You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bval.apache.org by mb...@apache.org on 2012/11/07 18:44:27 UTC
svn commit: r1406733 - in /bval/branches/privileged2: ./
src/main/java/org/apache/bval/jsr303/
src/main/java/org/apache/bval/jsr303/resolver/
src/main/java/org/apache/bval/jsr303/util/
src/main/java/org/apache/bval/jsr303/xml/ src/test/java/org/apache/...
Author: mbenson
Date: Wed Nov 7 17:44:26 2012
New Revision: 1406733
URL: http://svn.apache.org/viewvc?rev=1406733&view=rev
Log:
new privileged work branch
Added:
bval/branches/privileged2/ (props changed)
- copied from r1405063, bval/trunk/bval-jsr303/
Removed:
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/SecureActions.java
Modified:
bval/branches/privileged2/pom.xml
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationConstraintBuilder.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationProcessor.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheFactoryContext.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidationProvider.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidatorFactory.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConfigurationImpl.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintAnnotationAttributes.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintDefaults.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultMessageInterpolator.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultValidationProviderResolver.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/Jsr303MetaBeanFactory.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/resolver/DefaultTraversableResolver.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ClassHelper.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ConstraintDefinitionValidator.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxy.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxyBuilder.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationMappingParser.java
bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationParser.java
bval/branches/privileged2/src/test/java/org/apache/bval/jsr303/ConstraintValidatorContextTest.java
bval/branches/privileged2/src/test/resources/java.policy
Propchange: bval/branches/privileged2/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Wed Nov 7 17:44:26 2012
@@ -0,0 +1,6 @@
+*.log
+.*
+target
+maven-eclipse.xml
+*.ipr
+*.iml
Propchange: bval/branches/privileged2/
------------------------------------------------------------------------------
svn:mergeinfo = /incubator/bval/sandbox/lang3-work/bval-jsr303:992137-1166425
Modified: bval/branches/privileged2/pom.xml
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/pom.xml?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/pom.xml (original)
+++ bval/branches/privileged2/pom.xml Wed Nov 7 17:44:26 2012
@@ -104,7 +104,12 @@
<include>**/*Test.java</include>
<include>**/*TestCase.java</include>
</includes>
- <argLine>-Djava.security.manager -Djava.security.policy=${project.basedir}/src/test/resources/java.policy</argLine>
+ <forkMode>once</forkMode>
+ <systemPropertyVariables>
+ <surefire.security.manager>java.lang.SecurityManager</surefire.security.manager>
+ <java.security.policy>${project.basedir}/src/test/resources/java.policy</java.security.policy>
+ <user.dir>${project.basedir}</user.dir>
+ </systemPropertyVariables>
</configuration>
</plugin>
</plugins>
@@ -122,6 +127,11 @@
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
+ <dependency>
+ <groupId>mbenson.pmw</groupId>
+ <artifactId>privileged-method-weaver-api</artifactId>
+ </dependency>
+ <!-- Test dependencies -->
<!-- optional dependencies -->
<dependency>
<groupId>org.apache.bval</groupId>
@@ -210,6 +220,20 @@
</includes>
</configuration>
</plugin>
+ <plugin>
+ <groupId>mbenson.pmw</groupId>
+ <artifactId>privileged-method-weaver-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>prepare</goal>
+ <goal>weave</goal>
+ <goal>test-prepare</goal>
+ <goal>test-weave</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
</plugins>
</build>
</project>
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationConstraintBuilder.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationConstraintBuilder.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationConstraintBuilder.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationConstraintBuilder.java Wed Nov 7 17:44:26 2012
@@ -19,10 +19,9 @@
package org.apache.bval.jsr303;
import java.lang.annotation.Annotation;
+import java.lang.reflect.AccessibleObject;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
@@ -44,6 +43,8 @@ import org.apache.bval.jsr303.groups.Gro
import org.apache.bval.jsr303.xml.AnnotationProxyBuilder;
import org.apache.bval.util.AccessStrategy;
+import mbenson.privileged.Privileged;
+
/**
* Description: helper class that builds a {@link ConstraintValidation} or its
* composite constraint validations by parsing the jsr303-annotations and
@@ -77,30 +78,25 @@ final class AnnotationConstraintBuilder<
/** build attributes, payload, groups from 'annotation' */
private void buildFromAnnotation() {
if (constraintValidation.getAnnotation() != null) {
- run(new PrivilegedAction<Object>() {
- public Object run() {
- for (Method method : constraintValidation.getAnnotation().annotationType().getDeclaredMethods()) {
- // groups + payload must also appear in attributes (also
- // checked by TCK-Tests)
- if (method.getParameterTypes().length == 0) {
- try {
- if (ConstraintAnnotationAttributes.PAYLOAD.getAttributeName().equals(method.getName())) {
- buildPayload(method);
- } else if (ConstraintAnnotationAttributes.GROUPS.getAttributeName().equals(
- method.getName())) {
- buildGroups(method);
- } else {
- constraintValidation.getAttributes().put(method.getName(),
- method.invoke(constraintValidation.getAnnotation()));
- }
- } catch (Exception e) { // do nothing
- log.log(Level.WARNING, String.format("Error processing annotation: %s ", constraintValidation.getAnnotation()), e);
- }
+ for (Method method : getDeclaredMethods(constraintValidation.getAnnotation().annotationType())) {
+ // groups + payload must also appear in attributes (also
+ // checked by TCK-Tests)
+ if (method.getParameterTypes().length == 0) {
+ try {
+ if (ConstraintAnnotationAttributes.PAYLOAD.getAttributeName().equals(method.getName())) {
+ buildPayload(method);
+ } else if (ConstraintAnnotationAttributes.GROUPS.getAttributeName().equals(
+ method.getName())) {
+ buildGroups(method);
+ } else {
+ constraintValidation.getAttributes().put(method.getName(),
+ method.invoke(constraintValidation.getAnnotation()));
}
+ } catch (Exception e) { // do nothing
+ log.log(Level.WARNING, String.format("Error processing annotation: %s ", constraintValidation.getAnnotation()), e);
}
- return null;
}
- });
+ }
}
}
@@ -201,7 +197,7 @@ final class AnnotationConstraintBuilder<
/** read overridesAttributes from constraintValidation.annotation */
