Fixed FELIX-4610 : WebConsole doesn't start with Java Security enabled
https://issues.apache.org/jira/browse/FELIX-4610
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@1619371 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/ConfigurationSupport.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/ConfigurationSupport.java
index eb728c2..73f8eae 100644
--- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/ConfigurationSupport.java
+++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/ConfigurationSupport.java
@@ -19,6 +19,10 @@
package org.apache.felix.webconsole.internal.servlet;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.Dictionary;
import org.osgi.framework.BundleContext;
@@ -42,8 +46,41 @@
//---------- ManagedService
+ public void updated( final Dictionary config ) throws ConfigurationException
+ {
+ if (null != System.getSecurityManager())
+ {
+ try
+ {
+ AccessController.doPrivileged(new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ updated0(config);
+ return null;
+ }
+ });
+ }
+ catch (PrivilegedActionException e)
+ {
+ final Exception x = e.getException();
+ if (x instanceof ConfigurationException)
+ {
+ throw (ConfigurationException) x;
+ }
+ else
+ {
+ throw new ConfigurationException("?", "Update failed", x);
+ }
+ }
+ }
+ else
+ {
+ updated0(config);
+ }
+ }
- public void updated( Dictionary config ) throws ConfigurationException
+ void updated0( Dictionary config ) throws ConfigurationException
{
// validate hashed password
if ( isPasswordHashed( config ) )
diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java
index 14e3a09..b2824d0 100644
--- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java
+++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java
@@ -18,6 +18,9 @@
import java.io.IOException;
import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
@@ -447,7 +450,33 @@
throws ServletException, IOException
{
// don't really expect to be called within a non-HTTP environment
- service((HttpServletRequest) req, (HttpServletResponse) res);
+ try
+ {
+ AccessController.doPrivileged(new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ service((HttpServletRequest) req, (HttpServletResponse) res);
+ return null;
+ }
+ });
+ }
+ catch (PrivilegedActionException e)
+ {
+ Exception x = e.getException();
+ if (x instanceof IOException)
+ {
+ throw (IOException) x;
+ }
+ else if (x instanceof ServletException)
+ {
+ throw (ServletException) x;
+ }
+ else
+ {
+ throw new IOException(x.toString());
+ }
+ }
// ensure response has been sent back and response is committed
// (we are authorative for our URL space and no other servlet should interfere)
@@ -471,7 +500,7 @@
}
}
- private void service(HttpServletRequest request, HttpServletResponse response)
+ void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
// check whether we are not at .../{webManagerRoot}