Skip to content

Commit

Permalink
[JBEE-253] Use more privileged actions where required. Also a minor f…
Browse files Browse the repository at this point in the history 
…ix to ignore the privileged action if the security manager is not present.

https://issues.redhat.com/browse/JBEE-253
  • Loading branch information
@jamezp
jamezp committed Aug 3, 2021
1 parent 76c0dbe commit d43f910
Show file tree
Hide file tree
Showing 4 changed files with 177 additions and 67 deletions.
31 changes: 15 additions & 16 deletions jaxrs-api/src/main/java/javax/ws/rs/client/ClientBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,30 +72,29 @@ public static ClientBuilder newBuilder() {
Class pClass = ClientBuilder.class;
String classnameAsResource = pClass.getName().replace('.', '/') + ".class";
final SecurityManager sm = System.getSecurityManager();
ClassLoader loader = null;
final String errorMessage;
if (sm == null) {

loader = pClass.getClassLoader();
ClassLoader loader = pClass.getClassLoader();
if (loader == null) {
loader = ClassLoader.getSystemClassLoader();
}

URL targetTypeURL = loader.getResource(classnameAsResource);
errorMessage = "ClassCastException: attempting to cast"
+ delegate.getClass().getClassLoader().getResource(classnameAsResource)
+ " to " + targetTypeURL;
} else {
loader = AccessController.doPrivileged(new PrivilegedExceptionAction<ClassLoader>() {
@Override
public ClassLoader run() throws Exception {
ClassLoader cloader = pClass.getClassLoader();
if (cloader == null) {
cloader = ClassLoader.getSystemClassLoader();
}
return cloader;
errorMessage = AccessController.doPrivileged((PrivilegedExceptionAction<String>) () -> {
ClassLoader loader = pClass.getClassLoader();
if (loader == null) {
loader = ClassLoader.getSystemClassLoader();
}
URL targetTypeURL = loader.getResource(classnameAsResource);
return "ClassCastException: attempting to cast"
+ delegate.getClass().getClassLoader().getResource(classnameAsResource)
+ " to " + targetTypeURL;
});
}
URL targetTypeURL = loader.getResource(classnameAsResource);
throw new LinkageError("ClassCastException: attempting to cast"
+ delegate.getClass().getClassLoader().getResource(classnameAsResource)
+ " to " + targetTypeURL);
throw new LinkageError(errorMessage);
}
return (ClientBuilder) delegate;
} catch (Exception ex) {
Expand Down
71 changes: 54 additions & 17 deletions jaxrs-api/src/main/java/javax/ws/rs/client/FactoryFinder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ private FactoryFinder() {
}

static ClassLoader getContextClassLoader() {
if (System.getSecurityManager() == null) {
return Thread.currentThread().getContextClassLoader();
}
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
ClassLoader cl = null;
try {
Expand Down Expand Up @@ -117,26 +120,16 @@ private static Object newInstance(final String className, final ClassLoader clas
* or could not be instantiated.
*/
static <T> Object find(final String factoryId, final String fallbackClassName, Class<T> service) throws ClassNotFoundException {
ClassLoader classLoader = getContextClassLoader();

try {
Iterator<T> iterator = ServiceLoader.load(service, FactoryFinder.getContextClassLoader()).iterator();
final ClassLoader classLoader = getContextClassLoader();

if(iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
Object result = getFirstService(classLoader, factoryId, service);
if (result != null) {
return result;
}

try {
Iterator<T> iterator = ServiceLoader.load(service, FactoryFinder.class.getClassLoader()).iterator();

if(iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
result = getFirstService(getClassLoader(), factoryId, service);
if (result != null) {
return result;
}

// try to read from $java.home/lib/jaxrs.properties
Expand Down Expand Up @@ -184,4 +177,48 @@ static <T> Object find(final String factoryId, final String fallbackClassName, C

return newInstance(fallbackClassName, classLoader);
}

private static <T> T getFirstService(final ClassLoader cl, final String factoryId, final Class<T> service) {
if (System.getSecurityManager() == null) {
try {
Iterator<T> iterator = ServiceLoader.load(service, cl).iterator();

if (iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
}
return null;
}
return AccessController.doPrivileged((PrivilegedAction<T>) () -> {
try {
Iterator<T> iterator = ServiceLoader.load(service, cl).iterator();

if (iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
}
return null;
});
}

private static ClassLoader getClassLoader() {
if (System.getSecurityManager() == null) {
ClassLoader result = FactoryFinder.class.getClassLoader();
if (result == null) {
result = ClassLoader.getSystemClassLoader();
}
return result;
}
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
ClassLoader result = FactoryFinder.class.getClassLoader();
if (result == null) {
result = ClassLoader.getSystemClassLoader();
}
return result;
});
}
}
71 changes: 54 additions & 17 deletions jaxrs-api/src/main/java/javax/ws/rs/ext/FactoryFinder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ private FactoryFinder() {
}