private void buildOverridesAttributes() {
overrides = new LinkedList<ConstraintOverrides>();
- for (Method method : constraintValidation.getAnnotation().annotationType().getDeclaredMethods()) {
+ for (Method method : getDeclaredMethods(constraintValidation.getAnnotation().annotationType())) {
OverridesAttribute.List annoOAL = method.getAnnotation(OverridesAttribute.List.class);
if (annoOAL != null) {
for (OverridesAttribute annoOA : annoOAL.value()) {
@@ -266,11 +262,10 @@ final class AnnotationConstraintBuilder<
}
}
- private static <T> T run(PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
+ @Privileged
+ private static Method[] getDeclaredMethods(Class<?> type) {
+ Method[] result = type.getDeclaredMethods();
+ AccessibleObject.setAccessible(result, true);
+ return result;
}
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationProcessor.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationProcessor.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationProcessor.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/AnnotationProcessor.java Wed Nov 7 17:44:26 2012
@@ -23,6 +23,7 @@ import java.lang.reflect.AnnotatedElemen
import java.lang.reflect.Array;
import java.lang.reflect.GenericArrayType;
import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.HashMap;
@@ -38,7 +39,6 @@ import javax.validation.ValidationExcept
import javax.validation.groups.Default;
import org.apache.bval.jsr303.util.ConstraintDefinitionValidator;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.bval.model.Features;
import org.apache.bval.model.MetaBean;
import org.apache.bval.model.MetaProperty;
@@ -47,6 +47,8 @@ import org.apache.commons.lang3.ArrayUti
import org.apache.commons.lang3.ClassUtils;
import org.apache.commons.lang3.reflect.TypeUtils;
+import mbenson.privileged.Privileged;
+
/**
* Description: implements uniform handling of JSR303 {@link Constraint}
* annotations, including composed constraints and the resolution of
@@ -154,8 +156,7 @@ public final class AnnotationProcessor {
* annotated by @Constraint) whose value element has a return type of an
* array of constraint annotations in a special way.
*/
- Object result =
- SecureActions.getAnnotationValue(annotation, ConstraintAnnotationAttributes.VALUE.getAttributeName());
+ final Object result = getAnnotationValue(annotation, ConstraintAnnotationAttributes.VALUE.getAttributeName());
if (result instanceof Annotation[]) {
boolean changed = false;
for (Annotation each : (Annotation[]) result) {
@@ -448,4 +449,26 @@ public final class AnnotationProcessor {
return validatorsTypes;
}
+ private static Object getAnnotationValue(Annotation host, String name) {
+ Method m = getAccessor(host.annotationType(), name);
+ try {
+ return m.invoke(host);
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ @Privileged
+ private static Method getAccessor(Class type, String name) {
+ final Method m;
+ try {
+ m = type.getDeclaredMethod(name);
+ } catch (NoSuchMethodException e) {
+ return null;
+ }
+ // Shouldn't annotation values already be accessible?
+ m.setAccessible(true);
+ return m;
+ }
+
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheFactoryContext.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheFactoryContext.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheFactoryContext.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheFactoryContext.java Wed Nov 7 17:44:26 2012
@@ -19,8 +19,6 @@
package org.apache.bval.jsr303;
import java.lang.reflect.Constructor;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
@@ -36,13 +34,14 @@ import org.apache.bval.MetaBeanBuilder;
import org.apache.bval.MetaBeanFactory;
import org.apache.bval.MetaBeanFinder;
import org.apache.bval.MetaBeanManager;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.bval.xml.XMLMetaBeanBuilder;
import org.apache.bval.xml.XMLMetaBeanFactory;
import org.apache.bval.xml.XMLMetaBeanManager;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.reflect.ConstructorUtils;
+import mbenson.privileged.Privileged;
+
/**
* Description: Represents the context that is used to create
* <code>ClassValidator</code> instances.<br/>
@@ -228,25 +227,21 @@ public class ApacheFactoryContext implem
return new MetaBeanManager(new MetaBeanBuilder(builders.toArray(new MetaBeanFactory[builders.size()])));
}
+ @Privileged
private <F extends MetaBeanFactory> F createMetaBeanFactory(final Class<F> cls) {
- return run(new PrivilegedAction<F>() {
-
- public F run() {
- try {
- Constructor<F> c = ConstructorUtils.getMatchingAccessibleConstructor(cls, ApacheFactoryContext.this.getClass());
- if (c != null) {
- return c.newInstance(ApacheFactoryContext.this);
- }
- c = ConstructorUtils.getMatchingAccessibleConstructor(cls, getFactory().getClass());
- if (c != null) {
- return c.newInstance(getFactory());
- }
- return cls.newInstance();
- } catch (Exception e) {
- throw new ValidationException(e);
- }
+ try {
+ Constructor<F> c = ConstructorUtils.getMatchingAccessibleConstructor(cls, ApacheFactoryContext.this.getClass());
+ if (c != null) {
+ return c.newInstance(ApacheFactoryContext.this);
}
- });
+ c = ConstructorUtils.getMatchingAccessibleConstructor(cls, getFactory().getClass());
+ if (c != null) {
+ return c.newInstance(getFactory());
+ }
+ return cls.newInstance();
+ } catch (Exception e) {
+ throw new ValidationException(e);
+ }
}
/**
@@ -276,18 +271,11 @@ public class ApacheFactoryContext implem
}
}
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
- }
-
private Class<?> loadClass(final String className) {
- ClassLoader loader = doPrivileged(SecureActions.getContextClassLoader());
- if (loader == null)
+ ClassLoader loader = contextClassLoader();
+ if (loader == null) {
loader = getClass().getClassLoader();
+ }
try {
return Class.forName(className, true, loader);
@@ -296,11 +284,12 @@ public class ApacheFactoryContext implem
}
}
- private static <T> T run(PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
+ @Privileged
+ private static ClassLoader contextClassLoader() {
+ try {
+ return Thread.currentThread().getContextClassLoader();
+ } catch (Exception e) {
+ return null;
}
}
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidationProvider.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidationProvider.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidationProvider.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidationProvider.java Wed Nov 7 17:44:26 2012
@@ -18,9 +18,6 @@
*/
package org.apache.bval.jsr303;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
import javax.validation.Configuration;
import javax.validation.ValidationException;
import javax.validation.ValidatorFactory;
@@ -30,6 +27,8 @@ import javax.validation.spi.ValidationPr
import org.apache.commons.lang3.ClassUtils;
+import mbenson.privileged.Privileged;
+
/**
* Description: Implementation of {@link ValidationProvider} for jsr303
* implementation of the apache-validation framework.
