Added some doPrivileged() blocks to URL Handlers. The new SecureAction class
is intended to be used framework-wide for code that needs to perform
privileged actions; the goal is to consolidate similar security code into
one place and eliminate the need for many different PrivilegedAction classes.
git-svn-id: https://svn.apache.org/repos/asf/incubator/felix/trunk@354144 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/framework/src/org/apache/felix/framework/URLHandlers.java b/framework/src/org/apache/felix/framework/URLHandlers.java
index 48cc4e7..e7536ee 100644
--- a/framework/src/org/apache/felix/framework/URLHandlers.java
+++ b/framework/src/org/apache/felix/framework/URLHandlers.java
@@ -19,8 +19,7 @@
import java.net.*;
import java.util.*;
-import org.apache.felix.framework.util.FelixConstants;
-import org.apache.felix.framework.util.SecurityManagerEx;
+import org.apache.felix.framework.util.*;
import org.apache.felix.moduleloader.ModuleClassLoader;
import org.osgi.framework.BundleContext;
@@ -78,6 +77,8 @@
private static Map m_streamHandlerCache = null;
private static Map m_contentHandlerCache = null;
+ private final static SecureAction m_secureAction = new SecureAction();
+
/**
* <p>
* Only one instance of this class is created in a static initializer
@@ -136,9 +137,7 @@
if (handler == null)
{
// Check for built-in handlers for the protocol.
-// TODO: NEED TO DO A "DO PRIVILEGED" TO GET PROPERTY.
-// TODO: USE CONFIG.
- String pkgs = System.getProperty(STREAM_HANDLER_PACKAGE_PROP, "");
+ String pkgs = m_secureAction.getProperty(STREAM_HANDLER_PACKAGE_PROP, "");
pkgs = (pkgs.equals(""))
? DEFAULT_STREAM_HANDLER_PACKAGE
: pkgs + "|" + DEFAULT_STREAM_HANDLER_PACKAGE;
@@ -153,8 +152,7 @@
{
// If a built-in handler is found then let the
// JRE handle it.
-// TODO: USE DO PRIVILEGED.
- if (Class.forName(className) != null)
+ if (m_secureAction.forName(className) != null)
{
return null;
}
@@ -205,9 +203,7 @@
if (handler == null)
{
// Check for built-in handlers for the mime type.
-// TODO: NEED TO DO A "DO PRIVILEGED" TO GET PROPERTY.
-// TODO: USE CONFIG.
- String pkgs = System.getProperty(CONTENT_HANDLER_PACKAGE_PROP, "");
+ String pkgs = m_secureAction.getProperty(CONTENT_HANDLER_PACKAGE_PROP, "");
pkgs = (pkgs.equals(""))
? DEFAULT_CONTENT_HANDLER_PACKAGE
: pkgs + "|" + DEFAULT_CONTENT_HANDLER_PACKAGE;
@@ -225,8 +221,7 @@
{
// If a built-in handler is found then let the
// JRE handle it.
-// TODO: USE DO PRIVILEGED.
- if (Class.forName(className) != null)
+ if (m_secureAction.forName(className) != null)
{
return null;
}
diff --git a/framework/src/org/apache/felix/framework/util/SecureAction.java b/framework/src/org/apache/felix/framework/util/SecureAction.java
new file mode 100644
index 0000000..7123db3
--- /dev/null
+++ b/framework/src/org/apache/felix/framework/util/SecureAction.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.felix.framework.util;
+
+import java.security.*;
+
+public class SecureAction
+{
+ private AccessControlContext m_acc = null;
+
+ public SecureAction()
+ {
+ m_acc = AccessController.getContext();
+ }
+
+ public String getProperty(String name, String def)
+ {
+ if (System.getSecurityManager() != null)
+ {
+ try
+ {
+ return (String) AccessController.doPrivileged(
+ new Actions(Actions.GET_PROPERTY_ACTION, name, def), m_acc);
+ }
+ catch (PrivilegedActionException ex)
+ {
+ throw (RuntimeException) ex.getException();
+ }
+ }
+ else
+ {
+ return System.getProperty(name, def);
+ }
+ }
+
+ public Class forName(String name) throws ClassNotFoundException
+ {
+ if (System.getSecurityManager() != null)
+ {
+ try
+ {
+ return (Class) AccessController.doPrivileged(
+ new Actions(Actions.FOR_NAME_ACTION, name), m_acc);
+ }
+ catch (PrivilegedActionException ex)
+ {
+ if (ex.getException() instanceof ClassNotFoundException)
+ {
+ throw (ClassNotFoundException) ex.getException();
+ }
+ throw (RuntimeException) ex.getException();
+ }
+ }
+ else
+ {
+ return Class.forName(name);
+ }
+ }
+
+ private static class Actions implements PrivilegedExceptionAction
+ {
+ public static final int GET_PROPERTY_ACTION = 0;
+ public static final int FOR_NAME_ACTION = 1;
+
+ private int m_action = -1;
+ private Object m_arg1 = null;
+ private Object m_arg2 = null;
+
+ public Actions(int action, Object arg1)
+ {
+ m_action = action;
+ m_arg1 = arg1;
+ }
+
+ public Actions(int action, Object arg1, Object arg2)
+ {
+ m_action = action;
+ m_arg1 = arg1;
+ m_arg2 = arg2;
+ }
+
+ public Object run() throws Exception
+ {
+ if (m_action == GET_PROPERTY_ACTION)
+ {
+ return System.getProperty((String) m_arg1, (String) m_arg2);
+ }
+ else if (m_action ==FOR_NAME_ACTION)
+ {
+ return Class.forName((String) m_arg1);
+ }
+ return null;
+ }
+ }
+}
\ No newline at end of file