org.apache.catalina.security.SecurityUtil Java Examples
The following examples show how to use
org.apache.catalina.security.SecurityUtil.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
public <T extends Servlet> T createServlet(Class<T> c)
throws ServletException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return (T) invokeMethod(context, "createServlet",
new Object[]{c});
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
if (t instanceof ServletException) {
throw (ServletException) t;
}
return null;
}
} else {
return context.createServlet(c);
}
}
Example #2
| Source File: StandardManager.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
/**
* Load any currently active sessions that were previously unloaded
* to the appropriate persistence mechanism, if any. If persistence is not
* supported, this method returns without doing anything.
*
* @exception ClassNotFoundException if a serialized class cannot be
* found during the reload
* @exception IOException if an input/output error occurs
*/
@Override
public void load() throws ClassNotFoundException, IOException {
if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged( new PrivilegedDoLoad() );
} catch (PrivilegedActionException ex){
Exception exception = ex.getException();
if (exception instanceof ClassNotFoundException){
throw (ClassNotFoundException)exception;
} else if (exception instanceof IOException){
throw (IOException)exception;
}
if (log.isDebugEnabled())
log.debug("Unreported exception in load() "
+ exception);
}
} else {
doLoad();
}
}
Example #3
| Source File: DefaultInstanceManager.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
protected Class<?> loadClassMaybePrivileged(final String className,
final ClassLoader classLoader) throws ClassNotFoundException {
Class<?> clazz;
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
clazz = AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
@Override
public Class<?> run() throws Exception {
return loadClass(className, classLoader);
}
});
} catch (PrivilegedActionException e) {
Throwable t = e.getCause();
if (t instanceof ClassNotFoundException) {
throw (ClassNotFoundException) t;
}
throw new RuntimeException(t);
}
} else {
clazz = loadClass(className, classLoader);
}
checkAccess(clazz);
return clazz;
}
Example #4
| Source File: InputBuffer.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
private static B2CConverter createConverter(final Charset charset) throws IOException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return AccessController.doPrivileged(new PrivilegedExceptionAction<B2CConverter>() {
@Override
public B2CConverter run() throws IOException {
return new B2CConverter(charset);
}
});
} catch (PrivilegedActionException ex) {
Exception e = ex.getException();
if (e instanceof IOException) {
throw (IOException) e;
} else {
throw new IOException(e);
}
}
} else {
return new B2CConverter(charset);
}
}
Example #5
| Source File: PersistentManagerBase.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
/**
* Clear all sessions from the Store.
*/
public void clearStore() {
if (store == null)
return;
try {
if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged(new PrivilegedStoreClear());
}catch(PrivilegedActionException ex){
Exception exception = ex.getException();
log.error("Exception clearing the Store: " + exception,
exception);
}
} else {
store.clear();
}
} catch (IOException e) {
log.error("Exception clearing the Store: " + e, e);
}
}
Example #6
| Source File: DefaultInstanceManager.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
protected Class<?> loadClassMaybePrivileged(final String className, final ClassLoader classLoader) throws ClassNotFoundException {
Class<?> clazz;
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
clazz = AccessController.doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
@Override
public Class<?> run() throws Exception {
return loadClass(className, classLoader);
}
});
} catch (PrivilegedActionException e) {
Throwable t = e.getCause();
if (t instanceof ClassNotFoundException) {
throw (ClassNotFoundException) t;
}
throw new RuntimeException(t);
}
} else {
clazz = loadClass(className, classLoader);
}
checkAccess(clazz);
return clazz;
}
Example #7
| Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
@Override
public Cookie[] getCookies() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
Cookie[] ret = null;
/*
* Clone the returned array only if there is a security manager
* in place, so that performance won't suffer in the non-secure case
*/
if (SecurityUtil.isPackageProtectionEnabled()){
ret = AccessController.doPrivileged(
new GetCookiesPrivilegedAction());
if (ret != null) {
ret = ret.clone();
}
} else {
ret = request.getCookies();
