Facade for ServletRequest which may not be on the classpath and relat…

…ed cleanups - previous impl used reflection and java.lang.Object, but in all javadocs mentioned that the Object must be ServletContext - this is more strict, uses ServletContext directly, but as it still may not be available, it is represented by the facade, or null is provided, which is same as before. - removed reflection including related error messages - impl moved out of SecurityUtil where it doesn't belong
eclipse-ee4j · Mar 10, 2022 · 6f4bd61 · 6f4bd61
1 parent e102547
commit 6f4bd61
Show file tree

Hide file tree

Showing 44 changed files with 1,246 additions and 1,259 deletions.
diff --git a/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/RealmAuthenticationAdapter.java b/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/RealmAuthenticationAdapter.java
@@ -14,6 +14,9 @@
 import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
 import com.sun.xml.wss.impl.misc.DefaultRealmAuthenticationAdapter;
 import com.sun.xml.wss.impl.misc.SecurityUtil;
+import com.sun.xml.wss.util.ServletContextUtil;
+import com.sun.xml.wss.util.WSSServletContextFacade;
+
 import java.net.URL;
 import java.util.Map;
 import javax.security.auth.Subject;
@@ -29,9 +32,6 @@
 public abstract class RealmAuthenticationAdapter {
 
     public static final String UsernameAuthenticator = "com.sun.xml.xwss.RealmAuthenticator";
-    // Prefixing with META-INF/ instead of /META-INF/. /META-INF/ is working fine
-    // when loading from a JAR file but not when loading from a plain directory.
-    private static final String JAR_PREFIX = "META-INF/";
 
     /** Creates a new instance of RealmAuthenticator */
     protected RealmAuthenticationAdapter() {
@@ -97,25 +97,19 @@ public boolean authenticate(Subject callerSubject, String username, String passw
      * @return a new instance of the RealmAuthenticationAdapter
      */
     public static RealmAuthenticationAdapter newInstance(Object context) {
-        RealmAuthenticationAdapter adapter = null;
-        URL url = null;
-
-        if (context == null) {
+        final WSSServletContextFacade ctxt = ServletContextUtil.wrap(context);
+        final URL url;
+        if (ctxt == null) {
             url = SecurityUtil.loadFromClasspath("META-INF/services/" + UsernameAuthenticator);
         } else {
-            url = SecurityUtil.loadFromContext("/META-INF/services/" + UsernameAuthenticator, context);
+            url = ctxt.getResource("/META-INF/services/" + UsernameAuthenticator);
         }
-
         if (url != null) {
             Object obj = SecurityUtil.loadSPIClass(url, UsernameAuthenticator);
-            if ((obj != null) && !(obj instanceof RealmAuthenticationAdapter)) {
+            if (obj != null && !(obj instanceof RealmAuthenticationAdapter)) {
                 throw new XWSSecurityRuntimeException("Class :" + obj.getClass().getName() + " is not a valid RealmAuthenticationProvider");
             }
-            adapter = (RealmAuthenticationAdapter) obj;
-        }
-
-        if (adapter != null) {
-            return adapter;
+            return (RealmAuthenticationAdapter) obj;
         }
         return new DefaultRealmAuthenticationAdapter();
     }

diff --git a/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/impl/misc/ReflectionUtil.java b/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/impl/misc/ReflectionUtil.java
diff --git a/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/impl/misc/SecurityUtil.java b/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/impl/misc/SecurityUtil.java
@@ -37,6 +37,7 @@
 import com.sun.xml.wss.XWSSecurityException;
 import com.sun.xml.wss.impl.MessageConstants;
 import com.sun.xml.wss.logging.LogDomainConstants;
+import com.sun.xml.wss.logging.impl.crypto.LogStringsMessages;
 
 import java.util.Random;
 import java.util.Hashtable;
@@ -56,8 +57,6 @@
 import com.sun.xml.ws.api.security.secconv.client.SCTokenConfiguration;
 import com.sun.xml.ws.api.security.trust.WSTrustException;
 import com.sun.xml.ws.api.security.trust.client.IssuedTokenManager;
-import com.sun.xml.ws.api.server.Container;
-import com.sun.xml.ws.api.server.WSEndpoint;
 import com.sun.xml.ws.security.impl.IssuedTokenContextImpl;
 import com.sun.xml.ws.security.IssuedTokenContext;
 import com.sun.xml.wss.core.SecurityContextTokenImpl;
@@ -67,9 +66,6 @@
 import com.sun.xml.ws.security.SecurityTokenReference;
 
 import org.w3c.dom.Node;
-
-import static com.sun.xml.wss.provider.wsit.logging.LogStringsMessages.WSITPVD_0066_SERVLET_CONTEXT_NOTFOUND;
-
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Document;
@@ -91,7 +87,6 @@
 import com.sun.xml.ws.security.trust.WSTrustElementFactory;
 import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
 import com.sun.xml.wss.impl.policy.MLSPolicy;
-import com.sun.xml.wss.logging.impl.crypto.LogStringsMessages;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
@@ -620,62 +615,6 @@ public static String getDataEncryptionAlgo(JAXBFilterProcessingContext context){
         return tmp;
     }
 
