You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/01/12 19:21:26 UTC
[tomcat] branch main updated: Remove SecurityManager references from JULI
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 0377504b83 Remove SecurityManager references from JULI
0377504b83 is described below
commit 0377504b8394bbed872e50112e4f7c6b920eb282
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 12 19:21:14 2023 +0000
Remove SecurityManager references from JULI
---
java/org/apache/juli/ClassLoaderLogManager.java | 117 ++++++------------------
java/org/apache/juli/FileHandler.java | 21 +----
2 files changed, 31 insertions(+), 107 deletions(-)
diff --git a/java/org/apache/juli/ClassLoaderLogManager.java b/java/org/apache/juli/ClassLoaderLogManager.java
index b4ab262601..5fc80f62d1 100644
--- a/java/org/apache/juli/ClassLoaderLogManager.java
+++ b/java/org/apache/juli/ClassLoaderLogManager.java
@@ -18,15 +18,10 @@ package org.apache.juli;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FilePermission;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLClassLoader;
-import java.security.AccessControlException;
-import java.security.AccessController;
-import java.security.Permission;
-import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
@@ -143,14 +138,7 @@ public class ClassLoaderLogManager extends LogManager {
// Apply initial level for new logger
final String levelString = getProperty(loggerName + ".level");
if (levelString != null) {
- try {
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- logger.setLevel(Level.parse(levelString.trim()));
- return null;
- });
- } catch (IllegalArgumentException e) {
- // Leave level set to null
- }
+ logger.setLevel(Level.parse(levelString.trim()));
}
// Always instantiate parent loggers so that
@@ -168,7 +156,7 @@ public class ClassLoaderLogManager extends LogManager {
// Set parent logger
Logger parentLogger = node.findParentLogger();
if (parentLogger != null) {
- doSetParentLogger(logger, parentLogger);
+ logger.setParent(parentLogger);
}
// Tell children we are their new parent
@@ -305,24 +293,14 @@ public class ClassLoaderLogManager extends LogManager {
}
@Override
- public void readConfiguration()
- throws IOException, SecurityException {
-
- checkAccess();
-
+ public void readConfiguration() throws IOException, SecurityException {
readConfiguration(getClassLoader());
-
}
@Override
- public void readConfiguration(InputStream is)
- throws IOException, SecurityException {
-
- checkAccess();
+ public void readConfiguration(InputStream is) throws IOException, SecurityException {
reset();
-
readConfiguration(is, getClassLoader());
-
}
@Override
@@ -400,15 +378,11 @@ public class ClassLoaderLogManager extends LogManager {
}
ClassLoaderLogInfo info = classLoaderLoggers.get(classLoader);
if (info == null) {
- final ClassLoader classLoaderParam = classLoader;
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- try {
- readConfiguration(classLoaderParam);
- } catch (IOException e) {
- // Ignore
- }
- return null;
- });
+ try {
+ readConfiguration(classLoader);
+ } catch (IOException e) {
+ // Ignore
+ }
info = classLoaderLoggers.get(classLoader);
}
return info;
@@ -427,45 +401,27 @@ public class ClassLoaderLogManager extends LogManager {
InputStream is = null;
// Special case for URL classloaders which are used in containers:
// only look in the local repositories to avoid redefining loggers 20 times
- try {
- if (classLoader instanceof WebappProperties) {
- if (((WebappProperties) classLoader).hasLoggingConfig()) {
- is = classLoader.getResourceAsStream("logging.properties");
+ if (classLoader instanceof WebappProperties) {
+ if (((WebappProperties) classLoader).hasLoggingConfig()) {
+ is = classLoader.getResourceAsStream("logging.properties");
+ }
+ } else if (classLoader instanceof URLClassLoader) {
+ URL logConfig = ((URLClassLoader)classLoader).findResource("logging.properties");
+
+ if(null != logConfig) {
+ if(Boolean.getBoolean(DEBUG_PROPERTY)) {
+ System.err.println(getClass().getName()
+ + ".readConfiguration(): "
+ + "Found logging.properties at "
+ + logConfig);
