStream(f);
+ fin = (FileInputStream) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(f);
+ }
+ }
+ );
array.add(f.toURL());
zin = new ZipInputStream(fin);
@@ -186,8 +209,8 @@
if ((entryName != null) && entryName.toLowerCase().startsWith("lib/")
&& entryName.toLowerCase().endsWith(".jar")) {
String suffix = entryName.substring(4);
- f = createTempFile(suffix, zin, tmpDir);
- array.add(f.toURL());
+ File f2 = createTempFile(suffix, zin, tmpDir);
+ array.add(f2.toURL());
}
}
return (URL[]) array.toArray(new URL[array.size()]);
@@ -218,26 +241,86 @@
}
}
- public static File createTempFile(String suffix, InputStream in, File tmpDir) throws IOException {
+ public static File createTempFile(final String suffix, InputStream in, final File tmpDir) throws IOException {
byte data[] = new byte[2048];
int count;
File f;
if (tmpDir == null) {
- if (!new File(System.getProperty("java.io.tmpdir"), "_axis2").exists()) {
- if (! new File(System.getProperty("java.io.tmpdir"), "_axis2").mkdirs()) {
+ String directory = (String) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty("java.io.tmpdir");
+ }
+ }
+ );
+ final File tempFile = new File(directory, "_axis2");
+ Boolean exists = (Boolean) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return new Boolean(tempFile.exists());
+ }
+ }
+ );
+ if (!exists.booleanValue()) {
+ Boolean mkdirs = (Boolean) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return new Boolean(tempFile.mkdirs());
+ }
+ }
+ );
+ if (!mkdirs.booleanValue()) {
throw new IOException("Unable to create the directory");
}
}
- File tempFile = new File(System.getProperty("java.io.tmpdir"), "_axis2");
- f = File.createTempFile("axis2", suffix, tempFile);
+ try {
+ f = (File) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws IOException {
+ return File.createTempFile("axis2", suffix, tempFile);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (IOException) e.getException();
+ }
} else {
- f = File.createTempFile("axis2", suffix, tmpDir);
+ try {
+ f = (File) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws IOException {
+ return File.createTempFile("axis2", suffix, tmpDir);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (IOException) e.getException();
+ }
}
if (log.isDebugEnabled()) {
- log.debug("Created temporary file : " + f.getAbsolutePath());
+ log.debug("Created temporary file : " + f.getAbsolutePath());//$NON-SEC-4
+ }
+ final File f2 = f;
+ org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ f2.deleteOnExit();
+ return null;
+ }
+ }
+ );
+ FileOutputStream out = null;
+ try {
+ out = (FileOutputStream) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileOutputStream(f2);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException) e.getException();
}
- f.deleteOnExit();
- FileOutputStream out = new FileOutputStream(f);
while ((count = in.read(data, 0, 2048)) != -1) {
out.write(data, 0, count);
}
@@ -271,28 +354,10 @@
// lower case directory name
File libfiles = new File(file, "lib");
- if (libfiles.exists()) {
- urls.add(libfiles.toURL());
- File jarfiles[] = libfiles.listFiles();
- for (int i = 0; i < jarfiles.length; i++) {
- File jarfile = jarfiles[i];
- if (jarfile.getName().endsWith(".jar")) {
- urls.add(jarfile.toURL());
- }
- }
- } else {
+ if (!addFiles(urls, libfiles)) {
// upper case directory name
libfiles = new File(file, "Lib");
- if (libfiles.exists()) {
- urls.add(libfiles.toURL());
- File jarfiles[] = libfiles.listFiles();
- for (int i = 0; i < jarfiles.length; i++) {
- File jarfile = jarfiles[i];
- if (jarfile.getName().endsWith(".jar")) {
- urls.add(jarfile.toURL());
- }
- }
- }
+ addFiles(urls, libfiles);
}
final URL urllist[] = new URL[urls.size()];
@@ -311,7 +376,34 @@
}
}
- private static Class getHandlerClass(String className, ClassLoader loader1)
+ private static boolean addFiles(ArrayList urls, final File libfiles) throws MalformedURLException {
+ Boolean exists = (Boolean) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return new Boolean(libfiles.exists());
+ }
+ }