}
return ret;
}
Example #8
| Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
public Cookie[] getCookies() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
Cookie[] ret = null;
/*
* Clone the returned array only if there is a security manager
* in place, so that performance won't suffer in the non-secure case
*/
if (SecurityUtil.isPackageProtectionEnabled()){
ret = AccessController.doPrivileged(
new GetCookiesPrivilegedAction());
if (ret != null) {
ret = ret.clone();
}
} else {
ret = request.getCookies();
}
return ret;
}
Example #9
| Source File: Response.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
public StringBuffer generateCookieString(final Cookie cookie) {
final StringBuffer sb = new StringBuffer();
//web application code can receive a IllegalArgumentException
//from the appendCookieValue invocation
if (SecurityUtil.isPackageProtectionEnabled()) {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
@Override
public Void run(){
ServerCookie.appendCookieValue
(sb, cookie.getVersion(), cookie.getName(),
cookie.getValue(), cookie.getPath(),
cookie.getDomain(), cookie.getComment(),
cookie.getMaxAge(), cookie.getSecure(),
cookie.isHttpOnly());
return null;
}
});
} else {
ServerCookie.appendCookieValue
(sb, cookie.getVersion(), cookie.getName(), cookie.getValue(),
cookie.getPath(), cookie.getDomain(), cookie.getComment(),
cookie.getMaxAge(), cookie.getSecure(),
cookie.isHttpOnly());
}
return sb;
}
Example #10
| Source File: PersistentManagerBase.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
/**
* Remove this Session from the active Sessions for this Manager,
* and from the Store.
*
* @param id Session's id to be removed
*/
protected void removeSession(String id){
try {
if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged(new PrivilegedStoreRemove(id));
}catch(PrivilegedActionException ex){
Exception exception = ex.getException();
log.error("Exception in the Store during removeSession: "
+ exception, exception);
}
} else {
store.remove(id);
}
} catch (IOException e) {
log.error("Exception removing session " + e.getMessage(), e);
}
}
Example #11
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
/**
* @deprecated As of Java Servlet API 2.1, with no direct replacement.
*/
@Override
@Deprecated
public Servlet getServlet(String name)
throws ServletException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return (Servlet) invokeMethod(context, "getServlet",
new Object[]{name});
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
if (t instanceof ServletException) {
throw (ServletException) t;
}
return null;
}
} else {
return context.getServlet(name);
}
}
Example #12
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
public <T extends Servlet> T createServlet(Class<T> c)
throws ServletException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return (T) invokeMethod(context, "createServlet",
new Object[]{c});
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
if (t instanceof ServletException) {
throw (ServletException) t;
}
return null;
}
} else {
return context.createServlet(c);
}
}
Example #13
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
public <T extends Filter> T createFilter(Class<T> c)
throws ServletException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return (T) invokeMethod(context, "createFilter",
new Object[]{c});
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
if (t instanceof ServletException) {
throw (ServletException) t;
}
return null;
}
} else {
return context.createFilter(c);
}
}
Example #14
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
public <T extends Filter> T createFilter(Class<T> c)
throws ServletException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return (T) invokeMethod(context, "createFilter",
new Object[]{c});
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
if (t instanceof ServletException) {
throw (ServletException) t;
}
return null;
}
} else {
return context.createFilter(c);
}
}
Example #15
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public void log(String message, Throwable throwable) {
if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("log", new Class[]{String.class, Throwable.class},
new Object[]{message, throwable});
} else {
context.log(message, throwable);
}
}
Example #16
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public int getEffectiveMinorVersion() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return ((Integer) doPrivileged("getEffectiveMinorVersion",
null)).intValue();
} else {
return context.getEffectiveMinorVersion();
}
}
Example #17
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* @deprecated As of Java Servlet API 2.1, with no direct replacement.
