You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2017/03/24 17:45:04 UTC
[1/4] cxf git commit: [CXF-6161] Make sure wsdl import uses valid
file name This closes #43
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes b7e9d2e0d -> d69a34be8
[CXF-6161] Make sure wsdl import uses valid file name
This closes #43
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/61de9b89
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/61de9b89
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/61de9b89
Branch: refs/heads/3.1.x-fixes
Commit: 61de9b89f504d6053bdf84a10ffabc2047657d11
Parents: b7e9d2e
Author: Daniel Kulp <dk...@apache.org>
Authored: Fri Mar 24 11:05:04 2017 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Fri Mar 24 13:43:07 2017 -0400
----------------------------------------------------------------------
core/src/main/java/org/apache/cxf/helpers/FileUtils.java | 4 ++--
.../org/apache/cxf/tools/wsdlto/WSDLToJavaContainer.java | 8 +++++---
2 files changed, 7 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/61de9b89/core/src/main/java/org/apache/cxf/helpers/FileUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/helpers/FileUtils.java b/core/src/main/java/org/apache/cxf/helpers/FileUtils.java
index cdab0ab..2cf1291 100644
--- a/core/src/main/java/org/apache/cxf/helpers/FileUtils.java
+++ b/core/src/main/java/org/apache/cxf/helpers/FileUtils.java
@@ -47,8 +47,8 @@ public final class FileUtils {
private FileUtils() {
}
-
- public boolean isValidFileName(String name) {
+
+ public static boolean isValidFileName(String name) {
for (int i = name.length(); i > 0; i--) {
char c = name.charAt(i - 1);
for (char c2 : ILLEGAL_CHARACTERS) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/61de9b89/tools/wsdlto/core/src/main/java/org/apache/cxf/tools/wsdlto/WSDLToJavaContainer.java
----------------------------------------------------------------------
diff --git a/tools/wsdlto/core/src/main/java/org/apache/cxf/tools/wsdlto/WSDLToJavaContainer.java b/tools/wsdlto/core/src/main/java/org/apache/cxf/tools/wsdlto/WSDLToJavaContainer.java
index 01f073b..8f608aa 100644
--- a/tools/wsdlto/core/src/main/java/org/apache/cxf/tools/wsdlto/WSDLToJavaContainer.java
+++ b/tools/wsdlto/core/src/main/java/org/apache/cxf/tools/wsdlto/WSDLToJavaContainer.java
@@ -790,7 +790,8 @@ public class WSDLToJavaContainer extends AbstractCXFToolContainer {
}
//get imported wsdls
- List<Definition> defs = (List<Definition>)context.get(ToolConstants.IMPORTED_DEFINITION);
+ int wsdlImportCount = 0;
+ List<Definition> defs = (List<Definition>)context.get(ToolConstants.IMPORTED_DEFINITION);
Map<String, String> importWSDLMap = new HashMap<String, String>();
for (Definition importDef : defs) {
File importedWsdlFile = null;
@@ -799,10 +800,11 @@ public class WSDLToJavaContainer extends AbstractCXFToolContainer {
} else {
importedWsdlFile = new File(importDef.getQName().getLocalPart() + ".wsdl");
}
+ if (!FileUtils.isValidFileName(importedWsdlFile.getName())) {
+ importedWsdlFile = new File("import" + (++wsdlImportCount) + ".wsdl");
+ }
importWSDLMap.put(importDef.getTargetNamespace(), importedWsdlFile.getName());
}
-
-
OutputStreamCreator outputStreamCreator = null;
if (context.get(OutputStreamCreator.class) != null) {
outputStreamCreator = context.get(OutputStreamCreator.class);
[3/4] cxf git commit: CXF-7292 additional privileged blocks required
when Security Manager is enabled This closes #248
Posted by dk...@apache.org.