+ );
+ if (exists.booleanValue()) {
+ urls.add(libfiles.toURL());
+ File jarfiles[] = (File[]) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return libfiles.listFiles();
+ }
+ }
+ );
+ for (int i = 0; i < jarfiles.length; i++) {
+ File jarfile = jarfiles[i];
+ if (jarfile.getName().endsWith(".jar")) {
+ urls.add(jarfile.toURL());
+ }
+ }
+ }
+ return exists.booleanValue();
+ }
+
+ private static Class getHandlerClass(String className, ClassLoader loader1)
throws AxisFault {
Class handlerClass;
@@ -340,7 +432,7 @@
* @throws Exception
* if a problem occurs
*/
- public static void fillAxisService(AxisService axisService,
+ public static void fillAxisService(final AxisService axisService,
AxisConfiguration axisConfig, ArrayList excludeOperations,
ArrayList nonRpcMethods) throws Exception {
String serviceClass;
@@ -358,24 +450,35 @@
.getParameter(Constants.SERVICE_OBJECT_SUPPLIER);
if (implInfoParam != null) {
String className = ((String) implInfoParam.getValue()).trim();
- Class serviceObjectMaker = Loader.loadClass(serviceClassLoader,
+ final Class serviceObjectMaker = Loader.loadClass(serviceClassLoader,
className);
if (serviceObjectMaker.getModifiers() != Modifier.PUBLIC) {
throw new AxisFault("Service class " + className
+ " must have public as access Modifier");
}
- // Find static getServiceObject() method, call it if there
- Method method = serviceObjectMaker.getMethod(
- "getServiceObject", new Class[] { AxisService.class });
- Object obj = null;
+ // Find static getServiceObject() method, call it if there
+ final Method method = (Method) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws NoSuchMethodException {
+ return serviceObjectMaker.getMethod(
+ "getServiceObject", new Class[]{AxisService.class});
+ }
+ }
+ );
+ Object obj = null;
if (method != null) {
- obj = method.invoke(serviceObjectMaker.newInstance(),
- new Object[] { axisService });
- }
+ obj = org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws InstantiationException, IllegalAccessException, InvocationTargetException {
+ return method.invoke(serviceObjectMaker.newInstance(),
+ new Object[]{axisService});
+ }
+ }
+ );
+ }
if (obj == null) {
- log
- .warn("ServiceObjectSupplier implmentation Object could not be found");
+ log.warn("ServiceObjectSupplier implmentation Object could not be found");
throw new DeploymentException(
"ServiceClass or ServiceObjectSupplier implmentation Object could not be found");
}
@@ -524,15 +627,27 @@
AxisConfiguration axisConfig = configCtx.getAxisConfiguration();
ArchiveReader archiveReader = new ArchiveReader();
PhasesInfo phasesInfo = axisConfig.getPhasesInfo();
- ClassLoader moduleClassLoader = module.getModuleClassLoader();
+ final ClassLoader moduleClassLoader = module.getModuleClassLoader();
ArrayList services = new ArrayList();
- InputStream in = moduleClassLoader
- .getResourceAsStream("aars/aars.list");
+ final InputStream in = (InputStream) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return moduleClassLoader.getResourceAsStream("aars/aars.list");
+ }
+ }
+ );
if (in != null) {
BufferedReader input;
try {
- input = new BufferedReader(new InputStreamReader(in));
- String line;
+ input = new BufferedReader((InputStreamReader) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return new InputStreamReader(in);
+ }
+ }
+ )
+ );
+ String line;
while ((line = input.readLine()) != null) {
line = line.trim();
if (line.length() > 0 && line.charAt(0) != '#') {
@@ -546,13 +661,19 @@
}
if (services.size() > 0) {
for (int i = 0; i < services.size(); i++) {
- String servicename = (String) services.get(i);
+ final String servicename = (String) services.get(i);
if (servicename == null || "".equals(servicename)) {
continue;
}
- InputStream fin = moduleClassLoader
- .getResourceAsStream("aars/" + servicename);
- if (fin == null) {
+ InputStream fin = (InputStream) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return moduleClassLoader
+ .getResourceAsStream("aars/" + servicename);
+ }
+ }
+ );
+ if (fin == null) {
