[jboss-cvs] JBossAS SVN: r95569 - branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Oct 26 11:09:37 EDT 2009


Author: Robert.Panzer
Date: 2009-10-26 11:09:36 -0400 (Mon, 26 Oct 2009)
New Revision: 95569

Modified:
   branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java
   branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java
Log:
JBAS6660: Grant Java2 Security permissions in a policy file only to certain components of an ear file

Modified: branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java
===================================================================
--- branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java	2009-10-26 15:09:11 UTC (rev 95568)
+++ branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/RepositoryClassLoader.java	2009-10-26 15:09:36 UTC (rev 95569)
@@ -33,7 +33,9 @@
 import java.security.ProtectionDomain;
 import java.security.cert.Certificate;
 import java.util.Enumeration;
+import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Map;
 import java.util.Vector;
 import java.util.Collections;
 import java.util.Set;
@@ -89,7 +91,12 @@
 
    /** A debugging variable used to track the recursive depth of loadClass() */
    private int loadClassDepth;
-   
+
+   /** Maps the local URLs from the repository to URLs pointing to the jar file in the deploy dir,
+    *  even into an ear file.
+    */
+   Map localUrl2PolicyCodeSourceUrlMap = new HashMap();
+
    // Static --------------------------------------------------------
    
    // Constructors --------------------------------------------------
@@ -769,6 +776,23 @@
       return super.getPackages();
    }
    
+   /**
+    * Sets the mapped policy codeBase that maps the temporary URL to the URL from the deploy dir.
+    * @param localUrl
+    * @param policyCodeSourceUrl
+    */
+   public void setPolicyCodeSourceUrl(URL localUrl, URL policyCodeSourceUrl) {
+	   localUrl2PolicyCodeSourceUrlMap.put(localUrl, policyCodeSourceUrl);
+   }
+
+   /**
+    * @param localUrl
+    * @return Returns the corresponding URL from the deploy dir that matches the given one from the tmp/deploy dir.
+    */
+   public URL getPolicyCodeSourceUrl( URL localUrl ) {
+	   return (URL)localUrl2PolicyCodeSourceUrlMap.get(localUrl);
+   }
+
    // Object overrides ----------------------------------------------
 
    /**

Modified: branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java
===================================================================
--- branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java	2009-10-26 15:09:11 UTC (rev 95568)
+++ branches/Branch_4_2/jmx/src/main/org/jboss/mx/loading/UnifiedClassLoader.java	2009-10-26 15:09:36 UTC (rev 95569)
@@ -235,6 +235,11 @@
       {
          permCS = new CodeSource(origURL, cs.getCertificates());
       }
+      // A mapped codeBase from the deploy dir overrides the origURL
+      URL policyCodeSourceUrl = getPolicyCodeSourceUrl(cs.getLocation());
+      if (policyCodeSourceUrl!=null) {
+    	  permCS = new CodeSource(policyCodeSourceUrl, cs.getCertificates());
+      }
       Policy policy = Policy.getPolicy();
       PermissionCollection perms = super.getPermissions(permCS);
       PermissionCollection perms2 = super.getPermissions(cs);




More information about the jboss-cvs-commits mailing list