-    /**
-     * Returns a URL pointing to the given config file. The file name is
-     * looked up as a resource from a ServletContext.
-     *
-     * May return null if the file can not be found.
-     *
-     * @param configFileName The name of the file resource
-     * @param context A ServletContext object. May not be null.
-     */
-    public static URL loadFromContext(final String configFileName, final Object context) {
-        return ReflectionUtil.invoke(context, "getResource", URL.class, configFileName);
-    }
-
-
-    /**
-     * @param endpoint
-     * @return null or the ServletContext instance bound to this endpoint
-     */
-    public static Object getServletContext(final WSEndpoint<?> endpoint) {
-        Container container = endpoint.getContainer();
-        if (container == null) {
-            return null;
-        }
-        final Class<?> contextClass = findServletContextClass();
-        if (contextClass == null) {
-            log.log(Level.WARNING, WSITPVD_0066_SERVLET_CONTEXT_NOTFOUND());
-            return null;
-        }
-        return container.getSPI(contextClass);
-    }
-
-
-    /**
-     * Tries to load the ServletContext class by the thread's context loader
-     * or by the loader which was used to load this class.
-     *
-     * @return ServletContext class or null
-     */
-    public static Class<?> findServletContextClass() {
-        String className = "jakarta.servlet.ServletContext";
-        ClassLoader loader = Thread.currentThread().getContextClassLoader();
-        if (loader != null) {
-            try {
-                return loader.loadClass(className);
-            } catch (ClassNotFoundException e) {
-                // ignore
-            }
-        }
-        loader = SecurityUtil.class.getClassLoader();
-        try {
-            return loader.loadClass(className);
-        } catch (ClassNotFoundException e) {
-            return null;
-        }
-    }
-
     /**
      * Returns a URL pointing to the given config file. The file is looked up as
      * a resource on the classpath.
@@ -820,10 +759,10 @@ public static long toLong(String lng) throws XWSSecurityException {
         try {
             ret = Long.parseLong(lng);
         }catch (Exception e) {
-            log.log(Level.SEVERE, com.sun.xml.wss.logging.LogStringsMessages.WSS_0719_ERROR_GETTING_LONG_VALUE());
+            log.log(Level.SEVERE, LogStringsMessages.WSS_0719_ERROR_GETTING_LONG_VALUE());
             throw new XWSSecurityException(e);
         }
-        return ret; 
+        return ret;
     }
     public static String getKeyAlgo(String algo) {
         if (algo != null && algo.equals(MessageConstants.RSA_SHA256)) {

diff --git a/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/jaxws/impl/SecurityServerTube.java b/wsit/ws-sx/wssx-impl/src/main/java/com/sun/xml/wss/jaxws/impl/SecurityServerTube.java
@@ -55,7 +55,6 @@
 import com.sun.xml.ws.security.opt.impl.util.SOAPUtil;
 import com.sun.xml.ws.security.secconv.WSSecureConversationException;
 import com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl;
-import com.sun.xml.wss.impl.misc.SecurityUtil;
 
 import java.lang.reflect.InvocationTargetException;
 import java.util.List;
@@ -100,6 +99,8 @@
 import com.sun.xml.wss.provider.wsit.PipeConstants;
 import com.sun.xml.wss.provider.wsit.PolicyAlternativeHolder;
 import com.sun.xml.wss.provider.wsit.PolicyResolverFactory;
+import com.sun.xml.wss.util.ServletContextUtil;
+
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
@@ -835,16 +836,15 @@ private Packet addAddressingHeaders(Packet packet, Message retMsg, String action
     }
 
     private CallbackHandler configureServerHandler(Set<PolicyAssertion> configAssertions, Properties props) {
-        //Properties props = new Properties();
-        CallbackHandlerFeature cbFeature =
-                tubeConfig.getBinding().getFeature(CallbackHandlerFeature.class);
+        CallbackHandlerFeature cbFeature = tubeConfig.getBinding().getFeature(CallbackHandlerFeature.class);
         if (cbFeature != null) {
             return cbFeature.getHandler();
         }
         String ret = populateConfigProperties(configAssertions, props);
         try {
             if (ret != null) {
-                Object obj = loadClass(ret).newInstance();
+                @SuppressWarnings("unchecked")
+                Object obj = loadClass(ret).getDeclaredConstructor().newInstance();
                 if (!(obj instanceof CallbackHandler)) {
                     log.log(Level.SEVERE,
                             LogStringsMessages.WSSTUBE_0033_INVALID_CALLBACK_HANDLER_CLASS(ret));
@@ -853,11 +853,9 @@ private CallbackHandler configureServerHandler(Set<PolicyAssertion> configAssert
                 }
                 return (CallbackHandler) obj;
             }
-            // ServletContext context =
-            //         ((ServerPipeConfiguration)pipeConfig).getEndpoint().getContainer().getSPI(ServletContext.class);
-            RealmAuthenticationAdapter adapter = getRealmAuthenticationAdapter(((ServerTubeConfiguration) tubeConfig).getEndpoint());
+            RealmAuthenticationAdapter adapter = getRealmAuthenticationAdapter(
+                ((ServerTubeConfiguration) tubeConfig).getEndpoint());
             return new DefaultCallbackHandler("server", props, adapter);
-        //return new DefaultCallbackHandler("server", props);
         } catch (Exception e) {
             log.log(Level.SEVERE,
                     LogStringsMessages.WSSTUBE_0032_ERROR_CONFIGURE_SERVER_HANDLER(), e);
@@ -866,11 +864,8 @@ private CallbackHandler configureServerHandler(Set<PolicyAssertion> configAssert
     }
 
     private RealmAuthenticationAdapter getRealmAuthenticationAdapter(WSEndpoint wSEndpoint) {
-        Object obj = SecurityUtil.getServletContext(wSEndpoint);
-        if (obj != null) {
-            return RealmAuthenticationAdapter.newInstance(obj);
-        }
-        return null;
+        Object obj = ServletContextUtil.getServletContextFacade(wSEndpoint);
+        return obj == null ? null : RealmAuthenticationAdapter.newInstance(obj);
     }
 
     //doing this here becuase doing inside keyselector of optimized security would