Java Code Examples for org.apache.catalina.Globals#IS_SECURITY_ENABLED
The following examples show how to use
org.apache.catalina.Globals#IS_SECURITY_ENABLED .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ApplicationContext.java From tomcatsrc with Apache License 2.0 | 6 votes |
@Override public ClassLoader getClassLoader() { ClassLoader result = context.getLoader().getClassLoader(); if (Globals.IS_SECURITY_ENABLED) { ClassLoader tccl = Thread.currentThread().getContextClassLoader(); ClassLoader parent = result; while (parent != null) { if (parent == tccl) { break; } parent = parent.getParent(); } if (parent == null) { System.getSecurityManager().checkPermission( new RuntimePermission("getClassLoader")); } } return result; }
Example 2
Source File: Introspection.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
/** * Obtain the declared fields for a class taking account of any security * manager that may be configured. */ public static Field[] getDeclaredFields(final Class<?> clazz) { Field[] fields = null; if (Globals.IS_SECURITY_ENABLED) { fields = AccessController.doPrivileged( new PrivilegedAction<Field[]>(){ @Override public Field[] run(){ return clazz.getDeclaredFields(); } }); } else { fields = clazz.getDeclaredFields(); } return fields; }
Example 3
Source File: ApplicationDispatcher.java From Tomcat8-Source-Read with MIT License | 6 votes |
@Override public void dispatch(ServletRequest request, ServletResponse response) throws ServletException, IOException { if (Globals.IS_SECURITY_ENABLED) { try { PrivilegedDispatch dp = new PrivilegedDispatch(request,response); AccessController.doPrivileged(dp); } catch (PrivilegedActionException pe) { Exception e = pe.getException(); if (e instanceof ServletException) throw (ServletException) e; throw (IOException) e; } } else { doDispatch(request, response); } }
Example 4
Source File: ApplicationContext.java From Tomcat8-Source-Read with MIT License | 6 votes |
@Override public ClassLoader getClassLoader() { ClassLoader result = context.getLoader().getClassLoader(); if (Globals.IS_SECURITY_ENABLED) { ClassLoader tccl = Thread.currentThread().getContextClassLoader(); ClassLoader parent = result; while (parent != null) { if (parent == tccl) { break; } parent = parent.getParent(); } if (parent == null) { System.getSecurityManager().checkPermission( new RuntimePermission("getClassLoader")); } } return result; }
Example 5
Source File: ApplicationDispatcher.java From Tomcat8-Source-Read with MIT License | 6 votes |
/** * Forward this request and response to another resource for processing. * Any runtime exception, IOException, or ServletException thrown by the * called servlet will be propagated to the caller. * * @param request The servlet request to be forwarded * @param response The servlet response to be forwarded * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet exception occurs */ @Override public void forward(ServletRequest request, ServletResponse response) throws ServletException, IOException { if (Globals.IS_SECURITY_ENABLED) { try { PrivilegedForward dp = new PrivilegedForward(request,response); AccessController.doPrivileged(dp); } catch (PrivilegedActionException pe) { Exception e = pe.getException(); if (e instanceof ServletException) throw (ServletException) e; throw (IOException) e; } } else { doForward(request,response); } }
Example 6
Source File: ResponseFacade.java From tomcatsrc with Apache License 2.0 | 5 votes |
@Override public void setDateHeader(String name, long date) { if (isCommitted()) { return; } if(Globals.IS_SECURITY_ENABLED) { AccessController.doPrivileged(new DateHeaderPrivilegedAction (name, date, false)); } else { response.setDateHeader(name, date); } }
Example 7
Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Override public Enumeration<String> getHeaders(String name) { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetHeadersPrivilegedAction(name)); } else { return request.getHeaders(name); } }
Example 8
Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Override public Enumeration<String> getParameterNames() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetParameterNamesPrivilegedAction()); } else { return request.getParameterNames(); } }
Example 9
Source File: ResponseFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Override public void addDateHeader(String name, long date) { if (isCommitted()) { return; } if(Globals.IS_SECURITY_ENABLED) { AccessController.doPrivileged(new DateHeaderPrivilegedAction (name, date, true)); } else { response.addDateHeader(name, date); } }
Example 10
Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Override public Enumeration<Locale> getLocales() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetLocalesPrivilegedAction()); } else { return request.getLocales(); } }
Example 11
Source File: SecurityUtil.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
/** * Return the <code>SecurityManager</code> only if Security is enabled AND * package protection mechanism is enabled. */ public static boolean isPackageProtectionEnabled(){ if (packageDefinitionEnabled && Globals.IS_SECURITY_ENABLED){ return true; } return false; }
Example 12
Source File: RequestFacade.java From tomcatsrc with Apache License 2.0 | 5 votes |
@Override public Enumeration<String> getAttributeNames() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetAttributePrivilegedAction()); } else { return request.getAttributeNames(); } }
Example 13
Source File: ApplicationFilterChain.java From tomcatsrc with Apache License 2.0 | 5 votes |