@@ -99,15 +98,10 @@ public class ApacheValidationProvider im
// No privileges should be required to access the constructor,
// because the classloader of ApacheValidationProvider will always
// be an ancestor of the loader of validatorFactoryClass.
- return (System.getSecurityManager() == null)
- ? instantiateValidatorFactory(validatorFactoryClass, configuration) : AccessController
- .doPrivileged(new PrivilegedAction<ValidatorFactory>() {
- public ValidatorFactory run() {
- return instantiateValidatorFactory(validatorFactoryClass, configuration);
- }
- });
+ return instantiateValidatorFactory(validatorFactoryClass, configuration);
}
+ @Privileged
private static ValidatorFactory instantiateValidatorFactory(
final Class<? extends ValidatorFactory> validatorFactoryClass, final ConfigurationState configuration) {
try {
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidatorFactory.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidatorFactory.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidatorFactory.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ApacheValidatorFactory.java Wed Nov 7 17:44:26 2012
@@ -20,8 +20,6 @@ package org.apache.bval.jsr303;
import java.lang.annotation.Annotation;
import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -44,6 +42,8 @@ import org.apache.bval.util.AccessStrate
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.ClassUtils;
+import mbenson.privileged.Privileged;
+
/**
* Description: a factory is a complete configurated object that can create
* validators.<br/>
@@ -251,16 +251,13 @@ public class ApacheValidatorFactory impl
throw new ValidationException("Type " + type + " not supported");
}
+ @Privileged
private <T> T newInstance(final Class<T> cls) {
- return AccessController.doPrivileged(new PrivilegedAction<T>() {
- public T run() {
- try {
- return cls.newInstance();
- } catch (final Exception ex) {
- throw new ValidationException("Cannot instantiate : " + cls, ex);
- }
- }
- });
+ try {
+ return cls.newInstance();
+ } catch (final Exception ex) {
+ throw new ValidationException("Cannot instantiate : " + cls, ex);
+ }
}
/**
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConfigurationImpl.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConfigurationImpl.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConfigurationImpl.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConfigurationImpl.java Wed Nov 7 17:44:26 2012
@@ -20,7 +20,6 @@ package org.apache.bval.jsr303;
import org.apache.bval.jsr303.resolver.DefaultTraversableResolver;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.bval.jsr303.xml.ValidationParser;
import javax.validation.*;
@@ -28,11 +27,11 @@ import javax.validation.spi.BootstrapSta
import javax.validation.spi.ConfigurationState;
import javax.validation.spi.ValidationProvider;
import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.*;
import java.util.logging.Logger;
+import mbenson.privileged.Privileged;
+
/**
* Description: used to configure apache-validation for jsr303.
* Implementation of Configuration that also implements ConfigurationState,
@@ -241,20 +240,22 @@ public class ConfigurationImpl implement
* @throws ValidationException if the ValidatorFactory cannot be built
*/
public ValidatorFactory buildValidatorFactory() {
- return run(SecureActions.doPrivBuildValidatorFactory(this));
+ return doPrivBuildValidatorFactory();
}
- public ValidatorFactory doPrivBuildValidatorFactory() {
+ @Privileged
+ private ValidatorFactory doPrivBuildValidatorFactory() {
prepare();
- if (provider != null) {
- return provider.buildValidatorFactory(this);
- } else {
+ if (provider == null) {
return findProvider().buildValidatorFactory(this);
}
+ return provider.buildValidatorFactory(this);
}
private void prepare() {
- if (prepared) return;
+ if (prepared) {
+ return;
+ }
parseValidationXml();
applyDefaults();
prepared = true;
@@ -330,11 +331,4 @@ public class ConfigurationImpl implement
this.providerClass = providerClass;
}
- private static <T> T run(PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
- }
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintAnnotationAttributes.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintAnnotationAttributes.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintAnnotationAttributes.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintAnnotationAttributes.java Wed Nov 7 17:44:26 2012
@@ -20,8 +20,6 @@ import java.lang.annotation.Annotation;
import java.lang.reflect.Array;
import java.lang.reflect.Method;
import java.lang.reflect.Type;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Locale;
import java.util.Map;
@@ -30,9 +28,10 @@ import javax.validation.ConstraintDefini
import javax.validation.Payload;
import javax.validation.ValidationException;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.commons.lang3.reflect.TypeUtils;
+import mbenson.privileged.Privileged;
+
/**
* Defines the well-known attributes of {@link Constraint} annotations.
*
@@ -183,14 +182,6 @@ public enum ConstraintAnnotationAttribut
return result;
}
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
- }
-
private class Worker<C> {
final Method method;
final Object defaultValue;
@@ -214,7 +205,7 @@ public enum ConstraintAnnotationAttribut
boolean _valid = true;
Object _defaultValue = null;
try {
- method = doPrivileged(SecureActions.getPublicMethod(constraintType, getAttributeName()));
+ method = getPublicMethod(constraintType, getAttributeName());
if (method == null) {
if (quiet) {
_valid = false;
@@ -251,18 +242,28 @@ public enum ConstraintAnnotationAttribut
}
<T> T read(final C constraint) {
- @SuppressWarnings("unchecked")
- T result = (T) doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- try {
- method.setAccessible(true);
- return method.invoke(constraint);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
+ try {
+ @SuppressWarnings("unchecked")
+ final T result = (T) method.invoke(constraint);
+ return result;
+ } catch (RuntimeException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Privileged
+ private Method getPublicMethod(Class<?> type, String name, Class<?>... argTypes) {
+ try {
+ Method result = type.getMethod(name, argTypes);
+ if (!result.isAccessible()) {
+ result.setAccessible(true);
}
- });
- return result;
+ return result;
+ } catch (NoSuchMethodException e) {
+ return null;
+ }
}
}
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintDefaults.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintDefaults.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintDefaults.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/ConstraintDefaults.java Wed Nov 7 17:44:26 2012
@@ -22,12 +22,12 @@ import javax.validation.ConstraintValida
import java.io.IOException;
import java.io.InputStream;
import java.lang.annotation.Annotation;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.*;
import java.util.logging.Level;
import java.util.logging.Logger;
+import mbenson.privileged.Privileged;
+
/**
* Description: Provides access to the default constraints/validator implementation classes built into the framework.