throw new AxisFault("No service archive found : "
+ servicename);
}
@@ -742,8 +863,15 @@
}
public static DeploymentClassLoader createClassLoader(File serviceFile) throws MalformedURLException {
+ ClassLoader contextClassLoader = (ClassLoader) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
return createDeploymentClassLoader(new URL[]{serviceFile.toURL()},
- Thread.currentThread().getContextClassLoader(),
+ contextClassLoader,
new ArrayList());
}
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/receivers/AbstractMessageReceiver.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/receivers/AbstractMessageReceiver.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/receivers/AbstractMessageReceiver.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/receivers/AbstractMessageReceiver.java Mon Mar 24 21:39:33 2008
@@ -46,9 +46,11 @@
import org.apache.commons.logging.LogFactory;
import java.lang.reflect.Method;
+import java.lang.reflect.InvocationTargetException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
public abstract class AbstractMessageReceiver implements MessageReceiver {
protected static final Log log = LogFactory.getLog(AbstractMessageReceiver.class);
@@ -123,7 +125,7 @@
protected ThreadContextDescriptor setThreadContext(final MessageContext msgContext) {
ThreadContextDescriptor tc = new ThreadContextDescriptor();
tc.oldMessageContext = (MessageContext) MessageContext.currentMessageContext.get();
- final ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
+ final ClassLoader contextClassLoader = getContextClassLoader_doPriv();
tc.oldClassLoader = contextClassLoader;
AxisService service = msgContext.getAxisService();
@@ -132,19 +134,34 @@
serviceTCCL = serviceTCCL.trim().toLowerCase();
if (serviceTCCL.equals(Constants.TCCL_COMPOSITE)) {
- Thread.currentThread().setContextClassLoader(
- (ClassLoader) AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new MultiParentClassLoader(new URL[] {},
- new ClassLoader[] {
- msgContext.getAxisService().getClassLoader(),
- contextClassLoader
- });
- }
- }));
+ final ClassLoader loader = (ClassLoader) AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new MultiParentClassLoader(new URL[]{},
+ new ClassLoader[]{
+ msgContext.getAxisService().getClassLoader(),
+ contextClassLoader
+ });
+ }
+ });
+ org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ Thread.currentThread().setContextClassLoader(
+ loader);
+ return null;
+ }
+ }
+ );
} else if (serviceTCCL.equals(Constants.TCCL_SERVICE)) {
- Thread.currentThread().setContextClassLoader(
- msgContext.getAxisService().getClassLoader()
+ org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ Thread.currentThread().setContextClassLoader(
+ msgContext.getAxisService().getClassLoader()
+ );
+ return null;
+ }
+ }
);
}
}
@@ -152,8 +169,25 @@
return tc;
}
- protected void restoreThreadContext(ThreadContextDescriptor tc) {
- Thread.currentThread().setContextClassLoader(tc.oldClassLoader);
+ private ClassLoader getContextClassLoader_doPriv() {
+ return (ClassLoader) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
+ }
+
+ protected void restoreThreadContext(final ThreadContextDescriptor tc) {
+ org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ Thread.currentThread().setContextClassLoader(tc.oldClassLoader);
+ return null;
+ }
+ }
+ );
MessageContext.currentMessageContext.set(tc.oldMessageContext);
}
@@ -167,31 +201,48 @@
*/
protected Object makeNewServiceObject(MessageContext msgContext) throws AxisFault {
try {
- AxisService service = msgContext.getAxisService();
+ final AxisService service = msgContext.getAxisService();
ClassLoader classLoader = service.getClassLoader();
// allow alternative definition of makeNewServiceObject
if (service.getParameter(Constants.SERVICE_OBJECT_SUPPLIER) != null) {
Parameter serviceObjectParam =
service.getParameter(Constants.SERVICE_OBJECT_SUPPLIER);
- Class serviceObjectMaker = Loader.loadClass(classLoader, ((String)
+ final Class serviceObjectMaker = Loader.loadClass(classLoader, ((String)