CXF-7292 additional privileged blocks required when Security Manager is enabled
This closes #248
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/45a04b3e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/45a04b3e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/45a04b3e
Branch: refs/heads/3.1.x-fixes
Commit: 45a04b3ec3281ea04a06e0dfc88502d2f182f4b6
Parents: 1eac82a
Author: Ivo Studensky <is...@redhat.com>
Authored: Thu Feb 18 14:00:29 2016 +0100
Committer: Daniel Kulp <dk...@apache.org>
Committed: Fri Mar 24 13:43:12 2017 -0400
----------------------------------------------------------------------
.../apache/cxf/catalog/OASISCatalogManager.java | 38 +++++++++++++++--
.../common/classloader/ClassLoaderUtils.java | 41 +++++++++++++++---
.../org/apache/cxf/common/i18n/BundleUtils.java | 35 +++++++++++++--
.../cxf/common/injection/ResourceInjector.java | 2 +-
.../org/apache/cxf/common/jaxb/JAXBUtils.java | 19 +++++++--
.../org/apache/cxf/common/logging/LogUtils.java | 45 ++++++++++++++++----
.../org/apache/cxf/common/util/ProxyHelper.java | 31 ++++++++++++--
.../java/org/apache/cxf/helpers/DOMUtils.java | 32 ++++++++++++--
.../java/org/apache/cxf/helpers/XPathUtils.java | 18 +++++++-
.../org/apache/cxf/resource/URIResolver.java | 14 ++++--
.../cxf/binding/soap/SOAPBindingUtil.java | 39 ++++++++++++++---
.../handler/AnnotationHandlerChainBuilder.java | 16 ++++++-
.../cxf/frontend/ClientProxyFactoryBean.java | 17 +++++++-
.../cxf/transport/http/CXFAuthenticator.java | 8 ++--
.../http/URLConnectionHTTPConduit.java | 19 ++++++++-
15 files changed, 322 insertions(+), 52 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/catalog/OASISCatalogManager.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/catalog/OASISCatalogManager.java b/core/src/main/java/org/apache/cxf/catalog/OASISCatalogManager.java
index 2aa061e..5a6911f 100644
--- a/core/src/main/java/org/apache/cxf/catalog/OASISCatalogManager.java
+++ b/core/src/main/java/org/apache/cxf/catalog/OASISCatalogManager.java
@@ -24,6 +24,10 @@ import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.Enumeration;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArraySet;
@@ -133,7 +137,7 @@ public class OASISCatalogManager {
}
public final void loadContextCatalogs(String name) {
try {
- loadCatalogs(Thread.currentThread().getContextClassLoader(), name);
+ loadCatalogs(getContextClassLoader(), name);
} catch (IOException e) {
LOG.log(Level.WARNING, "Error loading " + name + " catalog files", e);
}
@@ -146,12 +150,27 @@ public class OASISCatalogManager {
Enumeration<URL> catalogs = classLoader.getResources(name);
while (catalogs.hasMoreElements()) {
- URL catalogURL = catalogs.nextElement();
+ final URL catalogURL = catalogs.nextElement();
if (catalog == null) {
LOG.log(Level.WARNING, "Catalog found at {0} but no org.apache.xml.resolver.CatalogManager was found."
+ " Check the classpatch for an xmlresolver jar.", catalogURL.toString());
} else if (!loadedCatalogs.contains(catalogURL.toString())) {
- ((Catalog)catalog).parseCatalog(catalogURL);
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ ((Catalog)catalog).parseCatalog(catalogURL);
+ } else {
+ try {
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
+ @Override
+ public Void run() throws Exception {
+ ((Catalog)catalog).parseCatalog(catalogURL);
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (IOException) e.getException();
+ }
+ }
loadedCatalogs.add(catalogURL.toString());
}
}
@@ -230,4 +249,17 @@ public class OASISCatalogManager {
return resolver;
}
+ private static ClassLoader getContextClassLoader() {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ @Override
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ return Thread.currentThread().getContextClassLoader();
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/common/classloader/ClassLoaderUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/classloader/ClassLoaderUtils.java b/core/src/main/java/org/apache/cxf/common/classloader/ClassLoaderUtils.java
index cbd3f43..cc73cf8 100644
--- a/core/src/main/java/org/apache/cxf/common/classloader/ClassLoaderUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/classloader/ClassLoaderUtils.java
