10:58 a.m.
Author: alessio.soldano(a)jboss.com
Date: 2013-07-17 11:58:01 -0400 (Wed, 17 Jul 2013)
New Revision: 17794
Added:
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/SecurityActions.java
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/SecurityActions.java
Modified:
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerDestination.java
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerEngineFactory.java
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/JBossWSSpringBusFactory.java
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/serviceref/AbstractServiceObjectFactoryJAXWS.java
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/CXFProviderImpl.java
Log:
Adding a bunch of privileged blocks for getting/setting TCCL
Modified:
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerDestination.java
===================================================================
---
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerDestination.java 2013-07-17
15:00:13 UTC (rev 17793)
+++
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerDestination.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -47,7 +47,6 @@
* @since 19-Aug-2010
*
*/
-@SuppressWarnings("restriction")
public class HttpServerDestination extends JAXWSHttpSpiDestination
{
static final Logger LOG = LogUtils.getL7dLogger(HttpServerDestination.class);
@@ -121,7 +120,7 @@
{
throw new Fault(e);
}
- engine.addHandler(addr, new Handler(this,
Thread.currentThread().getContextClassLoader()));
+ engine.addHandler(addr, new Handler(this,
SecurityActions.getContextClassLoader()));
}
/**
@@ -147,10 +146,10 @@
@Override
public void handle(HttpExchange ex) throws IOException
{
- ClassLoader origClassLoader = Thread.currentThread().getContextClassLoader();
+ ClassLoader origClassLoader = SecurityActions.getContextClassLoader();
try
{
- Thread.currentThread().setContextClassLoader(this.classLoader);
+ SecurityActions.setContextClassLoader(this.classLoader);
this.handle(new HttpExchangeDelegate(ex));
}
catch (Exception e)
@@ -167,7 +166,7 @@
}
finally
{
- Thread.currentThread().setContextClassLoader(origClassLoader);
+ SecurityActions.setContextClassLoader(origClassLoader);
}
}
}
Modified:
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerEngineFactory.java
===================================================================
---
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerEngineFactory.java 2013-07-17
15:00:13 UTC (rev 17793)
+++
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/HttpServerEngineFactory.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -97,7 +97,9 @@
public synchronized HttpServerEngine createHttpServerEngine(String host, int port,
String protocol)
throws IOException
{
- LOG.fine("Creating HttpServer Engine for port " + port + ".");
+ if (LOG.isLoggable(Level.FINE)) {
+ LOG.fine("Creating HttpServer Engine for port " + port +
".");
+ }
HttpServerEngine ref = null;
synchronized(portMap)
{
@@ -127,7 +129,9 @@
HttpServerEngine ref = portMap.remove(port);
if (ref != null)
{
- LOG.fine("Stopping HttpServer Engine on port " + port +
".");
+ if (LOG.isLoggable(Level.FINE)) {
+ LOG.fine("Stopping HttpServer Engine on port " + port +
".");
+ }
try
{
ref.stop();
Added:
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/SecurityActions.java
===================================================================
---
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/SecurityActions.java
(rev 0)
+++
stack/cxf/trunk/modules/addons/transports/http/httpserver/src/main/java/org/jboss/wsf/stack/cxf/addons/transports/httpserver/SecurityActions.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -0,0 +1,82 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.addons.transports.httpserver;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 22-Feb-2011
+ *
+ */
+class SecurityActions
+{
+ /**
+ * Get context classloader.
+ *
+ * @return the current context classloader
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null)
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ else
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
{
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ }
+
+ /**
+ * Set context classloader.
