diff --git a/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java b/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java index d2179b00173..8bb7e382bf6 100644 --- a/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java +++ b/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/AppClientSecurityInfoImpl.java @@ -21,20 +21,6 @@ import static java.lang.System.Logger.Level.ERROR; import static java.lang.System.Logger.Level.WARNING; -import java.lang.System.Logger; -import java.util.List; - -import javax.security.auth.Subject; -import javax.security.auth.callback.CallbackHandler; - -import org.glassfish.appclient.client.acc.config.MessageSecurityConfig; -import org.glassfish.appclient.client.acc.config.Security; -import org.glassfish.appclient.client.acc.config.Ssl; -import org.glassfish.appclient.client.acc.config.TargetServer; -import org.glassfish.enterprise.iiop.api.IIOPSSLUtil; -import org.jvnet.hk2.annotations.Service; -import org.glassfish.epicyro.config.factory.file.AuthConfigFileFactory; - import com.sun.enterprise.security.SecurityServicesUtil; import com.sun.enterprise.security.UsernamePasswordStore; import com.sun.enterprise.security.appclient.integration.AppClientSecurityInfo; @@ -46,8 +32,18 @@ import com.sun.enterprise.security.ee.J2EESecurityManager; import com.sun.enterprise.security.integration.AppClientSSL; import com.sun.enterprise.security.ssl.SSLUtils; - import jakarta.inject.Inject; +import java.lang.System.Logger; +import java.util.List; +import javax.security.auth.Subject; +import javax.security.auth.callback.CallbackHandler; +import org.glassfish.appclient.client.acc.config.MessageSecurityConfig; +import org.glassfish.appclient.client.acc.config.Security; +import org.glassfish.appclient.client.acc.config.Ssl; +import org.glassfish.appclient.client.acc.config.TargetServer; +import org.glassfish.enterprise.iiop.api.IIOPSSLUtil; +import org.glassfish.epicyro.config.factory.file.AuthConfigFileFactory; +import org.jvnet.hk2.annotations.Service; /** * diff --git a/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/ConfigXMLParser.java b/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/ConfigXMLParser.java index 5e7034fba99..44472d60175 100644 --- a/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/ConfigXMLParser.java +++ b/appserver/security/appclient.security/src/main/java/com/sun/enterprise/security/appclient/ConfigXMLParser.java @@ -1,6 +1,6 @@ /* + * Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation. * Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved. - * Copyright (c) 2022 Contributors to the Eclipse Foundation * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v. 2.0, which is available at @@ -20,6 +20,10 @@ import static java.lang.System.Logger.Level.ERROR; import static java.util.regex.Matcher.quoteReplacement; +import com.sun.enterprise.security.common.Util; +import jakarta.security.auth.message.MessagePolicy; +import jakarta.xml.bind.JAXBContext; +import jakarta.xml.bind.JAXBException; import java.io.File; import java.io.FileInputStream; import java.io.IOException; @@ -33,7 +37,6 @@ import java.util.Set; import java.util.regex.Matcher; import java.util.regex.Pattern; - import org.glassfish.appclient.client.acc.config.ClientContainer; import org.glassfish.appclient.client.acc.config.MessageSecurityConfig; import org.glassfish.appclient.client.acc.config.Property; @@ -46,19 +49,13 @@ import org.glassfish.epicyro.data.AuthModulesLayerConfig; import org.glassfish.internal.api.Globals; -import com.sun.enterprise.security.common.Util; - -import jakarta.security.auth.message.MessagePolicy; -import jakarta.xml.bind.JAXBContext; -import jakarta.xml.bind.JAXBException; - /** * Parser for message-security-config in glassfish-acc.xml */ public class ConfigXMLParser implements ConfigParser { private static final Logger LOG = System.getLogger(ConfigXMLParser.class.getName()); - private static Pattern PROPERTY_PATTERN = Pattern.compile("\\$\\{\\{(.*?)}}|\\$\\{(.*?)}"); + private static final Pattern PROPERTY_PATTERN = Pattern.compile("\\$\\{\\{(.*?)}}|\\$\\{(.*?)}"); // configuration info private final Map authModuleLayers = new HashMap<>(); diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java index 7d60b019e9f..fc2983ef95e 100644 --- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java +++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java @@ -88,12 +88,12 @@ private void initializeJakartaAuthentication() { String defaultProvidersString = null; WebServicesDelegate delegate = Globals.get(WebServicesDelegate.class); - if (delegate != null) { + if (delegate == null) { + defaultProvidersString = GFServerConfigProvider.class.getName(); + } else { // NOTE: Order matters here. Providers for the same auth layer (HttpServlet or SOAP) will be overwritten // by ones that appear later in this string without warning. defaultProvidersString = delegate.getDefaultWebServicesProvider() + " " + GFServerConfigProvider.class.getName(); - } else { - defaultProvidersString = GFServerConfigProvider.class.getName(); } Security.setProperty(DEFAULT_FACTORY_DEFAULT_PROVIDERS, defaultProvidersString); diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java index 6a7275180a4..b8f98eb5433 100644 --- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java +++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java @@ -274,12 +274,10 @@ private static ConfigParser loadParser(String className) throws IOException { final String finalClassName = className; final ClassLoader finalLoader = AuthConfig.getClassLoader(); - return java.security.AccessController.doPrivileged(new java.security.PrivilegedExceptionAction() { - @Override - public ConfigParser run() throws Exception { - return (ConfigParser) Class.forName(finalClassName, true, finalLoader).newInstance(); - } - }); + PrivilegedExceptionAction action = () -> (ConfigParser) Class.forName(finalClassName, true, finalLoader).getDeclaredConstructor().newInstance(); + + return AccessController.doPrivileged(action); + } catch (java.security.PrivilegedActionException pae) { IOException iex = new IOException(pae.getException().toString()); iex.initCause(pae.getException()); diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/ConfigDomainParser.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/ConfigDomainParser.java index 135e8722689..6da8889133f 100644 --- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/ConfigDomainParser.java +++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/ConfigDomainParser.java @@ -213,7 +213,7 @@ private Map getModuleOptions(ProviderConfig providerConfig) { try { options.put(property.getName(), expand(property.getValue())); } catch (IllegalStateException ee) { - // log warning and give the provider a chance to + // log and give the provider a chance to // interpret value itself. _logger.log(FINE, "jmac.unexpandedproperty"); options.put(property.getName(), property.getValue()); diff --git a/appserver/security/webservices.security/src/main/java/com/sun/enterprise/security/webservices/ClientSecurityPipe.java b/appserver/security/webservices.security/src/main/java/com/sun/enterprise/security/webservices/ClientSecurityPipe.java index 2cd031168ba..f666d2ec2b6 100644 --- a/appserver/security/webservices.security/src/main/java/com/sun/enterprise/security/webservices/ClientSecurityPipe.java +++ b/appserver/security/webservices.security/src/main/java/com/sun/enterprise/security/webservices/ClientSecurityPipe.java @@ -154,9 +154,7 @@ public Packet process(Packet request) { Packet response; if (status == FAILURE) { - if (_logger.isLoggable(FINE)) { - _logger.log(FINE, "ws.status_secure_request", status); - } + _logger.log(FINE, "ws.status_secure_request", status); response = info.getResponsePacket(); } else { response = processSecureRequest(info, clientAuthContext, clientSubject); @@ -179,7 +177,7 @@ public void preDestroy() { clientAuthContext.cleanSubject(info, clientSubject); } } catch (Exception ex) { - // ignore exceptions + _logger.log(FINE, "Exception when pre-destroying the client security pipe", ex); } helper.disable(); diff --git a/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java b/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java index bbacfd5a2c4..052e07eefa2 100644 --- a/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java +++ b/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java @@ -16,6 +16,12 @@ package com.sun.enterprise.security.ssl.impl; +import com.sun.enterprise.security.ssl.manager.UnifiedX509KeyManager; +import com.sun.enterprise.security.ssl.manager.UnifiedX509TrustManager; +//V3:Commented import com.sun.enterprise.config.ConfigContext; +import com.sun.enterprise.server.pluggable.SecuritySupport; +import jakarta.inject.Inject; +import jakarta.inject.Singleton; import java.io.BufferedInputStream; import java.io.FileInputStream; import java.io.IOException; @@ -40,14 +46,12 @@ import java.util.PropertyPermission; import java.util.logging.Level; import java.util.logging.Logger; - import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509KeyManager; import javax.net.ssl.X509TrustManager; - import org.glassfish.api.admin.ProcessEnvironment; import org.glassfish.api.admin.ProcessEnvironment.ProcessType; import org.glassfish.hk2.api.ServiceLocator; @@ -58,14 +62,6 @@ import org.glassfish.logging.annotation.LoggerInfo; import org.jvnet.hk2.annotations.Service; -import com.sun.enterprise.security.ssl.manager.UnifiedX509KeyManager; -import com.sun.enterprise.security.ssl.manager.UnifiedX509TrustManager; -//V3:Commented import com.sun.enterprise.config.ConfigContext; -import com.sun.enterprise.server.pluggable.SecuritySupport; - -import jakarta.inject.Inject; -import jakarta.inject.Singleton; - /** * This implements SecuritySupport used in PluggableFeatureFactory. *