[jboss-cvs] JBossAS SVN: r81378 - in trunk/tomcat/src/main/org/jboss/web/tomcat: service/deployers and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Nov 20 18:32:50 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-20 18:32:49 -0500 (Thu, 20 Nov 2008)
New Revision: 81378
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java
trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityContextEstablishmentValve.java
trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/SecurityActions.java
trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
Log:
JBAS-6224: SecurityContextEstablishmentValve should avoid costly loadclass
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java 2008-11-20 23:13:54 UTC (rev 81377)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java 2008-11-20 23:32:49 UTC (rev 81378)
@@ -21,6 +21,7 @@
*/
package org.jboss.web.tomcat.security;
+import java.lang.reflect.Constructor;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
@@ -236,6 +237,20 @@
});
}
+ static SecurityContext createSecurityContext(final String securityDomain,
+ final Class<?> clazz) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<SecurityContext>()
+ {
+ public SecurityContext run() throws Exception
+ {
+ Constructor<?> ctr = clazz.getConstructor(new Class[] {String.class} );
+ Object obj = ctr.newInstance(new Object[] {securityDomain});
+ return SecurityContext.class.cast(obj);
+ }
+ });
+ }
+
static void setSecurityContext(final SecurityContext sc)
{
//SetSecurityContextAction action = new SetSecurityContextAction(sc,securityDomain);
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityContextEstablishmentValve.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityContextEstablishmentValve.java 2008-11-20 23:13:54 UTC (rev 81377)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityContextEstablishmentValve.java 2008-11-20 23:32:49 UTC (rev 81378)
@@ -45,11 +45,12 @@
public class SecurityContextEstablishmentValve extends ValveBase
{
private String configuredSecurityDomainName;
- private String securityContextClassName;
private ISecurityManagement securityManagement;
+
+ private Class<?> securityContextClass;
public SecurityContextEstablishmentValve(String configuredSecurityDomain,
- String defaultSecurityDomain, String fqnClass,
+ String defaultSecurityDomain, Class<?> contextClass,
ISecurityManagement securityManagement)
{
String securityDomain = defaultSecurityDomain;
@@ -58,7 +59,7 @@
securityDomain = configuredSecurityDomain;
this.configuredSecurityDomainName = SecurityUtil.unprefixSecurityDomain(securityDomain);
- this.securityContextClassName = fqnClass;
+ this.securityContextClass = contextClass;
this.securityManagement = securityManagement;
}
@@ -66,42 +67,7 @@
public void invoke(Request request, Response response)
throws IOException, ServletException
{
- SecurityContext cachedContext = null;
-
- boolean createdSecurityContext = false;
- //Set the security context if one is unavailable
- SecurityContext sc = SecurityAssociationActions.getSecurityContext();
- if(sc != null &&
- sc.getSecurityDomain().equals(configuredSecurityDomainName) == false)
- {
- cachedContext = sc;
- SecurityContext newSC = createSecurityContext();
- SecurityAssociationActions.setSecurityContext(newSC);
- createdSecurityContext = true;
- }
-
- if(sc == null)
- {
- sc = createSecurityContext();
- SecurityAssociationActions.setSecurityContext(sc);
- createdSecurityContext = true;
- }
-
- try
- {
- // Perform the request
- getNext().invoke(request, response);
- }
- finally
- {
- SecurityRolesAssociation.setSecurityRoles(null);
- if(createdSecurityContext)
- {
- SecurityAssociationActions.clearSecurityContext();
- }
- if(cachedContext != null)
- SecurityAssociationActions.setSecurityContext(cachedContext);
- }
+ this.process(request, response, null);
}
private SecurityContext createSecurityContext()
@@ -111,7 +77,7 @@
{
securityContext =
SecurityAssociationActions.createSecurityContext(this.configuredSecurityDomainName,
- this.securityContextClassName);
+ this.securityContextClass);
}
catch (PrivilegedActionException e)
{
@@ -126,6 +92,12 @@
public void event(Request request, Response response, HttpEvent event)
throws IOException, ServletException
{
+ process(request,response,event);
+ }
+
+ private void process(Request request, Response response, HttpEvent event)
+ throws IOException, ServletException
+ {
SecurityContext cachedContext = null;
boolean createdSecurityContext = false;
@@ -150,7 +122,10 @@
try
{
// Perform the request
- getNext().event(request, response, event);
+ if(event == null)
+ getNext().invoke(request, response);
+ else
+ getNext().event(request, response, event);
}
finally
{
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/SecurityActions.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/SecurityActions.java 2008-11-20 23:13:54 UTC (rev 81377)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/SecurityActions.java 2008-11-20 23:32:49 UTC (rev 81378)
@@ -23,6 +23,8 @@
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* Privileged Blocks
@@ -53,5 +55,16 @@
}
});
}
+
+ static Class<?> loadClass(final String fqn) throws PrivilegedActionException
+ {
+ return AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>()
+ {
+ public Class<?> run() throws Exception
+ {
+ return Thread.currentThread().getContextClassLoader().loadClass(fqn);
+ }
+ } );
+ }
-}
+}
\ No newline at end of file
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java 2008-11-20 23:13:54 UTC (rev 81377)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java 2008-11-20 23:32:49 UTC (rev 81378)
@@ -336,11 +336,11 @@
String metaDataSecurityDomain = metaData.getSecurityDomain();
if (metaDataSecurityDomain != null)
metaDataSecurityDomain = metaDataSecurityDomain.trim();
-
+
// Add a valve to establish security context
SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
- SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()), config
- .getSecurityContextClassName(), getSecurityManagement());
+ SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()),
+ SecurityActions.loadClass(config.getSecurityContextClassName()), getSecurityManagement());
context.addValve(scevalve);
// Add a valve to estalish the JACC context before authorization valves
More information about the jboss-cvs-commits
mailing list