@@ -250,7 +250,7 @@ public final class ClassLoaderUtils {
public static Class<?> loadClass(String className, Class<?> callingClass)
throws ClassNotFoundException {
try {
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ ClassLoader cl = getContextClassLoader();
if (cl != null) {
return cl.loadClass(className);
@@ -263,7 +263,7 @@ public final class ClassLoaderUtils {
public static <T> Class<? extends T> loadClass(String className, Class<?> callingClass, Class<T> type)
throws ClassNotFoundException {
try {
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ ClassLoader cl = getContextClassLoader();
if (cl != null) {
return cl.loadClass(className).asSubclass(type);
@@ -279,15 +279,44 @@ public final class ClassLoaderUtils {
return Class.forName(className);
} catch (ClassNotFoundException ex) {
try {
- if (ClassLoaderUtils.class.getClassLoader() != null) {
- return ClassLoaderUtils.class.getClassLoader().loadClass(className);
+ final ClassLoader loader = getClassLoader(ClassLoaderUtils.class);
+ if (loader != null) {
+ return loader.loadClass(className);
}
} catch (ClassNotFoundException exc) {
- if (callingClass != null && callingClass.getClassLoader() != null) {
- return callingClass.getClassLoader().loadClass(className);
+ if (callingClass != null) {
+ final ClassLoader callingClassLoader = getClassLoader(callingClass);
+ if (callingClassLoader != null) {
+ return callingClassLoader.loadClass(className);
+ }
}
}
throw ex;
}
}
+
+ private static ClassLoader getContextClassLoader() {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ return Thread.currentThread().getContextClassLoader();
+ }
+
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/common/i18n/BundleUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/i18n/BundleUtils.java b/core/src/main/java/org/apache/cxf/common/i18n/BundleUtils.java
index 5fdd3b4..9945c97 100644
--- a/core/src/main/java/org/apache/cxf/common/i18n/BundleUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/i18n/BundleUtils.java
@@ -19,6 +19,8 @@
package org.apache.cxf.common.i18n;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.MissingResourceException;
@@ -77,7 +79,7 @@ public final class BundleUtils {
public static ResourceBundle getBundle(Class<?> cls) {
try {
- ClassLoader loader = cls.getClassLoader();
+ ClassLoader loader = getClassLoader(cls);
if (loader == null) {
return ResourceBundle.getBundle(getBundleName(cls), Locale.getDefault());
}
@@ -85,7 +87,7 @@ public final class BundleUtils {
Locale.getDefault(),
loader);
} catch (MissingResourceException ex) {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ ClassLoader loader = getContextClassLoader();
if (loader == null) {
return ResourceBundle.getBundle(getBundleName(cls), Locale.getDefault());
}
@@ -106,7 +108,7 @@ public final class BundleUtils {
*/
public static ResourceBundle getBundle(Class<?> cls, String name) {
try {
- ClassLoader loader = cls.getClassLoader();
+ ClassLoader loader = getClassLoader(cls);
if (loader == null) {
return ResourceBundle.getBundle(getBundleName(cls, name), Locale.getDefault());
}
@@ -114,7 +116,7 @@ public final class BundleUtils {
Locale.getDefault(),
loader);
} catch (MissingResourceException ex) {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ ClassLoader loader = getContextClassLoader();
if (loader == null) {
return ResourceBundle.getBundle(getBundleName(cls, name), Locale.getDefault());
}
@@ -136,4 +138,29 @@ public final class BundleUtils {
public static String getFormattedString(ResourceBundle b, String key, Object ... params) {
return MessageFormat.format(b.getString(key), params);
}
+
+ private static ClassLoader getContextClassLoader() {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ return Thread.currentThread().getContextClassLoader();
+ }
+
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/common/injection/ResourceInjector.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/injection/ResourceInjector.java b/core/src/main/java/org/apache/cxf/common/injection/ResourceInjector.java
index 2e6eb3b..56734ef 100644