*/
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
@Deprecated
public Enumeration<String> getServletNames() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (Enumeration<String>) doPrivileged("getServletNames", null);
} else {
return context.getServletNames();
}
}
Example #18
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void setSessionTrackingModes(
Set<SessionTrackingMode> sessionTrackingModes) {
if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("setSessionTrackingModes",
new Object[]{sessionTrackingModes});
} else {
context.setSessionTrackingModes(sessionTrackingModes);
}
}
Example #19
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public SessionCookieConfig getSessionCookieConfig() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (SessionCookieConfig)
doPrivileged("getSessionCookieConfig", null);
} else {
return context.getSessionCookieConfig();
}
}
Example #20
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
public Set<SessionTrackingMode> getEffectiveSessionTrackingModes() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (Set<SessionTrackingMode>)
doPrivileged("getEffectiveSessionTrackingModes", null);
} else {
return context.getEffectiveSessionTrackingModes();
}
}
Example #21
| Source File: CoyoteInputStream.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public int read(final byte[] b) throws IOException {
if (SecurityUtil.isPackageProtectionEnabled()){
try{
Integer result =
AccessController.doPrivileged(
new PrivilegedExceptionAction<Integer>(){
@Override
public Integer run() throws IOException{
Integer integer =
Integer.valueOf(ib.read(b, 0, b.length));
return integer;
}
});
return result.intValue();
} catch(PrivilegedActionException pae){
Exception e = pae.getException();
if (e instanceof IOException){
throw (IOException)e;
} else {
throw new RuntimeException(e.getMessage() ,e);
}
}
} else {
return ib.read(b, 0, b.length);
}
}
Example #22
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public ServletRegistration getServletRegistration(String servletName) {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (ServletRegistration) doPrivileged(
"getServletRegistration", new Object[]{servletName});
} else {
return context.getServletRegistration(servletName);
}
}
Example #23
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public Dynamic addJspFile(String jspName, String jspFile) {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (ServletRegistration.Dynamic) doPrivileged("addJspFile",
new Object[]{jspName, jspFile});
} else {
return context.addJspFile(jspName, jspFile);
}
}
Example #24
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public SessionCookieConfig getSessionCookieConfig() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (SessionCookieConfig)
doPrivileged("getSessionCookieConfig", null);
} else {
return context.getSessionCookieConfig();
}
}
Example #25
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public ServletRegistration.Dynamic addServlet(String servletName,
Servlet servlet) {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (ServletRegistration.Dynamic) doPrivileged("addServlet",
new Class[]{String.class, Servlet.class},
new Object[]{servletName, servlet});
} else {
return context.addServlet(servletName, servlet);
}
}
Example #26
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
@SuppressWarnings("unchecked") // doPrivileged() returns the correct type
public Set<SessionTrackingMode> getEffectiveSessionTrackingModes() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (Set<SessionTrackingMode>)
doPrivileged("getEffectiveSessionTrackingModes", null);
} else {
return context.getEffectiveSessionTrackingModes();
}
}
Example #27
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public FilterRegistration getFilterRegistration(String filterName) {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (FilterRegistration) doPrivileged(
"getFilterRegistration", new Object[]{filterName});
} else {
return context.getFilterRegistration(filterName);
}
}
Example #28
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public void setSessionTrackingModes(
Set<SessionTrackingMode> sessionTrackingModes) {
if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("setSessionTrackingModes",
new Object[]{sessionTrackingModes});
} else {
context.setSessionTrackingModes(sessionTrackingModes);
}
}
Example #29
| Source File: ApplicationContextFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public String getRequestCharacterEncoding() {
if (SecurityUtil.isPackageProtectionEnabled()) {
return (String) doPrivileged("getRequestCharacterEncoding", null);
} else {
return context.getRequestCharacterEncoding();
}
}
Example #30
| Source File: ApplicationContextFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* @deprecated As of Java Servlet API 2.1, use
* <code>log(String, Throwable)</code> instead
*/
@Override
@Deprecated
public void log(Exception exception, String msg) {
if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("log", new Class[]{Exception.class, String.class},
new Object[]{exception,msg});
} else {
context.log(exception, msg);
}
}
