Author: ron.sigal(a)jboss.com
Date: 2010-07-03 13:18:25 -0400 (Sat, 03 Jul 2010)
New Revision: 5886
Modified:
remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java
Log:
JBREM-1231: Added doSecurityCheck().
Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java
===================================================================
--- remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java 2010-07-03
17:16:08 UTC (rev 5885)
+++ remoting2/branches/2.x/src/main/org/jboss/remoting/InvokerRegistry.java 2010-07-03
17:18:25 UTC (rev 5886)
@@ -22,7 +22,6 @@
package org.jboss.remoting;
-
import org.jboss.logging.Logger;
import org.jboss.remoting.serialization.ClassLoaderUtility;
import org.jboss.remoting.transport.ClientFactory;
@@ -69,6 +68,8 @@
private static final Map transportClientFactoryClasses = new HashMap();
private static final Map transportServerFactoryClasses = new HashMap();
+
+ private static final RuntimePermission INVOKER_REGISTRY_UPDATE_PERMISSION = new
RuntimePermission("invokerRegistryUpdate");
/**
* return an array of InvokerLocators that are local to this VM (server invokers)
@@ -174,6 +175,7 @@
*/
public static void registerInvokerFactories(String transport, Class clientFactory,
Class serverFactory)
{
+ doSecurityCheck();
synchronized (clientLock)
{
transportClientFactoryClasses.put(transport, clientFactory);
@@ -191,6 +193,7 @@
*/
public static void unregisterInvokerFactories(String transport)
{
+ doSecurityCheck();
synchronized (clientLock)
{
transportClientFactoryClasses.remove(transport);
@@ -203,6 +206,7 @@
public static void unregisterLocator(InvokerLocator locator)
{
+ doSecurityCheck();
synchronized (serverLock)
{
serverLocators.remove(locator);
@@ -230,6 +234,7 @@
*/
public static void destroyClientInvoker(InvokerLocator locator, Map configuration)
{
+ doSecurityCheck();
synchronized(clientLock)
{
if (trace)
@@ -276,6 +281,8 @@
public static ClientInvoker createClientInvoker(InvokerLocator locator, Map
configuration)
throws Exception
{
+ doSecurityCheck();
+
if(locator == null)
{
throw new NullPointerException("locator cannot be null");
@@ -545,7 +552,7 @@
public static ServerInvoker createServerInvoker(InvokerLocator locator, Map
configuration)
throws Exception
{
-
+ doSecurityCheck();
ServerInvoker invoker = null;
synchronized(serverLock)
{
@@ -568,6 +575,7 @@
public static void destroyServerInvoker(ServerInvoker invoker)
{
+ doSecurityCheck();
if(invoker != null)
{
InvokerLocator locator = invoker.getLocator();
@@ -648,6 +656,7 @@
*/
public static void updateServerInvokerLocator(InvokerLocator locator, InvokerLocator
newLocator)
{
+ doSecurityCheck();
synchronized (serverLock)
{
Object si = serverLocators.get(locator);
@@ -669,6 +678,7 @@
*/
public static boolean isSSLSupported(String transport) throws Exception
{
+ doSecurityCheck();
boolean isSSLSupported = false;
Class transportFactoryClass = null;
try
@@ -810,4 +820,17 @@
throw (NoSuchMethodException) e.getCause();
}
}
+
+ static private void doSecurityCheck()
+ {
+ // If there is no Security Manager, the issue is moot.
+ final SecurityManager sm = System.getSecurityManager();
+ if (sm == null)
+ {
+ return;
+ }
+
+ // If the calling code is not verifiably in Remoting, then require it to have
InvokerRegistryUpdatePermission.
+ sm.checkPermission(INVOKER_REGISTRY_UPDATE_PERMISSION);
+ }
}