serviceObjectParam.getValue()).trim());
// Find static getServiceObject() method, call it if there
- Method method = serviceObjectMaker.getMethod("getServiceObject",
- new Class[]{AxisService.class});
+ final Method method = (Method) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws NoSuchMethodException {
+ return serviceObjectMaker.getMethod("getServiceObject",
+ new Class[]{AxisService.class});
+ }
+ }
+ );
if (method != null) {
- return method.invoke(serviceObjectMaker.newInstance(), new Object[]{service});
+ return org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws InvocationTargetException, IllegalAccessException, InstantiationException {
+ return method.invoke(serviceObjectMaker.newInstance(), new Object[]{service});
+ }
+ }
+ );
}
}
Parameter implInfoParam = service.getParameter(Constants.SERVICE_CLASS);
if (implInfoParam != null) {
- Class implClass = Loader.loadClass(
+ final Class implClass = Loader.loadClass(
classLoader,
((String) implInfoParam.getValue()).trim());
-
- return implClass.newInstance();
+ return org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws InstantiationException, IllegalAccessException {
+ return implClass.newInstance();
+ }
+ }
+ );
} else {
throw new AxisFault(
Messages.getMessage("paramIsNotSpecified", "SERVICE_OBJECT_SUPPLIER"));
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/transport/jms/JMSSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/transport/jms/JMSSender.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/transport/jms/JMSSender.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/transport/jms/JMSSender.java Mon Mar 24 21:39:33 2008
@@ -23,6 +23,7 @@
import org.apache.axiom.om.OMOutputFormat;
import org.apache.axis2.AxisFault;
import org.apache.axis2.Constants;
+import org.apache.axis2.java.security.AccessController;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.TransportOutDescription;
@@ -54,6 +55,9 @@
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
/**
* The TransportSender for JMS
@@ -157,9 +161,20 @@
String replyToJNDIName = (String) msgContext.getProperty(JMSConstants.REPLY_PARAM);
if (replyToJNDIName != null && replyToJNDIName.length() > 0) {
Context context = null;
- Hashtable props = JMSUtils.getProperties(targetAddress);
+ final Hashtable props = JMSUtils.getProperties(targetAddress);
try {
- context = new InitialContext(props);
+ try {
+ context = (Context) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws NamingException{
+ return new InitialContext(props);
+ }
+ }
+ )
+ ;
+ } catch (PrivilegedActionException e) {
+ throw (NamingException) e.getException();
+ }
} catch (NamingException e) {
handleException("Could not get the initial context", e);
}
Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/util/Utils.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/util/Utils.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/util/Utils.java (original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/util/Utils.java Mon Mar 24 21:39:33 2008
@@ -101,7 +101,7 @@
QName opName)
throws AxisFault {
AxisService service = new AxisService(serviceName.getLocalPart());
- service.setClassLoader(Thread.currentThread().getContextClassLoader());
+ service.setClassLoader(getContextClassLoader_DoPriv());
AxisOperation axisOp = new InOnlyAxisOperation(opName);
@@ -114,6 +114,16 @@
return service;
}
+ private static ClassLoader getContextClassLoader_DoPriv() {
+ return (ClassLoader) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
+ }
+
public static AxisService createSimpleService(QName serviceName,
MessageReceiver messageReceiver, String className,
@@ -121,7 +131,7 @@
throws AxisFault {
AxisService service = new AxisService(serviceName.getLocalPart());
- service.setClassLoader(Thread.currentThread().getContextClassLoader());
+ service.setClassLoader(getContextClassLoader_DoPriv());
service.addParameter(new Parameter(Constants.SERVICE_CLASS, className));
AxisOperation axisOp = new InOutAxisOperation(opName);
@@ -142,7 +152,7 @@