/** * Invoke the next filter in this chain, passing the specified request * and response. If there are no more filters in this chain, invoke * the <code>service()</code> method of the servlet itself. * * @param request The servlet request we are processing * @param response The servlet response we are creating * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet exception occurs * * 用来执行过滤器方法以及最后的Servlet */ @Override public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { if( Globals.IS_SECURITY_ENABLED ) { final ServletRequest req = request; final ServletResponse res = response; try { java.security.AccessController.doPrivileged( new java.security.PrivilegedExceptionAction<Void>() { @Override public Void run() throws ServletException, IOException { internalDoFilter(req,res); return null; } } ); } catch( PrivilegedActionException pe) { Exception e = pe.getException(); if (e instanceof ServletException) throw (ServletException) e; else if (e instanceof IOException) throw (IOException) e; else if (e instanceof RuntimeException) throw (RuntimeException) e; else throw new ServletException(e.getMessage(), e); } } else { internalDoFilter(request,response); } }
Example 14
Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Override public Enumeration<String> getHeaderNames() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetHeaderNamesPrivilegedAction()); } else { return request.getHeaderNames(); } }
Example 15
Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Override public Map<String,String[]> getParameterMap() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetParameterMapPrivilegedAction()); } else { return request.getParameterMap(); } }
Example 16
Source File: WebappClassLoaderBase.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Override public boolean hasLoggingConfig() { if (Globals.IS_SECURITY_ENABLED) { Boolean result = AccessController.doPrivileged(new PrivilegedHasLoggingConfig()); return result.booleanValue(); } else { return findResource("logging.properties") != null; } }
Example 17
Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Override public Enumeration<String> getHeaders(String name) { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (Globals.IS_SECURITY_ENABLED){ return AccessController.doPrivileged( new GetHeadersPrivilegedAction(name)); } else { return request.getHeaders(name); } }
Example 18
Source File: ResponseFacade.java From tomcatsrc with Apache License 2.0 | 5 votes |
@Override public void addDateHeader(String name, long date) { if (isCommitted()) { return; } if(Globals.IS_SECURITY_ENABLED) { AccessController.doPrivileged(new DateHeaderPrivilegedAction (name, date, true)); } else { response.addDateHeader(name, date); } }
Example 19
Source File: Request.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
/** * Set the specified request attribute to the specified value. * * @param name Name of the request attribute to set * @param value The associated value */ @Override public void setAttribute(String name, Object value) { // Name cannot be null if (name == null) { throw new IllegalArgumentException (sm.getString("coyoteRequest.setAttribute.namenull")); } // Null value is the same as removeAttribute() if (value == null) { removeAttribute(name); return; } // Special attributes SpecialAttributeAdapter adapter = specialAttributes.get(name); if (adapter != null) { adapter.set(this, name, value); return; } // Add or replace the specified attribute // Do the security check before any updates are made if (Globals.IS_SECURITY_ENABLED && name.equals(Globals.SENDFILE_FILENAME_ATTR)) { // Use the canonical file name to avoid any possible symlink and // relative path issues String canonicalPath; try { canonicalPath = new File(value.toString()).getCanonicalPath(); } catch (IOException e) { throw new SecurityException(sm.getString( "coyoteRequest.sendfileNotCanonical", value), e); } // Sendfile is performed in Tomcat's security context so need to // check if the web app is permitted to access the file while still // in the web app's security context System.getSecurityManager().checkRead(canonicalPath); // Update the value so the canonical path is used value = canonicalPath; } Object oldValue = attributes.put(name, value); // Pass special attributes to the native layer if (name.startsWith("org.apache.tomcat.")) { coyoteRequest.setAttribute(name, value); } // Notify interested application event listeners notifyAttributeAssigned(name, value, oldValue); }
Example 20
Source File: ContainerBase.java From Tomcat8-Source-Read with MIT License | 3 votes |
/** * Add a new child Container to those associated with this Container, * if supported. Prior to adding this Container to the set of children, * the child's <code>setParent()</code> method must be called, with this * Container as an argument. This method may thrown an * <code>IllegalArgumentException</code> if this Container chooses not * to be attached to the specified Container, in which case it is not added * * @param child New child Container to be added * * @exception IllegalArgumentException if this exception is thrown by * the <code>setParent()</code> method of the child Container * @exception IllegalArgumentException if the new child does not have * a name unique from that of existing children of this Container * @exception IllegalStateException if this Container does not support * child Containers */ @Override public void addChild(Container child) { if (Globals.IS_SECURITY_ENABLED) { PrivilegedAction<Void> dp = new PrivilegedAddChild(child); AccessController.doPrivileged(dp); } else { addChildInternal(child); } }