* These are configured in DefaultConstraints.properties.<br/>
@@ -71,7 +71,10 @@ public class ConstraintDefaults {
@SuppressWarnings("unchecked")
private Map<String, Class<? extends ConstraintValidator<?, ?>>[]> loadDefaultConstraints(String resource) {
Properties constraintProperties = new Properties();
- final ClassLoader classloader = getClassLoader();
+ ClassLoader classloader = contextClassLoader();
+ if (classloader == null) {
+ classloader = getClass().getClassLoader();
+ }
InputStream stream = classloader.getResourceAsStream(resource);
if (stream != null) {
try {
@@ -92,18 +95,7 @@ public class ConstraintDefaults {
while (tokens.hasMoreTokens()) {
final String eachClassName = tokens.nextToken();
- Class<?> constraintValidatorClass =
- run(new PrivilegedAction<Class<?>>() {
- public Class<?> run() {
- try {
- return Class.forName(eachClassName, true, classloader);
- } catch (ClassNotFoundException e) {
- log.log(Level.SEVERE, String.format("Cannot find class %s", eachClassName), e);
- return null;
- }
- }
- });
-
+ Class<?> constraintValidatorClass = loadClass(eachClassName, classloader);
if (constraintValidatorClass != null) classes.add(constraintValidatorClass);
}
@@ -115,17 +107,22 @@ public class ConstraintDefaults {
return loadedConstraints;
}
- private ClassLoader getClassLoader() {
- ClassLoader classloader = Thread.currentThread().getContextClassLoader();
- if (classloader == null) classloader = getClass().getClassLoader();
- return classloader;
+ @Privileged
+ private ClassLoader contextClassLoader() {
+ try {
+ return Thread.currentThread().getContextClassLoader();
+ } catch (Exception e) {
+ return null;
+ }
}
- private static <T> T run(PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
+ private Class<?> loadClass(String name, ClassLoader classloader) {
+ try {
+ return Class.forName(name, true, classloader);
+ } catch (ClassNotFoundException e) {
+ log.log(Level.SEVERE, String.format("Cannot find class %s", name), e);
+ return null;
}
}
+
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultMessageInterpolator.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultMessageInterpolator.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultMessageInterpolator.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultMessageInterpolator.java Wed Nov 7 17:44:26 2012
@@ -16,8 +16,6 @@
*/
package org.apache.bval.jsr303;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Locale;
import java.util.Map;
import java.util.MissingResourceException;
@@ -30,9 +28,10 @@ import java.util.regex.Pattern;
import javax.validation.MessageInterpolator;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.commons.lang3.ArrayUtils;
+import mbenson.privileged.Privileged;
+
/**
* Description: Resource bundle backed message interpolator.
* This message resolver resolve message descriptors
@@ -164,14 +163,12 @@ public class DefaultMessageInterpolator
*/
private ResourceBundle getFileBasedResourceBundle(Locale locale) {
ResourceBundle rb = null;
- final ClassLoader classLoader = doPrivileged(SecureActions.getContextClassLoader());
+ final ClassLoader classLoader = contextClassLoader();
if (classLoader != null) {
rb = loadBundle(classLoader, locale,
USER_VALIDATION_MESSAGES + " not found by thread local classloader");
}
- // 2011-03-27 jw: No privileged action required.
- // A class can always access the classloader of itself and of subclasses.
if (rb == null) {
rb = loadBundle(
getClass().getClassLoader(),
@@ -302,22 +299,12 @@ public class DefaultMessageInterpolator
return src.replace("\\", "\\\\").replace("$", "\\$");
}
-
-
- /**
- * Perform action with AccessController.doPrivileged() if a security manager is installed.
- *
- * @param action
- * the action to run
- * @return
- * result of the action
- */
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
+ @Privileged
+ private ClassLoader contextClassLoader() {
+ try {
+ return Thread.currentThread().getContextClassLoader();
+ } catch (Exception e) {
+ return null;
}
}
-
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultValidationProviderResolver.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultValidationProviderResolver.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultValidationProviderResolver.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/DefaultValidationProviderResolver.java Wed Nov 7 17:44:26 2012
@@ -16,7 +16,6 @@
*/
package org.apache.bval.jsr303;
-
import javax.validation.ValidationException;
import javax.validation.ValidationProviderResolver;
import javax.validation.spi.ValidationProvider;
@@ -24,12 +23,12 @@ import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
+import mbenson.privileged.Privileged;
+
public class DefaultValidationProviderResolver implements ValidationProviderResolver {
//TODO - Spec recommends caching per classloader
@@ -60,20 +59,10 @@ public class DefaultValidationProviderRe
if (!line.startsWith("#")) {
try {
// try loading the specified class
- final Class<?> provider = cl.loadClass(line);
+ final Class<? extends ValidationProvider> provider = cl.loadClass(line).asSubclass(ValidationProvider.class);
// create an instance to return
- ValidationProvider<?> vp =
- AccessController.doPrivileged(new PrivilegedAction<ValidationProvider<?>>() {
- public ValidationProvider<?> run() {
- try {
- return (ValidationProvider<?>) provider.newInstance();
- } catch (final Exception ex) {
- throw new ValidationException("Cannot instantiate : " + provider, ex);
- }
- }
- });
- providers.add(vp);
-
+ final ValidationProvider<?> vp = createInstance(provider);
+ providers.add(vp);
} catch (ClassNotFoundException e) {
throw new ValidationException("Failed to load provider " +
line + " configured in file " + url, e);
@@ -95,4 +84,13 @@ public class DefaultValidationProviderRe
// caller must handle the case of no providers found
return providers;
}
+
+ @Privileged
+ private static <T> T createInstance(Class<? extends T> type) {
+ try {
+ return type.newInstance();
+ } catch (final Exception ex) {
+ throw new ValidationException("Cannot instantiate : " + type, ex);
+ }
+ }