}
- } else if (classLoader instanceof URLClassLoader) {
- URL logConfig = ((URLClassLoader)classLoader).findResource("logging.properties");
-
- if(null != logConfig) {
- if(Boolean.getBoolean(DEBUG_PROPERTY)) {
- System.err.println(getClass().getName()
- + ".readConfiguration(): "
- + "Found logging.properties at "
- + logConfig);
- }
- is = classLoader.getResourceAsStream("logging.properties");
- } else {
- if(Boolean.getBoolean(DEBUG_PROPERTY)) {
- System.err.println(getClass().getName()
- + ".readConfiguration(): "
- + "Found no logging.properties");
- }
- }
- }
- } catch (AccessControlException ace) {
- // No permission to configure logging in context
- // Log and carry on
- ClassLoaderLogInfo info = classLoaderLoggers.get(ClassLoader.getSystemClassLoader());
- if (info != null) {
- Logger log = info.loggers.get("");
- if (log != null) {
- Permission perm = ace.getPermission();
- if (perm instanceof FilePermission && perm.getActions().equals("read")) {
- log.warning("Reading " + perm.getName() + " is not permitted. See \"per context logging\" in the default catalina.policy file.");
- } else {
- log.warning("Reading logging.properties is not permitted in some context. See \"per context logging\" in the default catalina.policy file.");
- log.warning("Original error was: " + ace.getMessage());
- }
+ is = classLoader.getResourceAsStream("logging.properties");
+ } else {
+ if(Boolean.getBoolean(DEBUG_PROPERTY)) {
+ System.err.println(getClass().getName()
+ + ".readConfiguration(): "
+ + "Found no logging.properties");
}
}
}
@@ -599,21 +555,6 @@ public class ClassLoaderLogManager extends LogManager {
}
- /**
- * Set parent child relationship between the two specified loggers.
- *
- * @param logger The logger
- * @param parent The parent logger
- */
- protected static void doSetParentLogger(final Logger logger,
- final Logger parent) {
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- logger.setParent(parent);
- return null;
- });
- }
-
-
/**
* System property replacement in the given string.
*
@@ -750,7 +691,7 @@ public class ClassLoaderLogManager extends LogManager {
if (childNode.logger == null) {
childNode.setParentLogger(parent);
} else {
- doSetParentLogger(childNode.logger, parent);
+ childNode.logger.setParent(parent);
}
}
}
diff --git a/java/org/apache/juli/FileHandler.java b/java/org/apache/juli/FileHandler.java
index eb807c8c82..2fe8b22893 100644
--- a/java/org/apache/juli/FileHandler.java
+++ b/java/org/apache/juli/FileHandler.java
@@ -27,8 +27,6 @@ import java.io.UnsupportedEncodingException;
import java.nio.file.DirectoryStream;
import java.nio.file.Files;
import java.nio.file.Path;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.sql.Timestamp;
import java.time.DateTimeException;
import java.time.LocalDate;
@@ -543,34 +541,19 @@ public class FileHandler extends Handler {
protected static final class ThreadFactory implements java.util.concurrent.ThreadFactory {
private final String namePrefix;
- private final boolean isSecurityEnabled;
private final ThreadGroup group;
private final AtomicInteger threadNumber = new AtomicInteger(1);
public ThreadFactory(final String namePrefix) {
this.namePrefix = namePrefix;
- SecurityManager s = System.getSecurityManager();
- if (s == null) {
- this.isSecurityEnabled = false;
- this.group = Thread.currentThread().getThreadGroup();
- } else {
- this.isSecurityEnabled = true;
- this.group = s.getThreadGroup();
- }
+ this.group = Thread.currentThread().getThreadGroup();
}
@Override
public Thread newThread(Runnable r) {
Thread t = new Thread(group, r, namePrefix + threadNumber.getAndIncrement());
// Threads should not have as context classloader a webapp classloader
- if (isSecurityEnabled) {
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- t.setContextClassLoader(ThreadFactory.class.getClassLoader());
- return null;
- });
- } else {
- t.setContextClassLoader(ThreadFactory.class.getClassLoader());
- }
+ t.setContextClassLoader(ThreadFactory.class.getClassLoader());
t.setDaemon(true);
return t;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org