+ *
+ * @param classLoader the classloader
+ */
+ static void setContextClassLoader(final ClassLoader classLoader)
+ {
+ if (System.getSecurityManager() == null)
+ {
+ Thread.currentThread().setContextClassLoader(classLoader);
+ }
+ else
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ Thread.currentThread().setContextClassLoader(classLoader);
+ return null;
+ }
+ });
+ }
+ }
+
+}
Modified:
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/JBossWSSpringBusFactory.java
===================================================================
---
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/JBossWSSpringBusFactory.java 2013-07-17
15:00:13 UTC (rev 17793)
+++
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/configuration/JBossWSSpringBusFactory.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -120,18 +120,18 @@
}
catch (BeansException ex)
{
- ClassLoader contextLoader = Thread.currentThread().getContextClassLoader();
+ ClassLoader contextLoader = SecurityActions.getContextClassLoader();
if (contextLoader != BusApplicationContext.class.getClassLoader())
{
Loggers.ROOT_LOGGER.appContextCreationFailedWillTryWithNewTCCL(contextLoader,
BusApplicationContext.class.getClassLoader(), ex);
-
Thread.currentThread().setContextClassLoader(BusApplicationContext.class.getClassLoader());
+
SecurityActions.setContextClassLoader(BusApplicationContext.class.getClassLoader());
try
{
return new BusApplicationContext(cfgFiles, includeDefaults,
getApplicationContext());
}
finally
{
- Thread.currentThread().setContextClassLoader(contextLoader);
+ SecurityActions.setContextClassLoader(contextLoader);
}
}
else
Modified:
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/serviceref/AbstractServiceObjectFactoryJAXWS.java
===================================================================
---
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/serviceref/AbstractServiceObjectFactoryJAXWS.java 2013-07-17
15:00:13 UTC (rev 17793)
+++
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/client/serviceref/AbstractServiceObjectFactoryJAXWS.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -25,6 +25,8 @@
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.Collection;
import java.util.LinkedList;
import java.util.List;
@@ -121,11 +123,30 @@
{
if (className != null)
{
- return Thread.currentThread().getContextClassLoader().loadClass(className);
+ return getContextClassLoader().loadClass(className);
}
return null;
}
+
+ static ClassLoader getContextClassLoader()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null)
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ else
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ }
private String getServiceClassName(final UnifiedServiceRefMetaData serviceRefMD)
{
Modified:
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/CXFProviderImpl.java
===================================================================
---
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/CXFProviderImpl.java 2013-07-17
15:00:13 UTC (rev 17793)
+++
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/CXFProviderImpl.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -118,10 +118,10 @@
{
// Swap the context classloader
// The '--classpath' switch might provide an URLClassLoader
- ClassLoader oldLoader = Thread.currentThread().getContextClassLoader();
+ ClassLoader oldLoader = SecurityActions.getContextClassLoader();
if (loader != null)
- Thread.currentThread().setContextClassLoader(loader);
+ SecurityActions.setContextClassLoader(loader);
try
{
@@ -213,7 +213,7 @@
}
finally
{
- Thread.currentThread().setContextClassLoader(oldLoader);
+ SecurityActions.setContextClassLoader(oldLoader);
}
}
Added:
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/SecurityActions.java
===================================================================
---
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/SecurityActions.java
(rev 0)
+++
stack/cxf/trunk/modules/client/src/main/java/org/jboss/wsf/stack/cxf/tools/SecurityActions.java 2013-07-17
15:58:01 UTC (rev 17794)
@@ -0,0 +1,82 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2011, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.wsf.stack.cxf.tools;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ *
+ * @author alessio.soldano(a)jboss.com
+ * @since 22-Feb-2011
+ *
+ */
+class SecurityActions
+{
+ /**
+ * Get context classloader.
+ *
+ * @return the current context classloader
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null)
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ else
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
{
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+ }
+
+ /**
+ * Set context classloader.
+ *
+ * @param classLoader the classloader
+ */
+ static void setContextClassLoader(final ClassLoader classLoader)
+ {
+ if (System.getSecurityManager() == null)
+ {
+ Thread.currentThread().setContextClassLoader(classLoader);
+ }
+ else
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ Thread.currentThread().setContextClassLoader(classLoader);
+ return null;
+ }
+ });
+ }
+ }
+
+}