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/Jsr303MetaBeanFactory.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/Jsr303MetaBeanFactory.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/Jsr303MetaBeanFactory.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/Jsr303MetaBeanFactory.java Wed Nov 7 17:44:26 2012
@@ -19,11 +19,10 @@
package org.apache.bval.jsr303;
import java.lang.annotation.Annotation;
+import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
@@ -38,7 +37,6 @@ import javax.validation.groups.Default;
import org.apache.bval.MetaBeanFactory;
import org.apache.bval.jsr303.groups.Group;
import org.apache.bval.jsr303.util.ClassHelper;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.bval.jsr303.xml.MetaConstraint;
import org.apache.bval.model.MetaBean;
import org.apache.bval.model.MetaProperty;
@@ -46,6 +44,8 @@ import org.apache.bval.util.AccessStrate
import org.apache.bval.util.FieldAccess;
import org.apache.bval.util.MethodAccess;
+import mbenson.privileged.Privileged;
+
/**
* Description: process the class annotations for JSR303 constraint validations to build the MetaBean with information
* from annotations and JSR303 constraint mappings (defined in xml)<br/>
@@ -120,8 +120,7 @@ public class Jsr303MetaBeanFactory imple
metabean));
}
- final Field[] fields = doPrivileged(SecureActions.getDeclaredFields(beanClass));
- for (Field field : fields) {
+ for (Field field : getDeclaredFields(beanClass)) {
MetaProperty metaProperty = metabean.getProperty(field.getName());
// create a property for those fields for which there is not yet a
// MetaProperty
@@ -137,8 +136,7 @@ public class Jsr303MetaBeanFactory imple
}
}
}
- final Method[] methods = doPrivileged(SecureActions.getDeclaredMethods(beanClass));
- for (Method method : methods) {
+ for (Method method : getDeclaredMethods(beanClass)) {
String propName = null;
if (method.getParameterTypes().length == 0) {
propName = MethodAccess.getPropertyName(method);
@@ -296,22 +294,21 @@ public class Jsr303MetaBeanFactory imple
return result;
}
+ @Privileged
+ private static Field[] getDeclaredFields(Class<?> type) {
+ final Field[] result = type.getDeclaredFields();
+ if (result.length > 0) {
+ AccessibleObject.setAccessible(result, true);
+ }
+ return result;
+ }
-
-
- /**
- * Perform action with AccessController.doPrivileged() if a security manager is installed.
- *
- * @param action
- * the action to run
- * @return
- * result of the action
- */
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
+ @Privileged
+ private static Method[] getDeclaredMethods(Class<?> type) {
+ final Method[] result = type.getDeclaredMethods();
+ if (result.length > 0) {
+ AccessibleObject.setAccessible(result, true);
}
+ return result;
}
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/resolver/DefaultTraversableResolver.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/resolver/DefaultTraversableResolver.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/resolver/DefaultTraversableResolver.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/resolver/DefaultTraversableResolver.java Wed Nov 7 17:44:26 2012
@@ -17,8 +17,6 @@
package org.apache.bval.jsr303.resolver;
import java.lang.annotation.ElementType;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -26,8 +24,8 @@ import javax.validation.Path;
import javax.validation.TraversableResolver;
import org.apache.bval.jsr303.util.ClassHelper;
-import org.apache.bval.util.PrivilegedActions;
-import org.apache.commons.lang3.ClassUtils;
+
+import mbenson.privileged.Privileged;
/** @see javax.validation.TraversableResolver */
public class DefaultTraversableResolver implements TraversableResolver, CachingRelevant {
@@ -74,9 +72,13 @@ public class DefaultTraversableResolver
/** Tries to load detect and load JPA. */
@SuppressWarnings("unchecked")
private void initJpa() {
- final ClassLoader classLoader = getClassLoader();
+ ClassLoader classLoader = contextClassLoader();
+ if (classLoader == null) {
+ classLoader = getClass().getClassLoader();
+ }
try {
- PrivilegedActions.getClass(classLoader, PERSISTENCE_UTIL_CLASSNAME);
+ // no security needed as classLoader should not be null:
+ Class.forName(PERSISTENCE_UTIL_CLASSNAME, true, classLoader);
log.log(Level.FINEST, String.format("Found %s on classpath.", PERSISTENCE_UTIL_CLASSNAME));
} catch (Exception e) {
log.log(Level.FINEST, String.format("Cannot find %s on classpath. All properties will per default be traversable.", PERSISTENCE_UTIL_CLASSNAME));
@@ -85,8 +87,7 @@ public class DefaultTraversableResolver
try {
Class<? extends TraversableResolver> jpaAwareResolverClass =
- (Class<? extends TraversableResolver>)
- ClassUtils.getClass(classLoader, JPA_AWARE_TRAVERSABLE_RESOLVER_CLASSNAME, true);
+ Class.forName(JPA_AWARE_TRAVERSABLE_RESOLVER_CLASSNAME, true, classLoader).asSubclass(TraversableResolver.class);
jpaTR = jpaAwareResolverClass.newInstance();
log.log(Level.FINEST, String.format("Instantiated an instance of %s.", JPA_AWARE_TRAVERSABLE_RESOLVER_CLASSNAME));
} catch (Exception e) {
@@ -104,20 +105,12 @@ public class DefaultTraversableResolver
return jpaTR != null && CachingTraversableResolver.needsCaching(jpaTR);
}
- private static ClassLoader getClassLoader()
- {
- return (System.getSecurityManager() == null)
- ? getClassLoader0()
- : AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
- public ClassLoader run() {
- return getClassLoader0();
- }
- });
- }
-
- private static ClassLoader getClassLoader0()
- {
- final ClassLoader loader = Thread.currentThread().getContextClassLoader();
- return (loader != null) ? loader : ClassHelper.class.getClassLoader();
+ @Privileged
+ private static ClassLoader contextClassLoader() {
+ try {
+ return Thread.currentThread().getContextClassLoader();
+ } catch (Exception e) {
+ return null;
+ }
}
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ClassHelper.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ClassHelper.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ClassHelper.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ClassHelper.java Wed Nov 7 17:44:26 2012
@@ -18,20 +18,16 @@
*/
package org.apache.bval.jsr303.util;
-import org.apache.commons.lang3.ClassUtils;
-
-import java.security.AccessController;
import java.util.List;
/**
- * Common operations on classes that do not require an {@link AccessController}.