--- a/core/src/main/java/org/apache/cxf/common/injection/ResourceInjector.java
+++ b/core/src/main/java/org/apache/cxf/common/injection/ResourceInjector.java
@@ -79,7 +79,7 @@ public class ResourceInjector extends AbstractAnnotationVisitor {
return null;
}
try {
- return cls.getDeclaredField(name);
+ return ReflectionUtil.getDeclaredField(cls, name);
} catch (Exception ex) {
return getField(cls.getSuperclass(), name);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/common/jaxb/JAXBUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/jaxb/JAXBUtils.java b/core/src/main/java/org/apache/cxf/common/jaxb/JAXBUtils.java
index be86175..46d0db0 100644
--- a/core/src/main/java/org/apache/cxf/common/jaxb/JAXBUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/jaxb/JAXBUtils.java
@@ -38,6 +38,8 @@ import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLClassLoader;
import java.nio.charset.StandardCharsets;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -875,7 +877,7 @@ public final class JAXBUtils {
Package pkg = jcls.getPackage();
packages.put(pkgName, jcls.getResourceAsStream("jaxb.index"));
- packageLoaders.put(pkgName, jcls.getClassLoader());
+ packageLoaders.put(pkgName, getClassLoader(jcls));
String objectFactoryClassName = pkgName + "." + "ObjectFactory";
Class<?> ofactory = null;
CachedClass cachedFactory = null;
@@ -889,8 +891,7 @@ public final class JAXBUtils {
}
if (ofactory == null) {
try {
- ofactory = Class.forName(objectFactoryClassName, false, jcls
- .getClassLoader());
+ ofactory = Class.forName(objectFactoryClassName, false, getClassLoader(jcls));
objectFactories.add(ofactory);
addToObjectFactoryCache(pkg, ofactory, objectFactoryCache);
} catch (ClassNotFoundException e) {
@@ -945,6 +946,18 @@ public final class JAXBUtils {
classes.addAll(objectFactories);
}
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ @Override
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
private static void addToObjectFactoryCache(Package objectFactoryPkg,
Class<?> ofactory,
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/common/logging/LogUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/logging/LogUtils.java b/core/src/main/java/org/apache/cxf/common/logging/LogUtils.java
index 83faf0f..54e05ad 100644
--- a/core/src/main/java/org/apache/cxf/common/logging/LogUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/logging/LogUtils.java
@@ -229,8 +229,8 @@ public final class LogUtils {
protected static Logger createLogger(Class<?> cls,
String name,
String loggerName) {
- ClassLoader orig = Thread.currentThread().getContextClassLoader();
- ClassLoader n = cls.getClassLoader();
+ ClassLoader orig = getContextClassLoader();
+ ClassLoader n = getClassLoader(cls);
if (n != null) {
setContextClassLoader(n);
}
@@ -307,12 +307,41 @@ public final class LogUtils {
}
private static void setContextClassLoader(final ClassLoader classLoader) {
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- Thread.currentThread().setContextClassLoader(classLoader);
- return null;
- }
- });
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ AccessController.doPrivileged(new PrivilegedAction<Object>() {
+ public Object run() {
+ Thread.currentThread().setContextClassLoader(classLoader);
+ return null;
+ }
+ });
+ } else {
+ Thread.currentThread().setContextClassLoader(classLoader);
+ }
+ }
+
+ private static ClassLoader getContextClassLoader() {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ return Thread.currentThread().getContextClassLoader();
+ }
+
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
}
/**
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/common/util/ProxyHelper.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/util/ProxyHelper.java b/core/src/main/java/org/apache/cxf/common/util/ProxyHelper.java
index 413098c..3b69faa 100644
--- a/core/src/main/java/org/apache/cxf/common/util/ProxyHelper.java
+++ b/core/src/main/java/org/apache/cxf/common/util/ProxyHelper.java
@@ -22,6 +22,8 @@ package org.apache.cxf.common.util;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
/**
*
@@ -55,17 +57,40 @@ public class ProxyHelper {
* @param interfaces
* @return classloader that sees all interfaces