private static ClassLoader getContextClassLoader() {
if (System.getSecurityManager() == null) {
return Thread.currentThread().getContextClassLoader();
}
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
ClassLoader cl = null;
try {
Expand Down Expand Up @@ -117,26 +120,16 @@ private static Object newInstance(final String className, final ClassLoader clas
* or could not be instantiated.
*/
static <T> Object find(final String factoryId, final String fallbackClassName, Class<T> service) throws ClassNotFoundException {
ClassLoader classLoader = getContextClassLoader();

try {
Iterator<T> iterator = ServiceLoader.load(service, FactoryFinder.getContextClassLoader()).iterator();
final ClassLoader classLoader = getContextClassLoader();

if(iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
Object result = getFirstService(classLoader, factoryId, service);
if (result != null) {
return result;
}

try {
Iterator<T> iterator = ServiceLoader.load(service, FactoryFinder.class.getClassLoader()).iterator();

if(iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
result = getFirstService(getClassLoader(), factoryId, service);
if (result != null) {
return result;
}

// try to read from $java.home/lib/jaxrs.properties
Expand Down Expand Up @@ -184,4 +177,48 @@ static <T> Object find(final String factoryId, final String fallbackClassName, C

return newInstance(fallbackClassName, classLoader);
}

private static <T> T getFirstService(final ClassLoader cl, final String factoryId, final Class<T> service) {
if (System.getSecurityManager() == null) {
try {
Iterator<T> iterator = ServiceLoader.load(service, cl).iterator();

if (iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
}
return null;
}
return AccessController.doPrivileged((PrivilegedAction<T>) () -> {
try {
Iterator<T> iterator = ServiceLoader.load(service, cl).iterator();

if (iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
}
return null;
});
}

private static ClassLoader getClassLoader() {
if (System.getSecurityManager() == null) {
ClassLoader result = FactoryFinder.class.getClassLoader();
if (result == null) {
result = ClassLoader.getSystemClassLoader();
}
return result;
}
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
ClassLoader result = FactoryFinder.class.getClassLoader();
if (result == null) {
result = ClassLoader.getSystemClassLoader();
}
return result;
});
}
}
71 changes: 54 additions & 17 deletions jaxrs-api/src/main/java/javax/ws/rs/sse/FactoryFinder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ private FactoryFinder() {
}

private static ClassLoader getContextClassLoader() {
if (System.getSecurityManager() == null) {
return Thread.currentThread().getContextClassLoader();
}
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
ClassLoader cl = null;
try {
Expand Down Expand Up @@ -117,26 +120,16 @@ private static Object newInstance(final String className, final ClassLoader clas
* or could not be instantiated.
*/
static <T> Object find(final String factoryId, final String fallbackClassName, Class<T> service) throws ClassNotFoundException {
ClassLoader classLoader = getContextClassLoader();

try {
Iterator<T> iterator = ServiceLoader.load(service, FactoryFinder.getContextClassLoader()).iterator();
final ClassLoader classLoader = getContextClassLoader();

if(iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
Object result = getFirstService(classLoader, factoryId, service);
if (result != null) {
return result;
}

try {
Iterator<T> iterator = ServiceLoader.load(service, FactoryFinder.class.getClassLoader()).iterator();

if(iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
result = getFirstService(getClassLoader(), factoryId, service);
if (result != null) {
return result;
}

// try to read from $java.home/lib/jaxrs.properties
Expand Down Expand Up @@ -184,4 +177,48 @@ static <T> Object find(final String factoryId, final String fallbackClassName, C

return newInstance(fallbackClassName, classLoader);
}

private static <T> T getFirstService(final ClassLoader cl, final String factoryId, final Class<T> service) {
if (System.getSecurityManager() == null) {
try {
Iterator<T> iterator = ServiceLoader.load(service, cl).iterator();

if (iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
}
return null;
}
return AccessController.doPrivileged((PrivilegedAction<T>) () -> {
try {
Iterator<T> iterator = ServiceLoader.load(service, cl).iterator();

if (iterator.hasNext()) {
return iterator.next();
}
} catch (Exception | ServiceConfigurationError ex) {
LOGGER.log(Level.FINER, "Failed to load service " + factoryId + ".", ex);
}
return null;
});
}

private static ClassLoader getClassLoader() {
if (System.getSecurityManager() == null) {
ClassLoader result = FactoryFinder.class.getClassLoader();
if (result == null) {
result = ClassLoader.getSystemClassLoader();
}
return result;
}
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
ClassLoader result = FactoryFinder.class.getClassLoader();
if (result == null) {
result = ClassLoader.getSystemClassLoader();
}
return result;
});
}
}

0 comments on commit d43f910

Please sign in to comment.