+ * Common Class operations that do not involve Java security checks.
*
* @author Carlos Vara
*/
public class ClassHelper {
private ClassHelper() {
- // No instances please
}
/**
@@ -43,7 +39,7 @@ public class ClassHelper {
* @param clazz
* The current class, root of the hierarchy to traverse.
*/
- static public void fillFullClassHierarchyAsList(List<Class<?>> allClasses, Class<?> clazz) {
+ public static void fillFullClassHierarchyAsList(List<Class<?>> allClasses, Class<?> clazz) {
if (clazz == null || clazz == Object.class) {
return;
}
@@ -57,26 +53,4 @@ public class ClassHelper {
}
}
- /**
- * @deprecated Will be removed for security reasons.
- *
- * Perform ClassUtils.getClass functions with Java 2 Security enabled.
- */
- @Deprecated
- public static Class<?> getClass(String className) throws ClassNotFoundException {
- return getClass(className, true);
- }
-
- /**
- * @deprecated Will be removed for security reasons.
- *
- * Perform ClassUtils.getClass functions with Java 2 Security enabled.
- */
- @Deprecated
- public static Class<?> getClass(String className, boolean initialize) throws ClassNotFoundException {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- if (loader == null)
- loader = ClassHelper.class.getClassLoader();
- return ClassUtils.getClass(loader, className, initialize);
- }
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ConstraintDefinitionValidator.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ConstraintDefinitionValidator.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ConstraintDefinitionValidator.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/util/ConstraintDefinitionValidator.java Wed Nov 7 17:44:26 2012
@@ -25,10 +25,10 @@ import org.apache.bval.jsr303.Constraint
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Locale;
+import mbenson.privileged.Privileged;
+
/**
* Internal validator that ensures the correct definition of constraint
* annotations.
@@ -59,8 +59,7 @@ public class ConstraintDefinitionValidat
* The annotation to check.
*/
private static void validAttributes(final Annotation annotation) {
- final Method[] methods = run(SecureActions.getDeclaredMethods(annotation.annotationType()));
- for (Method method : methods ){
+ for (Method method : getDeclaredMethods(annotation.annotationType())) {
// Currently case insensitive, the spec is unclear about this
if (method.getName().toLowerCase(Locale.ENGLISH).startsWith("valid")) {
throw new ConstraintDefinitionException(
@@ -69,11 +68,8 @@ public class ConstraintDefinitionValidat
}
}
- private static <T> T run(PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
+ @Privileged
+ private static Method[] getDeclaredMethods(Class<?> type) {
+ return type.getDeclaredMethods();
}
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxy.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxy.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxy.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxy.java Wed Nov 7 17:44:26 2012
@@ -18,16 +18,15 @@ package org.apache.bval.jsr303.xml;
import java.io.Serializable;
import java.lang.annotation.Annotation;
+import java.lang.reflect.AccessibleObject;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import java.util.SortedSet;
-import java.util.TreeSet;
+import java.util.TreeMap;
-import org.apache.bval.jsr303.util.SecureActions;
+import mbenson.privileged.Privileged;
/**
* Description: <br/>
@@ -56,13 +55,10 @@ class AnnotationProxy implements Annotat
values = getAnnotationValues(descriptor);
}
- private <A extends Annotation> Map<String, Object> getAnnotationValues(AnnotationProxyBuilder<A> descriptor) {
- Map<String, Object> result = new HashMap<String, Object>();
+ private static <A extends Annotation> Map<String, Object> getAnnotationValues(AnnotationProxyBuilder<A> descriptor) {
+ Map<String, Object> result = new TreeMap<String, Object>();
int processedValuesFromDescriptor = 0;
- final Method[] declaredMethods = doPrivileged(
- SecureActions.getDeclaredMethods(annotationType)
- );
- for (Method m : declaredMethods) {
+ for (Method m : getDeclaredMethods(descriptor.getType())) {
if (descriptor.contains(m.getName())) {
result.put(m.getName(), descriptor.getValue(m.getName()));
processedValuesFromDescriptor++;
@@ -73,7 +69,7 @@ class AnnotationProxy implements Annotat
}
}
if (processedValuesFromDescriptor != descriptor.size()) {
- throw new RuntimeException("Trying to instanciate " + annotationType + " with unknown paramters.");
+ throw new RuntimeException("Trying to instantiate " + descriptor.getType() + " with unknown paramters.");
}
return result;
}
@@ -99,32 +95,26 @@ class AnnotationProxy implements Annotat
* {@inheritDoc}
*/
public String toString() {
- StringBuilder result = new StringBuilder();
- result.append('@').append(annotationType().getName()).append('(');
+ StringBuilder result = new StringBuilder().append('@').append(annotationType().getName()).append('(');
boolean comma = false;
- for (String m : getMethodsSorted()) {
- if (comma)
+ for (Map.Entry<String, Object> e : values.entrySet()) {
+ if (comma) {
result.append(", ");
- result.append(m).append('=').append(values.get(m));
- comma = true;
+ } else {
+ comma = true;
+ }
+ result.append(e.getKey()).append('=').append(e.getValue());
}
- result.append(")");
- return result.toString();
+ return result.append(")").toString();
}
- private SortedSet<String> getMethodsSorted() {
- SortedSet<String> result = new TreeSet<String>();
- result.addAll(values.keySet());
+ @Privileged
+ private static Method[] getDeclaredMethods(Class<?> type) {
+ Method[] result = type.getDeclaredMethods();
+ if (result.length > 0) {
+ AccessibleObject.setAccessible(result, true);
+ }
return result;
}
-
-
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
- }
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxyBuilder.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxyBuilder.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxyBuilder.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/AnnotationProxyBuilder.java Wed Nov 7 17:44:26 2012
@@ -17,13 +17,10 @@
package org.apache.bval.jsr303.xml;
import java.lang.annotation.Annotation;
