JBossWS SVN: r18302 - spi/trunk/src/main/java/org/jboss/wsf/spi/classloading.
by jbossws-commits@lists.jboss.org
Author: asoldano
Date: 2014-02-03 11:59:47 -0500 (Mon, 03 Feb 2014)
New Revision: 18302
Modified:
spi/trunk/src/main/java/org/jboss/wsf/spi/classloading/ClassLoaderProvider.java
Log:
[JBWS-3756] Add permission checks to sensitive public static methods
Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/classloading/ClassLoaderProvider.java
===================================================================
--- spi/trunk/src/main/java/org/jboss/wsf/spi/classloading/ClassLoaderProvider.java 2014-02-03 16:49:00 UTC (rev 18301)
+++ spi/trunk/src/main/java/org/jboss/wsf/spi/classloading/ClassLoaderProvider.java 2014-02-03 16:59:47 UTC (rev 18302)
@@ -22,6 +22,7 @@
package org.jboss.wsf.spi.classloading;
import java.security.AccessController;
+import java.security.Permission;
import java.security.PrivilegedAction;
/**
@@ -33,6 +34,8 @@
*/
public abstract class ClassLoaderProvider
{
+ private static final RuntimePermission SET_DEFAULT_CLASSLOADER_PROVIDER = new RuntimePermission("org.jboss.wsf.spi.SET_DEFAULT_CLASSLOADER_PROVIDER");
+
private static ClassLoaderProvider provider = new ClassLoaderProvider()
{
@Override
@@ -57,6 +60,7 @@
public static void setDefaultProvider(ClassLoaderProvider p)
{
+ checkPermission(SET_DEFAULT_CLASSLOADER_PROVIDER);
provider = p;
set = true;
}
@@ -109,4 +113,13 @@
});
}
}
+
+ private static void checkPermission(final Permission permission)
+ {
+ SecurityManager securityManager = System.getSecurityManager();
+ if (securityManager != null)
+ {
+ AccessController.checkPermission(permission);
+ }
+ }
}
10 years, 5 months
JBossWS SVN: r18301 - spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref.
by jbossws-commits@lists.jboss.org
Author: asoldano
Date: 2014-02-03 11:49:00 -0500 (Mon, 03 Feb 2014)
New Revision: 18301
Modified:
spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java
Log:
Fixing another failures with security manager on
Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java
===================================================================
--- spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java 2014-02-03 16:19:04 UTC (rev 18300)
+++ spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java 2014-02-03 16:49:00 UTC (rev 18301)
@@ -348,7 +348,11 @@
if (vfsRoot != null) {
try
{
- wsdlLocation = vfsRoot.findChild(wsdlOverride).toURL();
+ wsdlLocation = AccessController.doPrivileged(new PrivilegedExceptionAction<URL>() {
+ public URL run() throws Exception {
+ return vfsRoot.findChild(wsdlOverride).toURL();
+ }
+ });
}
catch (Exception e)
{
10 years, 5 months
JBossWS SVN: r18300 - spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref.
by jbossws-commits@lists.jboss.org
Author: asoldano
Date: 2014-02-03 11:19:04 -0500 (Mon, 03 Feb 2014)
New Revision: 18300
Modified:
spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java
Log:
Fixing failure with security manager on
Modified: spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java
===================================================================
--- spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java 2014-02-03 15:52:20 UTC (rev 18299)
+++ spi/trunk/src/main/java/org/jboss/wsf/spi/metadata/j2ee/serviceref/UnifiedServiceRefMetaData.java 2014-02-03 16:19:04 UTC (rev 18300)
@@ -28,6 +28,7 @@
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -370,7 +371,11 @@
if (vfsRoot != null) {
try
{
- wsdlLocation = vfsRoot.findChild(wsdlFile).toURL();
+ wsdlLocation = AccessController.doPrivileged(new PrivilegedExceptionAction<URL>() {
+ public URL run() throws Exception {
+ return vfsRoot.findChild(wsdlFile).toURL();
+ }
+ });
}
catch (Exception e)
{
10 years, 5 months
JBossWS SVN: r18299 - in stack/cxf/trunk/modules/testsuite/shared-tests/src/test: resources/jaxws/samples/eardeployment and 1 other directories.
by jbossws-commits@lists.jboss.org
Author: asoldano
Date: 2014-02-03 10:52:20 -0500 (Mon, 03 Feb 2014)
New Revision: 18299
Added:
stack/cxf/trunk/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/eardeployment/META-INF/
stack/cxf/trunk/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/eardeployment/META-INF/permissions.xml
Modified:
stack/cxf/trunk/modules/testsuite/shared-tests/src/test/ant-import/build-samples-jaxws.xml
Log:
More permissions related fixes
Modified: stack/cxf/trunk/modules/testsuite/shared-tests/src/test/ant-import/build-samples-jaxws.xml
===================================================================
--- stack/cxf/trunk/modules/testsuite/shared-tests/src/test/ant-import/build-samples-jaxws.xml 2014-01-30 22:44:04 UTC (rev 18298)
+++ stack/cxf/trunk/modules/testsuite/shared-tests/src/test/ant-import/build-samples-jaxws.xml 2014-02-03 15:52:20 UTC (rev 18299)
@@ -111,6 +111,11 @@
<include name="jaxws-samples-eardeployment-ejb3.jar"/>
<include name="jaxws-samples-eardeployment-pojo.war"/>
</fileset>
+ <zipfileset
+ dir="${tests.output.dir}/test-resources/jaxws/samples/eardeployment/META-INF"
+ prefix="META-INF">
+ <include name="permissions.xml"/>
+ </zipfileset>
</jar>
<!-- jaxws-samples-exception -->
Added: stack/cxf/trunk/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/eardeployment/META-INF/permissions.xml
===================================================================
--- stack/cxf/trunk/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/eardeployment/META-INF/permissions.xml (rev 0)
+++ stack/cxf/trunk/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/eardeployment/META-INF/permissions.xml 2014-02-03 15:52:20 UTC (rev 18299)
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<permissions xmlns="http://xmlns.jcp.org/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/permissions_7.xsd"
+ version="7">
+ <permission>
+ <class-name>java.lang.RuntimePermission</class-name>
+ <name>org.jboss.as.server.LOOKUP_CURRENT_SERVICE_CONTAINER</name>
+ </permission>
+</permissions>
Property changes on: stack/cxf/trunk/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/eardeployment/META-INF/permissions.xml
___________________________________________________________________
Added: svn:mime-type
+ text/xml
Added: svn:keywords
+ Rev Date
Added: svn:eol-style
+ native
10 years, 5 months