throws AxisFault {
AxisService service = new AxisService(serviceName.getLocalPart());
- service.setClassLoader(Thread.currentThread().getContextClassLoader());
+ service.setClassLoader(getContextClassLoader_DoPriv());
service.addParameter(new Parameter(Constants.SERVICE_CLASS, className));
AxisOperation axisOp = new OutInAxisOperation(opName);
@@ -230,18 +240,37 @@
public static ConfigurationContext getNewConfigurationContext(String repositry)
throws Exception {
- File file = new File(repositry);
- if (!file.exists()) {
+ final File file = new File(repositry);
+ boolean exists = exists(file);
+ if (!exists) {
throw new Exception("repository directory " + file.getAbsolutePath()
+ " does not exists");
}
File axis2xml = new File(file, "axis.xml");
String axis2xmlString = null;
- if (axis2xml.exists()) {
+ if (exists(axis2xml)) {
axis2xmlString = axis2xml.getName();
}
+ String path = (String) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return file.getAbsolutePath();
+ }
+ }
+ );
return ConfigurationContextFactory
- .createConfigurationContextFromFileSystem(file.getAbsolutePath(), axis2xmlString);
+ .createConfigurationContextFromFileSystem(path, axis2xmlString);
+ }
+
+ private static boolean exists(final File file) {
+ Boolean exists = (Boolean) org.apache.axis2.java.security.AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return new Boolean(file.exists());
+ }
+ }
+ );
+ return exists.booleanValue();
}
public static String getParameterValue(Parameter param) {
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/converter/JavaClassToDBCConverter.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/converter/JavaClassToDBCConverter.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/converter/JavaClassToDBCConverter.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/builder/converter/JavaClassToDBCConverter.java Mon Mar 24 21:39:33 2008
@@ -29,6 +29,7 @@
import org.apache.axis2.jaxws.description.builder.WebServiceProviderAnnot;
import org.apache.axis2.jaxws.description.builder.WebServiceRefAnnot;
import org.apache.axis2.jaxws.util.ClassLoaderUtils;
+import org.apache.axis2.java.security.AccessController;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -45,10 +46,15 @@
import java.lang.reflect.Method;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
+import java.lang.reflect.Field;
+import java.lang.reflect.Constructor;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
public class JavaClassToDBCConverter {
private static final Log log = LogFactory.getLog(JavaClassToDBCConverter.class);
@@ -91,8 +97,26 @@
buildDBC(dbcMap, classes.get(i));
if (seiClassName != null && !seiClassName.equals("")) {
try {
+ final ClassLoader contextClassLoader = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ }
+ );
Class seiClass =
- Thread.currentThread().getContextClassLoader().loadClass(seiClassName);
+ null;
+ try {
+ seiClass = (Class) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws ClassNotFoundException {
+ return contextClassLoader.loadClass(seiClassName);
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ throw (ClassNotFoundException) e.getException();
+ }
buildDBC(dbcMap, seiClass);
// Also try to see if the SEI has any super interfaces
@@ -133,17 +157,38 @@
composite.setClassName(serviceClass.getName());
setInterfaces(composite);
setTypeTargettedAnnotations(composite);
- if (serviceClass.getFields().length > 0) {
+ Field[] fields = (Field[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return serviceClass.getFields();
+ }
+ }
+ );
+ if (fields.length > 0) {
JavaFieldsToFDCConverter fieldConverter = new JavaFieldsToFDCConverter(
- serviceClass.getFields());
+ fields);
List<FieldDescriptionComposite> fdcList = fieldConverter.convertFields();
ConverterUtils.attachFieldDescriptionComposites(composite, fdcList);
}
if (serviceClass.getMethods().length > 0) {
// Inherited methods and constructors for superclasses will be in a seperate DBC for
// the superclass. We only need the ones actually declared in this class.