-import java.lang.reflect.Constructor;
+import java.lang.reflect.AccessibleObject;
import java.lang.reflect.InvocationHandler;
-import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
@@ -31,7 +28,8 @@ import javax.validation.Payload;
import javax.validation.ValidationException;
import org.apache.bval.jsr303.ConstraintAnnotationAttributes;
-import org.apache.bval.jsr303.util.SecureActions;
+
+import mbenson.privileged.Privileged;
/**
* Description: Holds the information and creates an annotation proxy during xml
@@ -60,9 +58,7 @@ final public class AnnotationProxyBuilde
*/
public AnnotationProxyBuilder(Class<A> annotationType, Map<String, Object> elements) {
this(annotationType);
- for (Map.Entry<String, Object> entry : elements.entrySet()) {
- this.elements.put(entry.getKey(), entry.getValue());
- }
+ this.elements.putAll(elements);
}
/**
@@ -75,21 +71,13 @@ final public class AnnotationProxyBuilde
public AnnotationProxyBuilder(A annot) {
this((Class<A>) annot.annotationType());
// Obtain the "elements" of the annotation
- final Method[] methods = doPrivileged(SecureActions.getDeclaredMethods(annot.annotationType()));
- for (Method m : methods) {
- if (!m.isAccessible()) {
- m.setAccessible(true);
- }
+ for (Method m : getDeclaredMethods(annot.annotationType())) {
try {
Object value = m.invoke(annot);
this.elements.put(m.getName(), value);
- } catch (IllegalArgumentException e) {
+ } catch (Exception e) {
// No args, so should not happen
- throw new ValidationException("Cannot access annotation " + annot + " element: " + m.getName());
- } catch (IllegalAccessException e) {
- throw new ValidationException("Cannot access annotation " + annot + " element: " + m.getName());
- } catch (InvocationTargetException e) {
- throw new ValidationException("Cannot access annotation " + annot + " element: " + m.getName());
+ throw new ValidationException("Cannot access annotation " + annot + " element: " + m.getName(), e);
}
}
}
@@ -176,27 +164,27 @@ final public class AnnotationProxyBuilde
* @return {@link Annotation}
*/
public A createAnnotation() {
- ClassLoader classLoader = SecureActions.getClassLoader(getType());
+ return create();
+ }
+
+ @Privileged
+ private A create() {
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ if (cl == null) {
+ cl = type.getClassLoader();
+ }
@SuppressWarnings("unchecked")
- final Class<A> proxyClass = (Class<A>) Proxy.getProxyClass(classLoader, getType());
- final InvocationHandler handler = new AnnotationProxy(this);
- return doPrivileged(new PrivilegedAction<A>() {
- public A run() {
- try {
- Constructor<A> constructor = proxyClass.getConstructor(InvocationHandler.class);
- return constructor.newInstance(handler);
- } catch (Exception e) {
- throw new ValidationException("Unable to create annotation for configured constraint", e);
- }
- }
- });
+ final A result = (A) Proxy.newProxyInstance(cl, new Class[] { type }, new AnnotationProxy(this));
+ return result;
}
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
+ @Privileged
+ private static Method[] getDeclaredMethods(Class<?> type) {
+ Method[] result = type.getDeclaredMethods();
+ if (result.length > 0) {
+ AccessibleObject.setAccessible(result, true);
}
+ return result;
}
+
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationMappingParser.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationMappingParser.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationMappingParser.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationMappingParser.java Wed Nov 7 17:44:26 2012
@@ -16,7 +16,6 @@
*/
package org.apache.bval.jsr303.xml;
-
import java.io.InputStream;
import java.io.Serializable;
import java.lang.annotation.Annotation;
@@ -24,8 +23,6 @@ import java.lang.reflect.Array;
import java.lang.reflect.Field;
import java.lang.reflect.Member;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
@@ -49,13 +46,13 @@ import org.apache.bval.jsr303.ApacheVali
import org.apache.bval.jsr303.ConstraintAnnotationAttributes;
import org.apache.bval.jsr303.util.EnumerationConverter;
import org.apache.bval.jsr303.util.IOUtils;
-import org.apache.bval.jsr303.util.SecureActions;
import org.apache.bval.util.FieldAccess;
import org.apache.bval.util.MethodAccess;
import org.apache.commons.beanutils.ConvertUtils;
import org.apache.commons.beanutils.Converter;
import org.apache.commons.lang3.StringUtils;
+import mbenson.privileged.Privileged;
/**
* Uses JAXB to parse constraints.xml based on validation-mapping-1.0.xsd.<br>
@@ -196,7 +193,7 @@ public class ValidationMappingParser {
private <A extends Annotation> Class<?> getAnnotationParameterType(
final Class<A> annotationClass, final String name) {
- final Method m = doPrivileged(SecureActions.getPublicMethod(annotationClass, name));
+ final Method m = getMethod(annotationClass, name);
if (m == null) {
throw new ValidationException("Annotation of type " + annotationClass.getName() +
" does not contain a parameter " + name + ".");
@@ -365,7 +362,7 @@ public class ValidationMappingParser {
} else {
fieldNames.add(fieldName);
}
- final Field field = doPrivileged(SecureActions.getDeclaredField(beanClass, fieldName));
+ final Field field = getDeclaredField(beanClass, fieldName);
if (field == null) {
throw new ValidationException(
beanClass.getName() + " does not contain the fieldType " + fieldName);
@@ -521,43 +518,21 @@ public class ValidationMappingParser {
return clazz.contains(".");
}
-
-
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
- }
-
-
-
private static Method getGetter(final Class<?> clazz, final String propertyName) {
- return doPrivileged(new PrivilegedAction<Method>() {
- public Method run() {
- try {
- final String p = StringUtils.capitalize(propertyName);
- try {
- return clazz.getMethod("get" + p);
- } catch (NoSuchMethodException e) {
- return clazz.getMethod("is" + p);
- }
- } catch (NoSuchMethodException e) {
- return null;
- }
- }
- });
-
+ final String p = StringUtils.capitalize(propertyName);
+ Method result = getMethod(clazz, "get" + p);
+ if (result == null) {
+ result = getMethod(clazz, "is" + p);
+ }
+ return result;
}
-
-
private Class<?> loadClass(final String className) {
