Processing feedback

Signed-off-by: Arjan Tijms <arjan.tijms@omnifish.ee>
eclipse-ee4j · Sep 21, 2023 · 20eb3e3 · 20eb3e3
1 parent 55c25a9
commit 20eb3e3
Show file tree

Hide file tree

Showing 7 changed files with 33 additions and 48 deletions.
diff --git a/...curity/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java b/...curity/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java
@@ -21,20 +21,6 @@
 import static java.lang.System.Logger.Level.ERROR;
 import static java.lang.System.Logger.Level.WARNING;
 
-import java.lang.System.Logger;
-import java.util.List;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-
-import org.glassfish.appclient.client.acc.config.MessageSecurityConfig;
-import org.glassfish.appclient.client.acc.config.Security;
-import org.glassfish.appclient.client.acc.config.Ssl;
-import org.glassfish.appclient.client.acc.config.TargetServer;
-import org.glassfish.enterprise.iiop.api.IIOPSSLUtil;
-import org.jvnet.hk2.annotations.Service;
-import org.glassfish.epicyro.config.factory.file.AuthConfigFileFactory;
-
 import com.sun.enterprise.security.SecurityServicesUtil;
 import com.sun.enterprise.security.UsernamePasswordStore;
 import com.sun.enterprise.security.appclient.integration.AppClientSecurityInfo;
@@ -46,8 +32,18 @@
 import com.sun.enterprise.security.ee.J2EESecurityManager;
 import com.sun.enterprise.security.integration.AppClientSSL;
 import com.sun.enterprise.security.ssl.SSLUtils;
-
 import jakarta.inject.Inject;
+import java.lang.System.Logger;
+import java.util.List;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import org.glassfish.appclient.client.acc.config.MessageSecurityConfig;
+import org.glassfish.appclient.client.acc.config.Security;
+import org.glassfish.appclient.client.acc.config.Ssl;
+import org.glassfish.appclient.client.acc.config.TargetServer;
+import org.glassfish.enterprise.iiop.api.IIOPSSLUtil;
+import org.glassfish.epicyro.config.factory.file.AuthConfigFileFactory;
+import org.jvnet.hk2.annotations.Service;
 
 /**
  *

diff --git a/...pclient.security/src/main/java/com/sun/enterprise/security/appclient/ConfigXMLParser.java b/...pclient.security/src/main/java/com/sun/enterprise/security/appclient/ConfigXMLParser.java
@@ -1,6 +1,6 @@
 /*
+ * Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation.
  * Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved.
- * Copyright (c) 2022 Contributors to the Eclipse Foundation
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -20,6 +20,10 @@
 import static java.lang.System.Logger.Level.ERROR;
 import static java.util.regex.Matcher.quoteReplacement;
 
+import com.sun.enterprise.security.common.Util;
+import jakarta.security.auth.message.MessagePolicy;
+import jakarta.xml.bind.JAXBContext;
+import jakarta.xml.bind.JAXBException;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -33,7 +37,6 @@
 import java.util.Set;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-
 import org.glassfish.appclient.client.acc.config.ClientContainer;
 import org.glassfish.appclient.client.acc.config.MessageSecurityConfig;
 import org.glassfish.appclient.client.acc.config.Property;
@@ -46,19 +49,13 @@
 import org.glassfish.epicyro.data.AuthModulesLayerConfig;
 import org.glassfish.internal.api.Globals;
 
-import com.sun.enterprise.security.common.Util;
-
-import jakarta.security.auth.message.MessagePolicy;
-import jakarta.xml.bind.JAXBContext;
-import jakarta.xml.bind.JAXBException;
-
 /**
  * Parser for message-security-config in glassfish-acc.xml
  */
 public class ConfigXMLParser implements ConfigParser {
     private static final Logger LOG = System.getLogger(ConfigXMLParser.class.getName());
 
-    private static Pattern PROPERTY_PATTERN = Pattern.compile("\\$\\{\\{(.*?)}}|\\$\\{(.*?)}");
+    private static final Pattern PROPERTY_PATTERN = Pattern.compile("\\$\\{\\{(.*?)}}|\\$\\{(.*?)}");
 
     // configuration info
     private final Map<String, AuthModulesLayerConfig> authModuleLayers = new HashMap<>();

diff --git a/...ecurity/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java b/...ecurity/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java
@@ -88,12 +88,12 @@ private void initializeJakartaAuthentication() {
 