*/
- private ClassLoader getClassLoaderForInterfaces(ClassLoader loader, Class<?>[] interfaces) {
+ private ClassLoader getClassLoaderForInterfaces(final ClassLoader loader, final Class<?>[] interfaces) {
if (canSeeAllInterfaces(loader, interfaces)) {
return loader;
}
- ProxyClassLoader combined = new ProxyClassLoader(loader, interfaces);
+ ProxyClassLoader combined;
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ combined = new ProxyClassLoader(loader, interfaces);
+ } else {
+ combined = AccessController.doPrivileged(new PrivilegedAction<ProxyClassLoader>() {
+ @Override
+ public ProxyClassLoader run() {
+ return new ProxyClassLoader(loader, interfaces);
+ }
+ });
+ }
for (Class<?> currentInterface : interfaces) {
- combined.addLoader(currentInterface.getClassLoader());
+ combined.addLoader(getClassLoader(currentInterface));
}
return combined;
}
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
private boolean canSeeAllInterfaces(ClassLoader loader, Class<?>[] interfaces) {
for (Class<?> currentInterface : interfaces) {
String ifName = currentInterface.getName();
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/helpers/DOMUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/helpers/DOMUtils.java b/core/src/main/java/org/apache/cxf/helpers/DOMUtils.java
index 66c70a2..43a4d69 100644
--- a/core/src/main/java/org/apache/cxf/helpers/DOMUtils.java
+++ b/core/src/main/java/org/apache/cxf/helpers/DOMUtils.java
@@ -21,6 +21,8 @@ package org.apache.cxf.helpers;
import java.io.IOException;
import java.io.StringReader;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashSet;
@@ -62,9 +64,9 @@ public final class DOMUtils {
}
private static DocumentBuilder getDocumentBuilder() throws ParserConfigurationException {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ ClassLoader loader = getContextClassLoader();
if (loader == null) {
- loader = DOMUtils.class.getClassLoader();
+ loader = getClassLoader(DOMUtils.class);
}
if (loader == null) {
return DocumentBuilderFactory.newInstance().newDocumentBuilder();
@@ -78,7 +80,31 @@ public final class DOMUtils {
}
return factory;
}
-
+
+ private static ClassLoader getContextClassLoader() {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ return Thread.currentThread().getContextClassLoader();
+ }
+
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
/**
* Creates a new Document object
* @throws ParserConfigurationException
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/helpers/XPathUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/helpers/XPathUtils.java b/core/src/main/java/org/apache/cxf/helpers/XPathUtils.java
index cb67d4a..ec3e06c 100644
--- a/core/src/main/java/org/apache/cxf/helpers/XPathUtils.java
+++ b/core/src/main/java/org/apache/cxf/helpers/XPathUtils.java
@@ -19,6 +19,8 @@
package org.apache.cxf.helpers;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.Map;
import javax.xml.namespace.NamespaceContext;
@@ -58,8 +60,8 @@ public class XPathUtils {
}
public Object getValue(String xpathExpression, Node node, QName type) {
- ClassLoaderHolder loader
- = ClassLoaderUtils.setThreadContextClassloader(xpath.getClass().getClassLoader());
+ ClassLoaderHolder loader
+ = ClassLoaderUtils.setThreadContextClassloader(getClassLoader(xpath.getClass()));
try {
return xpath.evaluate(xpathExpression, node, type);
} catch (Exception e) {
@@ -84,4 +86,16 @@ public class XPathUtils {
return getValue(xpathExpression, node, type) != null;
}
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/core/src/main/java/org/apache/cxf/resource/URIResolver.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/resource/URIResolver.java b/core/src/main/java/org/apache/cxf/resource/URIResolver.java
index ed42fd1..43c7272 100644
--- a/core/src/main/java/org/apache/cxf/resource/URIResolver.java
+++ b/core/src/main/java/org/apache/cxf/resource/URIResolver.java
@@ -30,6 +30,8 @@ import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLDecoder;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
@@ -132,10 +134,14 @@ public class URIResolver {
// It is possible that spaces have been encoded. We should decode them first.