+ Method[] methods = (Method[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return serviceClass.getDeclaredMethods();
+ }
+ }
+ );
+ Constructor[] declaredConstructors = (Constructor[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return serviceClass.getDeclaredConstructors();
+ }
+ }
+ );
JavaMethodsToMDCConverter methodConverter = new JavaMethodsToMDCConverter(
- serviceClass.getDeclaredMethods(), serviceClass.getDeclaredConstructors(),
+ methods, declaredConstructors,
serviceClass.getName());
List<MethodDescriptionComposite> mdcList = methodConverter.convertMethods();
ConverterUtils.attachMethodDescriptionComposites(composite, mdcList);
@@ -157,7 +202,13 @@
* @param composite <code>DescriptionBuilderComposite</code>
*/
private void setInterfaces(DescriptionBuilderComposite composite) {
- Type[] interfaces = serviceClass.getGenericInterfaces();
+ Type[] interfaces = (Type[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return serviceClass.getGenericInterfaces();
+ }
+ }
+ );
List<String> interfaceList = interfaces.length > 0 ? new ArrayList<String>()
: null;
for (int i = 0; i < interfaces.length; i++) {
@@ -406,8 +457,14 @@
* to the list of classes for which a DBC needs to be built.
* @param rootClass
*/
- private void establishExceptionClasses(Class rootClass) {
- Method[] methods = rootClass.getMethods();
+ private void establishExceptionClasses(final Class rootClass) {
+ Method[] methods = (Method[]) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return rootClass.getMethods();
+ }
+ }
+ );
for (Method method : methods) {
Class[] exceptionClasses = method.getExceptionTypes();
if (exceptionClasses.length > 0) {
Modified: webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java?rev=640697&r1=640696&r2=640697&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java (original)
+++ webservices/axis2/trunk/java/modules/metadata/src/org/apache/axis2/jaxws/description/impl/EndpointDescriptionImpl.java Mon Mar 24 21:39:33 2008
@@ -218,7 +218,14 @@
composite = new DescriptionBuilderComposite();
composite.setSparseComposite(sparseCompositeKey, sparseComposite);
composite.setCorrespondingClass(theClass);
- composite.setClassLoader(this.getClass().getClassLoader());
+ ClassLoader loader = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return this.getClass().getClassLoader();
+ }
+ }
+ );
+ composite.setClassLoader(loader);
composite.setIsServiceProvider(false);
webServiceAnnotation = composite.getWebServiceAnnot();
@@ -544,7 +551,14 @@
composite.setIsServiceProvider(true);
this.portQName = portName;
composite.setCorrespondingClass(theClass);
- composite.setClassLoader(this.getClass().getClassLoader());
+ ClassLoader loader = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return this.getClass().getClassLoader();
+ }
+ }
+ );
+ composite.setClassLoader(loader);
this.axisService = axisService;
addToAxisService();
@@ -1398,8 +1412,14 @@
// REVIEW: This is using the classloader for EndpointDescriptionImpl; is that OK?
ClassLoader classLoader = (composite.isServiceProvider() && !composite.isDeprecatedServiceProviderConstruction()) ?
- composite.getClassLoader() :
- this.getClass().getClassLoader();
+ composite.getClassLoader() :
+ (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return this.getClass().getClassLoader();
+ }
+ }
+ );
InputStream is = DescriptionUtils.openHandlerConfigStream(
handlerFileName,
@@ -1409,8 +1429,15 @@
if(is == null) {
log.warn("Unable to load handlers from file: " + handlerFileName);
} else {
+ ClassLoader classLoader1 = (ClassLoader) AccessController.doPrivileged(
+ new PrivilegedAction() {
+ public Object run() {
+ return this.getClass().getClassLoader();
+ }
+ }
+ );
handlerChainsType =
- DescriptionUtils.loadHandlerChains(is, this.getClass().getClassLoader());
+ DescriptionUtils.loadHandlerChains(is, classLoader1);
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org