You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/11/25 06:25:33 UTC
[cxf] 01/02: [CXF-8378]:Fix NoClassDefFoundError: org/apache/cxf/common/util/Refle… (#728)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit b2b31ec4519df505b7d9b5b4d2f34b440b04133c
Author: jimma <em...@apache.org>
AuthorDate: Wed Nov 25 08:59:56 2020 +0800
[CXF-8378]:Fix NoClassDefFoundError: org/apache/cxf/common/util/Refle… (#728)
* [CXF-8378]:Fix NoClassDefFoundError: org/apache/cxf/common/util/ReflectionUtil
(cherry picked from commit 2acb47125c3ab36278648128f93e5ec456bcd713)
---
.../transport/http/ReferencingAuthenticator.java | 46 ++++++++++++++++++----
1 file changed, 38 insertions(+), 8 deletions(-)
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/ReferencingAuthenticator.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/ReferencingAuthenticator.java
index 547f7df..2b63316 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/ReferencingAuthenticator.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/ReferencingAuthenticator.java
@@ -25,12 +25,14 @@ import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.net.Authenticator;
import java.net.PasswordAuthentication;
-
-import org.apache.cxf.common.util.ReflectionUtil;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
public class ReferencingAuthenticator extends Authenticator {
+ private static final boolean SKIPCHECK = System.getSecurityManager() == null;
final Reference<Authenticator> auth;
final Authenticator wrapped;
+
public ReferencingAuthenticator(Authenticator cxfauth, Authenticator wrapped) {
this.auth = new WeakReference<>(cxfauth);
this.wrapped = wrapped;
@@ -78,13 +80,14 @@ public class ReferencingAuthenticator extends Authenticator {
}
}
}
+
private void remove() {
try {
for (final Field f : Authenticator.class.getDeclaredFields()) {
if (f.getType().equals(Authenticator.class)) {
try {
f.setAccessible(true);
- Authenticator o = (Authenticator)f.get(null);
+ Authenticator o = (Authenticator) f.get(null);
if (o == this) {
//this is at the root of any chain of authenticators
Authenticator.setDefault(wrapped);
@@ -100,13 +103,14 @@ public class ReferencingAuthenticator extends Authenticator {
//ignore
}
}
+
private void removeFromChain(Authenticator a) {
try {
if (a.getClass().getName().equals(ReferencingAuthenticator.class.getName())) {
//multiple referencing authenticators, we can remove ourself
Field f2 = a.getClass().getDeclaredField("wrapped");
f2.setAccessible(true);
- Authenticator a2 = (Authenticator)f2.get(a);
+ Authenticator a2 = (Authenticator) f2.get(a);
if (a2 == this) {
f2.set(a, wrapped);
} else {
@@ -122,15 +126,41 @@ public class ReferencingAuthenticator extends Authenticator {
if (a == null) {
return null;
}
- for (final Field f : ReflectionUtil.getDeclaredFields(Authenticator.class)) {
+ Field[] fields = null;
+ if (SKIPCHECK) {
+ fields = Authenticator.class.getDeclaredFields();
+ } else {
+ fields = AccessController.doPrivileged(
+ (PrivilegedAction<Field[]>) () -> Authenticator.class.getDeclaredFields());
+
+ }
+
+ for (final Field f : fields) {
if (!Modifier.isStatic(f.getModifiers())) {
f.setAccessible(true);
Object o = f.get(this);
f.set(a, o);
}
}
- final Method m = Authenticator.class.getDeclaredMethod("getPasswordAuthentication");
- m.setAccessible(true);
- return (PasswordAuthentication)m.invoke(a);
+ Method method;
+ if (SKIPCHECK) {
+ method = Authenticator.class.getDeclaredMethod("getPasswordAuthentication");
+ method.setAccessible(true);
+ } else {
+ method = AccessController.doPrivileged(
+ (PrivilegedAction<Method>) () -> {
+ try {
+ return Authenticator.class.getDeclaredMethod("getPasswordAuthentication");
+ } catch (NoSuchMethodException e) {
+ throw new RuntimeException(e);
+ }
+ });
+ AccessController.doPrivileged((PrivilegedAction<Object>) () -> {
+ method.setAccessible(true);
+ return null;
+ });
+ }
+
+ return (PasswordAuthentication) method.invoke(a);
}
}
\ No newline at end of file