uriStr = uriStr.replaceAll("%20", " ");
- File uriFile = new File(uriStr);
-
-
- uriFile = new File(uriFile.getAbsolutePath());
+ final File uriFileTemp = new File(uriStr);
+
+ File uriFile = new File(AccessController.doPrivileged(new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return uriFileTemp.getAbsolutePath();
+ }
+ }));
if (!SecurityActions.fileExists(uriFile, CXFPermissions.RESOLVE_URI)) {
try {
URI urif = new URI(URLDecoder.decode(orig, "ASCII"));
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/SOAPBindingUtil.java
----------------------------------------------------------------------
diff --git a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/SOAPBindingUtil.java b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/SOAPBindingUtil.java
index 23327e8..f537574 100644
--- a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/SOAPBindingUtil.java
+++ b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/SOAPBindingUtil.java
@@ -21,6 +21,8 @@ package org.apache.cxf.binding.soap;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Proxy;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
@@ -87,14 +89,15 @@ public final class SOAPBindingUtil {
*/
Object proxy = null;
try {
- proxy = Proxy.newProxyInstance(Thread.currentThread().getContextClassLoader(),
+ proxy = Proxy.newProxyInstance(getContextClassLoader(),
new Class[] {cls}, ih);
} catch (Throwable ex) {
- // Using cls classloader as a fallback to make it work within OSGi
- ClassLoader contextLoader = Thread.currentThread().getContextClassLoader();
- if (contextLoader != cls.getClassLoader()) {
- proxy = Proxy.newProxyInstance(cls.getClassLoader(),
- new Class[] {cls}, ih);
+ // Using cls classloader as a fallback to make it work within OSGi
+ ClassLoader contextLoader = getContextClassLoader();
+ final ClassLoader clsClassLoader = getClassLoader(cls);
+ if (contextLoader != clsClassLoader) {
+ proxy = Proxy.newProxyInstance(clsClassLoader,
+ new Class[] {cls}, ih);
} else {
if (ex instanceof RuntimeException) {
throw (RuntimeException)ex;
@@ -105,6 +108,30 @@ public final class SOAPBindingUtil {
return cls.cast(proxy);
}
+ private static ClassLoader getContextClassLoader() {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ return Thread.currentThread().getContextClassLoader();
+ }
+
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
public static boolean isSOAPBinding(Binding binding) {
for (Object obj : binding.getExtensibilityElements()) {
if (isSOAPBinding(obj)) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/handler/AnnotationHandlerChainBuilder.java
----------------------------------------------------------------------
diff --git a/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/handler/AnnotationHandlerChainBuilder.java b/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/handler/AnnotationHandlerChainBuilder.java
index b72a721..879ffd3 100644
--- a/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/handler/AnnotationHandlerChainBuilder.java
+++ b/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/handler/AnnotationHandlerChainBuilder.java
@@ -20,6 +20,8 @@
package org.apache.cxf.jaxws.handler;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import java.util.ResourceBundle;
@@ -74,7 +76,7 @@ public class AnnotationHandlerChainBuilder extends HandlerChainBuilder {
public List<Handler> buildHandlerChainFromClass(Class<?> clz, List<Handler> existingHandlers,
QName portQName, QName serviceQName, String bindingID) {
LOG.fine("building handler chain");
- classLoader = clz.getClassLoader();
+ classLoader = getClassLoader(clz);
HandlerChainAnnotation hcAnn = findHandlerChainAnnotation(clz, true);
List<Handler> chain = null;
if (hcAnn == null) {
@@ -139,6 +141,18 @@ public class AnnotationHandlerChainBuilder extends HandlerChainBuilder {
return sortHandlers(chain);
}
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
private void processHandlerChainElement(Element el, List<Handler> chain,
QName portQName, QName serviceQName, String bindingID) {
Node node = el.getFirstChild();
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/rt/frontend/simple/src/main/java/org/apache/cxf/frontend/ClientProxyFactoryBean.java