         String defaultProvidersString = null;
         WebServicesDelegate delegate = Globals.get(WebServicesDelegate.class);
-        if (delegate != null) {
+        if (delegate == null) {
+            defaultProvidersString = GFServerConfigProvider.class.getName();
+        } else {
             // NOTE: Order matters here. Providers for the same auth layer (HttpServlet or SOAP) will be overwritten
             //       by ones that appear later in this string without warning.
             defaultProvidersString = delegate.getDefaultWebServicesProvider() + " " + GFServerConfigProvider.class.getName();
-        } else {
-            defaultProvidersString = GFServerConfigProvider.class.getName();
         }
 
         Security.setProperty(DEFAULT_FACTORY_DEFAULT_PROVIDERS, defaultProvidersString);

diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
@@ -274,12 +274,10 @@ private static ConfigParser loadParser(String className) throws IOException {
             final String finalClassName = className;
             final ClassLoader finalLoader = AuthConfig.getClassLoader();
 
-            return java.security.AccessController.doPrivileged(new java.security.PrivilegedExceptionAction<ConfigParser>() {
-                @Override
-                public ConfigParser run() throws Exception {
-                    return (ConfigParser) Class.forName(finalClassName, true, finalLoader).newInstance();
-                }
-            });
+            PrivilegedExceptionAction<ConfigParser> action = () -> (ConfigParser) Class.forName(finalClassName, true, finalLoader).getDeclaredConstructor().newInstance();
+
+            return AccessController.doPrivileged(action);
+
         } catch (java.security.PrivilegedActionException pae) {
             IOException iex = new IOException(pae.getException().toString());
             iex.initCause(pae.getException());

diff --git a/...r/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/ConfigDomainParser.java b/...r/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/ConfigDomainParser.java
@@ -213,7 +213,7 @@ private Map<String, Object> getModuleOptions(ProviderConfig providerConfig) {
                 try {
                     options.put(property.getName(), expand(property.getValue()));
                 } catch (IllegalStateException ee) {
-                    // log warning and give the provider a chance to
+                    // log and give the provider a chance to
                     // interpret value itself.
                     _logger.log(FINE, "jmac.unexpandedproperty");
                     options.put(property.getName(), property.getValue());

diff --git a/...es.security/src/main/java/com/sun/enterprise/security/webservices/ClientSecurityPipe.java b/...es.security/src/main/java/com/sun/enterprise/security/webservices/ClientSecurityPipe.java
@@ -154,9 +154,7 @@ public Packet process(Packet request) {
         Packet response;
 
         if (status == FAILURE) {
-            if (_logger.isLoggable(FINE)) {
-                _logger.log(FINE, "ws.status_secure_request", status);
-            }
+            _logger.log(FINE, "ws.status_secure_request", status);
             response = info.getResponsePacket();
         } else {
             response = processSecureRequest(info, clientAuthContext, clientSubject);
@@ -179,7 +177,7 @@ public void preDestroy() {
                 clientAuthContext.cleanSubject(info, clientSubject);
             }
         } catch (Exception ex) {
-            // ignore exceptions
+            _logger.log(FINE, "Exception when pre-destroying the client security pipe", ex);
         }
 
         helper.disable();

diff --git a/...rity/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java b/...rity/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java
@@ -16,6 +16,12 @@
 
 package com.sun.enterprise.security.ssl.impl;
 
+import com.sun.enterprise.security.ssl.manager.UnifiedX509KeyManager;
+import com.sun.enterprise.security.ssl.manager.UnifiedX509TrustManager;
+//V3:Commented import com.sun.enterprise.config.ConfigContext;
+import com.sun.enterprise.server.pluggable.SecuritySupport;
+import jakarta.inject.Inject;
+import jakarta.inject.Singleton;
 import java.io.BufferedInputStream;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -40,14 +46,12 @@
 import java.util.PropertyPermission;
 import java.util.logging.Level;
 import java.util.logging.Logger;
-
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509KeyManager;
 import javax.net.ssl.X509TrustManager;
-
 import org.glassfish.api.admin.ProcessEnvironment;
 import org.glassfish.api.admin.ProcessEnvironment.ProcessType;
 import org.glassfish.hk2.api.ServiceLocator;
@@ -58,14 +62,6 @@
 import org.glassfish.logging.annotation.LoggerInfo;
 import org.jvnet.hk2.annotations.Service;
 
-import com.sun.enterprise.security.ssl.manager.UnifiedX509KeyManager;
-import com.sun.enterprise.security.ssl.manager.UnifiedX509TrustManager;
-//V3:Commented import com.sun.enterprise.config.ConfigContext;
-import com.sun.enterprise.server.pluggable.SecuritySupport;
-
-import jakarta.inject.Inject;
-import jakarta.inject.Singleton;
-
 /**
  * This implements SecuritySupport used in PluggableFeatureFactory.
  *