You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by sc...@apache.org on 2007/04/10 19:55:11 UTC
svn commit: r527223 -
/webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/runtime/description/marshal/impl/PackageSetBuilder.java
Author: scheu
Date: Tue Apr 10 10:55:10 2007
New Revision: 527223
URL: http://svn.apache.org/viewvc?view=rev&rev=527223
Log:
AXIS2-2497
Contributor:Rich Scheuerle
Java 2 Security issue in PackageSetBuilder
Modified:
webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/runtime/description/marshal/impl/PackageSetBuilder.java
Modified: webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/runtime/description/marshal/impl/PackageSetBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/runtime/description/marshal/impl/PackageSetBuilder.java?view=diff&rev=527223&r1=527222&r2=527223
==============================================================================
--- webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/runtime/description/marshal/impl/PackageSetBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/jaxws/src/org/apache/axis2/jaxws/runtime/description/marshal/impl/PackageSetBuilder.java Tue Apr 10 10:55:10 2007
@@ -432,26 +432,27 @@
return null;
}
- private static Definition getWSDLDefinition(String wsdlLocation) {
+ private static Definition getWSDLDefinition(String wsdlLoc){
Definition wsdlDefinition = null;
+ final String wsdlLocation = wsdlLoc;
if (wsdlLocation != null && wsdlLocation.trim().length() > 0) {
try {
- String baseDir = new File(System.getProperty("basedir", ".")).getCanonicalPath();
- wsdlLocation = new File(baseDir + File.separator + wsdlLocation).getAbsolutePath();
- File file = new File(wsdlLocation);
- URL url = file.toURL();
- if (log.isDebugEnabled()) {
- log.debug("Reading WSDL from URL:" + url.toString());
- }
- WSDLWrapper wsdlWrapper = new WSDL4JWrapper(url);
- wsdlDefinition = wsdlWrapper.getDefinition();
-
- } catch (MalformedURLException e) {
- ExceptionFactory.makeWebServiceException(e);
- } catch (IOException e) {
- ExceptionFactory.makeWebServiceException(e);
- } catch (WSDLException e) {
- ExceptionFactory.makeWebServiceException(e);
+ wsdlDefinition = (Definition) AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws MalformedURLException, IOException, WSDLException {
+ String baseDir = new File(System.getProperty("basedir",".")).getCanonicalPath();
+ String wsdlLocationPath = new File(baseDir +File.separator+ wsdlLocation).getAbsolutePath();
+ File file = new File(wsdlLocationPath);
+ URL url = file.toURL();
+ if(log.isDebugEnabled()){
+ log.debug("Reading WSDL from URL:" +url.toString());
+ }
+ WSDLWrapper wsdlWrapper = new WSDL4JWrapper(url);
+ return wsdlWrapper.getDefinition();
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ ExceptionFactory.makeWebServiceException(e.getException());
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org