----------------------------------------------------------------------
diff --git a/rt/frontend/simple/src/main/java/org/apache/cxf/frontend/ClientProxyFactoryBean.java b/rt/frontend/simple/src/main/java/org/apache/cxf/frontend/ClientProxyFactoryBean.java
index 7564407..8fde6b0 100644
--- a/rt/frontend/simple/src/main/java/org/apache/cxf/frontend/ClientProxyFactoryBean.java
+++ b/rt/frontend/simple/src/main/java/org/apache/cxf/frontend/ClientProxyFactoryBean.java
@@ -19,6 +19,8 @@
package org.apache.cxf.frontend;
import java.io.Closeable;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
@@ -171,8 +173,7 @@ public class ClientProxyFactoryBean extends AbstractBasicInterceptorProvider {
ClientProxy handler = clientClientProxy(c);
Class<?> classes[] = getImplementingClasses();
-
- Object obj = ProxyHelper.getProxy(clientFactoryBean.getServiceClass().getClassLoader(),
+ Object obj = ProxyHelper.getProxy(getClassLoader(clientFactoryBean.getServiceClass()),
classes,
handler);
@@ -186,6 +187,18 @@ public class ClientProxyFactoryBean extends AbstractBasicInterceptorProvider {
}
}
+ private static ClassLoader getClassLoader(final Class<?> clazz) {
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return clazz.getClassLoader();
+ }
+ });
+ }
+ return clazz.getClassLoader();
+ }
+
protected Class<?>[] getImplementingClasses() {
Class<?> cls = clientFactoryBean.getServiceClass();
return new Class[] {cls, Closeable.class, Client.class};
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
index 7a29374..14f532b 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
@@ -50,7 +50,7 @@ public class CXFAuthenticator extends Authenticator {
if (instance == null) {
instance = new CXFAuthenticator();
Authenticator wrapped = null;
- for (final Field f : Authenticator.class.getDeclaredFields()) {
+ for (final Field f : ReflectionUtil.getDeclaredFields(Authenticator.class)) {
if (f.getType().equals(Authenticator.class)) {
ReflectionUtil.setAccessible(f);
try {
@@ -74,9 +74,7 @@ public class CXFAuthenticator extends Authenticator {
return new URLClassLoader(new URL[0], ClassLoader.getSystemClassLoader());
}
}, null);
-
-
- Method m = ClassLoader.class.getDeclaredMethod("defineClass", String.class,
+ Method m = ReflectionUtil.getDeclaredMethod(ClassLoader.class, "defineClass", String.class,
byte[].class, Integer.TYPE, Integer.TYPE);
InputStream ins = ReferencingAuthenticator.class
@@ -102,7 +100,7 @@ public class CXFAuthenticator extends Authenticator {
}
try {
//clear the acc field that can hold onto the webapp classloader
- Field f = loader.getClass().getDeclaredField("acc");
+ Field f = ReflectionUtil.getDeclaredField(loader.getClass(), "acc");
ReflectionUtil.setAccessible(f).set(loader, null);
} catch (Throwable t) {
//ignore
http://git-wip-us.apache.org/repos/asf/cxf/blob/45a04b3e/rt/transports/http/src/main/java/org/apache/cxf/transport/http/URLConnectionHTTPConduit.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/URLConnectionHTTPConduit.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/URLConnectionHTTPConduit.java
index a429ddf..00fb97b 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/URLConnectionHTTPConduit.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/URLConnectionHTTPConduit.java
@@ -30,6 +30,9 @@ import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.logging.Level;
import javax.net.ssl.HttpsURLConnection;
@@ -254,7 +257,21 @@ public class URLConnectionHTTPConduit extends HTTPConduit {
OutputStream cout = null;
try {
try {
- cout = connection.getOutputStream();
+// cout = connection.getOutputStream();
+ if (System.getSecurityManager() != null) {
+ try {
+ cout = AccessController.doPrivileged(new PrivilegedExceptionAction<OutputStream>() {
+ @Override
+ public OutputStream run() throws IOException {
+ return connection.getOutputStream();
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (IOException) e.getException();
+ }
+ } else {
+ cout = connection.getOutputStream();
+ }
} catch (ProtocolException pe) {
Boolean b = (Boolean)outMessage.get(HTTPURL_CONNECTION_METHOD_REFLECTION);
cout = connectAndGetOutputStream(b);
[2/4] cxf git commit: [CXF-6029] Debug log a throwable
Posted by dk...@apache.org.
