[jboss-cvs] JBossAS SVN: r95569 - branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Oct 26 11:09:37 EDT 2009
Author: Robert.Panzer
Date: 2009-10-26 11:09:36 -0400 (Mon, 26 Oct 2009)
New Revision: 95569
Modified:
branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java
branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java
Log:
JBAS6660: Grant Java2 Security permissions in a policy file only to certain components of an ear file
Modified: branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java
===================================================================
--- branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java 2009-10-26 15:09:11 UTC (rev 95568)
+++ branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java 2009-10-26 15:09:36 UTC (rev 95569)
@@ -33,7 +33,9 @@
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.Enumeration;
+import java.util.HashMap;
import java.util.HashSet;
+import java.util.Map;
import java.util.Vector;
import java.util.Collections;
import java.util.Set;
@@ -89,7 +91,12 @@
/** A debugging variable used to track the recursive depth of loadClass() */
private int loadClassDepth;
-
+
+ /** Maps the local URLs from the repository to URLs pointing to the jar file in the deploy dir,
+ * even into an ear file.
+ */
+ Map localUrl2PolicyCodeSourceUrlMap = new HashMap();
+
// Static --------------------------------------------------------
// Constructors --------------------------------------------------
@@ -769,6 +776,23 @@
return super.getPackages();
}
+ /**
+ * Sets the mapped policy codeBase that maps the temporary URL to the URL from the deploy dir.
+ * @param localUrl
+ * @param policyCodeSourceUrl
+ */
+ public void setPolicyCodeSourceUrl(URL localUrl, URL policyCodeSourceUrl) {
+ localUrl2PolicyCodeSourceUrlMap.put(localUrl, policyCodeSourceUrl);
+ }
+
+ /**
+ * @param localUrl
+ * @return Returns the corresponding URL from the deploy dir that matches the given one from the tmp/deploy dir.
+ */
+ public URL getPolicyCodeSourceUrl( URL localUrl ) {
+ return (URL)localUrl2PolicyCodeSourceUrlMap.get(localUrl);
+ }
+
// Object overrides ----------------------------------------------
/**
Modified: branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java
===================================================================
--- branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java 2009-10-26 15:09:11 UTC (rev 95568)
+++ branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java 2009-10-26 15:09:36 UTC (rev 95569)
@@ -235,6 +235,11 @@
{
permCS = new CodeSource(origURL, cs.getCertificates());
}
+ // A mapped codeBase from the deploy dir overrides the origURL
+ URL policyCodeSourceUrl = getPolicyCodeSourceUrl(cs.getLocation());
+ if (policyCodeSourceUrl!=null) {
+ permCS = new CodeSource(policyCodeSourceUrl, cs.getCertificates());
+ }
Policy policy = Policy.getPolicy();
PermissionCollection perms = super.getPermissions(permCS);
PermissionCollection perms2 = super.getPermissions(cs);
More information about the jboss-cvs-commits
mailing list