- ClassLoader loader = doPrivileged(SecureActions.getContextClassLoader());
- if (loader == null)
- loader = getClass().getClassLoader();
+ ClassLoader loader = contextClassLoader();
+ if (loader == null) {
+ loader = getClass().getClassLoader();
+ }
try {
return Class.forName(className, true, loader);
} catch (ClassNotFoundException ex) {
@@ -565,4 +540,30 @@ public class ValidationMappingParser {
}
}
+ @Privileged
+ private static ClassLoader contextClassLoader() {
+ try {
+ return Thread.currentThread().getContextClassLoader();
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ @Privileged
+ private static Method getMethod(Class<?> host, String name, Class<?>... argTypes) {
+ try {
+ return host.getMethod(name, argTypes);
+ } catch (NoSuchMethodException e) {
+ return null;
+ }
+ }
+
+ @Privileged
+ private static Field getDeclaredField(Class<?> host, String name) {
+ try {
+ return host.getDeclaredField(name);
+ } catch (NoSuchFieldException e) {
+ return null;
+ }
+ }
}
Modified: bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationParser.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationParser.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationParser.java (original)
+++ bval/branches/privileged2/src/main/java/org/apache/bval/jsr303/xml/ValidationParser.java Wed Nov 7 17:44:26 2012
@@ -18,11 +18,8 @@
*/
package org.apache.bval.jsr303.xml;
-
import org.apache.bval.jsr303.ConfigurationImpl;
import org.apache.bval.jsr303.util.IOUtils;
-import org.apache.bval.jsr303.util.SecureActions;
-import org.apache.bval.util.PrivilegedActions;
import org.xml.sax.SAXException;
import javax.validation.ConstraintValidatorFactory;
@@ -41,12 +38,12 @@ import javax.xml.validation.SchemaFactor
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
+import mbenson.privileged.Privileged;
+
/**
* Description: uses jaxb to parse validation.xml<br/>
*/
@@ -83,6 +80,7 @@ public class ValidationParser {
}
}
+ @Privileged
private ValidationConfigType parseXmlConfig() {
InputStream inputStream = null;
try {
@@ -112,7 +110,10 @@ public class ValidationParser {
}
protected InputStream getInputStream(String path) throws IOException {
- ClassLoader loader = PrivilegedActions.getClassLoader(getClass());
+ ClassLoader loader = contextClassLoader();
+ if (loader == null) {
+ loader = getClass().getClassLoader();
+ }
InputStream inputStream = loader.getResourceAsStream(path);
if (inputStream != null) {
@@ -143,7 +144,10 @@ public class ValidationParser {
* @return {@link Schema}
*/
static Schema getSchema(String xsd) {
- ClassLoader loader = PrivilegedActions.getClassLoader(ValidationParser.class);
+ ClassLoader loader = contextClassLoader();
+ if (loader == null) {
+ loader = classLoaderFor(ValidationParser.class);
+ }
SchemaFactory sf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
URL schemaUrl = loader.getResource(xsd);
try {
@@ -211,16 +215,13 @@ public class ValidationParser {
}
}
+ @Privileged
private <T> T newInstance(final Class<T> cls) {
- return AccessController.doPrivileged(new PrivilegedAction<T>() {
- public T run() {
- try {
- return cls.newInstance();
- } catch (final Exception ex) {
- throw new ValidationException("Cannot instantiate : " + cls, ex);
- }
- }
- });
+ try {
+ return cls.newInstance();
+ } catch (final Exception ex) {
+ throw new ValidationException("Cannot instantiate : " + cls, ex);
+ }
}
@SuppressWarnings("unchecked")
@@ -262,20 +263,11 @@ public class ValidationParser {
}
}
-
- private static <T> T doPrivileged(final PrivilegedAction<T> action) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(action);
- } else {
- return action.run();
- }
- }
-
private Class<?> loadClass(final String className) {
- ClassLoader loader = doPrivileged(SecureActions.getContextClassLoader());
- if (loader == null)
+ ClassLoader loader = contextClassLoader();
+ if (loader == null) {
loader = getClass().getClassLoader();
-
+ }
try {
return Class.forName(className, true, loader);
} catch (ClassNotFoundException ex) {
@@ -283,4 +275,17 @@ public class ValidationParser {
}
}
+ @Privileged
+ private static ClassLoader contextClassLoader() {
+ try {
+ return Thread.currentThread().getContextClassLoader();
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ @Privileged
+ private static ClassLoader classLoaderFor(Class<?> type) {
+ return type.getClassLoader();
+ }
}
Modified: bval/branches/privileged2/src/test/java/org/apache/bval/jsr303/ConstraintValidatorContextTest.java
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/test/java/org/apache/bval/jsr303/ConstraintValidatorContextTest.java?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/test/java/org/apache/bval/jsr303/ConstraintValidatorContextTest.java (original)
+++ bval/branches/privileged2/src/test/java/org/apache/bval/jsr303/ConstraintValidatorContextTest.java Wed Nov 7 17:44:26 2012
@@ -32,6 +32,8 @@ import org.mockito.stubbing.Answer;
import javax.validation.ConstraintValidatorContext;
import javax.validation.ConstraintValidatorContext.ConstraintViolationBuilder;
+import mbenson.privileged.Privileged;
+
/**
* Checks to validate the correct implementation of
* {@link ConstraintValidatorContext} and its sub-interfaces.
@@ -50,6 +52,7 @@ public class ConstraintValidatorContextT
* {@inheritDoc}
*/
@Override
+ @Privileged
public void setUp() throws Exception {
super.setUp();
MockitoAnnotations.initMocks(this);
Modified: bval/branches/privileged2/src/test/resources/java.policy
URL: http://svn.apache.org/viewvc/bval/branches/privileged2/src/test/resources/java.policy?rev=1406733&r1=1405063&r2=1406733&view=diff
==============================================================================
--- bval/branches/privileged2/src/test/resources/java.policy (original)
+++ bval/branches/privileged2/src/test/resources/java.policy Wed Nov 7 17:44:26 2012
@@ -38,12 +38,6 @@ grant codeBase "file://${user.home}/.m2/
permission java.security.AllPermission;
};
-// junit;
-grant codeBase "file://${user.home}/.m2/repository/junit/-"
-{
- permission java.security.AllPermission;
-};
-
// mockito;
grant codeBase "file://${user.home}/.m2/repository/org/mockito/-"
{