[CXF-6029] Debug log a throwable
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1eac82a6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1eac82a6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1eac82a6
Branch: refs/heads/3.1.x-fixes
Commit: 1eac82a6263bc7106b629144274013bd775c3827
Parents: 61de9b8
Author: Daniel Kulp <dk...@apache.org>
Authored: Fri Mar 24 11:13:22 2017 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Fri Mar 24 13:43:12 2017 -0400
----------------------------------------------------------------------
.../main/java/org/apache/cxf/bus/spring/SpringBusFactory.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/1eac82a6/core/src/main/java/org/apache/cxf/bus/spring/SpringBusFactory.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/bus/spring/SpringBusFactory.java b/core/src/main/java/org/apache/cxf/bus/spring/SpringBusFactory.java
index 04ea866..c4840ac 100644
--- a/core/src/main/java/org/apache/cxf/bus/spring/SpringBusFactory.java
+++ b/core/src/main/java/org/apache/cxf/bus/spring/SpringBusFactory.java
@@ -66,8 +66,8 @@ public class SpringBusFactory extends BusFactory {
if (r != null && !r.isEmpty()) {
return r.get(0);
}
- } catch (Throwable t) {
- //ignore
+ } catch (Exception t) {
+ LOG.log(Level.FINEST, "Could not find NamespaceHandlerResolver", t);
}
return null;
}
[4/4] cxf git commit: Recording .gitmergeinfo Changes
Posted by dk...@apache.org.
Recording .gitmergeinfo Changes
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d69a34be
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d69a34be
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d69a34be
Branch: refs/heads/3.1.x-fixes
Commit: d69a34be8be020b213d3c3abf86bfcf2e473f0d0
Parents: 45a04b3
Author: Daniel Kulp <dk...@apache.org>
Authored: Fri Mar 24 13:44:55 2017 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Fri Mar 24 13:44:55 2017 -0400
----------------------------------------------------------------------
.gitmergeinfo | 4 ++++
1 file changed, 4 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/d69a34be/.gitmergeinfo
----------------------------------------------------------------------
diff --git a/.gitmergeinfo b/.gitmergeinfo
index c92b23f..b2a2aed 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -165,6 +165,7 @@ B 7eb2d58faacb2dd57c1eddea99c59a8b17807faf
B 7f4a24d037c06f76770e969ad7e2a47f4687a33a
B 7fc957efa3a193a5f2ae178b8a608717ce4c5b26
B 7fcd84b1f82a203917a5269a2c0c10a0d5b6f877
+B 8172db9fcfd3472731fdd9e26704bcdd7f63cd76
B 85c397f853c6b7ca0ed6d924445d6173962e1ec4
B 86251ae75e6a663d6419623f47e393dd7a042742
B 885b65d32198083961e380c8c55c7d7a6d00ed33
@@ -325,6 +326,7 @@ M 01d06cee06203b0ba616ca1924f1878aecc1a791
M 01fdc40526185ee89202692088fd5367f0690af0
M 0222768baf6b60742c4a8332308edf2be0f4a2e4
M 0252de53c8b2bd230544e7c9cffc9355741dc2f1
+M 02c11bb9191ce5712cb32e33bb5519362a9975d2
M 0344b6bc0d1e61a3d3b5194f5ae3ebcdf62e8d56
M 03987585902ef5db3c265a353e483f20e31b2c18
M 04720d55a297aa4778a8194a766d9159ba662d33
@@ -336,6 +338,7 @@ M 08c9194ce2c567ebfe59f59ee628b1197d90fd43
M 090fa6100ae3a5aa8ae894b0e238acb793f705ec
M 09fb22b25333c66514f06652ceaf7fc11bde51cc
M 0e5fd5a54cb271ba494e7e30b45d4228b33364a9
+M 10ed38c6d1f74f75ae231e8b91b7198b4e162ab3
M 11637433df089a638e173d1ef57441e7456cf2ea
M 1184e08f0d1c40c754e39fd5d6340d1057fbdd17
M 11e18bf5622cafdb10723cee895885d676b35a7b
@@ -378,6 +381,7 @@ M 4799fef822a96f5d1b2827d5cc42ab886fd4e673
M 4824bfe59878dd9dbbd2a067e8772b1971897cfc
M 4837a6cb5ea319f6bf87aaf3bf49c1e4e99e45a7
M 4b0868a8ee6f53d8543860a458821c35ec2a79a2
+M 4d493d461f70864aa1b5cab7bcbfbc31a31cdc01
M 4f4ce80ba2de80219e13943cbd6edbf411117234
M 5022be0c15d90800ee983fe94b07a10a54814991
M 52d77470228a3560f464003c68b30ffe8f1e8b9c